WHAT INFORMATION DO WE COLLECT AND HOW IS IT USED?
- Information You Voluntarily Submit to the Website: The Website may collect personal information from you such as your name or email address. For example, you may voluntarily submit information to the Website by leaving a comment, subscribing to a newsletter, or submitting a contact form. Personal Data may include, but is not limited to, your name, email address, mailing address and billing information and phone number.
- Information We Collect from Others: The Website may receive information about you from other sources. For example, if you use a third-party software through the Website, they may transfer information to us for fulfillment. We do not control the data privacy or protection policies of third parties, and we are not responsible for the privacy practices of these third parties. Our legal basis for processing this information is our legitimate interests, namely monitoring and improving our services, and the legitimate interests of our customers.
- Automatically-Collected Information: The Website automatically collects certain information about you and the device with which you access the Website. For example, when you use the Website, The Website will log your IP address, operating system type, browser type, referring website, pages you viewed, and the dates/times when you accessed the Website. The Website may also collect information about actions you take when using the Website, such as links clicked.
- Cookies: The Website may log information using cookies, which are small data files stored on your browser by the Website. The Website may use both session cookies, which expire when you close your browser, and persistent cookies, which stay on your browser until deleted, to provide you with a more personalized experience on the Website.
HOW YOUR INFORMATION MAY BE USED
The Website may use the information collected in the following ways:
- To operate and maintain the Website;
- To fulfill orders or oversee contests or promotions;
- To send you promotional information, such as newsletters. Each email promotion will provide information on how to opt-out of future mailings;
- To send you administrative communications, such as administrative emails, confirmation emails, technical notices, updates on policies, or security alerts;
- To respond to your comments or inquiries;
- To provide you with user support;
- Training and quality control;
- To track and measure advertising on the Website; or,
- To protect, investigate, and deter against unauthorized or illegal activity.
LEGAL BASES FOR PROCESSING DATA UNDER THE GENERAL DATA PROTECTION REGULATION (“GDPR”)
We are responsible as “controller” of your Personal Data under the GDPR and below are the types of lawful basis that we will rely on to collect and process your Personal Data:
- Legitimate Interest means the interest of our business in conducting and managing our business to enable us to give you the best service/product and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your Personal Data for our legitimate interests. We do not use your Personal Data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us at Jill@JillCastle.com.
- Performance of Contract means processing your data where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract.
- Comply with a legal or regulatory obligation means processing your Personal Data where it is necessary for compliance with a legal or regulatory obligation that we are subject.
- Consent means where you have consented to a certain use of your Personal Data.
- Vital Interest means processing your Personal Data to protect the vital interests of the data subject or another natural person
How to File a GDPR Complaint
We hope that we can resolve any query or concern you raise about our use of your information.
The General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority, in the European Union (or European Economic Area) state where you work, normally live, or where any alleged infringement of data protection laws occurred.
WHERE YOUR PERSONAL DATA IS HELD
Personal Data may be held at our offices and those of our affiliates, parent or related companies, third party agencies, service providers, representatives and agents as described below (see below: “Third Party Use of Personal Information”).
Some of these third parties may be based outside the European Economic Area. For more information, including on how we safeguard your personal information when this occurs, see below: “Transferring Your Personal Information Out of the EEA”.
TRANSFERRING YOUR PERSONAL DATA OUT OF THE EEA
To provide the Website or deliver products or services to you, it is necessary for us to share your Personal Data outside the European Economic Area (EEA), eg:
• With our offices outside the EEA;
• With your and our service providers located outside the EEA;
• If you are based outside the EEA;
• Where there is an international dimension to the services we are providing to you.
These transfers are subject to special rules under European and UK data protection law.
The following countries to which we may transfer Personal Data have been assessed by the European Commission as providing an adequate level of protection for personal information: the United States.
Except for the countries listed above, these non-EEA countries do not have the same data protection laws as the United Kingdom and EEA. We will, however, ensure the transfer complies with data protection law and all Personal Data will be secure. Our standard practice is to use standard data protection contract clauses that have been approved by the European Commission.
THIRD-PARTY USE OF PERSONAL INFORMATION
Company may share your Personal Data with certain third parties as set forth below:
Third Party Vendors: We may share your information with third party vendors or service providers who help us provide our products or services or the Website, including database hosting and data processing services, and assist us in responding to requests by you for information that you request.
Business Transfers: As we develop our business, we might sell or buy businesses or assets. In the event of a corporate sale, merger, reorganization, dissolution or similar event, Personal Data may be part of the transferred assets. We may also share Personal Data with potential buyers. Usually, information will be anonymized, but this may not always be possible. The recipient of the information will be bound by confidentiality obligations.
Third Parties with Permission: We may share your information with third parties to whom you ask us to send your information.
Agents, Consultants, and Related Third Parties: Company, like many businesses, sometimes hires other companies to perform certain business-related functions. Examples of such functions include mailing information, maintaining databases and processing payments. When we employ another entity to perform a function of this nature, we only provide them with the information that they need to perform their specific function.
Legal Requirements: Company may disclose your Personal Data if required to do so by law or in the good faith belief that such action is necessary to (i) comply with a legal obligation or to respond to requests from law enforcement or other government officials relating to investigations or alleged illegal activity or in connection with our own investigation of suspected or actual illegal activity, in which case we may (and you hereby authorize us to) disclose information without subpoenas or warrants served on us, (ii) protect and defend the rights or property of Company, (iii) act in urgent circumstances to protect the personal safety of users of the Website or the public, (iv) protect against legal liability including to resolve disputes, investigate problems, or enforce our Customer contracts.
The Website may share your information with third parties when you explicitly authorize us to share your information. Additionally, the Website may use third-party service providers to service various aspects of the Website. Each third-party service provider’s use of your personal information is dictated by their respective privacy policies. The Website currently uses the following third-party service providers:
- Google Analytics – this service tracks Website usage and provides information such as referring websites and user actions on the Website. Google Analytics may capture your IP address, but no other personal information is captured by Google Analytics.
- Convert Kit – this service is used for delivery of email updates and newsletters. We store your name and email address for purposes of delivering such communications.
- Convert Kit – this service is used for delivery of email updates and newsletters. We store your name and email address for purposes of delivering such communications. Active Campaign will also track information regarding your interaction with our emails, such as whether they have been opened or you have clicked on a particular link.
- Thinkific — this service is used to host nutrition classes, workshops and books and may collect your contact and credit card information. We will store your contact information. If you purchase a class, workshop or book, it will ask for your email, and set up a secure login password for you; however, the course platform does not pass back any information to us about your credit card.
- Stripe – this service is integrated with Thinkific and is the payment processor for all goods and service bought on the Website. If you purchase goods or services, Stripe will process your credit card and store your information only if you select this option. At no time is your banking information passed to the Website. We receive only information used for order fulfillment.
- OTHER THIRD-PARTY SERVICE PROVIDERS – DESCRIBE HOW YOU USE THE SERVICE PROVIDER AND WHAT INFORMATION YOU RECEIVE.
At this time, your personal information is not shared with any other third-party service providers. This list may be amended from time to time in the Website’s sole discretion.
Except when required by law, Company will not sell, distribute, or reveal your email addresses or other personal information without your consent; however, Company may disclose or transfer personal information collected through the Website to third parties who acquire all or a portion of our business, which may be the result of a merger, consolidation, or purchase of all or a portion of our assets, or in connection with any bankruptcy or reorganization proceeding brought by or against us.
From time to time, Company may use anonymous data, which does not identify you alone, or when combined with data from other parties. This type of anonymous data may be provided to other parties for marketing, advertising, or other uses. Examples of this anonymous data may include analytics or information collected from cookies.
PUBLICLY VISIBLE INFORMATION
If you create a user profile on the Website or leave a comment, certain information may be publicly visible.
What are cookies?
A cookie is a small text file which is sent to your computer or mobile device (referred to in this policy as a “device”) by the web server so that a website can remember some information about your browsing activity on the Website. The Cookie will collect information relating to your use of the Website, information about your device such as the device’s IP address and browser type, demographic data and, if you arrived at the Website via a link from third party site, the URL of the linking page.
In addition to Cookies, the Website may use web beacons. Web beacons allow us to count the number of users who have visited or accessed the Website and to recognize users by accessing our cookies. We may employ web beacons to facilitate Website administration and navigation, to track the actions of users of the Website, to compile aggregate statistics about Website usage and response rates, and to provide an enhanced online experience for visitors to the Website. We may also include web beacons in HTML-formatted e-mail messages that we send to determine which e-mail messages were opened. A web beacon is often invisible because it is only 1 x 1 pixel in size with no color. A web beacon can also be known as a web bug, 1 by 1 GIF, invisible GIF and tracker GIF.
What are the different types of cookies and how do we use them?
Essential – These are Cookies which are essential for the running of the Website. Without these Cookies, parts of the Website would not function. These Cookies do not track where you have been on the internet and do not gather information about you that could be used for marketing purposes.
Examples of how we may use essential Cookies include:
- Setting unique identifiers for each unique visitor, so that website numbers can be analyzed.
Functional – These Cookies are used to remember your preferences on the Website and to provide enhanced, more personal features. The information collected by these Cookies is usually anonymized, so we cannot identify you personally. Functional Cookies do not track your internet usage or gather information which could be used for selling advertising.
Examples of how we may use functional Cookies include:
- Gathering data about visits to the Website, including numbers of visitors and visits, length of time spent on the Website, pages clicked on or where visitors have come from
- Eliminating the need for returning users to re-enter their login details.
Analytical Performance – Analytical performance Cookies are used to monitor the performance of the Website, for example, to determine the number of page views and the number of unique users our Website has. We use this information to improve user experience or identify areas of the Website which may require maintenance. The information is anonymous (i.e. it cannot be used to identify you and does not contain personal information such as your name and email address) and it is only used for statistical purposes.
Examples of how we may use analytical Cookies include:
- Measuring users’ behavior
- Analyze which pages are viewed and how long for and which links are followed to better develop the Website
Advertising – Behavioral advertising Cookies, which may be placed on your device by us or our trusted third-party service providers, remember that you have visited a website and use that information to provide you with advertising which is tailored to your interests. This is often called online behavioral advertising and is done by grouping together shared interests based upon web browsing history. Your web browsing history can be used to infer things about you (e.g. your age, gender etc.), and this information may also be used to make advertising on websites more relevant to you. Although behavioral advertising Cookies can track your activity around the internet, these Cookies cannot identify you personally.
Examples of how we may use advertising Cookies include:
Third Party Cookies – You may notice on some pages of the Website that Cookies have been set that are not related to us. When you visit a page with content embedded from, for example, YouTube or Facebook, these third party service providers may set their own Cookies on your device. We do not control the use of these third party Cookies and cannot access them due to the way that Cookies work, as Cookies can only be accessed by the party who originally set them. Please check the third party websites for more information about these Cookies.
Users may, at any time, prevent the setting of cookies, by the Website, by using a corresponding setting of your internet browser and may thus permanently deny the setting of cookies. Furthermore, already set cookies may be deleted at any time via an Internet browser or other software programs. This is possible in all popular Internet browsers. However, if users deactivate the setting of cookies in your Internet browser, not all functions of our Website may be entirely usable.
How can you manage or opt-out of cookies?
Cookies, including those which have already been set, can be deleted from your hard drive. You can also change the preferences/settings in your web browser to control Cookies. In some cases, you can choose to accept Cookies from the primary site, but block them from third parties. In others, you can block Cookies from specific advertisers, or clear out all Cookies. Deleting or blocking Cookies may reduce functionality of the Website. To learn more about how to reject Cookies, visit www.allaboutcookies.org or go to the help menu within your internet browser. If you experience any problems having deleted Cookies, you should contact the supplier of your web browser.
Opting out of Analytical Performance Cookies
If you would like to opt out of Analytics Cookies, please do so by clicking on the links below:
Google Analytics: https://tools.google.com/dlpage/gaoptout.
Opting out of Behavioral Advertising Cookies
If you would like more information about how to opt out of interest-based advertising in desktop and mobile browsers on a particular device, please visit http://optout.aboutads.info/#/ and http://optout.networkadvertising.org/#. You may download the AppChoices app at http://www.aboutads.info/appchoices to opt out in connection with mobile apps, or use the platform controls on your mobile device to opt out.
Facebook: Opt-out of Facebook remarketing here
Google: Opt-out of Google remarketing here
Pinterest: Opt-out of Pinterest remarketing here
On the Website, you may subscribe to our newsletter, which may be used for advertising purposes. All newsletters sent may contain tracking pixels. The pixel is embedded in emails and allows an analysis of the success of online marketing campaigns. Because of these tracking pixels, Company may see if and when you open an email and which links within the email you click. Also, this allows Company to adapt the content of future newsletters to the interests of the user. This behavior will not be passed on to third parties.
HOW LONG WILL YOUR PERSONAL INFORMATION BE KEPT
• We will keep your personal information while you have an account with us or we are providing products or services to you. Thereafter, we will keep your personal information for as long as is necessary:
• To respond to any questions, complaints or claims made by you or on your behalf;
• To show that we treated you fairly;
• To keep records required by law.
• When it is no longer necessary to retain your personal information, we will delete or anonymize it.
RIGHTS RELATED TO YOUR PERSONAL INFORMATION
Please note that while any amendments, corrections or deletions will be reflected in active user databases (as updated with a reasonable period of time), we may retain all Personal Data for backups, archiving, prevention of fraud and abuse, analytics, and satisfaction of other legal obligations we reasonably believe applicable.
We may retain your Personal Data to comply with laws, prevent fraud, resolve disputes, troubleshoot problems, assist with any investigations, enforce our contracts, and take other actions otherwise permitted by law.
Opt-out – If you send us an email with questions or comments, we may use your personally identifiable information to respond to your questions or comments, and we may save your questions or comments for future reference. For security reasons, we do not recommend that you send non-public personal information, such as passwords, social security numbers, or bank account information, to us by email. You may “opt out” of receiving future commercial email communications from us by clicking the “unsubscribe” link included at the bottom of most emails we send, or as provided below; provided, however, we reserve the right to send you transactional emails such as customer service communications. You may also notify us at email@example.com be removed from our mailing list.
Access – You may request access to the personal information we have about you by submitting a request to firstname.lastname@example.org.
Amend – You may contact us at email@example.com amend or update your personal information.
Forget – In certain situations, you may request that we erase or forget your personal data. To do so, please submit a request to firstname.lastname@example.org.
Please note that we may need to retain certain information for recordkeeping purposes or to complete transactions, or when required by law.
The Website does not knowingly collect any personally identifiable information from children under the age of 16. If a parent or guardian believes that the Website has personally identifiable information of a child under the age of 16 in its database, please contact us immediately at email@example.com and we will use our best efforts to promptly remove such information from our records.
LINKS TO OTHER WEBSITES
OTHER TERMS AND CONDITIONS
Your access to and use of the Website may also be subject to any separate agreements or terms and conditions you have signed or agreed to with Company. Please refer to those agreements as needed.
Last updated: June 9, 2020.