Protected Health Information.
Crave is also committed to protecting the privacy of your protected health information (“Protected Health Information”). “Protected Health Information” is a subset of Personal Information that is information about you, including demographic information, that may identify you and that relates to your past, present or future physical or mental health or condition; related health care services; or related to the past, present, or future payment for the provision of health care to you.
Information That Crave Collects
Consent and Modification.
Receipt and Collection of Information.
We collect Personal Information from users. In each case, you will only be required to provide the Personal Information that we need in order to be able to provide the services you have requested. You may be entitled under data protection laws to access and review the Personal Information that we hold on you, if you provide the necessary consent and background information and pay any mandated fee. All such communications regarding access to your personal data should be addressed to: email@example.com. Such inquiries should clearly be marked as data protection queries and as being time sensitive.
Crave provides User the option, at User’s sole election, to upload a profile image that is viewable by other participants of the Services, but this is not mandatory. User may delete User’s profile picture at any time by logging into the Mobile App and visiting the profile settings page.
Personal Health Information.
Crave may obtain your personal health information from your health care provider upon User’s request and prior approval. Crave may collect certain personal health information such as User’s height, weight, blood pressure, blood glucose and gender and display User’s biometrics to User based on these inputs.
Demographic & Non-Identifying Information.
Crave also collects data about User, including about User’s make-up, fitness level, health indicators, and related information that does not identify User and that enables User to fully participate in the Service.
Information Crave Collects or Stores as User Accesses and Uses the Website and Service
In addition to any Personal Information or other information that User choose to submit to Crave via Crave’s Website, Crave and Crave’s third-party service providers may use a variety of technologies that automatically (or passively) store or collect certain information whenever User visits or interacts with the Website (“Usage Information”). This Usage Information may be stored or accessed using a variety of technologies that may be downloaded to User’s personal computer, browser, laptop, tablet, mobile phone or other device (a “Device”) whenever User visits or interacts with Crave’s Website and/or the Mobile App. To the extent Crave associates Usage Information with User’s Personal Information Crave collects directly from User on the Website, Crave will treat it as Personal Information.
This Usage Information may include:
- User’s IP address, UDID or other unique identifier (“Device Identifier”). A Device Identifier is a number that is automatically assigned to User’s Device used to access the Website, and Crave’s computers identify User’s Device by its Device Identifier;
- User’s Device functionality (including browser, operating system, hardware, mobile network information);
- User’s subscription level;
- the URL that referred User to Crave’s Website;
- the areas within Crave’s Website and/or Mobile App that User visits and User’s activities there, including remembering User, User’s preferences and pages User requested and/or viewed;
- User’s Device location;
- User’s Device characteristics; and
- certain other Device data, including the time of day, among other information.
Crave may use various methods and technologies to store or collect Usage Information (“Tracking Technologies”). Tracking Technologies may set, change, alter or modify settings or configurations on User’s Device. The Tracking Technologies that may be used are the following (and subsequent technology and methods later developed which perform a similar function):
Cookies. A cookie is a data file placed on a Device when it is used to visit the Website. A Flash cookie (or locally shared object) is a data file placed on a Device via the Adobe Flash plug-in that may be built-in to or downloaded by User to User’s Device. HTML5 cookies can be programmed through HTML5 local storage. Unlike Flash cookies, HTML5 cookies do not require a plug-in. Regular cookies may generally be disabled or removed by tools that are available as part of most commercial browsers, and in some but not all instances can be blocked in the future by selecting certain settings. Each browser User uses will need to be set separately and different browsers offer different functionality and options in this regard. Also, these tools may not be effective with regard to Flash cookies or HTML5 cookies. For information on disabling Flash cookies go to Adobe’s web site www.adobe.com. Please be aware that if User disables or removes cookies, Flash cookies, or HTML5 cookies on User’s Device, some parts of Crave’s Website, Mobile App and/or Services may not function properly, and that when User revisits Crave’s Website, Mobile App and Services User’s ability to limit cookies is subject to User’s browser settings and limitations.
Web Beacons. Small graphic images or other web programming code called “web beacons” (also known as “1×1 GIFs” or “clear GIFs”) may be included in pages and messages of our Website, Mobile App and Services. Web beacons may be invisible to User, but any electronic image or other web programming code inserted into a page or e-mail can act as a web beacon. Web beacons or similar technologies may be used for a number of purposes, including, without limitation, to count visitors to the Website, Mobile App and Services, to monitor how users navigate the Website, Mobile App and Services, to count how many e-mails that were sent were actually opened or to count how many particular articles or links were actually viewed.
Embedded Scripts. An embedded script is programming code that is designed to collect information about User’s interactions with the Website, Mobile App and Services, such as the links User clicks on. The code is temporarily downloaded onto User’s Device from Crave’s web server and/or Mobile App or a third party service provider, is active only while User is connected to the Website and/or Mobile App, and is deactivated or deleted thereafter.
ETag, or entity tag. A feature of the cache in browsers. It is an opaque identifier assigned by a web server to a specific version of a resource found at a URL. If the resource content at that URL ever changes, a new and different ETag is assigned. Used in this manner ETags are a form of Device Identifier. ETag tracking may generate unique tracking values even where the consumer blocks HTTP, Flash, and/or HTML5 cookies.
Crave may use Tracking Technologies for a variety of purposes, including:
Information Third Parties Provide About User
Interactions with Third-Party Websites
How Crave Uses the Personal Information
Crave may use User’s information that Crave collects about User:
- to contact User occasionally to inform User of new Services features, or news or articles Crave thinks will be of interest to User. Crave may send User regular updates on issues Crave thinks will be of interest to User;
- to contact User with regard to User’s use of the Services and, in Crave’s discretion, changes to the Services and/or the service policies;
- for internal business purposes;
- to provide User with information or services or process transactions that User has requested or agreed to receive including to send User electronic newsletters;
- to provide User with marketing materials or relevant advertising, promotions and recommendations from Crave or our business partners;
- to enable User to participate in a variety of the Service features;
- to process User’s account registration, including verifying User’s information is active and valid;
- to identify User as the author of any comments that User sends to Crave to be posted on the Website or Mobile App;
- to ensure that content on the Website and Mobile App is presented in the most effective manner for User and for User’s computer or mobile device;
- to provide User with information relating to any events held by Crave, where User has consented to be contacted for such purposes; and
- to provide User with access to User’s personal account.
User can always opt out of utilizing the Service, and accordingly opt out of Crave’s use of User’s Personal Information, by sending an email to firstname.lastname@example.org
How and When Does Crave Disclose Information To Third Parties?
Crave may share User’s Personal Information, including performance measurement information associated with User’s name that is collected or generated at the Website, Mobile App or through the Services.
Personal Information may occasionally be transferred to third parties who act for Crave for further processing in accordance with the purposes for which the data was originally collected or for purposes to which User has subsequently consented. For example, sometimes a third party may have access to User’s Personal Information in order to support Crave’s information technology or to handle mailings on Crave’s behalf. If Crave transfers User’s Personal Information to an outside agent or organization for such purpose, Crave will take appropriate measures in an effort to protect User’s privacy and the Personal Information Crave transfer.
Crave may share your Personal Information with various business partners. Some of these business partners may use your personal information to facilitate the offering of services or products that may be of interest to you. We may also share your Personal Information as otherwise described to you at the time of collection.
Crave may, in Crave’s sole discretion, share or transfer Personal Information where permitted or required by law, to comply with legal process, to interact with anti-fraud databases, to protect User’s vital interests, to protect the security or integrity of Crave’s databases or the Website and the Mobile App, to enforce the Terms & Conditions or protect the business or reputation of Crave and/or its Business Customers, to take precautions against legal liability, to protect and defend the rights or property of Crave and/or its Business Customers, for required institutional risk control, or for resolving disputes, inquiries or complaints with respect to User’s use of the Website, Mobile App and Services.Crave reserves the right to disclose and transfer all Personal Information: (i) to an operator of the Website or Mobile App or applicable database provided such entity agrees to be bound by the terms and conditions hereof to the extent applicable; or (ii) to a successor in interest of Crave in connection with a merger, consolidation, restructuring, change of control, the sale of substantially all of Crave’s interests and/or assets or other organizational change, including, during the course of any due diligence process, provided such successor entity agrees to be bound by the terms and conditions hereof.
What About Information User Disclose Publicly Or To Others?
User-Generated Content and Public Information.
“User Content” is any content, materials or information (including without limitation, any text, information, graphics, messages, photos, images, nutritional information contributed to the Food Database and works of authorship kind), data, questions, comments, suggestions or other content, including personally identifiable information that you upload, send, email, display, perform, distribute, post or otherwise transmit to us, at our request or on your own, on, or through the Services (such as message boards, recipe logging), whether in connection with your use of the Services or through the use of any Third Party Websites or Third Party Services or otherwise, and whether publicly posted or privately transmitted.
Crave or others may store, display, reproduce, publish, distribute or otherwise use User Content online or offline in any media or format (currently existing or hereafter developed) and may or may not attribute it to User. Others may have access to this User Content and may have the ability to share it with third parties. Please think carefully before deciding what information User shares, including Personal Information, in connection with User’s User Content. Be aware that public postings (including group messaging with other Users) are not confidential. Please note that the Crave does not control who will have access to the information that User chooses to make public, and cannot ensure that parties who have access to such publicly available information will respect User’s privacy or keep it secure. Crave is not responsible for the privacy or security of any information that User makes publicly available on the Service, the Mobile App or Website or what others do with information User shares with them on the Mobile App and Website. Crave is not responsible for the accuracy, use or misuse of any User Content that User discloses or receives from third parties through the Service.
Name and Likeness.
Crave may also publish User’s name, voice, likeness and other Personal Information that is part of User’s User Content, and Crave may use the content, or any portion of the content, for advertising, marketing, publicity and promotional activities, provided that Crave will not exercise such rights as to any User Content which identifies User in a public manner (other than in providing the Services to the Business Customer and the Business Customer’s other participants) unless User provides a separate consent to Crave in writing (email is sufficient) authorizing such use. For full terms and conditions regarding User Content User submits to the Service, please review Crave’s Terms & Conditions.
A User’s profile page may be, by default, set up to display information such as the User’s display name, images, location (city/state/country), groups that the User has joined and optional information added by User. Profile information is used by Crave primarily to be presented back to and edited by User when User accesses the Service and to be presented to others permitted to view that information on the Service. Crave may offer users the ability to manage their public profile and use profile preference settings, the functionality and features of which are subject to change from time to time, so visit it frequently to confirm the settings reflect User’s then current preferences and Crave recommends that User does not post information or content as part of User’s profile that User is not prepared to make public. Changing setting options may not result in immediate changes to the settings, which are subject to Crave’s operations and maintenance schedules. User should carefully consider the use of such settings to improve information display options and to ensure the settings are properly set and functioning in the manner desired. Notwithstanding the availability of profile preference settings, User should be aware that these settings are for convenience only, do not employ complex data security protection and may not be error free. Further, other users that have access may repost or otherwise make public User’s information or content. Accordingly, discretion and good judgment should be exercised when posting information or content as part of User’s profile.
Use of Anonymous Information.
We may use Anonymous Information (as defined below), or disclose it to third party service providers, to provide and improve the Service. We may also disclose Anonymous Information (with or without compensation) to third parties, including advertisers and partners, for purposes including, but not limited to, targeting advertisements. “Anonymous Information” means information which does not enable identification of an individual user, such as aggregated information about use of the Service.
You may choose not to receive future promotional, advertising, or other Service-related notifications from us by changing the notification settings on your device. If you choose not to receive notifications, you may still use the Service but you may not receive, or may be unable to use, certain services that involve our interaction with you.
At all times, you may choose whether or not to provide or disclose Personal Information. The notices that we provide on the Service in circumstances where we collect Personal Information should help you to make this choice. If you choose not to provide the Personal Information we request, you may still use the Service, but you may be unable to access certain programs and services that involve our interaction with you.
To the extent that you do provide us with Personal Information, we wish to maintain accurate Personal Information. If you would like to delete or correct any other of your Personal Information that we may be storing, you may submit a request to us by sending an email to email@example.com. Your email should include adequate details of your request.
Collection of Information by Third-Party Websites.
Links to Other Websites.
The Service may contain links to third party websites that are not owned or controlled by us. We are not responsible for the privacy practices or the content of such other third party websites, and you visit them at your own risk.
The security of your Personal Information is important to us. We follow generally accepted industry standards, including the use of appropriate administrative, physical and technical safeguards, to protect the Personal Information submitted to us. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while we strive to use commercially acceptable means to protect Personal Information, we cannot guarantee its absolute security or confidentiality. If you have any questions about security, you can contact us at firstname.lastname@example.org.
Please be aware that certain Personal Information and other information provided by you in connection with your use of the App may be stored on your device (even if we do not collect that information). You are solely responsible for maintaining the security of your device from unauthorized access.
Merger, Sale or Bankruptcy.
If we are acquired by or merged with a third party entity, or if we are subject to a bankruptcy or any comparable event, we reserve the right to transfer or assign Personal Information in connection therewith.
Notice to California Residents
If you are a California resident, California law may provide you with additional rights regarding our use of your personal information. To learn more about your California privacy rights, visit: /terms-and-conditions-of-use/CCPA-notice-for-California-residents/
California Online Privacy Protection Act Notice
On September 27, 2013, California enacted A.B. 370, amending the California Online Privacy Protection Act to require website operators like us to disclose how we respond to “Do Not Track Signals”; and whether third parties collect personally identifiable information about users when they visit us.
(1) We do not track users, who do not interact with its sharing functionality across the web, and therefore do not use “do not track” signals.
(2) We do not authorize the collection of personally identifiable information from our users for third party use through advertising technologies without separate member consent.
California Civil Code Section 1798.83 also permits our customers who are California residents to request certain information regarding our disclosure of Personal Information to third parties for their direct marketing purposes. To make such a request, please send an email to email@example.com. Please note that we are only required to respond to one request per customer each year.Personal Information Access and Corrections
Upon receipt of User’s written request and upon Crave’s receipt of enough information to permit Crave to identify User’s Personal Information, Crave will disclose to User the Personal Information Crave holds about User. Crave will also correct, amend or delete any Personal Information that is inaccurate and notify any third party recipients of the necessary changes. User may update any information User has given to Crave by sending an email to firstname.lastname@example.org. Requests to delete Personal Information are subject to any applicable legal and ethical reporting or document retention obligations imposed on Crave.
Notice to Residents of the European Economic Area
If you elect not to provide Personal Information
You may choose not to provide Crave with your Personal Information. However, if you choose not to provide your Personal Information, you may not be able to use our Services, as the processing of this information is necessary for the performance of our Services
How to exercise your rights
Crave takes steps to keep your Personal Information accurate and up to date. If you reside in the European Economic Area, you have certain rights to the Personal Information that we have collected about you. To exercise your rights to your Personal Information, please contact us at GDPRcori@joincrave.com or at the address listed below. Subject to applicable law and in exceptional circumstances only, we may charge for this service and we will respond to reasonable requests as soon as practicable, and in any event, within the time limits prescribed by law.
Right to lodge a complaint before the Data Protection Authority
We encourage you to contact us directly and allow us to work with you to address your concerns. Nevertheless, you have the right to lodge a complaint with a competent data protection supervisory authority, in particular in the EU Member State where you reside, work or the place of the alleged infringement. You have the right to do so if you consider that the processing of Personal Information relating to you infringes applicable data protection laws.
Changes to this Notice to Residents of the European Economic Area
In order to enhance our Services it might be necessary to change this Notice to Residents of the European Economic Area from time to time. We therefore reserve the right to modify this Notice to Residents of the European Economic Area in accordance with the applicable data protection laws. Please visit our Website from time to time for information on updates to this Notice to Residents of the European Economic Area.
How to contact us or our privacy office as a Resident of the European Economic Area
In case of questions about the processing of your Personal Information please contact us at GDPRcori@joincrave.com
If we are required under applicable law to appoint a data protection officer (DPO), you can contact the DPO that is responsible for your country/region at GDPRcori@joincrave.com.
Our Accountability/Dispute Resolution
Crave Service: International Users
In the event Crave goes through a business transition, such as a merger, acquisition by another organization, or sale of all or a portion of its assets, User’s Personal Information might be among the assets transferred. User will be notified via this Website of any such change in ownership or control of User’s Personal Information.
- Crave, Inc.
- Attention: Privacy Officer
- Bucharest, Romania, Gherghitei street, no 1, bloc 94B, lot 1, Ground floor, sector 2
CRAVE, INC. Notice of Privacy Practices
THIS NOTICE DESCRIBES HOW YOUR MEDICAL INFORMATION MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.
This Notice of Privacy Practices is mandated by the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). It describes how we may use and disclose your protected health information to carry out treatment, payment or health care operations and for other purposes that are permitted or required by law. It also describes your rights to access and control your protected health information. “Protected health information” is information about you, including demographic information, that may identify you and that relates to your past, present or future physical or mental health or condition; related health care services; or related to the past, present, or future payment for the provision of health care to you.
We are required to abide by the terms of this Notice of Privacy Practices. We may change the terms of our notice at any time. Any such new notice will be effective for all protected health information that we maintain at that time. Upon your request, you may obtain any revised Notice of Privacy Practices by calling us and requesting that a revised copy be sent to you in the mail or asking for one at the time of your next visit. You acknowledge receipt of this notice by accepting Terms & Conditions for using the Services provided by Crave.
1. Uses and Disclosures of Protected Health Information
USES AND DISCLOSURES OF PROTECTED HEALTH INFORMATION BASED UPON YOUR WRITTEN CONSENT
Your protected health information may be used and disclosed by Crave, Inc. and its affiliates (collectively, “Crave”) and others outside Crave that are involved in your care and treatment for the purpose of providing health care services to you. Your protected health information may also be used and disclosed as necessary to pay health care bills and to otherwise support the operation of Crave. Set forth below are examples of the types of uses and disclosures of your protected health care information that Crave is permitted to make. These examples are not meant to be exhaustive, but rather to describe for you the types of uses and disclosures that may be made by Crave
Payment: Your protected health information may be used, as needed, to obtain payment for your health care services. For example, obtaining approval for a hospital stay may require that your relevant protected health information be disclosed to by our health plan to obtain approval for the hospital admission.
Healthcare Operations: We may use or disclose, as needed, your protected health information in order to support the normal business activities of Crave. Examples of these activities include, but are not limited to, quality assessment activities, employee review activities, training, licensing, and conducting or arranging for other business activities.
We also may need to share your protected health information with certain of our “business associates” or other third parties that perform various activities (e.g., billing, coordinating care, transcribing records) for Crave. Whenever an arrangement between Crave and a business associate involves the use or disclosure of your protected health information, we will have in place the legally required safeguards to protect the privacy of your health information.
USES AND DISCLOSURES OF PROTECTED HEALTH INFORMATION BASED UPON YOUR WRITTEN AUTHORIZATION
Other uses and disclosures of your protected health information will be made only with your written authorization, unless otherwise permitted or required by law as described below. You may revoke your authorization, at any time, in writing, except to the extent that Crave has taken an action in reliance on the use or disclosure indicated in the authorization.
OTHER USES AND DISCLOSURES THAT MAY BE MADE AND TO WHICH YOU MAY AGREE OR OBJECT
In the circumstances listed below, you may agree or object to the use or disclosure of the protected health information in the manner described. In the absence of agreement or objection, Crave may, using professional judgment, determine whether the disclosure of health information is in your best interest. If such a determination is made, only the protected health information that is relevant to your health care will be disclosed.
Others Involved in Your Healthcare: Unless you object, we may disclose to a member of your family, a relative, a close friend or any other person you identify, your protected health information that directly relates to that person’s involvement in your health care. If you are unable to agree or object to such a disclosure, we may disclose such information as necessary if we determine that it is in your best interests, based on our professional judgment. We may use or disclose protected health information to notify or assist in notifying a family member, personal representative or any other person that is responsible for your care of your location, general condition or death. Finally, we may use or disclose your protected health information to an authorized public or private entity to assist in disaster relief efforts and to coordinate uses and disclosures to family or other individuals involved in your health care.
Emergencies: In an emergency treatment situation, we may have to use or disclose your protected health information in a context in which consent for the release of information has not already been given. If this happens, Crave will try to obtain your consent to the release of information as soon as reasonably practicable after the delivery of the treatment. If Crave is required to treat you and has attempted to obtain your consent but is unable to obtain your consent, it may still use or disclose your protected health information to treat you.
OTHER PERMITTED AND REQUIRED USES AND DISCLOSURES THAT MAY BE MADE WITHOUT YOUR CONSENT, AUTHORIZATION OR OPPORTUNITY TO OBJECT
There are other circumstances in which we may have to use or disclose your protected health information, even without your consent or authorization. These situations include:
Communication Barriers: If Crave attempts to obtain consent from you but is unable to do so due to substantial communication barriers and Crave determines, using professional judgment, that you would consent to the use or disclosure under the circumstances, we may use and disclose your protected health information
Disclosure Required By Law: We may use or disclose your protected health information to the extent that the use or disclosure is required by law. The use or disclosure will be made in compliance with the law and will be limited to the relevant requirements of the law. You will be notified, as required by law, of any such uses or disclosures.
Public Health: We may disclose your protected health information for public health activities and purposes to a public health authority that is permitted by law to collect or receive the information. The disclosure will be made for the purpose of controlling disease, injury or disability. We may also disclose your protected health information, if directed by the public health authority, to a government agency that is collaborating with the public health authority.
Communicable Diseases: We may disclose your protected health information, if authorized by law, to a person who may have been exposed to a communicable disease or may otherwise be at risk of contracting or spreading the disease or condition.
Health Oversight: We may disclose protected health information to a health oversight agency for activities authorized by law, such as audits, investigations, and inspections. Oversight agencies seeking this information include government agencies that oversee the health care system, government benefit programs, other government regulatory programs and civil rights laws.
Abuse or Neglect: We may disclose your protected health information to a government authority that is authorized by law to receive reports of child abuse or neglect. In addition, we may disclose your protected health information if we believe that you has been a victim of abuse, neglect or domestic violence to the governmental entity or agency authorized to receive such information. In this case, the disclosure will be made consistent with the requirements of applicable federal and state laws.
Food and Drug Administration: We may disclose your protected health information to a person or company required by the Food and Drug Administration to report adverse events, product defects or problems, biologic product deviations, track products; to enable product recalls; to make repairs or replacements; or to conduct post marketing surveillance, as required.
Legal or Administrative Proceedings or Investigations: We may disclose protected health information in the course of any judicial or administrative proceeding or investigation, in response to an order of a court or administrative tribunal (to the extent such disclosure is expressly authorized), in certain conditions in response to a subpoena, discovery request or other lawful process or request.
Law Enforcement: We may disclose protected health information, so long as applicable legal requirements are met, for law enforcement purposes. These law enforcement purposes include requests: (1) pursuant to legal processes or as otherwise required by law; (2) for limited information for identification and location purposes; (3) pertaining to potential victims of a crime; (4) relating to suspicion that a death has occurred as a result of criminal conduct; (5) in the event that a crime occurs at Crave ; or (6) relating to a medical emergency (not at Crave ) and it is necessary to alert law enforcement regarding a potential crime.
Coroners, Funeral Directors, and Organ Donation: We may disclose protected health information to a coroner or medical examiner for identification purposes, determining cause of death or for the coroner or medical examiner to perform other duties authorized by law. We may also disclose protected health information to a funeral director, as authorized by law, in order to permit the funeral director to carry out his/her duties. We may disclose such information in reasonable anticipation of death. protected health information may be used and disclosed for cadaveric organ, eye or tissue donation purposes.
Threat to Public Safety: Consistent with applicable federal and state laws, we may disclose your protected health information, if we believe that the use or disclosure is necessary to prevent or lessen a serious and imminent threat to the health or safety of a person or the public. We may also disclose protected health information if it is necessary for law enforcement authorities to identify or apprehend an individual.
Research. We may use or disclose your protected health information without your consent or authorization if an Institutional Review Board or Privacy Board approves a waiver of authorization for such disclosure.
Information Not Personally Identifiable. We may use or disclose your protected health information in ways that do not personally reveal your identity.
2. Your Rights
If you are a resident of the European Economic Area (“EEA”), you have certain data protection rights and we aim to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Information. If you wish to be informed what Personal Information we hold about you and if you want it to be removed from our systems, please contact us. In certain circumstances, you have the following data protection rights:
- (i) You have the right to withdraw consent where you have previously given your consent to the processing of your Personal Information. To the extent that the legal basis for our processing of your Personal Information is consent, you have the right to withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing before the withdrawal.
- (ii) You have the right to learn if your Personal Information is being processed by us, obtain disclosure regarding certain aspects of the processing, and obtain a copy of your Personal Information undergoing processing.
- (iii) You have the right to verify the accuracy of your information and ask for it to be updated or corrected. You also have the right to request us to complete the Personal Information you believe is incomplete.
- (iv) You have the right to object to the processing of your information if the processing is carried out on a legal basis other than consent. Where Personal Information is processed for the public interest, in the exercise of an official authority vested in us, or for the purposes of the legitimate interests pursued by us, you may object to such processing by providing a ground related to your particular situation to justify the objection.
- (v) You have the right, under certain circumstances, to restrict the processing of your Personal Information. These circumstances include: the accuracy of your Personal Information is contested by you and we must verify its accuracy; the processing is unlawful, but you oppose the erasure of your Personal Information and request the restriction of its use instead; we no longer need your Personal Information for the purposes of processing, but you require it to establish, exercise or defend your legal claims; you have objected to processing pending the verification of whether our legitimate grounds override your legitimate grounds. Where processing has been restricted, such Personal Information will be marked accordingly and, with the exception of storage, will be processed only with your consent or for the establishment, to exercise or defence of legal claims, for the protection of the rights of another natural, or legal person or for reasons of important public interest.
- (vi) You have the right, under certain circumstances, to obtain the erasure of your Personal Information from us. These circumstances include: the Personal Information is no longer necessary in relation to the purposes for which it was collected or otherwise processed; you withdraw consent to consent-based processing; you object to the processing under certain rules of applicable data protection law; the processing is for direct marketing purposes; and the personal data have been unlawfully processed. However, there are exclusions of the right to erasure such as where processing is necessary: for exercising the right of freedom of expression and information; for compliance with a legal obligation; or for the establishment, to exercise or defense of legal claims.
- (vii) You have the right to receive your Personal Information that you have provided to us in a structured, commonly used, and machine-readable format and, if technically feasible, to have it transmitted to another controller without any hindrance from us, provided that such transmission does not adversely affect the rights and freedoms of others.
- (viii) You have the right to complain to a data protection authority about our collection and use of your Personal Information. If you are not satisfied with the outcome of your complaint directly with us, you have the right to lodge a complaint with your local data protection authority. For more information, please contact your local data protection authority in the EEA. This provision is applicable provided that your Personal Information is processed by automated means and that the processing is based on your consent, on a contract which you are part of, or on pre-contractual obligations thereof.
California privacy rights
Consumers residing in California are afforded certain additional rights with respect to their Personal Information under the California Consumer Privacy Act (“CCPA”). If you are a California resident, this section applies to you.
In addition to the rights as explained in this Policy, California residents who provide Personal Information as defined in the statute to obtain Services for personal, family, or household use are entitled to request and obtain from us, once a calendar year, information about the categories and specific pieces of Personal Information we have collected and disclosed.
Furthermore, California residents have the right to request deletion of their Personal Information or opt-out of the sale of their Personal Information which may include selling, disclosing, or transferring Personal Information to another business or a third party for monetary or other valuable consideration. To do so, simply contact us. We will not discriminate against you if you exercise your rights under the CCPA.
3. Electronic Communications
You may always contact us at email@example.com and choose to communicate with us electronically. However, we warn you that we can make no guarantee that the email will be or will remain encrypted during the data transfer, and that there may be some level of risk that the information in the email could be read by a third party. By communicating with us via email, and, especially by making a request(s) to receive your information via unencrypted email, you acknowledge that you are aware that email is not a secure method of communication, and that you agree to the risks.
You may complain to us or to the Secretary of Health and Human Services if you believe your privacy rights have been violated by us. You may file a complaint with us by notifying our Privacy Contact of your complaint. We will not retaliate against you or you for the filing of such a complaint.
You may reach our Privacy Officer at Andrada@simple.ro or contact us at firstname.lastname@example.org and we can provide further information about this Notice and the policies and procedures set forth herein.