Privacy Policy

Last Updated: October 17, 2024

Please read this “Privacy Notice” carefully. This Privacy Notice describes the data collection, use, protection, and privacy practices of Humble Brands, Inc. (hereinafter, “we”, “our” or “us”) in connection with our products, services, and business.  If you have any questions regarding this Privacy Notice and/or our data practices, please Contact Us.

By visiting, accessing, or using the Site (as defined in Section 1 below – Humble Brands Services and Scope of Privacy Notice) and/or purchasing the Products through the Site, you acknowledge and agree that you have received and reviewed this Privacy Notice.  We may update this Privacy Notice as described in Section 2 below - Changes to this Privacy Notice.

Please also review the applicable Terms & Conditions, which also apply to the use of our Site and/or purchase of the Products through the Site. Terms that are defined in the Terms & Conditions have the same meaning in this Privacy Notice unless this Privacy Notice specifies differently.

If you're a resident of California or Nevada or visiting us from the European Economic Area ("EEA"), Switzerland, United Kingdom (“UK”), or other Non-U.S. Territory, you should read the applicable sections below for specific rights applicable to residents of California, Nevada, and Europe and other Non-U.S. Territories, as well as the California Privacy Policy.

TABLE OF CONTENTS

  1. Humble Brands Site, Products, and Scope of Privacy Notice
  2. Changes to this Privacy Notice
  3. Information We Collect
  4. Cookie & Similar Technologies; Targeted Advertising
  5. Payment Processors
  6. Children’s Privacy
  7. Sensitive Data
  8. Humble Brands Purposes for Processing
  9. Sharing Personal Data
  10. Marketing Communications
  11. Your Choices
  12. Data Retention
  13. Data Security and Protection
  14. Third Party Social Media Plug-Ins
  15. External Websites
  16. Notice to California Residents – Shine the Light Disclosures
  17. Notice to Nevada Residents
  18. Notice to European and Non-U.S. Residents
  19. International Transfers
  20. How to Contact Us

1.      HUMBLE BRANDS SITE, PRODUCTS, AND SCOPE OF PRIVACY NOTICE

Humble Brands Site and Products

Humble Brands owns, operates, and provides our websites located at https://humblebrands.com/, their subdomains, and any other websites that include an authorized link to this Privacy Notice (collectively, the “Site”), through which customers may purchase Humble Brands personal care products and other Humble Brands goods made available for purchase through the Site (the “Products”).

Scope of this Privacy Notice

This Privacy Notice applies to personal data that may be collected, received, and processed by us relating to:

  • Visitors” browsing or using our Site, including those who sign up for marketing or newsletter communications, or who interact with us through any pages or feeds of our accounts on any social media sites or platforms, such as through LinkedIn, Twitter, and/or any Meta platforms (“Social Media Platforms”).
  • Customers” who purchase Products through the Site and who may register an account with us to purchase Products through the Site.

The term “personal data” means any information about an individual from which that person may be identified. For example, it may include a person’s name, telephone number, email address, IP Address, or other unique identifiers. It does not include data from which the identity of an individual has been definitively removed along with any identifiers connected to such individual (also known as anonymous or anonymized data).

2.      CHANGES TO THIS PRIVACY NOTICE

Humble Brands reserves the right to update or modify this Privacy Notice at any time.  Except for material changes as described below in this Section, all updates and modifications to this Privacy Notice will be effective from the day they are posted online at https://humblebrands.com/pages/privacy-policy.  If we make any material changes to this Privacy Notice, we will provide you with reasonable notice prior to such change taking effect by sending a notification to the email address we have on file for you, and may also post a prominent notice of any such changes on our Site.  Material changes to this Privacy Notice will become effective on the date set forth in the notice, and all other changes will become effective from the day they are posted on our Site.  It is your responsibility to regularly visit and review this Privacy Notice.

If you do not agree to any updates or modifications to the Privacy Notice, cease all use of the Site.  Continued use of the Site by you after the applicable effective date of the revised Privacy Notice, signifies to us that you acknowledge and agree to be bound by the revised Privacy Notice.

3.      INFORMATION WE COLLECT

We collect information provided directly by Visitors and Customers, as explained in the Section Information Provided Directly by Visitors and Customers, and in certain circumstances, we automatically collect certain information when accessing or using the Site as explained in the Section Information Collected Automatically.  In addition, we may receive personal data from third party sources as described in the Section Information Collected from Third Party Sources.

a.      Information Provided Directly by Visitors and Customers

The personal data we collect in connection with the use of the Site depends on how and why you use the Site.  For example, the information that we may process about Visitors is more limited than the information we may process if you are a Customer.  Note that you may choose not to provide personal data directly to us or to not use the Site. However, some personal data is necessary so that we can (i) provide you with access to certain features of the Site, (ii) enable you to purchase Products through the Site, and/or (iii) facilitate the shipment and/or delivery of Products you purchase through the Site. Failure to provide this information may prevent us from providing you with access to our Site and/or the ability to purchase the Products on the Site and receive such purchased Products.

  • Contact Information: We may collect contact information, such as, your first and last name, phone number, email address, social media handles/URLs (solely for the Humble Brands influencer partnership program), and/or mailing address when you register an account to use the Site (an “Account”), apply to join our Humble Brands influencer partnership program, and/or sign-up to receive our marketing communications and/or newsletters.
  • Login Credentials: When you login to your Account as a registered user, we collect your username, password, and/or other login credentials.
  • User Submissions, Surveys, Feedback, Communications & Support. We collect the messages, comments, public profile information associated with your reviews and/or comments, photos, video, audio, images, data, information, text, and/or any other content or materials that you submit, upload, generate, and/or transmit through the Site or otherwise provide to us in connection with your use of the Site (collectively, “Submissions”).  For example, Submissions include any Product reviews you post to the Site and any Submissions provided when you fill out forms, answer surveys or quizzes, or contact us, such as your feedback, requests for support, or other communications (whether by email, phone, or through our chatbot).
  • Payment Transaction Information: If you purchase our Products through the Site, we may collect certain limited payment information (for example, partial payment or credit card information, and limited transaction information like the date of purchase).  Humble Brands does not directly collect or store any payment information.  Payment information (including the limited information we receive described here), is collected and processed by our third-party payment processors.  For more information, please see the Payment Processors section of this Privacy Notice.
  • Purchase History: We collect information regarding your purchase history of Products on or through the Site, including those purchased, obtained, or considered.
  • Usage Data: We collect Usage Data as described below in the Section titled Information Collected Automatically.

Please be advised that we may ask you to update your information from time to time in order to keep it accurate.  Additionally, if you provide personal data to us about someone else, you must ensure that you are entitled to disclose that information to us and, without us having to take any further steps required by data protection laws, that we may collect, use, and disclose such information for the purposes described in this Privacy Notice. For example, you should ensure the individual concerned is aware of the terms detailed in this Privacy Notice and that they have consented to you sharing their information with us.

b.      Information Collected Automatically

When you visit, use, or interact with the Site, we may receive the following information about your visit, use, or interactions (collectively, “Usage Data”). Typically, this data is transmitted and collected automatically (without action by you) using cookies and similar technologies as described in Section 4 below.

  • Log Data: Information that your browser or device automatically sends when you use our Site.  Log data includes your Internet Protocol address, browser type and settings, the date and time of your request, and how you interact with our Site.
  • Usage and Analytics: Information and analytics about your use of the Site, such as the types of content that you view or engage with, the types of Products you view, purchase, and/or return, the features you use and the actions you take, non-identifiable request IDs, statistics associated with the interaction between your device or browser and the Site, as well as your time zone, country, the dates and times of access, user agent and version, type of computer or mobile device, your computer connection, searches and other actions you take, websites, apps, and/or ads that referred you to the website, and advertising and language preferences.
  • Device Information: Information regarding the device used to access the Site, which may depend on the type of device you use and its settings, but generally includes, name of the device, operating system, system configuration information, device identifiers, and browser you are using.
  • Approximate Location Data: We may collect your approximate location (city and state) based on your IP address.

c.      Information Collected from Third Party Sources

In some instances, we process personal data from third parties, which consists of:

  • Service Providers: We receive information from third party service providers as described in Section 9.a below (“Service Providers”), that help us in the operation, provision, administration, and management of the Site, such as our hosting service providers, rewards program administrators, survey or quiz administrators, customer support providers, and our analytics providers.
  • Social Media Networks: If you interact with us through any Social Media Platforms, we may collect information such as your name, username, demographic information, contact information (such as email address, location, interests), and publicly posted data such as your social media activity.

d.      Aggregated or De-Identified Data

With the personal information and other data (including, Usage Data) collected by us, we may aggregate or de-identify such data and information so that it can no longer be used to identify you.  We use this information to analyze the effectiveness of the Site, to improve our Products and/or Site, to add features to our Site, to conduct research and for other similar purposes. In addition, from time to time, we may share or publish aggregated information like general user statistics with third parties.  We collect this information through the Site, through cookies, and through other means described in this Privacy Notice. We will maintain and use de-identified information in anonymous or de-identified form, and we will not attempt to re-identify the information, unless required by law.

4.      COOKIES & SIMILAR TECHNOLOGIES; TARGETED ADVERTISING

We or authorized third parties or agents may collect certain information by automated means using cookies and/or similar technologies, such as web beacons, embedded scripts, pixels, and browser analysis tools (collectively, “Cookies”). Cookies collect information such as Usage Data.

We may also use third party advertising partners (e.g., Google, Bing, and Meta) who use targeting/advertising Cookies and similar technologies to deliver advertisements that are more relevant to you and your interests and/or advertise the Humble Brands Products. These cookies and similar technologies are typically used to limit the number of times you see an advertisement as well as help measure the effectiveness of the advertising campaigns. They are usually placed by advertising networks with the website operator’s permission. They remember that you have visited a website, and this information is shared with other organizations such as advertisers. We will update and notify you of any future changes in the use of targeted advertising in accordance with this Privacy Notice.

For more information on our use of Cookies, please see our Cookie Policy.

5.      PAYMENT PROCESSORS

Humble Brands does not directly collect or store your payment information. If you make payments to us via credit card, the credit card payment information accessible by us only includes partial payment or credit card information, and limited transaction information via our payment processors’ portals. We use third-party, PCI-compliant payment processors to collect and process payments on our behalf, currently Shop Pay, PayPal, and Google Pay. Your full credit card information is processed by our payment processors, and our payment processors may provide us with limited information to confirm the transaction. Information collected by these third-party payment processors is governed by the applicable third-party payment processor’s privacy policy. You should review the applicable privacy policies (currently located at Shop Pay: https://www.shopify.com/legal/privacy/; PayPal: https://www.paypal.com/us/legalhub/privacy-full; and Google Pay: https://policies.google.com/privacy) prior to submitting any information to the applicable third-party payment processors.

6.      CHILDREN’S PRIVACY

Humble Brands does not target the Site and/or the purchase of Products through the Site to persons under the age of 18, nor does Humble Brands knowingly collect personal data of persons under the age of 18.  Therefore, we ask you not to provide us with personal data of persons under the age of 18.  If we learn that personal data of persons under the age of 18 has been collected on or through the Site, then we may deactivate the account or otherwise terminate access to the Site and/or make the information inaccessible.

7.      SENSITIVE DATA

Humble Brands does not require you to provide any sensitive data about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, health and genetics, or biometric data to use the Site and/or to purchase Products through the Site.

8.      HUMBLE BRANDS PURPOSES FOR PROCESSING

Depending on whether you are a Visitor or Customer, and how you use or interact with the Site, Humble Brands processes personal data for the following purposes:

Providing, Customizing and Improving our Products and Site

  • To host the Site
  • To provide the Site to our Customers and Visitors and enable Customers to purchase Products through the Site, and related support and assistance.
  • To facilitate the shipment and/or delivery of the Products.
  • To create and manage Accounts or other user profiles.
  • To meet or fulfill the reason you provided the information to us, including to provide you with the Products you purchase or information you request.
  • To process orders or other transactions and for billing purposes.
  • To update and/or improve the Products and to maintain, debug, enable, upgrade, update, improve, and/or enhance the Site, and develop new features, functionality, and/or other products and services.
  • To conduct analytics related to the Site and/or purchase of Products through the Site, such as to understand how the Site is being used, the types of Products being purchased, and where improvements may be needed.
  • To personalize our Site, content on our Site, and communications, such as remembering your information so that you will not have to re-enter it during your visit or the next time you visit the Site.
  • To detect any fraudulent or illegal activity against Humble Brands, you, and our other users and for security purposes.
  • To contact you if you have applied for the Humble Brands influencer partnership program or if you are part of such program, and to provide payments that may be owed to you under the influencer partnership program.

Marketing our Products and Services

  • To provide customized advertisements, content, and information regarding our Products, where and as permitted under applicable law.
  • Deliver direct marketing communications to you regarding our products and services that we may think are of interest to you.

Communicating with Users

  • Respond to your queries and requests, or otherwise communicate directly with you.
  • To keep you updated about changes to policies related to the Site and/or purchase of Products through the Site (including this Privacy Notice).
  • To send emails and other communications according to your preferences.

Meeting Legal Requirements and Enforcing Legal Terms (as further described below in Legal Obligations and Security)

  • To comply with a legal or regulatory obligation (for example, keeping records of our sales for tax compliance) and investigating security incidents.
  • Protecting the rights, property, or safety of you, Humble Brands, or another party.
  • To respond to regulatory bodies when legally required (for example, responding to a valid court order).
  • To enforce our rights under our contracts and agreements.

9.      SHARING PERSONAL DATA

Aside from disclosing your information to those of our employees, contractors, and agents who are committed to confidentiality and who are authorized to process the information in order to provide the Site and/or facilitate your purchase of Products through the Site, or the delivery thereof, we disclose your personal data only to the third parties as described below.

a.      Service Providers

We share personal data with our Service Providers that help us (i) in the operation, provision, administration, and management of the Site, (ii) facilitate purchase transactions for the Products made through the Site, and/or (iii) to otherwise operate our business.  Depending on how you use the Site, the following categories of third parties collect or receive personal data on our behalf as our Service Providers:

  • Hosting and technology providers;
  • Internet Service providers;
  • Analytics providers;
  • Marketing agencies that assist with our direct email and advertising;
  • Payment processing providers;
  • Providers of business operations and communication tools;
  • Products fulfillment and delivery providers;
  • Other third-party service providers that help us provide features and functions for the Site, respond to questions or concerns, and improve our products and the Site (e.g., customer support providers, rewards program administrators, and/or survey or quiz administrators), and
  • Professional service providers, such as auditors, lawyers, consultants, accountants, and insurers.

For a list of all Service Providers we use, please contact us via email at hello@humblebrands.com. We require all Service Providers to respect the security of your personal data and to treat it in accordance with the law.

b.      To Third Parties at Your Request or Authorization

If you request or direct us to share your information, including, through any share, send, or similar functionality available via the Site, with third parties, we will share your information with such third parties.

Note that the third parties described in this Section with whom you choose to share your information are not our service providers, and if you choose to share your information with those third parties, they may use your personal information differently than we do, and we do not control their use of your information.

Please make your choice to share your information carefully and review the privacy notices of all other third parties you decide to share your information with, if applicable.  Humble Brands will not be able to contain or retrieve personal information once it has been shared or disclosed, and Humble Brands will have no responsibility or liability for any consequences that may result because you have released or shared personal information with others.

c.      Business Transfers

We may also share data with third parties to whom we choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this Privacy Notice.

d.      Affiliates and Subsidiaries

Personal data that we collect about you may be shared with the employees, contractors, and agents of Humble Brands and our affiliated and subsidiary entities (“Affiliates”) who are involved in providing or improving the Site that we offer to you and/or facilitating purchases of the Products through the Site. We obligate the employees, contractors, and agents of Humble Brands and our Affiliates to ensure the security and confidentiality of your personal data and to act on that personal data only in a manner consistent with this Privacy Notice.

e.     With Other Users

    When you share personal information or otherwise interact in or post to the public areas of the Site, such information may be viewed by all users and may be publicly distributed outside. If you interact with other users or otherwise post to the public areas of the Site, other users will be able to view and respond to your public Submissions.

     

    f.       Legal Obligations and Security

    Regulatory and Government Bodies – Compliance with Law

    We may disclose your information to regulatory agencies and official government bodies, as required to comply with or satisfy any laws, rules, or regulations applicable to Humble Brands.

    Required Disclosures – Responding to Legal Orders

    If we are required to disclose personal data by law, such as pursuant to a subpoena, warrant, or other judicial or administrative order, our policy is to respond to requests that are properly issued by law enforcement within the United States. Under such circumstances, unless prohibited by applicable law, we will attempt to provide you with prior notice that a request for your personal data has been made in order to give you an opportunity to object to the disclosure.  We will attempt to provide this notice by email, if you have given us an email address. However, government requests may include a court-granted non-disclosure order, which prohibits us from giving notice to the affected individual.  In cases where we receive a non-disclosure order, we will notify you when it has expired or once we are authorized to do so.

    Exigent Circumstances & Enforcement/Protection of Our Rights

    Your information, including the contents of all of your online communications in our Site and between you and Humble Brands may be accessed and monitored as needed to provide our Site and/or the purchase of Products through the Site, and may be disclosed to law enforcement, regulatory agencies, official government bodies, and other third parties, as we, in our sole discretion, believe necessary or appropriate:

    • To enforce our rights under our Terms & Conditions, and any other terms of use, terms of service, customer agreements and/or any other terms and conditions applicable to the use of the Site;
    • In connection with an investigation of fraud, intellectual property infringement, piracy or other unlawful activity or activity that may expose us or our affiliates, partners, and/or agents to legal liability; and/or
    • If we receive information that provides us with a good faith belief that there is an exigent emergency involving the danger of death or serious physical injury to a person.

    g.      With Your Consent

    There may be situations where you are asked to consent to share personal data with third parties for additional reasons not included in this Privacy Notice.  In such event, we will only share such personal data if we have received your prior consent and only for the purposes listed in the request to share such information.

    Except where otherwise required by applicable law, your consent for the use and/or disclosure of your personal data in specific situations will continue in full force and effect until you revoke that consent, which you may do by contacting us via email at hello@humblebrands.com.  For the avoidance of doubt, the revocation of consent shall only apply to the use the information after our receipt and processing of such request (which we shall process promptly and in accordance with applicable law), and not to any use or disclosure prior to such revocation in compliance with your consent.

    10.   MARKETING COMMUNICATIONS

    If you have opted in to receive direct marketing emails or SMS marketing communications from us, we may use your personal data to send you marketing information about the Humble Brands business, our Products and/or Site, new product releases, improvements to the Products, new feature releases of the Site, and/or other products and services, that we think may interest you.  We carry out direct marketing by email, SMS messages, and may also do so by physical mail.

    If you no longer wish to receive marketing communications, you have the right at any time to opt out as further explained in Your Choices.

    11.   YOUR CHOICES

    a.      Accessing, Updating, and Correcting Personal Data

    If you would like to access, update, and correct personal data, please contact us via email at hello@humblebrands.com, and we will use reasonable efforts to correct and/or update such information.

    b.      Direct Marketing

    You may manage the receipt of marketing and non-transactional communications sent by email by clicking on the “unsubscribe” link located on the bottom of any of our marketing e-mails. To stop receiving SMS marketing communications from Humble Brands, you can opt out at any time by responding with the opt-out notice indicated in the SMS communication.

    We will use commercially reasonable efforts to process such requests in a timely manner.  Note that you cannot opt out of receiving transactional e-mails or communications related to the Site and/or your purchase of Products through the Site (e.g., requests for support), which, for clarification, are not marketing communications. If you opt-out of receiving marketing text messages, we will still send you transactional text messages, such as for responses to your requests or communications about your account.

    c.      Cookies, Analytics, & Targeted Advertising

    You can manage your cookie and tracking preferences as described in our Cookie Policy.

    d.      Additional Rights for Non-U.S. Residents

    If you are visiting from the EEA, Switzerland, or UK, or from another territory outside the U.S., you may have additional rights you can exercise as described here.

    12.   DATA RETENTION

    Personal data is processed for the period necessary to fulfill the purposes for which it is collected, to comply with legal and regulatory obligations and for the duration of any period necessary to establish, exercise or defend any legal rights.

    Typically, we retain personal data about you for as long as you have an open Account with us or as otherwise necessary to provide you with our Site and/or to enable your purchase of Products through the Site.  In some cases, we retain personal data for longer, if doing so is necessary to comply with our legal obligations, resolve disputes or collect fees owed, or is otherwise permitted or required by applicable law, rule, or regulation. We retain user device and IP address data for as long as we need to ensure that our systems are working appropriately, effectively, and efficiently.

    In order to determine the most appropriate retention periods for your personal data, we consider the amount, nature, and sensitivity of your information, the reasons for which we collect and process your personal data, and applicable legal requirements.

    In some instances, we may choose to anonymize personal data instead of deleting it. When we choose to anonymize, we make sure that there is no way that the personal data can be linked back to any specific individual.

    13.   DATA SECURITY AND PROTECTION

    We have put in place reasonable and appropriate security measures designed to prevent your personal data from being accidentally lost, altered, disclosed, used, or accessed in an unauthorized way. For example, we may use encryption, firewalls, and password protection. In addition, we limit access to personal data to those employees, agents, contractors, and the third parties who have a business need-to-know.  We also have procedures in place to deal with any suspected data security breach.

    However, no method of transmission over the Internet, or method of electronic storage, is 100% secure, and while we take reasonable steps to provide secure services, by using the Site, you understand and assume the risks associated with your activities on the internet.

    Additionally, we cannot control the actions of other users with whom you may choose to share your information. Further, even after information posted on the Site is removed, caching and archiving services may have saved that information, and other users or third parties may have copied or stored the information available on the Site. To the fullest extent permitted under applicable law, we cannot and do not guarantee that information you post on or transmit to the Site will not be viewed by unauthorized persons.

    14.   THIRD PARTY SOCIAL MEDIA PLUG-INS

    On or through the Site we may provide third-party “share” buttons which enable you to share certain content via social media sites (e.g., Facebook, Twitter, Instagram, YouTube, and LinkedIn).  These “share” buttons may function as web beacons when you interact with the button.  Please note that when you “share” using the buttons, you may send to the third party provider of the “share” button the information that you are viewing.  If you are not logged into your account with the third party provider, then the third party may not know your identity.  If you are logged in to your account with the third party, then the third party may be able to link information or actions about your interactions with the Site to your account with the applicable third party provider. Please refer to each third party’s privacy policies to learn more about its data practices.

    15.   EXTERNAL WEBSITES

    On or through the Site we may provide or make available, for informational purposes only, links to other websites or resources with which we do not have a contractual relationship and over which we do not have control (“External Websites”).  Such links do not constitute an endorsement by Humble Brands of those External Websites, and are provided to you only as a convenience. By clicking on links to External Websites, the operators of the External Websites may collect your personal data. We are not responsible for the content or data collection practices of those External Websites, and your use of External Websites is subject to their respective terms of use and privacy policies.

    16.   NOTICE TO CALIFORNIA RESIDENTS - SHINE THE LIGHT DISCLOSURE

    California residents who have provided us with personal data have the right (under California Civil Code§ 1798.83) to request and obtain from us, once each year, the details of any personal data we shared with a third party for that third party’s direct marketing purposes during the prior calendar year. The details would include the categories of personal data and the names and addresses of the third party with which it was shared.

    To request information about this sharing, you may submit a request via email to hello@humblebrands.com with "Your California Privacy Rights" in the subject line, along with your first and last name, and complete mailing address (including street address, city, state, and zip code).

    17.   NOTICE TO NEVADA RESIDENTS

    Under Nevada law, Nevada “consumers” (individuals who are seeking or acquiring goods/services for personal, family, or household purposes) may opt out of the sale of covered personal information.

    Humble Brands does not currently sell covered information of Nevada consumers as defined under applicable Nevada law.

    You may submit an opt-out request by sending your request to hello@humblebrands.com along with your full name, complete mailing address (including street address, city, state, and zip code), email address (so that we can contact you, if needed, in connection with the request) and confirmation that you are a Nevada resident.

    18.   NOTICE TO EUROPEAN AND NON-U.S. RESIDENTS

    This notice supplements the information provided in this Privacy Notice to address certain disclosures under the General Data Protection Regulation (EU) 2016/679 ("GDPR") and other similar comprehensive data protection law and applies only to individuals who are within the scope of this Privacy Notice and located in the EEA, UK, Switzerland, or another country with a similar comprehensive data protection law.

    For the purposes of the GDPR and relevant local data protection laws, Humble Brands is (a) the data controller of personal information about Customers and Visitors.  Personal Data as used in this Notice to European Residents means “personal data,” as defined in Article 4(1) of the GDPR or the relevant section of the local data protection laws.  If you have any questions about how we process your personal data, or to exercise your data protection rights please contact us using the methods provided in the “Contact Us” section of this Privacy Notice below.

    a.    Our Legal Basis for Processing. Generally, we process your personal data for one or more of the following legal bases:

      • Performance of a Contract: In order to provide the Site and fulfill our obligations under the contract we are about to enter into or have entered into with you. This may also include disclosure to the third parties who help us perform our obligations to you in connection with your purchase of the Products through the Site (including delivery and receipt thereof) and/or use of the Site, such as hosting providers, product fulfillment and delivery providers, and payment processors.
      • Legitimate Interests: When it is reasonably necessary to achieve our legitimate business interests (or those of a third party), and your interests and fundamental rights do not override those interests. For example, for security purposes and protection against fraud.
      • Legal Obligations: Where we need to comply with a legal or regulatory obligation.  For example, keeping records of our sales for tax compliance.
      • Vital Interests: Where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, situations involving potential threats to the safety of any person and illegal activities, or as evidence in litigation in which we are involved.
      • Consent: Where you have given us specific consent to use your personal data for a specific purpose. Please note that for this specific legal basis, you have the right to withdraw your consent at any time.
      b.     Data Subject Rights
      Depending on your country of residence, your rights may include.
      • The right to be informed – that’s an obligation on us to inform you how we use your personal data (and that’s what we’re doing in this Privacy Notice);
      • The right of access – that’s a right to make what’s known as a ‘data subject access request’ for a copy of the personal data we hold about you;
      • The right to rectification – that’s a right to request that we correct personal data about you that may be incomplete or inaccurate (though we generally recommend first making any changes in your Account if you have one);
      • The right to erasure (also known as the ‘right to be forgotten’) – that’s where in certain circumstances you can ask us to delete the personal data we have about you (unless there’s an overriding legal reason we need to keep it);
      • The right to restrict processing – that’s a right for you, in certain circumstances, to ask us to suspend processing personal data;
      • The right to data portability – that’s a right for you to ask us for a copy of your personal data in a common format (for example, a .csv file);
      • The right to object – that’s a right for you to object to us processing your personal data (for example, if you object to us processing your data for direct marketing);
      • Rights in relation to automated decision-making and profiling – that’s a right you have for us to be transparent about any profiling we do, or any automated decision-making;
      • Withdraw consent—that’s the right to revoke any consent you may have previously given us at any time, if we have collected and processed your personal data with your consent. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal data conducted in reliance on lawful processing grounds other than consent; and
      • File a complaint—that’s the right to file a complaint with a supervisory authority about our collection and processing of your personal data.
      c.     Exercising Your Rights

        These rights are subject to certain rules around when you can exercise them. If you wish to exercise any of the rights set out above, please contact us.

        You will not have to pay a fee to access your personal data (or to exercise any of the other rights) unless your request is clearly unfounded, repetitive, or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

        We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.

        We will respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated as required by law.

        If you no longer wish to receive our marketing/promotional information, you may opt out as described in the Your Choices section above.

        Finally, you have the right to make a complaint at any time to the supervisory authority for data protection issues in your country of residence. We would, however, appreciate the chance to deal with your concerns before you approach the supervisory authority, so please contact us first.

        19.   INTERNATIONAL TRANSFERS

        Humble Brands is based in the United States. The personal data that we process is stored, hosted, and processed on servers located in the United States.  Additionally, Humble Brands may transfer the personal information that we process to the third parties described above. These recipients may be situated outside of your country or regional area of residence and may process personal information outside of your country or regional area. In particular, information provided to us or collected by us likely will be transferred to and processed in the United States by us or our Affiliates and our respective agents and contractors. The data protection laws of the United States or other countries may not be as comprehensive or equivalent to those in your country of residence.

        We rely on legally-provided mechanisms to transfer personal information across borders where and as required under applicable law.

        20.   HOW TO CONTACT US

        General Questions; Data Subject Requests:  If you have any questions about this Privacy Notice, including any requests to exercise your legal rights, please contact us as follows:

        By email:             hello@humblebrands.com; Subject Line: Privacy Request

        By mail:                Humble Brands, Inc.

                                     Attn: Humble Brands Privacy Request

        1336 Gusdorf Road

        Taos, NM 87571

        California Privacy Policy

        The following disclosures are made pursuant to the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (together the “CCPA”). This California Privacy Policy supplements any other privacy notices provided by Humble Brands. It applies solely to residents of California.

        Collection and Disclosure of Personal Information

        The below chart reflects the categories of personal information we have collected from California consumers over the past twelve months, the categories of sources from which the information was collected, the business or commercial purpose for which the information was collected, and the categories of third parties with whom we have shared that information.

         

        Categories of Personal Information Collected

        Sources of Collection

        Business/Commercial Purpose for Collection

        Categories of Third Parties Receiving Personal Information

         Personal identifiers including your name, address, phone number, email address.

         

        -   You.

        -   Data analytics providers.

        -   Advertising networks.

        -   Social Media Platforms (if you interact with us through any Social Media Platforms).

        -   Service providers (e.g., customer support providers, reward program administrators, and/or survey or quiz administrators)

         

        -   To provide our Site and enable purchase of Products through our Site, and to provide related support and assistance.

        -   To communicate with you (including, without limitation, regarding any changes to policies related to the Site and/or purchase of Products through the Site).

        -   To establish an account with us.

        -   To facilitate and fulfill shipment and delivery of the Products.

        -   To provide you with information about
        products and services that may be of
        interest to you.

        -   Marketing and personalization.

        -   To improve our products and services.

        -   To meet or fulfill the reason you provided the information to us, including to provide you with the information you request.

        -   To process orders or other transactions and for billing purposes.

        -   To protect and secure our environment.

        -   To contact you if you have applied for the Humble Brands influencer partnership program.

         

        -   Affiliates.

        -   Data analytics providers.

        -   Marketing services providers.

        -   Payment processors.

        -   Service providers, such as customer support providers, rewards program administrators, and/or survey or quiz administrators.

        -   Law enforcement, government agencies, and other entities where disclosure is deemed reasonably necessary to comply with law, cooperate with lawful investigations, participate in government programs, obtain government benefits, or protect the rights, property, or safety of you, us, or others.

         

        Financial information including partial credit card number, debit card number, or other financial information.

         

        -   You.

        -   Payment Processors.

         

        -   To process orders or other transactions and for billing purposes.

        -    Affiliates.

        -   Law enforcement, government agencies, and other entities where disclosure is deemed reasonably necessary to comply with law, cooperate with lawful investigations, participate in government programs, obtain government benefits, or protect the rights, property, or safety of you, us, or others.

         

        Internet and other network activity information including online identifiers such as your IP address or device identifier, browsing history, search history, and information about your interactions with the Site or advertisements and/or purchase of Products through the Site.

         

        -   You.

        -   Site analytics service providers.

        -   Devices and platforms you use to access our online services.

         

        -   To conduct analytics related to the Site and/or purchase of Products through the Site.

        -   Improve Site performance and functionality.

        -   To prevent, detect, and investigate fraud or other security incidents.

        -   To provide you with information about our products and services that may be of interest to you.

        -   To provide our products and services.

        -   Affiliates.

        -   Data analytics providers.

        -   Marketing services providers.

        -   Service providers, such as data storage providers.

        -   Law enforcement, government agencies, and other entities where disclosure is deemed reasonably necessary to comply with law, cooperate with lawful investigations, participate in government programs, obtain government benefits, or protect the rights, property, or safety of you, us, or others.

         

        Purchasing history and tendencies including Products purchased, obtained, or considered.

         

        -   You.

         

        -   To provide you with information about our products and services that may be of interest to you.

        -   To improve our products and services.

         

        -   Affiliates.

        -   Data analytics providers.

        -   Marketing services providers.

        -   Service providers, such as data storage providers and fulfillment services.

        -   Law enforcement, government agencies, and other entities where disclosure is deemed reasonably necessary to comply with law, cooperate with lawful investigations, participate in government programs, obtain government benefits, or protect the rights, property, or safety of you, us, or others.

         

        Information reflecting your preferences, characteristics, predispositions, behavior, attitude, and any other inferences drawn from your personal information.

         

         

        -   You.

        -   Devices and platforms you use to access our online or connected services.

         

        -   Improve our products and services.

        -   To provide you with information about our products and services that may be of interest to you.

        -   Affiliates.

        -   Data analytics providers.

        -   Marketing services providers.

         

        Sensitive Personal Informationaccount usernames and passwords

         -You

        [Insert any other relevant sources, e.g., if you allow SSO through social media accounts]

        -   To enable purchase of Products through our Site, and to provide related support and assistance.

        -   To communicate with you (including, without limitation, regarding any changes to policies related to the Site and/or purchase of Products through the Site).

        -   To establish an account with us.

        -   To facilitate and fulfill shipment and delivery of the Products.

        -   To provide you with information about
        products and services that may be of
        interest to you.

        -   Marketing and personalization.

        -   To improve our products and services.

        -   To meet or fulfill the reason you provided the information to us, including to provide you with the information you request.

        -   To process orders or other transactions and for billing purposes.

        -   To protect and secure our environment.

        -    Affiliates.

        -   Data analytics providers.

        -   Marketing services providers.

        -   Payment processors.

        -   Service providers, such as customer support providers, rewards program administrators, and/or survey or quiz administrators.

        -   Law enforcement, government agencies, and other entities where disclosure is deemed reasonably necessary to comply with law, cooperate with lawful investigations, participate in government programs, obtain government benefits, or protect the rights, property, or safety of you, us, or others.

         

        We retain the personal information we collect for as long as reasonably necessary to achieve the purposes disclosed at the point of collection or in this California Privacy Policy, unless a shorter retention period is required by law.  The length of retention may vary depending upon factors such as:

        • The existence of an ongoing relationship between you and us;
        • Recordkeeping or legal compliance requirements;
        • Supporting the operation and improvement of our business; and
        • The need to resolve inquiries or complaints.

        In the past twelve months we have disclosed the following categories of personal information with service providers to inform you about product and service offerings:

        • Personal identifiers
        • Internet or other network activity
        • Purchasing history

        The CCPA defines the “sale” of information broadly and some of our personal information disclosures may be considered a “sale” under this definition. Some of our disclosures may constitute a “sharing” where we disclose information for targeted advertising purposes.  Below we have listed the categories of personal information we have disclosed to marketing partners in a way that may be considered a “sale” or “share” for CCPA purposes:

        • Personal identifiers
        • Internet or other network activity
        • Purchasing history

        Some of our disclosures to rewards program administrators and/or survey or quiz administrators may constitute a “sale” or “sharing.”  We disclose the following categories of personal information to providers of such services:

        • Personal identifiers
        • Information about your use of the services
        • Internet or other network activity
        • Purchasing history

        We do not “sell” or “share” sensitive personal information and we do not knowingly “sell” or “share” the personal information of minors under 16 years of age.

        We otherwise use and disclose sensitive personal information only for those purposes expressly permitted under California law.

        Your California Privacy Rights

        California residents may have the rights listed below with respect to their personal information, subject to applicable exceptions. Please note that some of these rights may not apply to you.

        • Right to Know and Access. You may have the right to confirm that we have collected personal information about you and know what personal information we have collected about you, including, as applicable, the categories of personal information we have collected, the sources from which we collected that personal information, the business or commercial purposes for which we collected, sold, and shared that personal information, the categories of personal information that we sold, shared, or disclosed to third parties for business purposes, the categories of third parties to whom we sold, shared or disclosed personal information, and the specific pieces of personal information we have collected. You may be entitled to request that we disclose this to you in a portable and, to the extent technically feasible, readily usable format.
        • Right to Deletion. You may be entitled to request that we delete the personal information that we have collected from you. We will use commercially reasonable efforts to honor your request, in compliance with applicable laws. Please note, however, that we may need or be required to keep such information, such as for our legitimate business purposes or to comply with applicable law. 
        • Right to Correct. You may request that we correct inaccurate personal information that we hold about you.
        • Right to Opt-Out of Sales and Sharing of Personal Information. You may be entitled to opt out of sales of your personal information to third parties and to opt out of the disclosure of your personal information to third parties for certain targeted advertising.
        • Right to Limit Use of Sensitive Personal Information. You have the right to request that we limit the use of your sensitive Personal Information, as defined under California law, for only exempt purposes such as to provide the goods and services reasonably expected by the average consumer who requests such goods and services, to prevent fraud, and to verify or maintain the quality or safety of goods or services we provide.
        • Right to Non-Discrimination. You have the right not to receive discriminatory treatment if you exercise the rights conferred to you by applicable privacy law.

        Exercising Your Rights

        To exercise the rights to know and access, delete, correct, or limit use of sensitive personal information, please submit a verifiable consumer request to us by either:

        Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child.

        You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:

        • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
        • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

        In order to respond to your request, we will need to verify your identity by asking you for certain personal information to match with the information we have on file. We may request that you provide us with a description of the information we require to address your rights request, including your name, email address, phone number, and the nature of your request. The personal information that we use to verify your identity will not be used for any other purpose. We cannot effectuate your request if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.

        We do not discriminate against California residents who exercise their CCPA privacy rights.

        To exercise your right to opt-out of sales and sharing of personal information, click:  Do Not Sell or Share My Personal Information.