Privacy Policy

Last Updated: February 18, 2026

Please read this “Privacy Notice” carefully. This Privacy Notice describes the data collection, use, protection, and privacy practices of Humble Brands, Inc. (hereinafter, “we”, “our” or “us”) in connection with our products, services, and business.  If you have any questions regarding this Privacy Notice and/or our data practices, please Contact Us.

By visiting, accessing, or using the Site (as defined in Section 1 below – Humble Brands Services and Scope of Privacy Notice) and/or purchasing the Products through the Site, you acknowledge and agree that you have received and reviewed this Privacy Notice.  IF YOU DO NOT AGREE WITH OUR POLICIES OR PRACTICES, YOU SHOULD NOT USE THE SITE OR PROVIDE US WITH ANY PERSONAL DATA. We may update this Privacy Notice as described in Section 2 below - Changes to this Privacy Notice.

Please also review the applicable Terms of Service, which also apply to the use of our Site and/or purchase of the Products through the Site. Terms that are defined in the Terms of Service have the same meaning in this Privacy Notice unless this Privacy Notice specifies differently.

Please note that our privacy practices are subject to the applicable laws of the regions in which we operate. Accordingly, some additional region-specific terms will only apply to individuals in those locations, or as required by applicable laws. If you're a resident of the European Economic Area ("EEA"), Switzerland, United Kingdom (“UK”), or other Non-U.S. Territory, you should read the applicable sections below for specific rights applicable to you. Likewise, residents of certain U.S. states with an applicable privacy law should review the U.S. State Law Privacy Policy.

For more information about how users with disabilities can access this Privacy Notice in an alternative format, please contact us at hello@humblebrands.com or call our Toll Free number 1-(877)-246-4466.

TABLE OF CONTENTS

1. Humble Brands Site, Products, and Scope of Privacy Notice

2. Changes to this Privacy Notice

3. Information We Collect

4. Cookie & Similar Technologies; Targeted Advertising

5. Payment Processors

6. Children’s Privacy

7. Sensitive Data

8. Humble Brands Purposes for Processing

9. Sharing Personal Data

10. Marketing Communications

11. Your Choices

12. Data Retention

13. Data Security and Protection

14. Third Party Social Media Plug-Ins

15. External Websites

16. Notice to California Residents – Shine the Light Disclosures

17. Notice to Nevada Residents

18. Notice to European and Non-U.S. Residents

19. International Transfers

20. How to Contact Us

1.      HUMBLE BRANDS SITE, PRODUCTS, AND SCOPE OF PRIVACY NOTICE

Humble Brands Site and Products

Humble Brands owns, operates, and provides our websites located at https://humblebrands.com/, their subdomains, and any other websites that include an authorized link to this Privacy Notice (collectively, the “Site”), through which customers may purchase Humble Brands personal care products and other Humble Brands goods made available for purchase through the Site (the “Products”).

Scope of this Privacy Notice

This Privacy Notice applies to personal data that may be collected, received, and processed by us relating to:

• “Visitors” browsing or using our Site, including those who sign up for marketing or newsletter communications, or who interact with us through any pages or feeds of our accounts on any social media sites or platforms, such as through LinkedIn, Twitter, and/or any Meta platforms (“Social Media Platforms”).

• “Customers” who purchase Products through the Site and who may register an account with us to purchase Products through the Site.

This Privacy Notice applies to the personal information that we obtain in various contexts. The term “personal data” – also called “personal information” or “personally identifiable information” in the laws of some jurisdictions – means any information that reasonably identifies, relates to, describes, or can be associated with an individual. For example, it may include a person’s name, telephone number, email address, IP Address, or other unique identifiers. It does not include data from which the identity of an individual has been definitively removed along with any identifiers connected to such individual (also known as anonymous or anonymized data).

2.      CHANGES TO THIS PRIVACY NOTICE

Humble Brands reserves the right to update or modify this Privacy Notice at any time.  Except for material changes as described below in this Section, all updates and modifications to this Privacy Notice will be effective from the day they are posted online at https://humblebrands.com/pages/privacy-policy.  If we make any material changes to this Privacy Notice, we will provide you with reasonable notice prior to such change taking effect by sending a notification to the email address we have on file for you and provide a reasonable opportunity for you to opt out of any further materially different collection, processing, or transfer of previously collected personal data under the changed Privacy Notice, and may also post a prominent notice of any such changes on our Site.  Material changes to this Privacy Notice will become effective on the date set forth in the notice, and all other changes will become effective from the day they are posted on our Site.  It is your responsibility to regularly visit and review this Privacy Notice.

If you do not agree to any updates or modifications to the Privacy Notice, cease all use of the Site.  Continued use of the Site by you after the applicable effective date of the revised Privacy Notice, signifies to us that you acknowledge and agree to be bound by the revised Privacy Notice.

3.      INFORMATION WE COLLECT

We collect information provided directly by Visitors and Customers, as explained in the Section Information Provided Directly by Visitors and Customers, and in certain circumstances, we automatically collect certain information when accessing or using the Site as explained in the Section Information Collected Automatically.  In addition, we may receive personal data from third party sources as described in the Section Information Collected from Third Party Sources.

a.      Information Provided Directly by Visitors and Customers

The personal data we collect in connection with the use of the Site depends on how and why you use the Site.  For example, the information that we may process about Visitors is more limited than the information we may process if you are a Customer.  Note that you may choose not to provide personal data directly to us or to not use the Site. However, some personal data is necessary so that we can (i) provide you with access to certain features of the Site, (ii) enable you to purchase Products through the Site, and/or (iii) facilitate the shipment and/or delivery of Products you purchase through the Site. Failure to provide this information may prevent us from providing you with access to our Site and/or the ability to purchase the Products on the Site and receive such purchased Products.

• Contact Information: We may collect contact information, such as, your first and last name, phone number, email address, social media handles/URLs (solely for the Humble Brands influencer partnership program), and/or mailing address when you register an account to use the Site (an “Account”), apply to join our Humble Brands influencer partnership program, and/or sign-up to receive our marketing communications and/or newsletters.

• Login Credentials: When you login to your Account as a registered user, we collect your username, password, and/or other login credentials.

• User Submissions, Surveys, Feedback, Communications & Support. We collect the messages, comments, public profile information associated with your reviews and/or comments, photos, video, audio, images, data, information, text, and/or any other content or materials that you submit, upload, generate, and/or transmit through the Site or otherwise provide to us in connection with your use of the Site (collectively, “Submissions”).  For example, Submissions include any Product reviews you post to the Site and any Submissions provided when you fill out forms, answer surveys or quizzes, or contact us, such as your feedback, requests for support, or other communications (whether by email, phone, or through our chatbot).

• Payment Transaction Information: If you purchase our Products through the Site, we may collect certain limited payment information (for example, partial payment or credit card information, and limited transaction information like the date of purchase).  Humble Brands does not directly collect or store any payment information.  Payment information (including the limited information we receive described here), is collected and processed by our third-party payment processors.  For more information, please see the Payment Processors section of this Privacy Notice.

• Purchase History: We collect information regarding your purchase history of Products on or through the Site, including those purchased, obtained, or considered.

• Usage Data: We collect Usage Data as described below in the Section titled Information Collected Automatically.

Please be advised that we may ask you to update your information from time to time in order to keep it accurate.  Additionally, if you provide personal data to us about someone else, you must ensure that you are entitled to disclose that information to us and, without us having to take any further steps required by data protection laws, that we may collect, use, and disclose such information for the purposes described in this Privacy Notice. For example, you should ensure the individual concerned is aware of the terms detailed in this Privacy Notice and that they have consented to you sharing their information with us.

b.      Information Collected Automatically

When you visit, use, or interact with the Site, we may receive the following information about your visit, use, or interactions (collectively, “Usage Data”). Typically, this data is transmitted and collected automatically (without action by you) using cookies and similar technologies as described in Section 4 below.

• Log Data: Information that your browser or device automatically sends when you use our Site.  Log data includes your Internet Protocol address, browser type and settings, the date and time of your request, and how you interact with our Site.

• Usage and Analytics: Information and analytics about your use of the Site, such as the types of content that you view or engage with, the types of Products you view, purchase, and/or return, the features you use and the actions you take, non-identifiable request IDs, statistics associated with the interaction between your device or browser and the Site, as well as your time zone, country, the dates and times of access, user agent and version, type of computer or mobile device, your computer connection, searches and other actions you take, websites, apps, and/or ads that referred you to the website, and advertising and language preferences.

• Device Information: Information regarding the device used to access the Site, which may depend on the type of device you use and its settings, but generally includes, name of the device, operating system, system configuration information, device identifiers, and browser you are using.

• Approximate Location Data: We may collect your approximate location (city and state) based on your IP address.

c.      Information Collected from Third Party Sources

In some instances, we process personal data from third parties, which consists of:

• Service Providers: We receive information from third party service providers as described in Section 9.a below (“Service Providers”), that help us in the operation, provision, administration, and management of the Site, such as our hosting service providers, rewards program administrators, survey or quiz administrators, customer support providers, and our analytics providers.

• Social Media Networks: If you interact with us through any Social Media Platforms, we may collect information such as your name, username, demographic information, contact information (such as email address, location, interests), and publicly posted data such as your social media activity.

d.      Aggregated or De-Identified Data

With the personal information and other data (including Usage Data) collected by us, we may aggregate or de-identify such data and information so that it can no longer be used to identify you.  We use this information to analyze the effectiveness of the Site, to improve our Products and/or Site, to add features to our Site, to conduct research and for other similar purposes. In addition, from time to time, we may share or publish aggregated information like general user statistics with third parties.  We collect this information through the Site, through cookies, and through other means described in this Privacy Notice. We will maintain and use de-identified information in anonymous or de-identified form, and we will not attempt to re-identify the information, unless required by law.

4.      COOKIES & SIMILAR TECHNOLOGIES; TARGETED ADVERTISING

When you visit the Site, open or click on emails we send you, or interact with our advertisements, we or authorized third parties or agents may collect certain information by automated means using cookies and/or similar technologies, such as web beacons, embedded scripts, pixels, and browser analysis tools (collectively, “Cookies”), as described below. Cookies collect information such as Usage Data.

We may also use third party advertising partners (e.g., Google, Bing, and Meta) who use targeting/advertising Cookies and similar technologies to deliver advertisements that are more relevant to you and your interests and/or advertise the Humble Brands Products. These cookies and similar technologies are typically used to limit the number of times you see an advertisement as well as help measure the effectiveness of the advertising campaigns. They are usually placed by advertising networks with the website operator’s permission. They remember that you have visited a website, and this information is shared with other organizations such as advertisers. We will update and notify you of any future changes in the use of targeted advertising in accordance with this Privacy Notice.

• Cookies and Similar Technology: Cookies are pieces of information that may be placed on your computer by a website for the purpose of collecting data to facilitate and enhance your communication and interaction with that website. Such data may include, for example, the address of the websites you visited before and after you visited the Site, the type of browser you are using, your Internet Protocol (IP) address, what pages on the Site you visited and what links you clicked on, the region where your device is located, and geographic information based on your IP data. We may store some information on your device or device hard drive as a cookie or similar type of file (such as clear gifs, web beacons, tags, and similar technologies that work on mobile devices) to collect data related to usage of the Site. We may also use Cookies to customize your visit to the Site and for other purposes to make your visit more convenient or to enable us to enhance the Site. For more information on our use of Cookies, please see our Cookie Policy.

• Tracking Pixels: We use tracking pixels to collect information from users of the Site. A tracking pixel is a transparent graphic image (the size of a 1x1 pixel on your device screen) that is placed on a webpage of our Site and, in combination with cookies, allows us to collect information regarding your use of that webpage. We may also place tracking pixels in our email messages to collect information regarding your interaction with our email and any URL links included in the contents of the email. These tracking pixels trigger ads on participating websites and tell us when an advertisement we run on another website has been clicked on. This information helps us evaluate which advertisements are more appealing to users.

• Clickstream Data: As you use the Internet, a trail of electronic information is left at each website you visit. This information, which is sometimes referred to as "clickstream data," can be collected and stored by a website's server. Clickstream data can tell us the type of computer and browsing software you use and the address of the website from which you linked to the Site. We may collect and use clickstream data as a form of aggregate information to anonymously determine how much time visitors spend on each page of our Site, how visitors navigate throughout the Site, and how we may tailor our web pages to better meet the needs of visitors. This information will be used to improve the Site. 

• Analytics: We may work with third-party vendors who use the technologies described in this section to conduct website analytics to help us track and understand how visitors use our Site. One such provider is Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses cookies to help analyze how users use the Website. The information generated by these cookies about your use (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of the Site, compiling reports on activity for its staff, and providing other services relating to web page activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf. You may refuse the use of cookies by selecting the appropriate settings in your browser. By using the Site and accepting cookies, you consent to the processing of data about you by Google in the manner and for the purposes set out above. Please refer to the currently available opt-outs for Google Analytics by visiting https://tools.google.com/dlpage/gaoptout/. You may obtain additional information about Google Analytics by visiting the section titled "How Google uses information from sites or apps that use our services,” located at www.google.com/policies/privacy/partners/.

Targeted Advertising: 

5.      PAYMENT PROCESSORS

Humble Brands does not directly collect or store your payment information. If you make payments to us via credit card, the credit card payment information accessible by us only includes partial payment or credit card information, and limited transaction information via our payment processors’ portals. We use third-party, PCI-compliant payment processors to collect and process payments on our behalf, currently Shop Pay, PayPal,  Google Pay, and Venmo. Your full credit card information is processed by our payment processors, and our payment processors may provide us with limited information to confirm the transaction. Information collected by these third-party payment processors is governed by the applicable third-party payment processor’s privacy policy. You should review the applicable privacy policies (currently located at Shop Pay: https://www.shopify.com/legal/privacy/; PayPal: https://www.paypal.com/us/legalhub/privacy-full;
Google Pay: https://policies.google.com/privacy; and Venmo: https://venmo.com/legal/us-privacy-policy/) prior to submitting any information to the applicable third-party payment processors.

6.      CHILDREN’S PRIVACY

Humble Brands does not target the Site and/or the purchase of Products through the Site to persons under the age of 18, nor does Humble Brands knowingly collect personal data of persons under the age of 18.  Therefore, we ask you not to provide us with personal data of persons under the age of 18.  If we learn that personal data of persons under the age of 18 has been collected on or through the Site, then we may deactivate the account or otherwise terminate access to the Site and/or make the information inaccessible. If you believe we might have any personal data from or about a person under 18, please contact us by using the information in the section below titled How To Contact Us.

7.      SENSITIVE DATA

Humble Brands does not require you to provide any sensitive data about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, health and genetics, or biometric data to use the Site and/or to purchase Products through the Site.

8.      HUMBLE BRANDS PURPOSES FOR PROCESSING

Depending on whether you are a Visitor or Customer, and how you use or interact with the Site, Humble Brands processes personal data for the following purposes:

Providing, Customizing and Improving our Products and Site

• To host the Site

• To provide the Site to our Customers and Visitors and enable Customers to purchase Products through the Site, and related support and assistance.

• To facilitate the shipment and/or delivery of the Products.

• To create and manage Accounts or other user profiles.

• To meet or fulfill the reason you provided the information to us, including to provide you with the Products you purchase or information you request.

• To process orders or other transactions and for billing purposes.

• To update and/or improve the Products and to maintain, debug, enable, upgrade, update, improve, and/or enhance the Site, and develop new features, functionality, and/or other products and services.

• To conduct analytics related to the Site and/or purchase of Products through the Site, such as to understand how the Site is being used, the types of Products being purchased, and where improvements may be needed.

• To personalize our Site, content on our Site, and communications, such as remembering your information so that you will not have to re-enter it during your visit or the next time you visit the Site.

• To detect any fraudulent or illegal activity against Humble Brands, you, and our other users and for security purposes.

• To contact you if you have applied for the Humble Brands influencer partnership program or if you are part of such program, and to provide payments that may be owed to you under the influencer partnership program.

Marketing our Products and Services

• To provide customized advertisements, content, and information regarding our Products, where and as permitted under applicable law.

• Deliver direct marketing communications to you regarding our products and services that we may think are of interest to you.

Communicating with Users

• Respond to your queries and requests, or otherwise communicate directly with you.

• To keep you updated about changes to policies related to the Site and/or purchase of Products through the Site (including this Privacy Notice).

• To send emails and other communications according to your preferences.

Meeting Legal Requirements and Enforcing Legal Terms (as further described below in Legal Obligations and Security)

• To comply with a legal or regulatory obligation (for example, keeping records of our sales for tax compliance) and investigating security incidents.

• Protecting the rights, property, or safety of you, Humble Brands, or another party.

• To respond to regulatory bodies when legally required (for example, responding to a valid court order).

• To enforce our rights under our contracts and agreements.

For any additional purposes that you specifically consent to. 

Furthermore, we reserve the right to supplement your personal information with information we gather from other sources which may include online and offline sources. We may collect information that is not personal information (“non-personal information”), including anonymous or aggregate data, or information lawfully made available from federal, state, or local government records. Because non-personal information does not personally identify you, we may collect, use, and disclose such information for any purpose permitted by law. In some instances, we may combine non-personal Information with personal information. If we combine any non-personal information with personal information, the combined information will be treated by us as personal information to the extent that it is capable of personally identifying you. 

9.      SHARING PERSONAL DATA

Aside from disclosing your information to those of our employees, contractors, and agents who are committed to confidentiality and who are authorized to process the information in order to provide the Site and/or facilitate your purchase of Products through the Site, or the delivery thereof, we disclose your personal data only to the third parties as described below.

a.      Service Providers

We share personal data with our Service Providers that help us (i) in the operation, provision, administration, and management of the Site, (ii) facilitate purchase transactions for the Products made through the Site, and/or (iii) to otherwise operate our business.  Depending on how you use the Site, the following categories of third parties collect or receive personal data on our behalf as our Service Providers:

• Hosting and technology providers;

• Internet Service providers;

• Analytics providers;

• Marketing agencies that assist with our direct email and advertising;

• Payment processing providers;

• Providers of business operations and communication tools;

• Products fulfillment and delivery providers;

• Other third-party service providers that help us provide features and functions for the Site, respond to questions or concerns, and improve our products and the Site (e.g., customer support providers, rewards program administrators, and/or survey or quiz administrators), and

• Professional service providers, such as auditors, lawyers, consultants, accountants, and insurers.

We require all Service Providers to respect the security of your personal data and to treat it in accordance with the law.

b.      Business and Advertising Partners 

If you request or direct us to share your information, including, through any share, send, or similar functionality available via the Site, with third parties, we will share your information with such third parties. We may share your personal information with third parties who partner with us to promote products and services, provide marketing and advertisements, conduct data analytics, or use the data for other commercial purposes.

Note that the third parties described in this Section with whom you choose to share your information are not our service providers, and if you choose to share your information with those third parties, they may use your personal information differently than we do, and we do not control their use of your information.

Please make your choice to share your information carefully and review the privacy notices of all other third parties you decide to share your information with, if applicable.  You will need to contact such third parties directly for information about their privacy practices or to exercise any rights you may have (including if you would like to opt-out of marketing messages). Humble Brands will not be able to contain or retrieve personal information once it has been shared or disclosed, and Humble Brands will have no responsibility or liability for any consequences that may result because you have released or shared personal information with others.

c.      Business Transfers

We may also share data with third parties to whom we choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this Privacy Notice.

d.      Personnel and Affiliates 

Personal data that we collect about you may be shared with the employees, contractors, and agents of Humble Brands and our affiliated and subsidiary entities who are involved in providing or improving the Site that we offer to you and/or facilitating purchases of the Products through the Site. We obligate the employees, contractors, and agents of Humble Brands to ensure the security and confidentiality of your personal data and to act on that personal data only in a manner consistent with this Privacy Notice. We may also share personal data with our corporate affiliates and subsidiaries, who process personal data on our behalf, where necessary to provide a product or service that you have requested, or in other circumstances with your consent or as permitted or required by law.

e.     With Other Users

When you share personal information or otherwise interact in or post to the public areas of the Site, such information may be viewed by all users and may be publicly distributed outside. If you interact with other users or otherwise post to the public areas of the Site, other users will be able to view and respond to your public Submissions.

f.       Legal Obligations and Security

Regulatory and Government Bodies – Compliance with Law

We may disclose your information to regulatory agencies and official government bodies, as required to comply with or satisfy any laws, rules, or regulations applicable to Humble Brands.

Required Disclosures – Responding to Legal Orders

If we are required to disclose personal data by law, such as pursuant to a subpoena, warrant, or other judicial or administrative order, our policy is to respond to requests that are properly issued by law enforcement within the United States. Under such circumstances, unless prohibited by applicable law, we will attempt to provide you with prior notice that a request for your personal data has been made in order to give you an opportunity to object to the disclosure.  We will attempt to provide this notice by email, if you have given us an email address. However, government requests may include a court-granted non-disclosure order, which prohibits us from giving notice to the affected individual.  In cases where we receive a non-disclosure order, we will notify you when it has expired or once we are authorized to do so.

Exigent Circumstances & Enforcement/Protection of Our Rights

Your information, including the contents of all of your online communications in our Site and between you and Humble Brands may be accessed and monitored as needed to provide our Site and/or the purchase of Products through the Site, and may be disclosed to law enforcement, regulatory agencies, official government bodies, and other third parties, as we, in our sole discretion, believe necessary or appropriate:

• To enforce our rights under our Terms of Service, and any other terms of use, terms of service, customer agreements and/or any other terms and conditions applicable to the use of the Site;

• In connection with an investigation of fraud, intellectual property infringement, piracy or other unlawful activity or activity that may expose us or our affiliates, partners, and/or agents to legal liability; and/or

• If we receive information that provides us with a good faith belief that there is an exigent emergency involving the danger of death or serious physical injury to a person.

g.      With Your Consent

There may be situations where you are asked to consent to share personal data with third parties for additional reasons not included in this Privacy Notice.  In such event, we will only share such personal data if we have received your prior consent and only for the purposes listed in the request to share such information.

Except where otherwise required by applicable law, your consent for the use and/or disclosure of your personal data in specific situations will continue in full force and effect until you revoke that consent, which you may do by contacting us via email at hello@humblebrands.com.  For the avoidance of doubt, the revocation of consent shall only apply to use the information after our receipt and processing of such request (which we shall process promptly and in accordance with applicable law), and not to any use or disclosure prior to such revocation in compliance with your consent.

10.   MARKETING COMMUNICATIONS

If you have opted in to receive direct marketing emails or SMS marketing communications from us, we may use your personal data to send you marketing information about the Humble Brands business, our Products and/or Site, new product releases, improvements to the Products, new feature releases of the Site, and/or other products and services, that we think may interest you.  We carry out direct marketing by email, SMS messages, and may also do so by physical mail.

If you no longer wish to receive marketing communications, you have the right at any time to opt out as further explained in Your Choices.

11.   YOUR CHOICES

a.      Accessing, Updating, and Correcting Personal Data

If you would like to access, update, and correct personal data, please contact us via email at hello@humblebrands.com, and we will use reasonable efforts to correct and/or update such information.

b.      Direct Marketing

You may manage the receipt of marketing and non-transactional communications sent by email by clicking on the “unsubscribe” link located on the bottom of any of our marketing e-mails. To stop receiving SMS marketing communications from Humble Brands, you can opt out at any time by responding with the opt-out notice indicated in the SMS communication.

Note that you cannot opt out of receiving transactional e-mails or communications related to the Site and/or your purchase of Products through the Site (e.g., requests for support), which, for clarification, are not marketing communications. 

c.      Cookies

If you would like to stop or restrict the placement of cookies or flush any cookies that may already be on your computer or device, please refer to and adjust your web browser preferences. Further information on cookies is available at www.allaboutcookies.org. By deleting our cookies or disabling future cookies, you may not be able to access certain areas or features of the Site some of its functionality may be affected. Note that cookie-based opt-outs must be performed on each device and browser that you wish to have opted out. For example, if you have opted out on your device browser, that opt-out will not be effective on your mobile device. Be advised that cookie-based opt-outs are not effective on some mobile services. You can also manage your cookie and tracking preferences as described in our Cookie Policy. 

d.      Targeted Advertising 

You may opt out of receiving targeted ads from certain data and advertising partners that participate in certain industry self-regulatory programs. The DAA provides a website at www.aboutads.info/consumers with information about how to opt out of targeted advertising from some or all of the DAA’s participating companies. Additionally, the Network Advertising Initiative (“NAI”) offers a website at http://optout.networkadvertising.org/ where you can opt out of interest-based advertising from some or all of the NAI’s members. Please note that by opting out, you will continue to see generic advertising that is not tailored to your specific interests and activities. In the event that we perform cross-device matching (as described above), once you have opted out on one device (“Opted-Out Device”), we will not use any new data from the Opted-Out Device to identify you on another device for interest-based advertising purposes, and we will not use data from another device for interest-based advertising purposes on the Opted-Out Device.

For targeted advertisements delivered through mobile apps, users may opt out of certain ads or reset advertising identifiers via their device settings. To learn how to limit ad tracking or to reset the advertising identifier on your iOS and Android device, visit the following links: 

• iOS - https://support.apple.com/en-us/HT202074

• Android - https://support.google.com/ads/answer/2662922?hl=en

You can also install the DAA’s AppChoices app on your device to opt out of targeted advertising by certain providers, and to select system-level advertising preferences on your device (such as “Limit Ad Tracking” on Apple devices, or “Opt-out of Interest-based ads” on Android devices). 

Finally, to learn more from the NAI about how to opt out of targeted advertising on websites and mobile devices, you can also visit the following link: https://thenai.org/how-to-opt-out/.

12.   DATA RETENTION

Personal data is processed for the period necessary to fulfill the purposes for which it is collected, to comply with legal and regulatory obligations and for the duration of any period necessary to establish, exercise or defend any legal rights.

Typically, we retain personal data about you for as long as you have an open Account with us or as otherwise necessary to provide you with our Site and/or to enable your purchase of Products through the Site.  In some cases, we retain personal data for longer, if doing so is necessary to comply with our legal obligations, resolve disputes or collect fees owed, or is otherwise permitted or required by applicable law, rule, or regulation. We retain user device and IP address data for as long as we need to ensure that our systems are working appropriately, effectively, and efficiently.

In some instances, we may choose to anonymize personal data instead of deleting it. When we choose to anonymize, we make sure that there is no way that the personal data can be linked back to any specific individual.

13.   DATA SECURITY AND PROTECTION

We have put in place reasonable and appropriate security measures designed to prevent your personal data from being accidentally lost, altered, disclosed, used, or accessed in an unauthorized way. In addition, we limit access to personal data to those employees, agents, contractors, and the third parties who have a business need-to-know.  

However, no method of transmission over the Internet, or method of electronic storage, is 100% secure, and while we take reasonable steps to provide secure services, by using the Site, you understand and assume the risks associated with your activities on the internet. If you have reason to believe that your interaction with us is no longer secure, please immediately notify us of the problem by using the information in the section below titled How To Contact Us.

Additionally, we cannot control the actions of other users with whom you may choose to share your information. Further, even after information posted on the Site is removed, caching and archiving services may have saved that information, and other users or third parties may have copied or stored the information available on the Site. To the fullest extent permitted under applicable law, we cannot and do not guarantee that information you post on or transmit to the Site will not be viewed by unauthorized persons.

14.   THIRD PARTY SOCIAL MEDIA PLUG-INS

On or through the Site we may provide third-party “share” buttons which enable you to share certain content via social media sites (e.g., Facebook, Twitter, Instagram, YouTube, and LinkedIn).  These “share” buttons may function as web beacons when you interact with the button.  Please note that when you “share” using the buttons, you may send to the third party provider of the “share” button the information that you are viewing.  If you are not logged into your account with the third party provider, then the third party may not know your identity.  If you are logged in to your account with the third party, then the third party may be able to link information or actions about your interactions with the Site to your account with the applicable third party provider. Please refer to each third party’s privacy policies to learn more about its data practices.

15.   EXTERNAL WEBSITES

On or through the Site we may provide or make available, for informational purposes only, links to other websites or resources with which we do not have a contractual relationship and over which we do not have control (“External Websites”).  Such links do not constitute an endorsement by Humble Brands of those External Websites, and are provided to you only as a convenience. By clicking on links to External Websites, the operators of the External Websites may collect your personal data. We are not responsible for the content or data collection practices of those External Websites, and your use of External Websites is subject to their respective terms of use and privacy policies.

16.   NOTICE TO CALIFORNIA RESIDENTS - SHINE THE LIGHT DISCLOSURE

California residents who have provided us with personal data have the right (under California Civil Code§ 1798.83) to request and obtain from us, once each year, the details of any personal data we shared with a third party for that third party’s direct marketing purposes during the prior calendar year. The details would include the categories of personal data and the names and addresses of the third party with which it was shared.

To request information about this sharing, you may submit a request via email to hello@humblebrands.com with "Your California Privacy Rights" in the subject line, along with your first and last name, and complete mailing address (including street address, city, state, and zip code). If you do not want your personal data shared with any third party who may use such information for direct marketing purposes, then you may opt out of such disclosures by sending an email to hello@humblebrands.com. 

17.   NOTICE TO NEVADA RESIDENTS

Under Nevada law, Nevada “consumers” (individuals who are seeking or acquiring goods/services for personal, family, or household purposes) may opt out of the sale of covered personal information.

You may submit an opt-out request by sending your request to hello@humblebrands.com along with your full name, complete mailing address (including street address, city, state, and zip code), email address (so that we can contact you, if needed, in connection with the request) and confirmation that you are a Nevada resident.

18.   NOTICE TO EUROPEAN RESIDENTS

This notice supplements the information provided in this Privacy Notice to address certain disclosures under the General Data Protection Regulation (EU) 2016/679 ("GDPR") and other similar comprehensive data protection law and applies only to individuals who are within the scope of this Privacy Notice and located in the EEA, UK, Switzerland, or another country with a similar comprehensive data protection law.

For the purposes of the GDPR and relevant local data protection laws, Humble Brands is (a) the data controller of personal information about Customers and Visitors.  Personal Data as used in this Notice to European Residents means “personal data,” as defined in Article 4(1) of the GDPR or the relevant section of the local data protection laws.  If you have any questions about how we process your personal data, or to exercise your data protection rights please contact us using the methods provided in the “Contact Us” section of this Privacy Notice below.

a.    Our Legal Basis for Processing. Generally, we process your personal data for one or more of the following legal bases:

• Performance of a Contract: In order to provide the Site and fulfill our obligations under the contract we are about to enter into or have entered into with you. This may also include disclosure to the third parties who help us perform our obligations to you in connection with your purchase of the Products through the Site (including delivery and receipt thereof) and/or use of the Site, such as hosting providers, product fulfillment and delivery providers, and payment processors.

• Legitimate Interests: When it is reasonably necessary to achieve our legitimate business interests (or those of a third party), and your interests and fundamental rights do not override those interests. For example, for security purposes and protection against fraud.

• Legal Obligations: Where we need to comply with a legal or regulatory obligation.  For example, keeping records of our sales for tax compliance.

• Vital Interests: Where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, situations involving potential threats to the safety of any person and illegal activities, or as evidence in litigation in which we are involved.

• Consent: Where you have given us specific consent to use your personal data for a specific purpose. Please note that for this specific legal basis, you have the right to withdraw your consent at any time.

b.     Data Subject Rights
Depending on your country of residence, your rights may include.

• The right to be informed – that’s an obligation on us to inform you how we use your personal data (and that’s what we’re doing in this Privacy Notice);

• The right of access – that’s a right to make what’s known as a ‘data subject access request’ for a copy of the personal data we hold about you;

• The right to rectification – that’s a right to request that we correct personal data about you that may be incomplete or inaccurate (though we generally recommend first making any changes in your Account if you have one);

• The right to erasure (also known as the ‘right to be forgotten’) – that’s where in certain circumstances you can ask us to delete the personal data we have about you (unless there’s an overriding legal reason we need to keep it);

• The right to restrict processing – that’s a right for you, in certain circumstances, to ask us to suspend processing personal data;

• The right to data portability – that’s a right for you to ask us for a copy of your personal data in a common format (for example, a .csv file);

• The right to object – that’s a right for you to object to us processing your personal data (for example, if you object to us processing your data for direct marketing);

• Rights in relation to automated decision-making and profiling – that’s a right you have for us to be transparent about any profiling we do, or any automated decision-making;

• Withdraw consent—that’s the right to revoke any consent you may have previously given us at any time, if we have collected and processed your personal data with your consent. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal data conducted in reliance on lawful processing grounds other than consent; and

• File a complaint—that’s the right to file a complaint with a supervisory authority about our collection and processing of your personal data.

c.     Exercising Your Rights

These rights are subject to certain rules around when you can exercise them. If you wish to exercise any of the rights set out above, please contact us.

You will not have to pay a fee to access your personal data (or to exercise any of the other rights) unless your request is clearly unfounded, repetitive, or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.

We will respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated as required by law.

If you no longer wish to receive our marketing/promotional information, you may opt out as described in the Your Choices section above.

Finally, you have the right to make a complaint at any time to the supervisory authority for data protection issues in your country of residence. We would, however, appreciate the chance to deal with your concerns before you approach the supervisory authority, so please contact us first.

19.   INTERNATIONAL TRANSFERS

Humble Brands is based in the United States. The personal data that we process is stored, hosted, and processed on servers located in the United States.  Additionally, Humble Brands may transfer the personal information that we process to the third parties described above. These recipients may be situated outside of your country or regional area of residence and may process personal information outside of your country or regional area. In particular, information provided to us or collected by us likely will be transferred to and processed in the United States by us or our Affiliates and our respective agents and contractors. The data protection laws of the United States or other countries may not be as comprehensive or equivalent to those in your country of residence. By submitting your personal data to us, you agree to the transfer, storage, and processing of such information in foreign jurisdictions including, but not limited to, the United States.

Where applicable, we may use model clauses approved by the laws of your jurisdiction (such as Standard Contractual Clauses approved by the European Commission) to transfer personal information across borders where and as required under applicable law.

20.   HOW TO CONTACT US

If you have any questions about this Privacy Notice, including any requests to exercise your legal rights, please contact us as follows:

By email: hello@humblebrands.com; Subject Line: Privacy Request

By mail: Humble Brands, Inc.

Attn: Humble Brands Privacy Request

1336 Gusdorf Road

Taos, NM 87571

U.S. State Law Privacy Policy

If you are a resident of California, Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, Iowa, Delaware, Nebraska, New Hampshire, New Jersey, Tennessee, Minnesota, Maryland, Indiana, Kentucky, Rhode Island, or another U.S. state that has similar comprehensive privacy legislation (collectively, “Covered States”), you may have specific rights regarding your personal information under: the California Consumer Privacy Act (“CCPA”), Virginia Consumer Data Protection Act, Colorado Privacy Act, Connecticut Data Privacy Act, Utah Consumer Privacy Act, Texas Data Privacy and Security Act, Oregon Consumer Privacy Act, Montana Consumer Data Privacy Act, Iowa Consumer Data Protection Act, Delaware Personal Data Privacy Act, Nebraska Data Privacy Act, New Hampshire Data Privacy Act, New Jersey Data Privacy Act, Tennessee Information Protection Act, Minnesota Consumer Data Privacy Act, Maryland Online Data Privacy Act, Indiana Consumer Data Protection Act, Kentucky Consumer Data Protection Act, Rhode Island Data Transparency and Privacy Protection Act, and similar laws in other U.S. states (collectively, "State Privacy Laws"). This section describes the rights that consumers of Covered States have and explains how to exercise those rights. To be clear, these rights are granted only to the extent that you are considered a consumer of Covered State and we are acting as a “controller” or “business” (as applicable) under State Privacy Laws with respect to your personal information.

Collection and Disclosure of Personal Information

General information regarding our collection, use, and disclosure of personal information is set forth in the Privacy Policy above. 

The below chart reflects the categories of personal information we have collected from consumers over the past twelve (12) months, the categories of sources from which the information was collected, the business or commercial purpose for which the information was collected, and the categories of third parties with whom we have shared that information.  We retain this personal information pursuant to the section in the Privacy Policy above titled Data Retention. Depending on your level of interaction with us, we may not have collected your personal information from all of the categories listed in the Privacy Policy above. 

In the past twelve (12) months we have disclosed the following categories of personal information with service providers to inform you about product and service offerings:

• Personal identifiers

• Internet or other network activity

• Purchasing history

State Privacy Laws define the “sale” of information broadly and some of our personal information disclosures may be considered a “sale” under this definition. Some of our disclosures may constitute a “sharing” where we disclose information for targeted advertising purposes.  Below we have listed the categories of personal information we have disclosed to marketing partners in a way that may be considered a “sale” or “share” under State Privacy Laws :

• Personal identifiers

• Internet or other network activity

• Purchasing history

Some of our disclosures to rewards program administrators and/or survey or quiz administrators may constitute a “sale” or “sharing.”  We disclose the following categories of personal information to providers of such services:

• Personal identifiers

• Information about your use of the services

• Internet or other network activity

• Purchasing history

We do not process sensitive personal information as defined by States Privacy Laws.

Your State Privacy Rights

In addition to the rights set forth in our Privacy Notice, State Privacy Laws may, depending on your state of residence, provide you with the following rights:

• Right to Know. You may have the right to confirm that we have collected personal information about you and know what personal information we have collected about you, including, as applicable, the categories of personal information we have collected, the sources from which we collected that personal information, the business or commercial purposes for which we collected, sold, and shared that personal information, the categories of personal information that we sold, shared, or disclosed to third parties for business purposes, the categories of third parties to whom we sold, shared or disclosed personal information, and the specific pieces of personal information we have collected. Residents of Minnesota or Oregon have the right to: (i) confirm additional information about the categories of personal information we have processed about them; and (ii) obtain a list of third parties to which we have disclosed the personal information of Minnesota or Oregon consumers. Residents of Delaware or Maryland have the right to obtain a list of the categories of third parties to which we have disclosed the personal information of Delaware or Maryland consumers.

• Right to Data Portability. You may be entitled to request that we disclose this to you in a portable and, to the extent technically feasible, readily usable format.

• Right to Deletion. You may be entitled to request that we delete the personal information that we have collected from you. Please note, however, that we may deny such request if the requested deletion falls under an exception as set forth in the State Privacy Laws. 

• Right to Correct. You may request that we correct inaccurate personal information that we hold about you.

• Right to Opt-Out. You have the right to opt out of the processing of your personal information for purposes of: the sale of your personal information to third parties; (ii) targeted advertising; or (iii) profiling in furtherance of decisions that produce legal or similarly significant effects concerning you. As of the latest date of the Privacy Policy:

• We process personal information or share it with third parties for the purposes of targeted advertising;

• We sell your personal information in exchange for monetary or other valuable consideration; and

• We DO NOT engage in profiling decisions based on your personal information that produce legal or similarly significant effects concerning you.

If you wish to opt out of the processing of your personal information for any of the above purposes, please visit the Your Privacy Choices webpage. For residents of California, Colorado, Connecticut, Delaware, Maryland, Minnesota, Montana, New Hampshire, New Jersey, Oregon, or where otherwise required by applicable law, we will also treat opt-out preference signals as valid opt-out requests. To our knowledge, we do not sell or share the personal information of minors under 18 years of age.

• Right to Non-Discrimination. You have the right not to receive discriminatory treatment if you exercise the rights conferred to you by applicable privacy law. Unless permitted by State Privacy Laws, we will not:

• Deny you goods or services;

• Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties;

• Provide you a different level or quality of goods or services; or 

• Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

Exercising Your Rights; Verifying Your Identity

To exercise any of your privacy rights, or if you have questions about your privacy rights, you may contact us by:

• Calling us at our toll free number : (877) 246-4466

• Emailing us at: hello@humblebrands.com

• Visiting the Your Privacy Choices webpage (to exercise your rights to access, correct, know, delete, or opt-out of the sale or sharing of your personal information)

Only you (or for California residents, or a person registered with the California Secretary of State that you authorize to act on your behalf), may make a verifiable consumer request related to your personal information. If you are making a request as the authorized agent of a California consumer, we will ask you to also submit reliable proof that you have been authorized in writing by the consumer to act on such consumer’s behalf.  

You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:

• Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.

• Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

Except for opt-out requests (which do not require verification), in order to respond to your request, we will need to verify your identity by asking you for certain personal information to match with the information we have on file. We may request that you provide us with a description of the information we require to address your rights request, including your name, email address, phone number, and the nature of your request. The personal information that we use to verify your identity and match with the information existing in our systems will not be used for any other purpose. When providing us this information, you represent and affirm that all information provided is true and accurate. If we are unable to verify that the consumer submitting the request is the same individual about whom we have collected personal information, we may contact you for more information, and if we cannot verify your identity or authority to make the request, we may not be able to meet your request.

Response Times; Your Right to Appeal

We will make every effort to respond to your request within 45 days from when you contacted us. If you have a complex request, State Privacy Laws allow us up to 90 days to respond. We will contact you within 45 days from when you contacted us to inform you of the need for additional time and the reason for such extension. We may charge you a reasonable fee to cover administrative costs if your requests are manifestly unfounded, excessive, or repetitive. 

If we decline to take action on a request that you have submitted, we will inform you of our reasons for doing so, and provide instructions for how to appeal the decision. Depending on your state of residence you may have the right to appeal within a reasonable period of time after you have received our decision. If you have this appeal right, within 60 days (45 days for residents of Colorado and Minnesota) of our receipt of your appeal, we will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions. If we deny your appeal, we will provide you with a method for contacting your state attorney general’s office to submit a complaint.

Notice of Financial Incentive 

We may offer you financial incentives, including discounts, coupons, gift cards, or other rewards, for sharing personal information through programs that we may provide from time to time (collectively, our “Programs”). For example, we may (e.g., “offer you free products or discount codes for your participation in surveys or sweepstakes, for making reviews on our products, as part of invitations to events, or in relation to other offers”). When we offer our Programs to you, we believe that the value of the different pricing or services you receive exceeds the cost of providing your personal information. Your participation in these Programs is completely optional and subject to the terms provided to you at the time you sign up. 

You may withdraw from participation in a Program at any time by contacting us using the designated method set forth in the applicable Program rules. Visit the terms and conditions of each Program to view full details, including how to join. You may also withdraw from or opt out of our Programs at any time by contacting us at hello@humblebrands.com.