1. QUESTIONS; CONTACTING US; REPORTING VIOLATIONS
2. USER CONSENT
3. A NOTE ABOUT CHILDREN
The Websites or Services are intended for adults only and requires that users be no less than eighteen (18) years of age. Please note that certain of the Websites and Services require you to be at least twenty-one (21) years of age to access and use such Websites and Services. Please check the applicable terms and conditions for such Websites and Services for further information. Individuals under the age of eighteen (18) (or twenty-one (21) for applicable Websites and Services) are prohibited from creating a user account and profile, accessing the Websites or Services and/or purchasing products on the Transactable Sites (as defined below). We do not intentionally gather Personal Data from visitors who are under the age of 13. If a child under 13 submits Personal Data to HERB and we learn that the Personal Data is the information of a child under 13, we will attempt to delete the information as soon as possible. If you believe that we might have any Personal Data from a child under 13 or if you become aware that an underage user has created a user account using false, stolen or otherwise misleading information, please contact us immediately at [email protected]
4. A NOTE TO USERS OUTSIDE OF THE UNITED STATES
5. TYPES OF DATA WE COLLECT
“Personal Data” means data that allows someone to identify or contact you, including, for example, your name, address, telephone number, e-mail address, as well as any other non- public information about you that is associated with or linked to any of the foregoing data. “Anonymous Data” means data that is not associated with or linked to your Personal Data; Anonymous Data does not, by itself, permit the identification of individual persons. We collect Personal Data and Anonymous Data, as described below
- Information You Provide to Us.
- If you create an account on any of the Websites or Services (a “User Account”), we may collect your full name, email address, zip code, and other information you may provide with your User Account, such as your gender and birth date. Your first name and last initial, as well as any photo you submit through the registration process, may be publicly displayed as part of your User Account profile.
- If you use our Services on your mobile device, including through our mobile applications, we may collect and store your phone number and the unique device id number.
- If you send or receive messages through the Websites or Services via SMS text message, we may log phone numbers, phone carriers, and the date and time that the messages were processed.
- If you tell us where you are (e.g., by allowing your mobile device to send us your location), we may store and use that information to provide you with location- based information and advertising. If you want to deactivate this feature, you can either reinstall the mobile applications or deactivate GPS on your mobile device.
- Our Websites and Services lets you store preferences like how your content is displayed, your location, and safe search settings. We may associate these choices with your ID, browser or the mobile device, and you can edit these preferences at any time.
- When connecting to our Services via a service provider that uniquely identifies your mobile device, we may receive this identification and use it to offer extended services and/or functionality.
- Certain Services, such as two-factor authentication, may require our collection of your phone number. We may associate that phone number to your mobile device identification information.
- For individuals making purchases through any of our Websites or Services, to the extent applicable (the “Transactable Sites”), we may collect and store information about you, such as your name, e-mail address, billing address, shipping address, telephone number, product selections, credit card or other payment information, order number, referring URL, IP address, page you bought from and a password information, as well as any other information you provide to us, in order to process your transaction, send communications about them to you, and populate forms for future transactions.
- We may collect personal information that is reasonably necessary for third-party sellers to ship the products to you, verify your identity and eligibility to receive such products or services and to communicate with you regarding purchases and any issues that may arise in connection with your purchase. This personal information includes your “ship to” information and your e-mail address.
- For product vendors and listing clients, we may collect information that is reasonably necessary for users to communicate with you regarding the purchases and shipment of goods and services purchased from you and any issues that may arise in connection with their purchase. This personal information includes the seller information provided during your listing or vendor registration and your e-mail address.
- We retain information on your behalf, such as files and messages that you store using your Account.
- If you provide us feedback or contact us via e-mail, we will collect your name and e-mail address, as well as any other content included in the e-mail, in order to send you a reply.
- When you post content (text, images, photographs, messages, comments or any other kind of content that is not your e-mail address) on the Websites or Services, the information contained in your posting will be stored in our servers and other users will be able to see it, along with your profile photo and any other information that you choose to make public on your public profile page (“Profile”). The information that you provide in your Profile will be visible to others, including anonymous visitors to the Websites or Services.
- If you exchange messages with others through the Websites or Services, we may store them in order to process and deliver them, allow you to manage them, and we may review and disclose them in connection with investigations related to the operation and use of the Websites or Services.
- When you participate in one of our surveys, we may collect additional profile information.
- We also collect other types of Personal Data that you provide to us voluntarily, such as your operating system and version, product registration number, and other requested information if you contact us via e-mail regarding support for the Services.
- If you participate in a sweepstakes, contest or giveaway on the Websites or Services, we may ask you for your e-mail address and/or home number (to notify you if you win or not). We may also ask for first and last names, and sometimes post office addresses to verify your identity. In some situations we may need additional information as a part of the entry process, such as a prize selection choice. These sweepstakes and contests are voluntary. We recommend that you read the rules for each sweepstakes and contest that you enter.
- We may also collect Personal Data at other points in the Websites or Services that state that Personal Data is being collected.
- Information Collected via Technology.
- Information Collected by Our Servers. To make the Websites or Services and Services more useful to you, our servers (which may be hosted by a third party service provider) collect information from you, including your browser type, operating system, Internet Protocol (“IP”) address (a number that is automatically assigned to your computer when you use the Internet, which may vary from session to session), domain name, and/or a date/time stamp for your visit.
- Pixel Tags. In addition, we use “Pixel Tags” (also referred to as clear Gifs, Web beacons, or Web bugs). Pixel Tags are tiny graphic images with a unique identifier, similar in function to Cookies, that are used to track online movements of Web users. In contrast to Cookies, which are stored on a user’s computer hard drive, Pixel Tags are embedded invisibly in Web pages. Pixel Tags also allow us to send e-mail messages in a format users can read, and they tell us whether e-mails have been opened to ensure that we are sending only messages that are of interest to our users. We may use this information to reduce or eliminate messages sent to a user. We do not tie the information gathered by Pixel Tags to our users’ Personal Data.
- How We Respond to Do Not Track Signals. We do not currently respond to “do not track” signals or other mechanisms that might enable Users to opt out of tracking on our site.
- Flash LSOs. When we post videos, third parties may use local shared objects, known as “Flash Cookies,” to store your preferences for volume control or to personalize certain video features. Flash Cookies are different from browser Cookies because of the amount and type of data and how the data is stored. Cookie management tools provided by your browser will not remove Flash Cookies. To learn how to manage privacy and storage settings for Flash Cookies, click here: http://www.macromedia.com/support/documentation/en/flashplayer/help/sett ings_manager07.html.
- Mobile Services. We may also collect non-personal information from your mobile device if you have downloaded our mobile applications. This information is generally used to help us deliver the most relevant information to you. Examples of information that may be collected and used include your geographic location, how you use the mobile applications, and information about the type of device you use. In addition, in the event our mobile applications crash on your mobile device, we will receive information about your mobile device model software version and device carrier, which allows us to identify and fix bugs and otherwise improve the performance of our mobile applications. This information is sent to us as aggregated information and is not traceable to any individual and cannot be used to identify an individual.
6. USE OF YOUR PERSONAL DATA
- General Use. In general, Personal Data you submit to us is used either to respond to requests that you make, or to aid us in serving you better. We use your Personal Data in the following ways:
- Facilitate the creation of and to secure your User Account on the Services;
- Identify you as a user in our system;
- Provide, personalize, and improve the Services;
- Provide feedback and user base demographics to third party businesses listed on the Websites or Services;
- Communicate with you about your use of the Services;
- Develop new products and Services,
- Track usage of the Websites and Services;
- Customize the advertising you view and recommend content;
- Backup our systems and allow for disaster recovery;
- Fulfill your requests and provide customer support;
- Send newsletters, surveys, offers and promotional materials related to the Services and your user preferences and behaviors and for other marketing purposes of HERB using your contact information;
- Protect, investigate, prevent and potentially take action against possible fraudulent, unauthorized, or illegal activities;
- Respond to claims that Website content is inauthentic, counterfeit, or otherwise violates the rights of third parties;
- Respond to your requests for customer service;
- Protect our rights and the rights of other users;
- Creation of Anonymous Data. We may create Anonymous Data records from Personal Data by excluding information (such as your name) that makes the data personally identifiable to you. We use this Anonymous Data to analyze request and usage patterns so that we may enhance the content of our Services and improve Site navigation. We reserve the right to use Anonymous Data and aggregated and other de-identified information for any purpose and disclose Anonymous Data to third parties in our sole discretion.
7. DISCLOSURE OF YOUR PERSONAL DATA
- Third Parties Designated by You. We may share your personal information with your consent or at your direction. When you use the Services, the Personal Data you provide will be shared with the third parties that you designate to receive such information, including other websites, your friends, relatives and business associates. Depending on the type of access you grant to such third parties, they may also be permitted to edit the information you have provided to us and to designate others to access and edit such information. You may change your settings at any time as to who has access to your information by going to your account settings and changing your publishing options.
- Users. We will share your Personal Data with other users solely for the purpose of providing the Services.
- Third Party Service Providers. We may rely on third party providers to support or provide some of the features and options that are available through the Websites, Services or Transactable Sites. We may also rely on third party providers to perform certain services for us in connection with your use of the Websites or Services, such as communications and hosting services, network security, technical and customer support, tracking and reporting functions, quality assurance testing, payment processing, our own marketing of the Websites or Services, promotional and contest features, Transactable Sites’ product listings and brand management, and other functions. We may share information from or about you with these third party providers so that they can perform their services or complete your requests. These third party providers may share information with us that they obtain from or about you in connection with providing their services or completing your requests. Third party providers may also share this information with their subsidiaries, joint ventures, affiliates, partners or other companies under common control. Some of our web pages utilize framing techniques to serve content to you from our third party providers, while preserving the look and feel of the Websites or Services. In such cases, please note that the information you provide is being provided to the third party. These third party service providers are required not to use your Personal Data other than to provide the services requested by HERB.
- Disclosure to Third Party Companies. We may enter into agreements with companies that provide our Services by way of a co-branded or private-labeled website or companies that offer their products and/or services on our website (“Third Party Companies”). A Third Party Company may want access to Personal Data that we collect from its customers. As a result, we may disclose your Personal Data to a Third Party Company; however, we will not disclose your Personal Data to any Third Party Company for the Third Party Company’s own direct marketing purposes, unless you have “opted- in” by following the instructions we provide to allow such disclosure. If you have opted- in to receive e-mail communications from a Third Party Company and later wish to discontinue receipt of these e-mails, please contact the Third Party Company directly to update your preferences. The privacy policies of these Third Party Companies may apply to the use and disclosure of your Personal Data that we collect and disclose to such Third Party Companies. Because we do not control the privacy practices of Third Party Companies, you should read and understand their privacy policies.
- Businesses on HERB. We may share information from or about you (such as your age and gender), your devices, and your use of the Websites, Services and/or Transactable Sites (such as which businesses you bookmark or call) with businesses listed on HERB. You may adjust your settings to increase or decrease the amount of information we share. Keep in mind that businesses may see your Profile and receive information about your transactions with them in the Transactable Sites, regardless of your settings. Additionally, if you make a phone call to a business through or in connection with your use of the Websites or Services, we may share basic information about your call with the business that you contacted, such as the date and time of your call and your phone number (and other information that would have been available to the business had you contacted them directly, and not through the Websites or Services). You may be able to limit our ability to collect and share your phone number through your phone’s settings or phone service provider.
- Public Profile. Certain portions of the information you provide to us may also be displayed in your Profile. As an essential element of the Services, most of the Personal Data you explicitly provide to us when you register or update your Profile is displayed on your Profile. Your photos, posts, friends, and other content you post to the Websites or Services are also meant for pubic consumption. We may display this content on the Websites or Services and further distribute it to a wider audience through third party sites and services. Once displayed on publicly viewable web pages, that information can be collected and used by others. We cannot control who reads your postings or what other users may do with the information that you voluntarily post, so it is very important that you do not put Personal Data in your posts. Once you have posted information publicly, while you will still be able to edit and delete it on the Websites or Services, you will not be able to edit or delete such information cached, collected, and stored elsewhere by others (e.g., search engines).
8. YOUR CHOICES REGARDING INFORMATION
You have several choices regarding the use of information on our Service:
- Email Communications. You may cancel or modify our e-mail marketing communications you receive from us by following the instructions contained within our promotional e-mails or in some cases by logging into your User Account and changing your communication preferences. This will not affect subsequent subscriptions and if your opt-out preferences are limited to certain types of e-mails, the opt-out will be so limited. Subsequent or different subscriptions will remain unaffected. Please note that we reserve the right to send you certain communications relating to your User Account or use of our Websites or Services, such as administrative and service announcements, and these transactional User Account messages may be unaffected even if you choose to opt-out from receiving our marketing communications.
- Cookies. If you decide at any time that you no longer wish to accept Cookies from our Service for any of the purposes described above, then you can instruct your browser, by changing its settings, to stop accepting Cookies or to prompt you before accepting a Cookie from the websites you visit. Consult your browser’s technical information. If you do not accept Cookies, however, you may not be able to use all portions of the Service or all functionality of the Service. If you have any questions about how to disable or modify Cookies, please let us know at the contact information provided below.
- De-Linking social networking service. If you decide at any time that you no longer wish to have your social networking service account (e.g., Facebook) linked to your Account, then you may de-link the social networking service account in the “preferences” section in your account settings. You may also manage the sharing of certain Personal Data with us when you connect with us through an social networking service, such as through Facebook Connect. Please refer to the privacy settings of the social networking service to determine how you may adjust our permissions and manage the interactivity between the Services and your social media account or mobile device.
- Changing or Deleting Your Personal Data. The Websites or Services may allow you to review, correct or update personal information you have provided through the Websites or Services’ forms or otherwise. We will make good faith efforts to make requested changes in our then-active databases as soon as reasonably practicable. Please note that it is not always possible to completely remove or delete all of your information from our databases and that residual data may remain on backup media or for other reasons. Also, any public postings or other communications you have made on the Websites or Services such as in forums or blogs cannot generally be removed. When you edit your personal information or change your preferences on the Websites or Services, information that you remove may persist internally for our own administrative purposes. If you completely delete all of your Personal Data, then your user account may become deactivated. We will use commercially reasonable efforts to honor your request. We may retain an archived copy of your records as required by law or for legitimate business purposes.
- Applications. You can stop all collection of information by the mobile applications by uninstalling the mobile applications. You may use the standard uninstall processes as may be available as part of your mobile device or via the mobile application marketplace or network. To serve ads in our mobile applications where Cookie technology is not available, the HERB hashes users’ device ID. Users may choose to reset or opt out of anonymous IDs at any time. If users choose to opt out, ads delivered to the mobile applications by ad serving technology will not be served on an anonymous ID.
9. SECURITY OF CREDIT CARD AND BANK ACCOUNT INFORMATION
We follow generally accepted industry standards to protect the personal information submitted to us, both during transmission and once we receive it. This includes using Security Sockets Layers (SSL) software, which is software that encrypts the information you input. However, no method of transmission over the Internet or via mobile device, or method of electronic storage, is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security. To most efficiently serve you when placing orders through our Transactable Sites site, credit card transactions and order fulfillment are handled by established third party banking managers, processing agents and distribution institutions. They receive the information needed to verify and authorize your credit card or other payment information and to process and ship your order. Within the Transactable Sites, your information is kept on password protected, limited access servers. Wherever possible and applicable, the Transactable Sites’ servers reside behind a corporate firewall that maintains controls on access to the system from both our internal network and the Internet.