Effective Date: February 28, 2020
2. Information We Collect and How We Use It
Personal Account Information: If you choose to sign-up for our subscription box service, or engage in other transactions or activities (for example surveys or sweepstakes entries, among other things), or sign up for other services, on our Services, you will be asked to provide the following basic information: your name, your e-mail address, your mailing address, your telephone number and your credit card or other payment information.
We need these categories of information in order to enter into a transaction agreement with you to provide you with the goods or services you have requested.
You may also choose to provide some information about your product preferences, tastes or individual characteristics, which we will use to customize the goods or services you have requested, and to validate your prior membership activity.
As part of our agreement with you, we may use Personal Account Information to contact you or send you notifications about products and services that you have ordered. We may also, on the basis of your consent or our legitimate business interests, send you notifications about products and services that we otherwise think may be of interest to you. You can withdraw your consent at any time by using the opt-out mechanism in the notification or contacting us directly.
FabFitFun uses Technical Data for the following legitimate business purposes:
(a) to diagnose and prevent service or technology problems that are associated with the IP addresses;
(b) to help us provide you with customized content and promotions that match your stated preferences;
(c) to prepare geographical or other statistical data to help us better serve our Users;
(d) to create new features, promotions, and services in connection with the Services;
(e) to measure the effectiveness of our advertising campaigns;
(f) to monitor the use of the Services;
(g) to confirm that Users have visited previously;
(h) to keep track of the status of your shopping cart; and
(i) to perform other functions on the Services.
Referral Information: We often invite Users to tell a friend about our products or services. Where permitted, you may provide us with your friend’s name and email address (“Referral Information”). We will automatically send your friend emails inviting them to subscribe to FabFitFun’s box program or other product or service, and we will typically include a discount or other promotion to encourage your friend to become a User or customer. Your friend may opt-out of future marketing emails by clicking the “unsubscribe” link within the invitation and may contact us at firstname.lastname@example.org to request that we remove their information from our database.
3. Disclosure of your Information
Unless otherwise disclosed at the time of collection of information, FabFitFun does not share Personal Account Information, Technical Data, or Referral Information with third parties for their own direct marketing purposes. We may, however, use your information to send you advertisements or display our targeted advertisements when you visit other web properties. FabFitFun will only provide your information to those web publishers or their advertising intermediaries in order for them to display the relevant FabFitFun ad to you and pursuant to a service provider contract limiting their use and disclosure of your information.
FabFitFun may also provide your information to service-providers who provide marketing insights, such as lookalike models or other statistical research. FabFitFun may also provide general demographic, aggregated, or deidentified information about Users and customers and their preferences to advertisers and other existing or prospective business partners.
In addition, FabFitFun reserves the right to share Personal Account Information, Technical Data, and Referral Information with authorized third parties if:
(a) we believe we are required to do so in accordance with a law or to respond to a subpoena, court order, or other lawful request by a public authority, including to meet national security or law enforcement requirements;
(c) we believe that such disclosure is necessary or appropriate to take precautions against liability;
(d) we believe that such disclosure is necessary or appropriate to investigate and defend ourselves against any third-party claims or allegations;
(e) we believe that such disclosure is necessary or appropriate to assist government agencies;
(f) we believe that such disclosure is necessary or appropriate to protect the security or integrity of the Services;
(g) we believe that such disclosure is necessary or appropriate to protect the rights, safety or property of FabFitFun, our Users or others; or
4. Third-Party Advertising
Advertisers may download cookies onto your computer, or use other technology like web beacons, to enable them to recognize your computer each time they send you an advertisement even when you are visiting another site. As a result, the advertiser would have the ability to deliver targeted advertisements that they believe would be of most interest to you. FabFitFun does not have access to or control of the cookies that may be placed on your computer by third-party advertisers.
In some instances you can opt-out of receiving personalized ads from third party advertisers and ad networks. Advertisers and ad networks that are members of the Network Advertising Initiative (NAI) or who follow the Digital Advertising Alliance’s Self-Regulatory Principles for Online Behavioral Advertising provide opt-out choices at the following websites:
We take reasonable and appropriate measures to help keep information secure and to help prevent it from becoming disclosed. Even though we follow reasonable procedures to try to protect the information in our possession, no security system is perfect so we cannot guarantee, and you should not expect, that your information will be secure in all circumstances.
We do not collect, use, or disclose your Personal Account Information in any ways or for any purposes that are materially different from those set forth herein. However, if we wish to do so in the future, we will obtain your consent first, and offer you the choice to opt-out of such collection, use, or disclosure.
7. Data Quality, Access, and Rectification
We will make reasonable efforts to ensure your Personal Account Information is accurate and complete and we will update or correct your information as needed when notified by you. In addition, you can manage your Personal Account Information through your FabFitFun account. If you would like to request access to your personal information, request to verify your personal information, identify any inaccuracy in your personal information, or change your personal information in any way, please contact us. Users in the United Kingdom or European Economic Area have the additional rights to request erasure of, restrict the processing of, or object to certain processing of their personal information, as well as to data portability. Please contact us at GDPRDSR@fabfitfun.com or our United Kingdom and EU Representative at email@example.com if you wish to exercise these rights.
We will keep your Personal Account Information in active files or systems as long as needed to meet the purposes for which it was collected or to fulfill the other purposes outlined herein.
9. International Transfers
10. Privacy Shield
11. Other Sites
12. Changes to this Policy
13. How We Communicate with You
14. Do Not Track Signals: Some web browsers and devices allow you to broadcast a preference that your activities online not be “tracked”. At this time, our Services do not take action in response to “do not track” signals.
15. Children: We do not provide products and services to children. We do not knowingly collect or solicit information from children under the age of 13.
If you are a parent or guardian of a child under the age of thirteen (13) and believe he or she has disclosed personally identifiable information to us, please contact us at firstname.lastname@example.org.
A parent or guardian of a child under the age of thirteen (13) may review and request deletion of a child’s personally identifiable information as well as prohibit the use thereof. If we become aware that a child under 13 has provided us with personal information, we take steps to remove that information and terminate the child’s account.
16. Your California Privacy Rights: Effective January 1, 2020, the California Consumer Privacy Act of 2018 (CCPA) affords California residents (i) the right to request disclosure of data collection and sales practices in connection with the requesting consumer, including the categories of personal information collected, the source of the information, use of the information and, if the information was disclosed or sold to third parties, the categories of personal information disclosed or sold to third parties and the categories of third parties to whom such information was disclosed or sold; (ii) the right to request a copy of the specific personal information collected about the requesting consumer during the 12 months before their request (together with right (i), a “request to know”); (iii) the right to have such information deleted, subject to certain exceptions; (iv) the right to request that their personal information not be sold to third parties, if applicable; and (v) the right not to be discriminated against because they exercised any of these rights.
California residents (or their designated authorized agents) may submit a request to know or a deletion request via email to email@example.com or by calling our toll-free number 855-313-6267.
We may need to collect information from the requesting party to verify their identity or their status as an authorized agent, as the case may be, and may use a two-step process to confirm requests to delete. We will confirm receipt of your request within 10 days and will respond in full within 45 days (subject to an additional 45-day extension in certain circumstances). We are only obligated to respond to a request to know twice within a 12-month period.
We collect and use the categories of personal information set forth in Section 2 above for the business or commercial purposes described therein. Section 3 describes the categories of third parties with whom we share personal information, and what information may be shared under different circumstances. We do not disclose or sell personal information to third-parties for their “business purposes” or “commercial purposes” as such terms are defined in the CCPA, nor do we offer financial incentives associated with our collection, use, or disclosure of your personal information.
Separate from the CCPA, residents of the State of California, under California’s “shine the light” law, have the right to request from companies conducting business in California a list of all third-parties to which the company has disclosed certain personally identifiable information as defined under California law during the preceding year for third-party direct marketing purposes. FabFitFun does not disclose personally identifiable information to third-parties for their direct marketing purposes.
17. Changing and Deleting: You may access your Personal Account Information through your profile on our Services and delete, change, or modify certain information. For additional assistance with modifying or deleting information provided to our Services, contact us at firstname.lastname@example.org.
18. Direct Mail: To opt-out of receiving our direct mail or catalogs, you may send us an email at email@example.com or call us at 855-313-6267.
19. Questions or Complaints