1. DEFINITIONS AND INTERPRETATIONS
In this Policy, the following terms shall have the following meanings:
“personal data”means any and all data that relates to an identifiable person who can be directly or indirectly identified from that data, as defined by the GDPR and the Data Protection Act 2018 (the “Data Protection Legislation”).
Personal data is, in simpler terms, any information about you that enables you to be identified. Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers.
“we/us/our” means ProVen US Inc, a limited company registered within the US, whose Employer Identification Number is 35-2739343, whose registered address is c/o Luzmaria Concannon, SobelCo, 50 Tice Boulevard, Suite 175, Woodcliff Lake, New Jersey 07677, and whose main trading address is Nationwide Transportation and Distribution Services LLC, 100 Highland Drive, Westhampton NJ 08060
2.2 ProVen Probiotics understands that your privacy is important to you and that you care about how your personal data is used and shared online. We respect and value the privacy of everyone who visits this website, www.provenprobiotics.co (“Our Site”) and any personal data we do collect will only be used as permitted by law and detailed below.
2.4 Our Data Protection Team can be contacted by email to [email protected]
3. WHAT DOS THIS POLICY COVER?
4. YOUR RIGHTS
4.1 As a data subject, you have the following rights under the GDPR, which this Policy and our use of personal data have been designed to uphold:
4.1.1 The right to be informed about our collection and use of personal data;
4.1.2 The right of access to the personal data we hold about you (see section 9);
4.1.3 The right to rectification if any personal data we hold about you is inaccurate or incomplete (please contact us using the details in section 10);
4.1.4 The right to be forgotten – i.e. the right to ask us to delete any personal data We hold about you (to see how we use your data please see section 6 but if you would like us to delete your data, please contact us using the details in section 10);
4.1.5 The right to restrict (i.e. prevent) the processing of your personal data;
4.1.6 The right to data portability (obtaining a copy of your personal data to re-use with another service or organisation);
4.1.7 The right to object to us using your personal data for particular purposes; and
4.1.8 Rights with respect to automated decision making and profiling.
4.2 If you have any cause for complaint about our use of your personal data, please contact us using the details provided in section 10 and we will do our best to solve the problem for you. If we are unable to help, you also have the right to lodge a complaint with the US’s supervisory authority, the Federal Trade Commission. https://www.ftc.gov/about-ftc/contact
5. WHAT DATA DO WE COLLECT?
5.2 If you send us an email, we collect your name, your email address and any other information which you choose to give us.
5.3 If you make a purchase on our website we collect your name, your email address and any other information that you choose to give us in relation to your order.
5.4 If you enter competitions, we collect your name, your email address and any other information which you choose to give us.
5.5 When you contact us by any means with queries, complaints or other information.
6. HOW DO WE USE YOUR DATA?
6.1 If we do collect any personal data, it will be processed and stored securely, for no longer than is necessary in light of the reason(s) for which it was first collected. We will comply with our obligations and safeguard your rights under the Data Protection Act 1998 OR GDPRat all times. For more details on security see section 7, below.
6.2 As noted above, we only collect personal data which you choose to give us. If you make a purchase on our site, sign up to our newsletter or contact us, we may use them as follows:
6.2.1 To reply to your email;
6.2.2 Notify you of your order status;
6.2.3 Detect/investigate financial crime;
6.2.4 Undertake website personalisation and administration;
6.2.5 Marketing communications to inform you of special offers, promotions, new lines, sales and other information we feel is relevant to you;
6.2.6 Notifying you about enhancements to our services;
6.2.7 Invite you to provide product/service reviews;
6.3 Personal data that you have chosen to give us will not be stored longer than needed.
6.4 You have the right to withdraw your consent to us using your personal data at any time and to request that we delete it.
6.5 We will not share any of your data with any third parties for any purpose.
7. HOW AND WHERE DO WE STORE YOUR DATA?
7.1 We only keep your personal data for as long as we need to in order to use it as described above in section 6, and/or for as long as we have your permission to keep it.
7.2 Data security is very important to us and to protect your data we have taken suitable measures to safeguard and secure any data we hold about you (even if it is only your email address).
7.3 Steps we take to secure and protect your data include:
7.3.1 Secure Network, Encryption, Cyber Security Policies;
7.3.2 Secure email management systems
7.3.3 Secure content management systems
7.3.4 Secure payment systems
7.4 We store some or all of your personal data in countries outside of the USA. These are known as “third countries”. We will take additional steps in order to ensure that your personal data is treated just as safely and securely as it would be within the US and under the Data Protection Legislation as follows:
7.4.1 We ensure that your personal data is protected under binding corporate rules. Binding corporate rules are a set of common rules which all our group companies are required to follow when processing personal data.
7.4.2 We will only store or transfer personal data in or to countries that are deemed to provide an adequate level of protection for personal data.
7.4.3 We will use specific approved contracts which ensure the same levels of personal data protection that apply under the Data Protection Legislation.
7.5 Personal data security is essential to us, and to protect personal data, we take the following measures:
7.5.1 Limiting access to your personal data to those employees, agents, contractors, and other third parties with a legitimate need to know and ensuring that they are subject to duties of confidentiality;
7.5.2 Procedures for dealing with data breaches (the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, your personal data) including notifying you and/or the US Federal Trade Commission where we are legally required to do so;
8. SHARING PERSONAL DATA
8.1 We will not share any of your personal data with any third parties for any purposes, subject to the following exception[s].
8.3 In some limited circumstances, we may be legally required to share certain personal data, which might include yours, if we are involved in legal proceedings or complying with legal obligations, a court order, or the instructions of a government authority.
8.4 If any of your personal data is transferred to a third party, as described above, we will take steps to ensure that your personal data is handled safely, securely, and in accordance with your rights, our obligations, and the third party’s obligations under the law, as described above in Section 7.
8.5 If any personal data is transferred outside of the US, we will take suitable steps in order to ensure that your personal data is treated just as safely and securely as it would be within the US and under the Data Protection Legislation, as explained above in Section 7.
9. HOW CAN I ACCESS MY PERSONAL DATA?
9.1 If you want to know what personal data we have about you, you can ask us for details of that personal data and for a copy of it (where any such personal data is held). This is known as a “subject access request”.
9.2 All subject access requests should be made in writing and sent to the email or postal addresses shown in Part 10.
9.3 There is not normally any charge for a subject access request. If your request is ‘manifestly unfounded or excessive (for example, if you make repetitive requests) a fee may be charged to cover our administrative costs in responding.
9.4 We will respond to your subject access request within less than one month and, in any case, not more than one month from receiving it. Normally, we aim to provide a complete response, including a copy of your personal data within that time. In some cases, however, particularly if your request is more complex, more time may be required up to a maximum of three months from the date we receive your request. You will be kept fully informed of our progress.
10. CONTACTING US
Please ensure that your query is clear, particularly if it is a request for information about the data we hold about you (as under section 9, above).