| Why do you collect information about me? | Which information do you collect about me? | Why are you legally allowed to collect my information? | How long do you keep information about me? |
| 2.1 For processing your purchase requests on the Website; | First name, last name, delivery address, telephone number, email address, information about your paid purchase price and currency. | We conclude and execute a contract with you (Art. 6 (1) (b) of the General Data Protection Regulation – GDPR). | 1 year after you make a purchase on our website. |
| 2.2 To process payments on the Website; | First name, last name, delivery address, telephone number, email address, information about your paid purchase price and currency, your credit card brand, type, BIN number, and credit card issuer country. | We conclude and execute a contract with you (Art. 6 (1) (b) of the GDPR) upon which we need to collect payments from you. | As long as you have a subscription for our Services and 1 month after you terminate your subscription. |
| 2.3 To process recurring purchase requests on the Website; | Unique data “token” identification number; | You agreed to that (Art. 6 (1) (a) of the GDPR) | 1 year after you make a purchase on our website. |
| 2.4 To provide you with personalized offers, marketing materials, and special discounts; | IP address, email address, telephone number. | You agreed to that (Art. 6 (1) (a) of the GDPR) | 1 month after you visit the Website. |
| 2.5 To ensure security of the Website; | IP address or other device address or ID, web browser and/or device type, hardware and software settings and configurations, the web pages or sites that you visit just before or just after visiting the Site, the pages you view on the Site, your actions on the Site, and the dates and times that you visit, access, or use the Services. When you use the Site on a mobile device, we may also collect the physical location of your device by, for example, using satellite, cell phone tower or wireless local area network signals. | We have a legitimate interest (to ensure security of our website) (Art. 6 (1) (f) of the GDPR). | 1 month after you visit the Website. |
| 2.6 To manage our accounts on social media - where you interact with us via our social media accounts | Name and surname, e-mail address, gender, country, picture, message, time and date the message was received, content of the message, message attachments, response to the message, time of response to the message, information about our rating, comments on a post, post shares, information about post reactions. | You agreed to that (Art. 6 (1) (a) of the GDPR) | 2 years |
| 2.7 To manage our services and product customer reviews, testimonials and other feedback. | Name, surname, e-mail address, image/picture associated with your account, time and date when the message was received, the content of the message. | You agreed to that (Art. 6 (1) (a) of the GDPR) | 2 years after receiving your feedback or message. |
| 2.8 To handle queries, requests and complaints submitted by you – where you submit one. | Firs name, last name, e-mail address, country, telephone number, subject of your inquiry, date of your inquiry, content of your inquiry, attachments to your inquiry, reply to your inquiry | You agreed to that (Art. 6 (1) (a) of the GDPR) and We have a legitimate interest to do that (to handle your queries) (Art. 6 (1) (f) of the GDPR) |
2 years from the moment your last inquiry was received. |
| 2.9 To contact you in case of unfinished order, or when your order or payment was not successfully processed due to technical errors. | First name, last name, email, telephone number, contents of the abandoned cart | We conclude and execute a contract with you (Art. 6 (1) (b) of the GDPR) and We have a legitimate interest to do that (to process orders and payments) (Art. 6 (1) (f) of the GDPR) |
1 month after unsuccessful purchase order is placed on the Website |
| 2.10 To protect our rights and interests in legal proceedings | Information listed under Paragraph 2.1 above, documents and attachments sent to you, documents and attachments submitted by you, procedural documents, court rulings, resolutions, decisions | We have a legitimate interest (to defend our rights in legal proceedings) (Art. 6 (1) (f) of the GDPR) | 10 years following the termination or your account with our website or, in case legal processes were initiated, following termination of such legal processes |
| 2.11 To protect our rights and interests in criminal proceedings | If a criminal case arises we can collect information about criminal offenses and convictions of the offender | Data is necessary for the establishment, exercise or defense of legal claims (Art. 9 (2) (f) of the GDPR) | 10 years following the termination or your account with our website or, in case legal processes were initiated, following termination of such legal processes |
Please refer to Section 2 above - you have to provide us with the information which we need to process your orders that you submit on the Website, as well as to handle your inquiries, requests, claims, etc. In case you do not provide us with this information, we will not be able to provide you services and handle your orders.
You have the right to request that we would not sell your personal data. Your request to opt-out from the sale oy our personal data will be effective for 12 months, after which we might ask you to opt-in to the sale of personal data.
You can opt-out from selling your personal data by emailing us at [email protected].
We will comply with your opt-out request within 15 business days from receiving your request.
We may refuse to stop selling your data if a sale is necessary for us to comply with legal obligations, exercise legal claims or rights, or defend legal claims, or if the personal information is related to certain medical information, the consumer credit reporting information, or other types of information exempt from the CCPA.
You have the right to request that we would disclose to you what personal information we have collected, used, shared, or sold about you, during the last 12 months of your inquiry. Specifically, you have the right to request disclosure of the following data related to you personally:
- The categories of personal information collected;
- Specific pieces of personal information collected;
- The categories of sources from which the business collected personal information;
- The purposes for which the business uses personal information;
- The categories of third parties with whom the business shares the personal information;
- The categories of information that the business sells or discloses to third parties.
You can provide your "Right to Know" request by emailing us at [email protected].
We will respond to your "Right to Know" request within 45 calendar days. If necessary, we have the right to extend our response deadline by another 45 days (90 days total) by notifying you about that.
We may refuse to accept your "Right to Know" request and not disclose your personal information, if:
- We are unable to verify your request;
- The request is manifestly unfounded or excessive, or we have already provided personal information to you more than twice in a 12-month period;
- We cannot disclose certain sensitive information, such as your social security number, financial account number, or account passwords, but we must tell you if we’re collecting that type of information;
- Disclosure would restrict our ability to comply with legal obligations, exercise legal claims or rights, or defend legal claims;
- If the personal information is certain medical information, consumer credit reporting information, or other types of information exempt from the CCPA;
- For other reasons specified in Civil Code section 1798.145.
You may request that we would delete your personal information that we have collected from you and tell our service providers to do the same. However, many exceptions allow us to keep your personal information.
You can provide your request to delete your information by emailing us at [email protected].
We will respond to your "Right to Know" request within 45 calendar days. If necessary, we have the right to extend our response deadline by another 45 days (90 days total) by notifying you about that.
We may refuse to accept your "Right to Know" request and not disclose your personal information, if:
- We are unable to verify your request;
- The request is manifestly unfounded or excessive, or we have already provided personal information to you more than twice in a 12-month period;
- We cannot disclose certain sensitive information, such as your social security number, financial account number, or account passwords, but we must tell you if we’re collecting that type of information;
- Disclosure would restrict our ability to comply with legal obligations, exercise legal claims or rights, or defend legal claims;
- If the personal information is certain medical information, consumer credit reporting information, or other types of information exempt from the CCPA;
- For other reasons specified in Civil Code section 1798.145.
We will not discriminate against you for exercising your rights under the CCPA. We will not deny you our goods or services, charge you different prices or rates, or provide you a lower quality of goods and services only because you are a California resident or if you exercise your rights under the CCPA.
Whenever we receive your request under the provisions of this Section 8 above, we will have to verify your identity to determine if the request is provided by the consumer about whom we have personal information and to determine that you are a Californian resident.
Accordingly, we might ask you for additional information for verification purposes and we would use such information for this verification purpose only.
| Cookie name | Cookie purpose | Cookie expiry |
| Stored Cookies | ||
| _fbp | Advertisement cookie. This cookie is set by Facebook to display advertisements when either on Facebook or on a digital platform powered by Facebook advertising, after visiting the website. | 3 months |
| fr | Advertisement cookie. Facebook sets this cookie to show relevant advertisements to users by tracking user behaviour across the web, on sites that have Facebook pixel or Facebook social plugin. | 3 months |
| _vwo_uuid_v2 | Analytical cookie. This cookie is set by Visual Website Optimiser and calculates unique traffic on a website. | 1 year |
| _vis_opt_s | Analytical cookie. Visual Website Optimiser sets this cookie to track the session created for a visitor, i.e., the number of times the browser was closed and reopened. | 3 months 8 days |
| _ga | Analytical cookie. The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors. | 2 years |
| omnisendAnonymousID | Analytical cookie. This cookie is set by the provider Omnisend. This cookie is used for storing the user action on the website with a unique ID. The cookie encrypts the visitor data for the security of user data. | 1 year |
| _hjSessionUser_ | Statistics cookie. Hotjar cookie that is set when a user first lands on a page with the Hotjar script. It is used to persist the Hotjar User ID, unique to that site on the browser. This ensures that behavior in subsequent visits to the same site will be attributed to the same user ID. | 1 year |
| _vwo_uuid | Performance cookie. Visual Website Optimizer sets this cookie to generate a unique id for every visitor and for its report segmentation feature. The cookie also allows to view data in a more refined manner. | 10 years |
| Session Cookies | ||
| soundestID | Analytical cookie. This cookie is set by the provider Omnisend. This cookie is used for determining if a visitor is new to the website or the visitor had visited before. | session |
| omnisendSessionID | Analytical cookie. This cookie is set by the provider Omnisend. This cookie is used for setting a unique ID for the session. The cookie collects information on visitor behaviour on the website for statistical purposes. | 30 minutes |
| _hjFirstSeen | Analytical cookie. Hotjar sets this cookie to identify a new user’s first session. It stores a true/false value, indicating whether it was the first time Hotjar saw this user. | 30 minutes |
| _hjIncludedInSessionSample | Analytical cookie. Hotjar sets this cookie to know whether a user is included in the data sampling defined by the site's daily session limit. | 2 minutes |
| _hjIncludedInPageviewSample | Analytical cookie. Hotjar sets this cookie to know whether a user is included in the data sampling defined by the site's pageview limit. | 2 minutes |
| _hjAbsoluteSessionInProgress | Analytical cookie. Hotjar sets this cookie to detect the first pageview session of a user. This is a True/False flag set by the cookie. | 30 minutes |
| _gat_UA | Analytical cookie. A variation of the _gat cookie set by Google Analytics and Google Tag Manager to allow website owners to track visitor behaviour and measure site performance. The pattern element in the name contains the unique identity number of the account or website it relates to. | 1 minute |
| _vis_opt_test_cookie | Functional cookie. Visual Website Optimiser sets this cookie to detect if cookies are enabled on the browser of the user or not. | session |
| _hjSession_ | Statistics cookie. Hotjar cookie that is set when a user first lands on a page with the Hotjar script. It is used to persist the Hotjar User ID, unique to that site on the browser. This ensures that behavior in subsequent visits to the same site will be attributed to the same user ID. | 30 minutes |
| soundest-views | Functional cookie. Omnisend cookies are designed to enable the site to provide services and ensure their proper functioning | Session |
| _vwo_sn | Performance cookie. This cookie stores session-level information. | 30 minutes |
We reserve the right to modify this privacy policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website. If we make material changes to this policy, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we use and/or disclose it. If our store is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.
If you have any questions, inquiries, requests, or complaints regarding our use of your personal information, please contact our customer support at [email protected]
PO box for CORRESPONDENCE ONLY:
VitaHero
307 W 38th St, 16th Floor PMB 235, New York, NY 10018, USA
® Vitahero All rights reserved.
