Effective Date: June 1, 2020
- OUR COMMITMENT TO PERSONAL PRIVACY
This Policy reflects ZBD Health’s commitment to protecting information we learn from each visitor to a company owned or operated general audience web site or other online services in which the company participates. ZBD Health owned and operated web sites include www.zbdhealth.com. ZBD Health participates in online services such as social media platforms, including:
The above list of company web sites and online services is not intended to be an exhaustive list and may change from time to time. Please review the privacy policies linked to each web site, social media platform and online activity you may visit or participate.
- THIS SITE NOT INTENDED FOR USE BY MINORS
ZBD Health products are not for use by or sale to persons under the age of 18. ZBD Health does not collect or maintain information from visitors known to be under the age of 18, and no part of our web sites or online services is structured to attract anyone under the age 18. If you have reason to suspect that we have collected personal information from any visitor known to be under the age of 18, please contact us (see Section 22) so that we can review the matter and take appropriate action.
- PERSONAL INFORMATION: WHAT WE COLLECT, WHEN YOU GIVE IT TO US
Personal information collected from a visitor on our websites or online services may include:
first and/or last name
home or mailing address
credit/debit card information
the user ID that you use on a social network or third-party service
ZBD Health will treat any information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a visitor or a visitor’s household, as "Personal Information.”
The submission of Personal Information is purely voluntary but may be a necessary step for registering or participating in certain activities and promotions offered or made available.
- AUTOMATIC DATA COLLECTION TECHNOLOGIES (“PERSISTENT IDENTIFIERS”)
Our web sites and online services use automatic data collection technologies (“persistent identifiers”) including but not limited to "cookies" and “web beacons” to collect certain information about visitor equipment, browsing actions and website usage.
Cookies are small files placed on the hard drive of your computer, which may collect:
a customer number,
an IP address (a Uniform Resource Locator or “URL”),
a processor or device serial number,
a unique identifier that might be used to recognize a user’s online activities over time and across different web sites or online services (behavioral tracking), including but not limited the type of operating system and software the visitor is using to browse the Internet, the "URL" (web address) that the visitor visited before and after our site and the visitor's Internet Service Provider; and
geolocation data of the visitor which may be sufficient to identify a street name and name of city or town.
Web beacons are small, transparent graphic images (such as clear GIFs, pixel tags and single-pixel GIFs) placed on website pages and advertisements for use in combination with cookies to collect website statistics, for example, to count the number of visitors to a page, to determine the popularity of website content, to determine visitor interest in website content, to identify visitors when they return to a website or online service, to store information about visitor preferences, and to verify system and server integrity.
Many internet browsers or devices may allow you to block and/or remove cookies, but you may not be able to use some features or participate in some activities or offers if you block cookies.
- THIRD PARTY USE OF AUTOMATIC DATA COLLECTION TECHNOLOGIES
We do not control these third parties' tracking technologies or how they may be used. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly.
- CALIFORNIA DO-NOT-TRACK DISCLOSURES
ZBD Health uses the information collected through automated data collection technologies (alone or in conjunction with Personal Information) to make the company websites and related online services more useful and more personal to visitors and their individual interests. Therefore, we do not respond to “do not track” requests.
Visitors may refuse to accept browser cookies by activating the appropriate setting on the visitor’s Internet browser or by using third party do not track technologies. However, if visitors refuse, disable or delete cookies from our websites or related online services (including mobile applications), certain parts or features of our company websites or online services may be inaccessible or not functional.
5.USE OF PERSONAL INFORMATION
ZBD Health and its affiliates use Personal Information only to the extent necessary:
For internal business purposes, including maintaining business records;
For online order fulfillment services;
To maintain and improve the performance or functionality of online services;
To prevent fraud or harm;
To enforce contracts;
To communicate to visitors and customers about products, services, customer support, questions and concerns, preferences, events, and special offers and promotions;
For registration, notification and publicity of participants and winners in promotions and contests;
To comply with valid legal requirements; and/or
In connection with business transactions involving the ownership or assets of the Company.
Personal Information will not be sold, rented, disclosed, disseminated, made available, transferred or otherwise communicated to another business or third party for monetary consideration or other valuable consideration for advertising and marketing purposes without prior consent or request from the visitor.
Personal Information may be complied alone or with other information (“Aggregated Data”). The Aggregated Data does not identify you personally. ZBD Health may use and share Aggregated Data with its affiliates, agents and business partners for analysis and research to better understand customer preferences, demographics, behavior, and use of the online services. The Aggregated Data may also be used to describe the Company’s business and services to prospective business partners and for other lawful purposes.
- REVIEW, CORRECTION AND REMOVAL OF PERSONAL INFORMATION
A visitor may review, correct and/or delete Personal Information by e-mail request to firstname.lastname@example.org. Visitors may also opt out of receiving communications from us about offers, contests, promotions, activities or new products by advising us by e-mail request to email@example.com or through available opt-out features. If Personal Information is deleted or consent to the use of Personal Information is revoked, a visitor's participation in activities requiring the use of Personal Information may be restricted or terminated.
A visitor acknowledges and agrees that even if ZBD Health receives a request to delete information, ZBD Health reserves the right, alone and with third parties, to maintain Personal Information to the extent necessary to perform a lawful business purposes, including:
performing services on behalf of the business to fulfill contracts with customers;
detecting security incidents, and/or protect against malicious, deceptive, fraudulent, or illegal activity,
debugging to identify and repair errors that impair existing intended functionality;
exercise lawfully protected free speech,
comply with the California Electronic Communications Privacy Act or other applicable federal, state, or local laws.
conduct scientific, historical, or statistical research, and/or
conduct internal business operations.
- CALIFORNIA PRIVACY RIGHTS: THE “SHINE THE LIGHT” LAW
California resident visitors should send their requests for information under the Shine the Light law to firstname.lastname@example.org with the subject line “Attention Legal Department: Shine the Light Request,” or write us at: Attention Legal Department: Shine the Light Request, ZBD Health, 1495 Canyon Boulevard, Boulder, CO 80302. Please include sufficient contact information for ZBD Health to contact you in response to your request.
- CALIFORNIA PRIVACY RIGHTS FOR MINOR USERS: THE “MINOR ERASER” LAW
Any visitor who is under the age of 18 has the right under California’s “Minor Eraser” law (California Business and Professions Code 22581) to view, correct, or remove content posted by the visitor as a registered user of the site. A visitor may view, correct or remove content by accessing the registered account using the visitor’s user name and password. A visitor may also send ZBD Health a request to remove certain posted content at email@example.com with the subject line “Attention Legal Department: Minor Eraser Request,” or write us at: Attention Legal Department: Minor Eraser Request, ZBD Health, 1495 Canyon Boulevard, Boulder, CO 80302. Please include enough information to identify the content to be removed and sufficient contact information for ZBD Health to contact you in response to your request.
- CALIFORNIA CONSUMER PRIVACY RIGHTS
California residents have the right under the California Consumer Privacy Act of 2018 (CCPA) and certain other privacy and data protection laws, as applicable, to exercise free of charge, the following rights:
Disclosure of Personal Information We Collect About You –
You have the right know:
The categories of personal information we have collected about you;
The categories of sources from which the personal information is collected;
Our business or commercial purpose for collecting or selling personal information;
The categories of third parties with whom we share personal information, if any; and
The specific pieces of personal information we have collected about you.
Please note that we are not required to:
Retain any personal information about you that was collected for a single one-time transaction if, in the ordinary course of business, that information about you is not retained;
Reidentify or otherwise link any data that, in the ordinary course of business, is not maintained in a manner that would be considered personal information; or
Provide the personal information to you more than twice in a 12-month period.
Please note that we are required to update the information required to be disclosed under the CCPA at least once every 12 months.
Personal Information Sold or Used for a Business Purpose –
In connection with any personal information we may sell or disclose to a third party for a business purpose, you have the right to know:
The categories of personal information about you that we sold and the categories of third parties to whom the personal information was sold; and
The categories of personal information that we disclosed about you for a business purpose.
You have the right under the California Consumer Privacy Act of 2018 (CCPA) and certain other privacy and data protection laws, as applicable, to opt-out of the sale (or disclosure) of your personal information. If you exercise your right to opt-out of the sale (or disclosure) of your personal information, we will refrain from selling your personal information, unless you subsequently provide express authorization for the sale of your personal information. To opt-out of the sale or disclosure of your personal information, visit our homepage and click on the Do Not Sell My Personal Information link here: https://zbdhealth.com/pages/contact-form.
Please note that it is our policy not to sell any Personal Information for any business purpose. Therefore, we have not sold to a third party any personal information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.
Right to Deletion—
Subject to certain exceptions set out below, on receipt of a verifiable request from you, we will:
Delete your personal information from our records; and
Direct any service providers to delete your personal information from their records.
Please note that we may not delete your personal information if it is necessary to:
Complete the transaction for which the personal information was collected, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, provide a good or service requested by you, or reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform a contract between you and us;
Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible for that activity;
Debug to identify and repair errors that impair existing intended functionality;
Exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law;
Comply with the California Electronic Communications Privacy Act;
Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when our deletion of the information is likely to render impossible or seriously impair the achievement of such research, provided we have obtained your informed consent;
Enable solely internal uses that are reasonably aligned with your expectations based on your relationship with us;
Comply with an existing legal obligation; or
Otherwise use your personal information, internally, in a lawful manner that is compatible with the context in which you provided the information.
Protection Against Discrimination—
You have the right to not be discriminated against by us because you exercised any of your rights under the CCPA. This means we cannot, among other things:
Deny goods or services to you;
Charge different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties;
Provide a different level or quality of goods or services to you; or
Suggest that you will receive a different price or rate for goods or services or a different level or quality of goods or services.
Please note that we may charge a different price or rate or provide a different level or quality of goods and/or services to you, if that difference is reasonably related to the value provided to our business by your personal information.
To Exercise Your Rights under the CCPA—
Call us, toll-free, at the toll-free phone number provided below under Contact Us; or
Write us at the mailing address provided below under Contact Us; or
Email using the email address: firstname.lastname@example.org.
Please note that you may only make a CCPA-related data access or data portability disclosure request twice within a 12-month period.
You will need to provide us with:
Enough information to identify you (e.g., your full name, address and customer or matter reference number);
Proof of your identity and address (e.g., a copy of your driving license or passport and a recent utility or credit card bill); and
A description of what right you want to exercise and the information to which your request relates.
We are not obligated to make a data access or data portability disclosure if we cannot verify that the person making the request is the person about whom we collected information or is someone authorized to act on such person’s behalf.
Any personal information we collect from you to verify your identity in connection with you request will be used solely for the purposes of verification.
- THIRD PARTY E-COMMERCE SERVICES
We may use third party platforms to host our online e-commerce stores that help us sell our merchandise online. Our online e-commerce stores are currently hosted by Shopify, Inc. (“Shopify”). To learn how Shopify treats personal information/data learned through the provision of hosted services, visit Shopify’s Terms of Service and Privacy Statement: https://www.shopify.com/legal/privacy.
- VISITOR COMMENTS, SUBMISSIONS AND POSTINGS
Our web sites and the online services in which we participate may allow the ability to post comments, information about yourself and others, and to upload media content (for example. pictures, videos, artwork, etc.). Submissions to ZBD Health web sites are subject to the posted Terms of Service. Please be aware that any information you post to publicly viewable site and services can be accessed and use by others. We cannot control what others may do with information you voluntarily post, and once you post information you may not be able to edit or delete it. We urge you to use caution when posting any information online.
- ONLINE SOCIAL MEDIA SERVICE
- ACCESS FROM MOBILE DEVICES
Visitors using social media sites should be aware that information you submit on such sites may be accessed on mobile phones and other mobile devices that allow information to be synced and saved by friends and others. You should only share important or sensitive information with people you trust because they may be able to save and share it, knowingly or unknowingly, with others you do not intend the information to be shared with.
- MOBILE DEVICE AND WIRELESS NETWORK SECURITY
Mobile devices such as cell phones and other devices using WiFi networks can have financial and other information intercepted during use. It is important to use only encrypted transmissions on secured WiFi networks when transmitting Personal Information. In addition, passwords and other login information should be stored in password protected files in case a mobile device is lost or stolen.
- DATA SECURITY, INTEGRITY, AND DATA RETENTION
ZBD Health and its affiliates use appropriate physical, electronic, and managerial procedures to safeguard and protect Personal Information from unauthorized access, use, alteration and disclosure. We use Secure Socket Layer (SSL) encryption technology for the transmission of Personal Information. To take advantage of this technology, your browser software must support 128- bit encryption.
- VISITOR'S RESPONSIBILITY
Visitors must also take precautions to prevent unauthorized access and use of Personal Information including but not limited to login names and passwords. For example, visitors should not disclose or allow others to use their personal passwords or other personal identification information used to access and/or conduct transactions on this site. Visitors are solely responsible for all results (claims, liabilities and damages of any kind) arising from or related to their disclosure of Personal Information to another person or entity, whether the disclosure was intentional or not. Visitors agree not to use anyone else's personal identification information without proper authorization.
- VISITOR'S RISK AND LIMITATION OF COMPANY'S LIABILITY FOR FAILURE OF SECURITY MEASURES
Due to the nature of electronic communications and storage, the company’s security measures may not prevent all loss, misuse, theft or alteration of Personal Information collected from a site or online service. THEREFORE, THE VOLUNTARY SUBMISSION OF PERSONAL IDENTIFICATION INFORMATION VIA THIS SITE IS AT THE VISITOR'S SOLE RISK AND EXCEPT AS PROHIBITED BY LAW, EACH VISITOR AGREES THAT ZBD HEALTH, IT’S AFFILIATES AND AGENTS SHALL NOT BE LIABLE FOR ANY FAILURE OF SECURITY MEASURES OR FOR ANY UNAUTHORIZED ACCESS, USE, DISTRIBUTION, ALTERATION OR THEFT OF PERSONAL INFORMATION ARISING FROM OR RELATED TO THE SUBMISSION OF PERSONAL INFORMATION VIA A COMPANY SITE OR ONLINE SERVICE. TO THE MAXIMUM EXTENT PERMITTED BY LAW, IN NO EVENT SHALL ZBD HEALTH BE LIABLE FOR ANY DIRECT, INDIRECT, SPECIAL, INCIDENTAL, PUNITIVE OR CONSEQUENTIAL DAMAGES ARISING FROM OR RELATED TO ANY FAILURE OF SECURITY MEASURES OR ANY UNAUTHORIZED ACCESS, USE, DISTRIBUTION, ALTERATION OR THEFT OF PERSONAL INFORMATION.
- TERMINATION OR SUSPENSION OF ACCESS / PARTICIPATION
- INTERNATIONAL TRANSFERS OF INFORMATION / DATA
If you are visiting a ZBD Health site or SERVICE from outside of the United States, please be aware that visitor’s Personal Information / DATA will be transferred to, and maintained on, computers located within the United States governed by U.S. laws. By providing Personal Information / DATA, you consent to the collection, use, retention and any other processing of your personal information / data on computers located within the United States and outside the country of your residence or from which you accessed the company website or service.
- EUROPEAN UNION AND EUROPEAN ECONOMIC AREA - GENERAL DATA PROTECTION REGULATION ("GDPR") COMPLIANCE
It is the policy of ZBD Health to comply with the General Data Protection Regulation (“GDPR”) as applicable and fully enforceable in all European Union (“EU”) Members States and the European Economic Area (“EEA”) Member States, when applicable to ZBD Health’s activities, alone or jointly with others, to control or process personal information/data of persons located in the EU/EEA (“Data Subjects”). In accordance with the GDPR, controllers and processors of certain personal information/data have a duty to provide Data Subjects with specific information and disclosures concerning how ZBD Health handles personal data and your data rights.
- Identity of the Controller:
ATTN: Consumer Privacy Request
1495 Canyon Boulevard,
Boulder, CO 80302
Telephone: (720) 223-6176
Hours: 9 a.m. - 5 p.m. Mountain Time, Monday through Friday
- Purposes of the Processing of Personal Information / Data - Your Consent or Agreement
- Recipients of Categories of Personal Data
- Data Transfers
Personal Information / Data provided to us resides in the United States. If a transfer of your Personal Information / Data is required to be transmitted to a third country or international organization, the transfer shall be pursuant to appropriate and suitable safeguards, including execution of the Standard Contractual Clauses as approved by the European Commission.
- Retention Schedule for Personal Data
- Data Rights
If you are an EU/EEA Data Subject, you have the following data rights:
A right to access the personal data we have for you;
A right to rectification of incorrect personal data;
A right to erasure of the personal data we have for you;
A right to restriction of processing concerning you;
A right to object to our processing of your personal data;
A right to data portability, that is, a copy of the data we have on you;
A right to withdraw consent at any time to our processing of such data subject’s personal data; and
A right to lodge a complaint with a supervisory authority.
You may exercise your GDPR data rights by contacting us, in writing, by telephone or email at the contact information provided above. We believe that we can resolve any concerns or you may have directly between us; however, under the GDPR you have the right to lodge a complaint with a supervisory authority in the EU or EEA state where you normally reside or work, or where any alleged infringement of your rights have occurred.
- UPDATES AND MODIFICATIONS
- CONTACT US
Mail: ZBD Health
Attn: Consumer Privacy
1495 Canyon Boulevard,
Boulder, CO 80302
Phone: (720) 223-6176
Hours: 9 a.m. - 5 p.m. Mountain Time, Monday through Friday.
Join the ZBD club
Sign up and get free ZBD products, offers, promotions, and more
© 2020 ZBD. All Rights Reserved