Last updated: MARCH 31, 2023
Por español clic aquí.
- INFORMATION WE COLLECT
- HOW WE USE INFORMATION
- HOW WE SHARE INFORMATION
- ANALYTICS AND ADVERTISING SERVICES PROVIDED BY OTHERS
- YOUR CHOICES
- HOW WE PROTECT INFORMATION
- DATA TRANSFERS
- CHILDREN’S PRIVACY
- THIRD-PARTY LINKS
- INFORMATION FOR CALIFORNIA RESIDENTS
- INFORMATION FOR NEVADA RESIDENTS
- CONTACT DETAILS
1. INFORMATION WE COLLECT
1. Information you provide directly to us
- Account and Profile Data. We collect any information or content you provide to us when you sign up for an account or create a user profile, which may include your name, date of birth, contact information (e.g., email and phone number), password, billing and shipping address, payment information (e.g., credit card or debit card). You may choose to provide additional information about yourself to create a profile, which may include profile pictures or avatars, gender, other interactions, logins and purchases, your account anniversary date, and other information you may provide related to your experience with our products and services.
- After you create your user profile, anytime you log in to make purchases, we will collect additional information and add it to your profile.
- Communications Data. We collect information when you communicate with us (e.g., by email, SMS text message or chat sessions) or others on our Services, such as when you request additional information about products or services, interact with our customer support or with us on social media, or sign up to receive our e-mail newsletters, notification, or marketing messages. We also collect information when you interact with us on social media, such as by interacting with our social media accounts, liking or following our social media posts, tagging us and/or our products on social media or permitting us to follow your social media profile. Examples of such information include your contact information (e.g., email address, phone number, or mailing address), the date and time of your communications, online identifiers, social media profile, and the content of your communications.
- Customer Relationship Data. We collect information relating to our customer relationships, which may include customer name, contact details (e.g., email and phone number), and information contained in communications between us and our customers or their employees.
- Demographic Data. We may collect specific or general demographic data when you fill out forms or surveys on our Services. Examples of such information include age, gender, zip code, state, and country.
- Transaction Data. We collect information relating to transactions, including purchases of products and services, that you enter into with us and/or through our Services. Examples of such information include the type of products or services requested or purchased, date of purchase, order details, amount charged, delivery information, payment method and payment information (e.g., debit or credit card number), billing and shipping address, and information about any products or services you returned or exchanged with us.
- Sensitive Data. We do not proactively collect sensitive data; however, potentially sensitive data is occasionally shared with us by customer via online reviews, social media interactions, email and other methods.
2. Information provided by third parties
3. Information collected through tracking technology
We collect certain information automatically when you access and use our Services. The types of information we collect may include:
- Audio and Visual Data. We may capture your visual image, likeness and voice recording (e.g., via photographs and/or video) if you interact with our you upload such data to your user profile.
- Device and Network Data. We collect certain information about the device you use to access our Services. Examples of such information include your device’s hardware model, browser type, Internet protocol (IP) address, operating system version, unique device identifiers and advertising identifiers.
- Location Data. Based on your interaction with the Services, the type of device you use to access the Services, and your device’s connectivity, we may collect location-based information including your IP address, city, county, zip code and region. We may use this type of information to enhance your user experience and to better understand your interaction with our products and services. Unless you provide us with your consent to do otherwise, this information will only be used by us and our third-party service providers to provide you with the Services you request or in an aggregated and anonymized format that does not identify you. If you no longer wish to have this location information collected and used by us, you may opt-out by disabling the location and Bluetooth features in the operating system of your device.
- Usage Data. We collect information about your activity on our Services via log files, cookies, web beacons, and other similar tracking technologies. Examples of such information include your access times, page view count and pages viewed, the routes by which you access our Services, website and app crashes, your use of any hyperlinks available within our Services, and identifiers associated with browser cookies, web beacons, pixels and similar technologies we deploy on our Services. We may use third-party service providers, such as Google Analytics, to collect this usage data. Learn more about how Google collects and uses data here. To opt out of Google Analytics please use this link.
4. Other types of information
• Inferences and Derived Data. We may derive information or draw inferences about you based on the other types of personal information we collect. For example, we may infer your location based on your IP address, or your prospective purchasing habits based on your browsing behavior on our Services.
2. HOW WE USE INFORMATION
We use personal information for a variety of purposes as described in more detail below.
1. To Provide and Maintain our Products and Services. We use the information we collect to operate and maintain our Services and to provide our products and the features and functionality of our Services. These activities may include, among other things, using information to:
- administer your account and provide you access to the Services and features you request;
- debug, identify and repair errors that impair existing intended functionality of our Services
- complete transactions you request, including to process payments and to fulfill and manage your orders, returns, and exchanges;
- contact you about your account, transactions, and/or use of the Services (e.g., account management, customer service, delivery updates, product updates and warranty information, policy changes, security updates, or system maintenance);
- enforce our terms, conditions, policies and other agreements;
- respond to or follow up on your questions, comments, reviews, and other requests, including to provide customer service; and
- verify individual identity.
2. To Improve, Personalize, and Develop Our Products and Services. We use the information we collect to improve and personalize our Services, product offerings, marketing and promotional efforts, and to develop new ones. These activities may include, among other things, using information to:
- enable and enhance your use of our Services, including to identify your product and services preferences, provide personalized information, and assist with your usage trends; and
- perform research and development activities, which may include, for example, conducting data analysis in order to develop new or improve existing products and services, and performing quality control activities.
3. To Provide Customer Support. When you contact us for customer support or any other reason (e.g., to help you complete the account registration process, diagnose or fix technology problems, respond to a dispute, etc.), we may use or request information, including Sensitive Information, as necessary to answer your questions, resolve disputes, and/or investigate and troubleshoot problems or complaints.
5. To Send You Marketing and Promotional Communications. By creating a Kroma Wellness account, you are agreeing that we may send you product and promotional emails or notifications about our Services, and offers on new products, services, promotions or contests. You may also opt-in to receiving similar notifications on the Services. We may provide you with these materials by phone, postal mail, text or email, as permitted by applicable law. Such uses include:
- To develop and display content and advertising (and work with third parties who do so) tailored to your interests and/or location; and
- To notify you about offers, products and services that may be of interest to you or about which you have previously expressed an interest.
You can opt-out of receiving our marketing communications at any time as further described in the “YOUR CHOICES” section.
6. To Comply with Legal or Regulatory Obligations or In Connection with a Legal Process. This may include using information as we believe to be necessary or appropriate to: (i) comply with judicial proceedings, court orders or legal processes or to respond to proper governmental request or investigation; (ii) detect, prevent, or otherwise address fraud, security or technical issues; (iii) protect against malicious, deceptive, fraudulent, or illegal activity, including attempts to manipulate or violate our policies, procedures, and terms and conditions; and (iv) to protect yours, ours or others’ rights, property or safety;
- Business Transactions. We may share or transfer your information in connection with, or during negotiations of a business transaction, such as a merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
- Professional Advisors. We share information with our legal, financial, insurance, and other professional advisers in connection with the management of all or part of our business or operations. Examples include obtaining or maintaining insurance coverage, managing risks, obtaining professional advice, or the establishment, exercise or defense of legal claims, whether in court proceedings or in an administrative or out-of-court procedure.
- Public Forums. Some of our Services or some of the features and functionality of our Services provide the opportunity to post content or share information such as messages, photos, and videos with others. If you decide to submit information to any public area of the Services, that information may be publicly available.
- Service Providers. We share information with third-party suppliers, vendors, service providers, contractors or agents who perform services for us or on our behalf, including order fulfillment and shipping, payment processing, customer support, administering our marketing and reviews platform, hosting, information technology and security, fraud prevention, mail and email distribution, events, contests, and promotion administration, marketing, advertising, and analytics services. This excludes text messaging originator opt-in data and consent; this information will not be shared with any third parties.
- Where Required or Permitted by Law or Legal Process. We may disclose information where we believe disclosure is necessary or required (i) to comply with applicable law, regulation, or legal process, or in response to requests by law enforcement authorities, government or public agencies or officials, or regulators; (ii) to exercise, establish or defend our legal rights or to investigate, prevent, or take action regarding possible illegal activities, suspected fraud, safety of person or property, or a violation of our policies.
4. ANALYTICS AND ADVERTISING SERVICES PROVIDED BY OTHERS
5. YOUR CHOICES
1. Access to your account
You may access your account to view order history information and/or adjust subscriptions on your own through the My Account section, once logged in via this link.
For any personal information changes you may need (phone, email, address, etc.) or to delete your account entirely, email us at email@example.com, and our customer service team can help you update your account.
2. Marketing Communications
- Email. You may choose to stop receiving our newsletter or marketing emails by following the unsubscribe instructions included in these emails or you can contact us at firstname.lastname@example.org in the United States and Canada. If you opt-out of receiving promotional communications from us, we may still send you non-promotional communications, such as those about your account, your orders, or our ongoing business relations.
- Text Messages. To opt-out of receiving text messages, follow the opt-out instructions in the text messages that you receive from us.
3. Device Permissions
Mobile platforms have permission systems for specific types of device data and notifications, such as camera and microphone as well as push notifications. Where applicable, you can change your settings on your device to either consent or oppose the collection of the corresponding information or the display of the corresponding notifications. Depending on the manner in which you make changes to your settings, certain Services may lose partial or full functionality.
4. Uninstall the Application
If you have downloaded our mobile application, you can stop all information collection by applications by disabling call forwarding and deactivating your account by following the instructions on the Service’s Settings screen and then uninstalling the applications using the standard uninstall process for your device. If you uninstall the applications from your mobile device, the unique identifier associated with your device will continue to be stored. If you reinstall the applications on the same mobile device, we will be able to re-associate this identifier to your previous transactions and activities.
5. Managing Cookies
6. “Do Not Track” Features
Some web browsers incorporate a Do Not Track (“DNT”) or a similar feature. DNT is a way for users to inform websites and services that they do not want certain information about their webpage visits collected over time and across websites or online services. Please note that we do not respond to or honor DNT signals or similar mechanisms transmitted by web browsers.
6. HOW WE PROTECT INFORMATION
We have implemented reasonable and appropriate technical and organizational security measures designed to protect the security of any personal information we process. However, please also remember that no method of transmission over the Internet, or method of electronic storage, is fully secure. Although we will do our best to protect your personal information, we cannot guarantee its absolute security. In the event we are required by law to inform you of a breach to your personal information we may notify you electronically, in writing, or by phone, if permitted to do so by law.
If you create an account as part of using our Services, you will be prompted to create a password. You are responsible for maintaining the confidentiality of your password, selecting a strong password and constructing a unique password. You are also responsible for any access to or use of your account by someone else that has obtained your password, whether or not such access or use has been authorized by you. Please notify us of any unauthorized use of your password or account.
7. DATA TRANSFERS
8. CHILDREN'S PRIVACY
Our Services are intended for general audiences over the age of 18 years old. We do not knowingly collect information from children under the age of 18 years old. If you are not over 18 years old, then DO NOT DOWNLOAD OR USE THE SERVICES. We also do not knowingly sell the personal information of individuals under the age of 16.
9. THIRD-PARTY LINKS
For your convenience and information, we may provide links to websites and other third-party content that is not owned or operated by us. The websites and third-party content to which we link may have separate privacy notices or policies. Please note, we have no control over the privacy practices of websites or services that we do not own. We encourage you to review the privacy policies of any third-party website or application for details about what information is collected and how it is used and/or shared.
10. INFORMATION FOR CALIFORNIA RESIDENTS
1. Categories of Personal Information We Collect, Use, and Disclose
2. Privacy Rights
As a California resident, you have certain rights, such as:
- Access to Information. You may request information regarding the categories of personal information we have collected about you; the categories of sources from which the information was collected; the purposes for which we collected, disclosed, or sold personal information; and the categories of third parties to whom we have sold or disclosed personal information for a business purpose and the categories of personal information disclosed or sold. You may also request access to the specific pieces of personal information we have collected in the 12 months preceding your request, including, where applicable, in an electronic and readily-usable format. Your access rights under California law are not absolute. Specifically, you have the right to make a request no more than twice in a twelve (12) month period and the information you can request is limited to personal information collected in the 12-month period preceding our receipt of the request.
- Deletion. You may request that we delete the personal information we have collected from you. If required by law we will grant a request to delete information, but you should note that in certain situations, and to the extent permitted by law, we may be required to keep your personal information to comply with our legal obligations, resolve disputes, enforce our agreements, or for another one of our business purposes.
- Opt-Out of Sales. You have the right to opt-out of any sales of personal information that may be occurring. We share personal information, and over the preceding twelve months may have shared personal information, for other benefits which are a sale of information, as defined by California law. This includes sharing of identifiers, commercial information, and internet or other electronic network activity usage data with advertising partners and networks, and website analytics companies. Additional information is available on our Do Not Sell My Information page, including information about how to manage or block these cookies. We do not knowingly sell personal information about persons under the age of 16. If you wish to exercise this right, you may submit a request by email at email@example.com or by phone at (858) 240-2570.
- Non-discrimination. You have the right not to be discriminated against for exercising your rights under California law. We do not discriminate against California consumers who exercise their rights described in this section. However, we may charge a different price or rate, or offer a different level or quality of good or service, to the extent that doing so is reasonably related to the value of the applicable data. In addition, we may offer you financial incentives for the collection, sale and retention and use of your personal information as permitted by the CCPA that can, without limitation, result in reasonably different prices, rates, or quality levels. The material aspects of any financial incentive will be explained and described in its program terms. We may add or change incentive programs and/or their terms by posting notice on the program descriptions and terms linked to above so check them regularly. Please note that not all these rights are absolute, and they do not apply in all circumstances. While we will make reasonable efforts to accommodate your request, we also reserve the right to impose certain restrictions and requirements on such requests, if allowed or required by applicable laws. Any request you submit to us is subject to an identification and residency verification process.
3. Exercising Your Privacy Rights
For the most part, we enable exercise of the privacy rights described in the paragraphs above directly through our Services when logged in.
If you are a California resident and you would like to make a request for access, portability, or deletion of your information, you may submit a request through the CCPA Request Form, by email at firstname.lastname@example.org or by phone at (858) 240-2570.
In order to process your request, we must be able to verify your identity to make sure you are the person about whom we have collected personal information or an authorized representative. Depending on the type of request, we may conduct the verification process by email or phone using information that matches our records. The information you must provide as part of the verification process may include: name, email address, mailing address, phone number, user name, state and/or country of residency, and/or proof of residency. We may also ask for additional information as needed based on your relationship with us.
You may also designate an authorized agent to exercise these rights on your behalf by providing the authorized agent signed permission to submit the request on your behalf. If an authorized agent submits a request on your behalf, we may need to contact you to verify your identity and protect the security of your personal data. Please note, we cannot process your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm that the personal information relates to you.
4. California’s “Shine the Light” Law. California's “Shine the Light” law requires us to respond to requests from California customers asking about our practices related to disclosing certain types of personal information to third parties for their direct marketing initiatives. You may make such a request by completing and submitting an STL Request Form.
11. INFORMATION FOR NEVADA RESIDENTS
Pursuant to Nevada law, you may direct a business that operates an internet website not to sell certain personal information a business has collected or will collect about you. We do not sell your personal information as defined under Nevada law. For more information about how we handle and share your personal information or your rights under Nevada law, please contact us at email@example.com.
We may also provide additional “just-in-time” disclosures or additional information about the data collection, use and sharing practices of specific Services. Such notices may supplement or clarify our privacy practices or may provide you with additional choices about how we process your Personal Information.
13. CONTACT DETAILS
Kroma Wellness PBC
Attn: Chief Financial Officer
2683 Via de la Valle, Suite G-254
Del Mar, CA 92014
15. GOVERNING LAW; OTHER APPLICABLE KROMA POLICIES
16. ENGLISH LANGUAGE
Conformément à Droit canadien, lesparties déclarent par les présentes qu’ils exigent que cette entente et tous les documents y afférents, soit pour le présent ou l’avenir, soient rédigés en langue anglaise seulement.