2. INFORMATION COLLECTED BY THE SITE TO CONDUCT TRANSACTIONS
We will collect the information that you provide to us to perform any transaction requested by you, including registering for a Glotanicals’ account, subscribing to a mailing list or our newsletter, participating in promotions, purchasing products offered on the Site, responding to questions or comments you may have and for any other purposes with your consent. This information may include information such as, among other items, your name, shipping address, billing information, email address, telephone number, credit card information or other payment information. When you make a purchase or otherwise utilize the Site, we may need to provide your information, including the information indicated above, to certain third-party service providers. Such third-party service providers include Shopify.com (“Shopify”), product manufacturers, shipping companies, parties used in the sending of postal mail or emails, accounting and record keeping functions, advertisements and other web-based services. Your information is disclosed to such third-party service providers only as necessary and solely to complete the transaction for which they have been engaged by us. Such third-party service providers will have access to your information for the limited purpose of completing their intended function, but they may not use it in connection with or for any other purpose.
OTHER INFORMATION COLLECTED BY THE SITE
The Site automatically collects information as you navigate through the Site. Information collected automatically may include Internet Protocol addresses, details relating to your use of the Site and information collected through cookies and other tracking technologies. This information collected is generally statistical data and does not identify you specifically. This information is used by us to improve the Site and to deliver better service to the Site's users.
USE OF INFORMATION COLLECTED BY THE WEBSITE
The information we collect is used to provide a variety of services and improvements for our customers. The data is used to process your purchases, send you opted in promotional materials, create and manage your online account, effectively respond to your inquiries and questions, communicate with you about our social networks, events, promotions, request feedback, and provide surveys. We also use the information to notify you about changes to our Site, products and the services we provide to our customers. We may also use the information collected by our Site to provide troubleshooting and improve our services, make recommendations, personalize your Site-experience, comply with legal obligations and fraud prevention and credit risks. We do not sell or provide your information for third-party direct marketing purposes. We respect our customer's data and relationship.
MANAGING YOUR INFORMATION
You may, of course, decline to submit personally identifiable information through the Site, in which case we may not be able to provide certain products or services to you. You may update, correct, or delete your account information at any time by logging into your account or by contacting us as provided in the “Contact Us” section below.
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. We follow all PCI-DSS requirements and implement additional generally accepted industry standards. In addition, Shopify reviews its business practices periodically for compliance with policies and procedures governing the security and confidentiality of our information. Nevertheless, no data transmission over the Internet is 100% secure. Accordingly, while we strive to protect your personal information and privacy, we do not warrant or guaranty the security of any information you disclose or transmit to us while using the Site, and we shall not be liable for the theft or inadvertent disclosure of your personal information. We assume no liability for any disclosure of data due to errors in transmission, unauthorized third-party access or other acts of third parties, or acts or omissions beyond our reasonable control.
We may use your email address to send you notices regarding matters, including the Site (including any notices required by law, in lieu of communication by postal mail). If you do not want to receive these messages, you can opt out by following the instructions included in the email message or by emailing us at firstname.lastname@example.org. If you correspond with us by email, we may retain the content of your email messages, your email address and our responses.
We have the right to disclose statistical or aggregated data (but in no event information which may personally identify you, referred to hereafter as "personal information") in our discretion and without restriction. We may disclose personal information which we have collected (a) as may be expressly permitted by you, (b) to our related companies and service providers to perform a business or technical support function for us, (c) as we deem necessary to enforce the Site's Terms of Service, (d) to comply with any court order, law or legal process, including to respond to any government or regulatory request or otherwise as required by law, and (e) in connection with the sale of Glotanicals (whether by merger, sale of our assets, sale of stock, or otherwise).
The Site is hosted on Shopify. They provide us with the online e-commerce platform that allows us to sell our products and services to you. Your data is stored through Shopify’s data storage, databases and the general Shopify application. Shopify stores your data on a secure server behind a firewall.
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by the Site and its service providers.
In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us, such as hosting our services and data, manage how our services function, host our customer relationship management, improve and automate our marketing techniques, incorporate customer service services and other software platforms, process payments, collect delinquent accounts, fulfill, process and deliver orders, and market and promote our products and services, including email, text messages and social media marketing campaigns. These service providers are authorized to use your personal information, if at all, only necessary to provide the requested services to us. Without limiting the foregoing, Glotanicals may also share information about visitors, registered accounts and customers with our service providers to ensure the quality of information provided. Without your affirmative consent, Glotanicals does not share, sell, rent or trade any information with third parties for their promotional purposes.
When you click on links on the Site, they may direct you away from the Site. We are not responsible for the privacy practices of other sites and encourage you to read their Privacy Policies.
When you use the Site, we may send one or more “cookies” – a small data file – to your computer to uniquely identify your browser and let us help you log in faster and enhance your navigation through the Site. A cookie may convey to us anonymous information about how you browse the Site. A persistent cookie remains on your hard drive after you close your browser so that it can be used by your browser on subsequent visits to the Site. Persistent cookies can be removed by following your web browser’s directions. A session cookie is temporary and disappears after you close your browser. You can reset your web browser to refuse all cookies or to indicate when a cookie is being sent. Below is a list of cookies that we use. We have listed them here so you that you can choose if you want to opt-out of cookies or not.
By subscribing to our text notifications, you agree to receive recurring automated marketing messages at the phone number that you provided to us. Consent is not a condition of purchase. Reply STOP to unsubscribe. HELP for help. Msg & Data rates may apply.
OTHER EMPLOYED MARKETING METHODS
CHILDREN UNDER THE AGE OF 13
The Site is not intended for children under 13 years of age. No one under age 13 may provide any personal information to or on the Site. We do not knowingly collect personal information from children under 13. If you are under 13, do not (a) use this Site or any of its features, (b) register on the Site, (c) make any purchases through the Site, or (d) otherwise provide any information about yourself to us, including your name, address, telephone number, email address or any screen name or user name you may use. If we learn we have collected or received personal information from a child under 13 without verification of parental consent, we will immediately delete that information. If you believe we might have any information from or about a child under 13, please contact us as provided in the "Contact Us" section below.
CALIFORNIA PRIVACY RIGHTS
Web beacons (sometimes called “tracking pixels,” “transparent GIFs,” “clear GIFs,” “pixel figs,” or “Pixel tags”) are tiny, invisible images that are embedded on web pages and emails and are stored on your hard drive. They help us count the number of users who visit our websites or open our emails. Tracking pixels help us figure out if certain advertisements/marketing campaigns, product features, notifications, and products or services are effective and if they can be improved. You can modify your browser settings to control web beacons. Using web beacons enables us to measure the effectiveness of our ads for statistical and market research purposes. The data collected in this way is anonymous to us, and we do not see the personal data of individual users.
Our digital marketing and advertising campaigns are fluent and change over time. We are currently using various web beacons, including those from:
FACEBOOK CONVERSIONS API
We use Facebook’s Conversions API (sometimes called “server-side API”). Data is shared using your web browser and from Shopify’s servers, and is sent directly to Facebook’s servers. Data sent from server to server cannot be blocked by browser-based ad blockers. Your personal information will be used to match users on Facebook’s network. The information collected using this setting includes your name, location, email address, and phone number, as well as your browsing behavior on our online store. Glotanicals uses this information for its legitimate interests to measure customer actions, improve the accuracy of information sent for targeting, measurement, and optimization, and for more control over data sharing. You agree that Glotanicals can collect this data through the Facebook Conversions API platform for these purposes.
The legal basis for this use is Article 6, paragraph 1, sentence 1, letter f of the GDPR. You can object to the collection of your data by Facebook pixel, or to the use of your data for the purpose of displaying Facebook ads by contacting the following address: https://www.facebook.com/settings?tab=ads.
Facebook is certified under the Privacy Shield Agreement (https://www.facebook.com/about/privacyshield) and thus guarantees compliance with European data protection legislation.
INFORMATION FROM THIRD-PARTY SERVICES
We allow you to create an account and log in to use this website through the following third-party services: Facebook, & Google.
If you decide to register through or otherwise grant us access to a third-party service, we may collect personal data that is already associated with your third-party service, such as your name, your email address, your activities, or your contact list associated with that account.
Instructions on changing the personal data these third-party services share with us are located as follows:
However, we may retain information you provided prior to terminating access. If you want us to delete this information, please contact us at email@example.com.
THE RIGHTS OF OUR CUSTOMERS WHEREVER YOU MAY BE LIVE
Our customers, including those individuals subject to specific state, federal and European Union (EU) and United Kingdom (UK) data protection laws, have data subject rights in relation to the personal data we hold on to them (described in detail below). This may, in and of itself, be subject to the following:
(i) Access Your data
If prompted, we will confirm whether or not we are processing your personal data and if so, we will provide you with a copy of, or access to a copy of, that personal data along with any other pertinent details.
(ii) Restricting the processing of personal data
ask us to stop processing your personal data at any time, and we will do so unless we demonstrate compelling legitimate grounds for processing;
object to our processing of your data for the purposes of direct marketing at any time by unsubscribing to receive our marketing materials (see the opt-out directions in the footer of our marketing materials); and
refuse to receive service notifications via email.
Otherwise, you may contact us in accordance in paragraph 25 below.
(iv) Withdrawal of consent
If we rely on your consent to process your personal data, you have the right to withdraw that consent at any time via paragraph 25 below or the directions stated in our marketing materials. This will not affect the lawfulness with which we process your data before receiving notice of your wish to withdraw your consent. We emphasize that we do not generally rely on your consent to allow us to process your personal data if there is another lawful ground available. If we do rely on your consent, we will make this clear to you at that time.
(v) Viewing and correcting data
You have the right to have inaccurate personal data rectified or completed if it is incomplete. In order to do so, you can view, manage and/or update your personal data in your . If you have questions in regards to this process, please contact us via paragraph 25 below.
If we share your personal data with others, we will notify them of any corrections made whenever possible. If prompted, and where possible and lawful to do so, we will also notify you with whom we have shared your personal data so you can contact them directly if need be.
(vi) Deleting data
You have the right to refuse to use our Services and may ask us to delete or remove your personal data in certain circumstances. If we share your data with others, we will notify them of the edits wherever possible. If prompted, and wherever possible and lawful to do so, we will also notify you with whom we have shared your personal data so you can contact them directly if need be.
(vii) Data retention
We will keep your personal data (1) until you decide to delete your account (upon request), or (2) as required by law or as necessary for legitimate business purposes (i.e., for tax, legal, accounting, fraud, or abuse prevention, and/or other purposes). This data can be stored even after an account is deleted.
Upon expiration of the applicable retention period, we will securely destroy your personal data in accordance with applicable laws and regulations. In some circumstances we may anonymize your personal data so that it can no longer be associated with you. In this case, such data is no longer considered personal.
If you consent to receive marketing communications, we will keep your data until you unsubscribe, which is possible via the ‘unsubscribe’ button at the end of our marketing emails. Additional methods to unsubscribe may be added in the future.
(viii) Data portability
You have the right to obtain your personal data from us, which that you consented to give us or that was provided to us as necessary in connection with our contract with you. We will give you your personal data in a structured, commonly used, and machine-readable format. You may reuse it elsewhere if you so wish.
(ix) Lodge a complaint with the data protection authority
If you have concerns about our privacy practices, including the way we handle or have your personal data, and if you are EU or UK citizen, you can report it to any competent data protection authority of an European Union member state that is authorized to hear such concerns (you may find European Union Data Protection Authorities’ contact information here) or to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues. If you wish to exercise any of these rights, please contact us. Note that we may need to ask you for further information to verify your identity before we can respond to any request.
INTERNATIONAL DATA TRANSFER
REVIEWS AND TESTIMONIALS
IMPACT OF SALE OR MERGER
QUESTIONS AND CONTACT INFORMATION
If you would like to: access, correct, amend or delete any personal information we have about you, make changes to your account, register a complaint, or simply want more information, please contact our Privacy Compliance Officer at the following:
1028 S Roane St
Harriman, TN 37748
ATTN: Privacy Compliance Officer
Last updated: April 1, 2022