Hello. This browser is no longer supported.
Please consider upgrading to the latest version of Google Chrome or Mozilla Firefox.

Privacy Policy

Last Updated: August 2nd, 2023

Please click here to view the previous version of our Privacy Policy.

This Privacy Policy describes the privacy practices of Hum Nutrition Inc. ("Hum Nutrition," "we", “us” or "our") and how we handle personal information that we collect through our digital properties that link to this Privacy Policy, including our humnutrition.com, humnutrition.co.uk, and humnutrition.de websites (collectively, the “Service”), as well as through social media, our marketing activities, our events and other activities described in this Privacy Policy. Where the processing on our websites varies, we note this in this Privacy Policy.  

We provide important information for individuals located in the European Economic Area and United Kingdom (collectively, “Europe”, and “European” should be understood accordingly) below.

Personal information we collect

Information you provide to us.  Personal information you may provide to us through the Service or otherwise includes:

  • Contact data, such as your first and last name, email address, billing and mailing addresses, and phone number.

  • Demographic Information, such as your city, state, country of residence, postal code, gender, and age.

  • Profile data, such as the username and password that you may set to establish an online account with us, interests, preferences, information about your participation in our promotions or surveys, and any other information that you add to your account profile.  

  • Health-related data, such as information about your nutritional needs, your physical measurements, health concerns, dietary preferences, and other information about your health that you choose to provide to us (e.g. through taking an optional quiz, which is designed to help match you with our most effective products available through the Service).

  • Communications that we exchange with you, including when you contact us with questions or feedback, through the Service, social media, or otherwise.

  • Transactional data, such as information relating to or needed to complete your orders on or through the Service, including order numbers, credit card information, and transaction history.

  • Marketing data, such as your preferences for receiving our marketing communications and details about your engagement with them.

  • Other data not specifically listed here, which we will use as described in this Privacy Policy or as otherwise disclosed at the time of collection.

Third-party sources. We may combine personal information we receive from you with personal information we obtain from other sources, such as:

  • Public sources, such as social media platforms and other publicly available sources.

  • Data providers, such as information services and data licensors that provide demographic and other information.

  • Our affiliate partners, such as our affiliate network provider and publishers.

  • Marketing partners, such as joint marketing partners and event co-sponsors.

Automatic data collection.  We, our service providers, and our business partners may automatically log information about you, your computer or mobile device, and your interaction over time with the Service, our communications and other online services, such as:

  • Device data, such as your computer’s or mobile device’s operating system type and version, manufacturer and model, browser type, screen resolution, RAM and disk size, CPU usage, device type (e.g., phone, tablet), IP address, unique identifiers (including identifiers used for advertising purposes), language settings, mobile device carrier, radio/network information (e.g., Wi-Fi, LTE, 3G), and general location information such as city, state or geographic area.

  • Online activity data, such as pages or screens you viewed, how long you spent on a page or screen, the website you visited before browsing to the Service, navigation paths between pages or screens, information about your activity on a page or screen, access times and duration of access, and whether you have opened our marketing emails or clicked links within them.

  • Location data when you authorize the Service to access your device’s location.

Cookies. Some of our automatic data collection is facilitated by cookies and similar technologies. For more information, see our Cookie Notice.

Data about others. Users of the Service may have the opportunity to refer friends or other contacts to us and share their contact information with us. Please do not refer someone to us or share their contact information with us unless you have their permission to do so.

Session-replay technologies, such as those provided by Noibu who employs software code to record users’ interactions with the Service in a manner that allows us to watch video replays of those user sessions. The replays include users’ clicks, mobile app touches, mouse movements, scrolls, keystrokes and key touches during those sessions. These replays help us diagnose usability problems and identify areas for improvement. You can learn more about Noibu at https://noibu.com/privacy-policy/ and Noibu provides information about how users can disable session tracking here: Session Search FAQ.

How we use your personal information

We may use your personal information for the following purposes or as otherwise described at the time of collection:

Service delivery. We may use your personal information to:

  • provide, operate and improve the Service and our business;

  • establish and maintain your user profile on the Service;

  • facilitate your invitations to friends who you want to invite to join the Service;

  • to process and deliver orders placed on our website;

  • communicate with you about the Service, including by sending announcements, updates, security alerts, and support and administrative messages;

  • understand your needs and interests, and personalize your experience with the Service and our communications; and

  • provide support for the Service, and respond to your requests, questions and feedback.

Research and development.  We may use your personal information for research and development purposes, including to analyze and improve the Service and our business.  

Marketing and advertising.  We, our service providers and our third-party advertising partners may collect and use your personal information for marketing and advertising purposes:

  • Direct marketing. We may send you Hum Nutrition-related or other direct marketing communications, including tailored product recommendations based on your quiz responses, as permitted by law and with your consent (where required).  You may opt-out of our marketing communications as described in the Opt-out of marketing section below. 

  • Interest-based advertising.  We may engage third-party advertising companies and social media companies to display ads on our Service and other online services. These companies may use cookies and similar technologies to collect information about your interaction (including the data described in the automatic data collection section above) over time across the Service, our communications and other online services, and use that information to serve online ads that they think will interest you.  This is called interest-based advertising. We may also share information about our users with these companies to facilitate interest-based advertising to those or similar users on other online platforms. You can learn more about your choices for limiting interest-based advertising in the Your choices section of our Cookie Notice.

Third Party Pixels and Cookies:

When you visit our website, log in, register or open an email, cookies, ad beacons, and similar technologies may be used by our online data partners or vendors to associate these activities with the information they or others have about you, including your email address. We (or service providers on our behalf) may then send communications and marketing to these email addresses. You may opt out of receiving this advertising by visiting https://app.retention.com/optout. This information can also be found here: https://retention.com/support/update-privacy-policy/"

Compliance and protection.  We may use your personal information to:

  • comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities;

  • protect our, your or others’ rights, privacy, safety or property (including by making and defending legal claims);

  • audit our internal processes for compliance with legal and contractual requirements or our internal policies;

  • enforce the terms and conditions that govern the Service; and

  • prevent, identify, investigate and deter fraudulent, harmful, unauthorized, unethical or illegal activity, including cyberattacks and identity theft.  

With your consent.  In some cases, we may specifically ask for your consent to collect, use or share your personal information, such as when required by law. 

To create anonymous, aggregated or de-identified data.  We may create anonymous, aggregated or de-identified data from your personal information and other individuals whose personal information we collect.  We make personal information into anonymous, aggregated or de-identified data by removing information that makes the data identifiable to you.  We may use this anonymous, aggregated or de-identified data and share it with third parties for our lawful business purposes, including to analyze and improve the Service and promote our business.  

How we share your personal information

We may share your personal information with the following parties and as otherwise described in this Privacy Policy or at the time of collection.  

Affiliates.  Our corporate parent, subsidiaries, and affiliates, for purposes consistent with this Privacy Policy.

Service providers.  Third parties that provide services on our behalf or help us operate the Service or our business (such as hosting, information technology, customer support, email delivery, marketing, and website analytics).

Payment processors. Any payment card information you use to make a purchase on the Service is collected and processed directly by our payment processors, such as Authorize.Net LLC.

Advertising partners.  Third-party advertising companies for the interest-based advertising purposes described above.

Business and marketing partners. Third parties with whom we collaborate on joint activities, with whom we have entered into joint marketing relationships or other joint ventures, or who we think may offer you products or services that you may enjoy.

Professional advisors.  Professional advisors, such as lawyers, auditors, bankers and insurers, where necessary in the course of the professional services that they render to us.

Authorities and others. Law enforcement, government authorities, and private parties, as we believe in good faith to be necessary or appropriate for the compliance and protection purposes described above.

Business transferees.  Acquirers and other relevant participants in business transactions (or negotiations and diligence for such transactions) involving a corporate divestiture, merger, consolidation, acquisition, reorganization, sale or other disposition of all or any portion of the business or assets of, or equity interests in, Hum Nutrition or our affiliates (including, in connection with a bankruptcy or similar proceedings).  

Your choices

You have the following choices with respect to your personal information. Users who are located within Europe can find additional information about their rights in the Notice to European users.

Access or update your information. If you have registered for an account with us through the Service, you may review and update certain account information by logging into the account.

Opt-out of marketing communications.  You may opt-out of marketing-related emails by following the opt-out or unsubscribe instructions at the bottom of the email, or by contacting us.  Please note that if you choose to opt-out of marketing-related emails, you may continue to receive service-related and other non-marketing emails.  

If you receive marketing text messages from us, you may opt out of receiving further marketing text messages from us by replying STOP to our marketing message. You may also text STOP to 74832.

Cookies. For information about cookies employed by the Service and how to control them, see our Cookie Notice.

Mobile location data.  You can disable our access to your device’s precise geolocation in your mobile device settings.

Advertising choices.   You can limit use of your information for interest-based advertising by:

  • Browser settings.  Blocking third-party cookies in your browser settings.

  • Privacy browsers/plug-ins. By using privacy browsers or ad-blocking browser plug-ins that let you block tracking technologies.

  • Platform settings. Google and Facebook offer opt-out features that let you opt-out of use of your information for interest-based advertising:

  • Ad industry tools.  Opting out of interest-based ads from companies participating in the following industry opt-out programs:

  • Mobile settings.  Using your mobile device settings to limit use of the advertising ID associated with your mobile device for interest-based advertising purposes.

You will need to apply these opt-out settings on each device from which you wish to opt-out.  

Please note that we also may work with companies that offer their own opt-out mechanisms and may not participate in the opt-out mechanisms that we linked to above.

Do Not Track.  Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit.  We currently do not respond to “Do Not Track” or similar signals.  To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.

Declining to provide information. We need to collect personal information to provide certain services.  If you do not provide the information we identify as required or mandatory, we may not be able to provide those services.

Third-party platforms. If you choose to connect to the Service through your social media account or other third-party platform, you may be able to use your settings in your account with that platform to limit the information we receive from it. If you revoke our ability to access information from a third-party platform, that choice will not apply to information that we have already received from that third party.

Other sites and services

The Service may contain links to websites, mobile applications, and other online services operated by third parties (for example, the websites of third-party retailers or distributors of our products websites we link to from the Service).  In addition, our content may be integrated into web pages or other online services that are not associated with us.  These links and integrations are not an endorsement of, or representation that we are affiliated with, any third party.  We do not control websites, mobile applications or online services operated by third parties, and we are not responsible for their actions. We encourage you to read the privacy policies of the other websites and mobile applications and online services you use.

Security

We employ a number of technical, organizational and physical safeguards designed to protect the personal information we collect.  However, security risk is inherent in all internet and information technologies and we cannot guarantee the security of your personal information.

International data transfer

We are headquartered in the United States and may use service providers that operate in other countries. We may transfer your personal information to the United States or other locations where privacy laws may not be as protective as those in your country, state, or province.  

For details on how we transfer the personal information of our European users, please see the Notice to European users.

Children 

The Service is not intended for use by those under the age of 18. Also, if we learn that we have collected personal information through the Service from a person who is a “child” for the purposes of applicable data protection laws without the consent of that child’s parent or guardian as required by law, we will delete it.

We encourage parents or guardians with concerns to contact us.

For reference, we define “children” and “child” for these purposes as follows:

  • Residents outside of Europe: anyone under 13 years old; and

  • Residents of Europe: anyone under 16 years old or the age needed to consent to the processing of personal information in their country of residence.

Changes to this Privacy Policy

We reserve the right to modify this Privacy Policy at any time. If we make material changes to this Privacy Policy, we will notify you by updating the date of this Privacy Policy and posting it on the Service. If required by law we will also provide notification of changes in another way that we believe is reasonably likely to reach you, such as via email or another manner through the Service.  Any modifications to this Privacy Policy will be effective upon our posting the modified version (or as otherwise indicated at the time of posting).

Your use of the Service after the effective date of any modified Privacy Policy indicates your acceptance of, or due notice of the information contained in, the modified Privacy Policy if and as required by law.

How to contact us

  • Email: privacy@humnutrition.com

  • Phone: (888)647-8880

Information for California residents / Your California privacy rights 

Scope.  This section applies only to California residents.  It describes how we collect, use, and share Personal Information of California residents in our capacity as a “business” under the California Consumer Privacy Act, as amended by the California Privacy Rights Act (“CCPA”) and their rights with respect to that Personal Information.  For purposes of this section, the term “Personal Information” has the meaning given in the CCPA but does not include information exempted from the scope of the CCPA.  In some cases, we may provide a different privacy notice to certain categories of California residents, such as job applicants, in which case that notice will apply instead of this section.

Your California privacy rights. As a California resident, you have the rights listed below. However, these rights are not absolute, and in certain cases we may decline your request as permitted by law.

  • Information.

    •   You can request the following information about how we have collected and used your Personal Information during the past 12 months:

    • The categories of Personal Information that we have collected.

    • The categories of sources from which we collected Personal Information.

    • The business or commercial purpose for collecting, disclosing, sharing and/or selling Personal Information.

    • The categories of third parties with whom Personal Information was sold, shared or disclosed for a business purpose.

    • Whether we have disclosed your Personal Information for a business purpose, and if so, the categories of Personal Information received by each category of third party recipient.

    • Whether we have sold or shared your Personal Information, and if so, the categories of Personal Information sold or shared by each category of third party recipient.

  • Access. You can request a copy of the Personal Information that we have collected about you during the past 12 months.

  • Deletion. You can ask us to delete the Personal Information that we have collected from you.

  • Correction. You can ask us to correct inaccurate Personal Information that we have collected about you.

  • Opt-out of sales and sharing.  You can opt-out any sale or sharing (as those terms are defined under CCPA) of your Personal Information.

  • Nondiscrimination. You are entitled to exercise the rights described above free from discrimination as prohibited by the CCPA.  

Right to information, access, correct and deletion. You may submit requests to exercise your right to information, access, correct or deletion by calling us toll free at 1-888-647-8880, or via email to privacy@humnutrition.com.  

Notice of right to opt-out of the “sale” or “sharing” of your Personal Information.  While we do not sell personal information for money, like many companies, we use services that help deliver interest-based ads to you.  Our use of some of these services may be classified under California law as a “sale” or “sharing” of your Personal Information to the advertising partners that provide the services because they collect information from our users (e.g., device data and online activity data) to help them serve ads more likely to interest you. You can request to opt-out out of this “sale” or “sharing” of your personal information here: Do Not Sell or Share My Personal Information.

Verification of identity; Authorized agents. We will need to verify your identity and California residency to process your information, access, correction and deletion.  We cannot process your request if you do not provide us with sufficient detail to allow us to understand and respond to it. To verify your identity, we may require government identification, a declaration under penalty of perjury or other information You can empower an “authorized agent” to submit requests on your behalf. We will require the authorized agent to have a written authorization confirming that authority. Please note that the CCPA limits your rights by, for example, prohibiting us from providing certain sensitive information in response to an access request and limiting the circumstances in which we must comply with a deletion request. If we deny your request, we will communicate our decision to you.

Information practices. The following describes our practices currently and during the past 12 months:

  • Sources and purposes. We collect all categories of Personal Information from the sources and use them for the business and commercial purposes described above in the Privacy Policy.

  • Sensitive personal information. We do not use or disclose sensitive personal information (as that term is defined under CCPA) for purposes that California residents have a right to limit under the CCPA.

  • Retention. The criteria for deciding how long to retain Personal Information is generally based on whether such period is sufficient to fulfill the purposes for which we collected it as described in this Privacy Policy, including complying with our legal obligations.  

  • Collection, disclosure, sales, and sharing of Personal Information. The chart below describes the Personal Information we collect by reference to the categories of personal information specified in the CCPA (Cal. Civ. Code §1798.140), and the categories of third parties to whom we disclose, sell, and share Personal Information. We have no actual knowledge that we have sold or shared the Personal Information of California residents under 16 years of age. The terms in the chart refer to the categories of information and third parties described above in this Privacy Policy in more detail. Information you voluntarily provide to us, such as in free-form webforms, may contain other categories of Personal Information not described below.  

Statutory category of personal information (PI) (Cal. Civ. Code § 1798.140)

PI we collect in this category (See Personal information we collect above for description)

Source of PI

Business/ commercial purpose for collection

Categories of third parties to whom we “disclose” PI for a business purpose

Categories of third parties to whom we “sell” or “share” PI

Identifiers

Contact data

Demographic information

Profile data

Health-related data

Data about others

You

Third-party sources

Service delivery

Research & development

Marketing & advertising

Compliance & protection

Affiliates

Service providers

Payment processors

Advertising partners

Professional advisors

Authorities and others

Business transferees

Business and marketing partners

Advertising partners (to facilitate online advertising)

Business and marketing partners

California Customer Records (as defined in California Civil Code section 1798.80)

Contact data

Demographic information

Transactional data

Data about others

You

Third-party sources

Service delivery

Research & development

Marketing & advertising

Compliance & protection

Affiliates

Service providers

Payment processors

Advertising partners

Professional advisors

Authorities and others

Business transferees

Business and marketing partners

Advertising partners (to facilitate online advertising)

Business and marketing partners

Commercial Information

Transactional data

Marketing data

Online activity data

You

Third-party sources

Automatic collection

Service delivery

Research & development

Marketing & advertising

Compliance & protection

Affiliates

Service providers

Payment processors

Advertising partners

Professional advisors

Authorities and others

Business transferees

Business and marketing partners

Advertising partners (to facilitate online advertising)

Business and marketing partners

Financial Information

Transactional data

You

Third-party sources

Service delivery

Research & development

Marketing & advertising

Compliance & protection

Affiliates

Payment processors

Professional advisors

Authorities and others

Business transferees

None

Online Identifiers

Profile data

Device data

You

Third-party sources

Automatic collection

Service delivery

Research & development

Marketing & advertising

Compliance & protection

Affiliates

Service providers

Payment processors

Advertising partners

Professional advisors

Authorities and others

Business transferees

Business and marketing partners

Advertising partners (to facilitate online advertising)

Business and marketing partners

Internet or Network Information

Marketing data

Device data

Online activity data

Automatic collection

Service delivery

Research & development

Marketing & advertising

Compliance & protection

Affiliates

Service providers

Payment processors

Advertising partners

Third parties designated by you

Professional advisors

Authorities and others

Business transferees

Business and marketing partners

Other users and the public

Advertising partners (to facilitate online advertising)

Business and marketing partners

Geolocation Data

Device data

Location data

Automatic collection

Service delivery

Research & development

Marketing & advertising

Compliance & protection

Affiliates

Service providers

Advertising partners

Professional advisors

Authorities and others

Business transferees

Business and marketing partners

Advertising partners (to facilitate online advertising)

Business and marketing partners

Inferences

May be derived from your:

Contact data

Demographic information

Health-related data

Profile data

Communications

Device data

Online activity data

N/A

Service delivery

Research & development

Marketing & advertising

Compliance & protection

Affiliates

Service providers

Advertising partners

Authorities and others

Business transferees

Business and marketing partners

Advertising partners (to facilitate online advertising)

Business and marketing partners

Notice to European users

The information provided in this Notice to European users applies only to individuals in the United Kingdom and the European Economic Area (i.e., “Europe” as defined above).

Controller.  Hum Nutrition is the controller of your personal information covered by this Privacy Policy for purposes of European data protection legislation (i.e., the EU GDPR and the UK GDPR (as and where applicable, the “GDPR”)).  See the Contact Us section above for contact details.

Our GDPR Representatives.  For users in the European Economic Area or United Kingdom, our representatives appointed under the UK GDPR and EU GDPR respectively are:

UK representative: Hum Nutrition (UK) Ltd

Email: ukrepresentative@humnutrition.com

Post: 3rd Floor 1 Ashley Road, Altrincham, Cheshire, United Kingdom, WA14 2DT

EU representative: DataRep

Email: datarequest@datarep.com

Post: See below details for all countries

Hum Nutrition Inc, which processes the personal data of individuals in the European Union and European Economic Area, in either the role of ‘data controller’ or ‘data processor’, has appointed DataRep as its Data Protection Representative for the purposes of GDPR*.

If Hum Nutrition Inc has processed or is processing your personal data, you may be entitled to exercise your rights under GDPR in respect of that personal data. For more details on the rights you have in respect of your personal data, please refer to the European Commission (https://ec.europa.eu/info/law/law-topic/data-protection/data-protection-eu_en) or the national Data Protection Authority in your country.

Hum Nutrition Inc takes the protection of personal data seriously, and has appointed DataRep as their Data Protection Representative in the European Union so that you can contact them directly in your home country. DataRep has locations in each of the 27 EU countries and Norway & Iceland in the European Economic Area (EEA), so that Hum Nutrition Inc’s customers can always raise the questions they want with them.

If you want to raise a question to Hum Nutrition Inc, or otherwise exercise your rights in respect of your personal data, you may do so by:

  • sending an email to DataRep at datarequest@datarep.com quoting <Hum Nutrition Inc> in the subject line,

  • contacting DataRep on its online webform at www.datarep.com/data-request, or

  • mailing your inquiry to DataRep at the most convenient of the addresses in the subsequent pages.

PLEASE NOTE: when mailing inquiries, it is ESSENTIAL that you mark your letters for ‘DataRep’ and not ‘Hum Nutrition Inc’, or your inquiry may not reach DataRep. Please refer clearly to Hum Nutrition Inc in your correspondence. On receiving your correspondence, Hum Nutrition Inc is likely to request evidence of your identity, to ensure your personal data and information connected with it is not provided to anyone other than you.

If you have any concerns over how DataRep will handle the personal data, please refer to DataRep’s privacy notice at www.datarep.com/privacy-policy.

Addresses. Please ensure request is addressed to DataRep and not Hum Nutrition Inc

DataRep, City Tower, Brückenkopfgasse 1/6. Stock, Graz, 8020, Austria DataRep, Place de L'Université 16, Louvain-La-Neuve, Waals Brabant, 1348, Belgium DataRep, 132 Mimi Balkanska Str., Sofia, 1540, Bulgaria DataRep, Ground & 9th Floor, Hoto Tower, Savska cesta 32, Zagreb, 10000, Croatia DataRep, Victory House, 205 Archbishop Makarios Avenue, Limassol, 3030, Cyprus DataRep, IQ Ostrava Ground floor, 28. rijna 3346/91, Ostrava-mesto, Moravska, Ostrava, Czech Republic DataRep, Lautruphøj 1-3, Ballerup, 2750, Denmark DataRep, 2nd Floor, Tornimae 5, Tallinn, 10145, Estonia DataRep, Luna House, 5.krs, Mannerheimintie 12 B, Helsinki, 00100, Finland DataRep, 72 rue de Lessard, Rouen, 76100, France DataRep, 3rd and 4th floor, Altmarkt 10 B/D, Dresden, 01067, Germany DataRep, 24 Lagoumitzi str, Athens, 17671, Greece DataRep, President Centre, Kálmán Imre utca 1, Budapest, 1054, Hungary DataRep, Kalkofnsvegur 2, 101 Reykjavík, Iceland DataRep, The Cube, Monahan Road, Cork, T12 H1XY, Republic of Ireland DataRep, Viale Giorgio Ribotta 11, Piano 1, Rome, Lazio, 00144, Italy DataRep, 4th & 5th floors, 14 Terbatas Street, Riga, LV-1011, Latvia DataRep, City Tower, Brückenkopfgasse 1/6. Stock, Graz, 8020, Austria DataRep, 44A Gedimino Avenue, 01110 Vilnius, Lithuania DataRep, BPM 335368, Banzelt 4 A, 6921, Roodt-sur-Syre, Luxembourg DataRep, Tower Business Centre, 2nd floor, Tower Street, Swatar, BKR4013, Malta DataRep, Cuserstraat 93, Floor 2 and 3, Amsterdam, 1081 CN, Netherlands DataRep, C.J. Hambros Plass 2c, Oslo, 0164, Norway DataRep, Budynek Fronton ul Kamienna 21, Krakow, 31-403, Poland DataRep, Torre de Monsanto, Rua Afonso Praça 30, 7th floor, Algès, Lisbon, 1495-061, Portugal DataRep, 15 Piaţa Charles de Gaulle, nr. 1-T, Bucureşti, Sectorul 1, 011857, Romania DataRep, Apollo Business Centre II, Block E / 9th floor, 4D Prievozska, Bratislava, 821 09, Slovakia DataRep, Trg. Republike 3, Floor 3, Ljubljana, 1000, Slovenia DataRep, Calle de Manzanares 4, Madrid, 28005, Spain DataRep, S:t Johannesgatan 2, 4th floor, Malmo, SE - 211 46, Sweden

Personal Data. For European users, references to your “personal information” in this Privacy Policy should be understood to include a reference to your “personal data” (as defined in the GDPR). So what is “personal data”? – essentially, personal data is information about an individual, from which that individual is either directly identified or can be identified.  It does not include ‘anonymous data’ (i.e., information where the identity of the relevant individual has been permanently removed and that individual is no longer identified or identifiable).

Legal bases for processing.  We use your personal information for the purposes listed below. In respect of each of the purposes for which we use your personal information, European data protection legislation requires us to ensure that we have a “legal basis” for that use. Our legal bases for processing your personal information described in this Privacy Policy are listed below.

  • Where we need to perform a contract, we are about to enter into or have entered into with you (“Contractual Necessity”).

  • Where it is necessary for our legitimate interests and your interests and fundamental rights do not override those interests (“Legitimate Interests”). More detail about the specific legitimate interests pursued in respect of each purpose we use your personal information for is set out in the table below.

  • Where we need to comply with a legal or regulatory obligation (“Compliance with Law”).

  • Where we have your specific consent to carry out the processing for the purpose in question (“Consent”).

For any special categories of personal data we process (e.g. data related to your health), we also have to establish a condition to processing such data, because it is considered to be more sensitive in nature – for example, we may look to obtain your explicit consent to the Processing of those special categories of personal data for one or more specified purposes (“Explicit Consent”).

We have set out below the legal bases we rely on in respect of the relevant purposes for which we use your personal information. The nature of the processing may vary between our websites.

Purpose

Category(ies) of personal information involved

Why do we do this

Our legal basis for this use of data

Account creation

Identity information

Profile data

Contact data

Demographic information

To establish and maintain your user profile on the Service

Contractual Necessity

Operate website/Service delivery

Identity information

Profile data

Contact data

Device data

Location data

Demographic information

Communications

To operate, maintain, administer and improve the website

To better understand your needs and interests, and personalize your experience with the website

To respond to your service-related requests, questions and feedback

Contractual Necessity

Legitimate Interests

We have a legitimate interest in providing you a good service, with updates on our website and related offers where you have purchased or shown interest in similar services from us

Payment processing

Identity information

Transactional data

To process and deliver orders placed on our website

Contractual Necessity

Recommendations and content personalization based on quiz responses

Identity information

Profile data

Contact data

Health-related data

Marketing data

Demographic information

If you choose to take one of our optional product recommendation quizzes, we will use the information you provide to use to help us match you with our most effective products, and personalize your experience with the Service.

For simple personal data:

Consent

For any health-related data:

Explicit Consent

Troubleshooting

Identity information

Contact data

Technical information

To track issues that might be occurring on our systems, provide support and maintenance for the website

To manage and communicate with you regarding your relationship with us, if you have one, including by sending you service announcements, technical notices, updates, security alerts, and support and administrative messages

Legitimate Interests

It is in our legitimate interests that we can monitor and ensure the proper operation of our website and associated systems and services

Marketing

Identity information

Contact data

Health-related data

Demographic information

Marketing data

Communications

Online activity data

To form a view on what we think you may want or need, or what may be of interest to you, and to provide tailored recommendations in marketing communications. You will have the ability to opt out of such communications. If you have consented to receive marketing communications from our third-party partners, you may withdraw your consent by contacting those partners directly

To display interest-based advertising

For simple personal data:

Consent

For any health-related data:

Explicit consent

Research and development

Identity information

Technical information

Demographic information

We may use your personal information for research and development purposes, including to analyze and improve the Service and our business, including creation of aggregated, de-identified or other anonymous data

Legitimate Interests

We have a legitimate interest in analyze and improve the Service and our business

Compliance, fraud prevention and safety

Identity information

Profile data

Contact data

To keep our website, our Service and associated systems operational and secure

To enforce the terms and conditions that govern the Site

Legitimate Interests.

We have a legitimate interest in ensuring the ongoing security and proper operation of our Service, website and associated IT services and networks

Compliance with law

Any and all categories of personal information (if and as required to comply with the relevant legal requirement)

We may process your personal information (including sharing it with competent authorities or regulators) where necessary to comply with a legal or regulatory requirement

For simple personal data:

Compliance with Law

For any special categories of personal data (e.g. data related to your health):

The processing is necessary for the establishment, exercise or defense of legal claims.

Use for new purposes. We may use your personal information for reasons not described in this Privacy Policy where permitted by law and the reason is compatible with the purpose for which we collected it.  If we need to use your personal information for an unrelated purpose, we will notify you and explain the applicable legal basis.

Special Categories of Personal Data.  As noted above, you may choose to provide us with certain health-related data. We will only collect such health-related data where you have provided us with your explicit consent to its use for the specific purpose of personalizing recommendations about the products most relevant for you. If you do not want us to process your health-related data in one our optional quizzes to allow us to make these product recommendations, you can always choose not to do so. You will still be able to use the Service by manually selecting the products most relevant for you from our ‘Products’ page – however, we will not be able to personalize recommendations to you.

We will not use your personal information (whether it is directly special category personal data or not) to create inferences or to otherwise reveal information concerning your health / health conditions, your genetic information, your racial or ethnic origin, your sex life or sexual orientation or any other special category(ies) of personal data without your explicit consent. If you do not provide your explicit consent, we will not carry out any Processing that is designed or intended to treat you differently on the basis of a possible inference or ‘educated guess’ that we could theoretically make about, or that could deduce, these types of special categories (e.g. from your purchase history).

Retention

We retain personal information for as long as necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements, to establish or defend legal claims, or for fraud prevention purposes.

To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.

When we no longer require the personal information we have collected about you, we will either delete or anonymize it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.  If we anonymize your personal information (so that it can no longer be associated with you), we may use this information indefinitely without further notice to you.

Your rights

European data protection legislation gives you certain rights regarding your personal information in certain circumstances.  If you are located within Europe, you may ask us to take the following actions in relation to your personal information that we hold:

  • Access. Provide you with information about our processing of your personal information and give you access to your personal information.

  • Correct. Update or correct inaccuracies in your personal information.

  • Delete. Delete your personal information.

  • Transfer. Transfer a machine-readable copy of your personal information to you or a third party of your choice.

  • Restrict. Restrict the processing of your personal information.

  • Object. Object to our reliance on our legitimate interests as the basis of our processing of your personal information.

  • Opt-out. Stop sending you direct marketing communications. You may continue to receive service-related and other non-marketing emails.

  • Consent withdrawal. Where we rely on your consent and/or explicit consent to process your personal information you may withdraw that consent at any time.

You may submit these requests by email to privacy@humnutrition.com. We may request specific information from you to help us confirm your identity and process your request.

Applicable law may require or permit us to decline your request.  If we decline your request, we will tell you why, subject to legal restrictions.  If you would like to submit a complaint about our use of your personal information or our response to your requests regarding your personal information, you may contact us or submit a complaint to the data protection regulator in your jurisdiction.

  • For users in the European Economic Area – the contact information for the data protection regulator in your place of residence can be found here: 

    https://edpb.europa.eu/about-edpb/board/members_en

  • For users in the UK – the contact information for the UK data protection regulator is below:

The Information Commissioner’s Office  Water Lane, Wycliffe House Wilmslow - Cheshire SK9 5AF Tel. +44 303 123 1113 Website: https://ico.org.uk/make-a-complaint/

Data transfers outside Europe.

We may share your personal information with third parties who are based outside Europe. In such circumstances, those parties’ processing of your personal information will involve a transfer your personal information outside of Europe.

We endeavor to ensure that people to whom we provide your personal information hold it subject to the standards required by European data protection legislation. So, whenever we transfer your personal information out of Europe, we try to ensure a similar degree of protection is afforded to it by making sure at least one of the following mechanisms is implemented:

  • Transfers to territories with an adequacy decision.

    We may transfer your personal information to countries or territories whose laws have been deemed to provide an adequate level of protection for personal data by the European Commission or UK Government (as and where applicable) from time to time.

  • Transfers to territories without an adequacy decision.

    • We may transfer your personal information to countries or territories whose laws have not been deemed to provide an adequate level of protection for Personal Data by the European Commission or UK Government (as and where applicable).

    • What this means is that the relevant authority(ies) have not adopted an ‘adequacy decision’ to confirm that the relevant laws and practices in that country or territory are sufficient to ensure an adequate level of protection for personal data to the standards required by the GDPR – for example, there is currently no such decision in respect of the United States.

    • However, in these cases:

      • we may use specific appropriate safeguards approved by the European Commission, the UK Information Commissioner’s Office or UK Government (as and where applicable), which are designed to give personal information the same protection it has in Europe – for example, requiring the recipient of personal information to enter into the relevant form of the so-called ‘Standard Contractual Clauses’ issued or approved from time to time; or

      • in limited circumstances, we may rely on an exception, or ‘derogation’, which permits us to transfer your information to such country despite the absence of an ‘adequacy decision’ or ‘appropriate safeguards’ – for example, reliance on your explicit consent to that transfer.

You may contact us if you want further information on the specific mechanism used by us when transferring your personal information out of Europe.

This Cookie Notice explains how Hum Nutrition Inc. (“Hum Nutrition”, “we”, “us” or “our”) uses cookies and similar technologies in connection with

  • the humnutrition.com, humnutrition.co.uk, and humnutrition.de websites and any other website that we own or control and which posts or links to this Cookie Notice (collectively, the “Sites”); and

  • our mobile app (“App”).

What are cookies?

Cookies are small data files that are placed on your computer or mobile device when you visit a website.  Cookies serve different purposes, like helping us understand how a site is being used, letting you navigate between pages efficiently, remembering your preferences, and generally improving your browsing experience.  

Our Sites may use both session cookies (which expire once you close your web browser) and persistent cookies (which stay on your computer or mobile device until you delete them).

We use two broad categories of cookies: (1) first party cookies, served directly by us to your computer or mobile device, which we use to recognize your computer or mobile device when it revisits our Sites; and (2) third-party cookies, which are served by service providers or business partners on our Sites, and can be used by these parties to recognize your computer or mobile device when it visits other websites. Third-party cookies can be used for a variety of purposes, including site analytics, advertising, and social media features.

What types of cookies and similar tracking technologies does Hum Nutrition use on the Sites and App?

On the Sites, we use cookies and other tracking technologies in the following categories described here.

Other technologies

In addition to cookies, our Sites and Apps may use other technologies, such as Flash technology to pixel tags to collect information automatically.

Browser Web Storage

We may use browser web storage (including via HTML5), also known as locally stored objects (“LSOs”), for similar purposes as cookies. Browser web storage enables the storage of a larger amount of data than cookies. Your web browser may provide functionality to clear your browser web storage.

Flash Technology

We may use Flash cookies (which are also known as Flash Local Shared Object (“Flash LSOs”)) on our Sites to collect and store information about your use of our Sites. Unlike other cookies, Flash cookies cannot be removed or rejected via your browser settings. If you do not want Flash LSOs stored on your computer or mobile device, you can adjust the settings of your Flash player to block Flash LSO storage using the tools contained in the Website Storage Settings Panel. You can also control Flash LSOs by going to the Global Storage Settings Panel and following the instructions. Please note that setting the Flash Player to restrict or limit acceptance of Flash LSOs may reduce or impede the functionality of some Flash applications, including, potentially, Flash applications used in connection with our Sites.

Web Beacons

We may also use web beacons (which are also known as pixel tags and clear GIFs) on our Sites and in our HTML formatted emails to track the actions of users on our Sites and interactions with our emails. Unlike cookies, which are stored on the hard drive of your computer or mobile device by a website, pixel tags are embedded invisibly on webpages or within HTML formatted emails. Pixel tags are used to demonstrate that a webpage was accessed or that certain content was viewed, typically to measure the success of our marketing campaigns or engagement with our emails and to compile statistics about usage of the Sites, so that we can manage our content more effectively.

Mobile Application Software Development Kits (SDKs)

We may use third-party software development kits (“SDKs”) in our App. A SDK is third-party computer code that may be used for a variety of purposes, including to provide us with analytics regarding the use of our mobile applications, to integrate with social media, add features or functionality to our app, or to facilitate online advertising. SDKs may enable third parties to collect information directly via our App.

Your choices

Your options for controlling what information cookies and similar technologies collect about you include:

  • Blocking cookies in your browser. Most browsers let you remove or reject cookies.  To do this, follow the instructions in your browser settings.  Many browsers accept cookies by default until you change your settings.  Please note that if you set your browser to disable cookies, the Sites may not work properly.  For more information about cookies, including how to see what cookies have been set on your device and how to manage and delete them, visit www.allaboutcookies.org.  If you do not accept our cookies, you may experience some inconvenience in your use of our Sites. For example, we may not be able to recognize your computer or mobile device and you may need to log in every time you visit our Sites.

  • Third-party opt-out option.  You can opt-out of interest-based advertising through some of the third parties listed in the chart above by using the corresponding third-party opt-out tool provided in the chart.

  • Industry association opt-outs. You may opt out of receiving interest-based advertising on websites through members of the Network Advertising Initiative by clicking here or the Digital Advertising Alliance by clicking here. You may opt out of receiving targeted advertising in mobile apps through participating members of the Digital Advertising Alliance by installing the AppChoices mobile app, available here, and selecting the user’s choices. Please note that we also may work with companies that offer their own opt-out mechanisms and may not participate in the opt-out mechanisms linked above.

  • Blocking advertising ID use in your mobile settings.  Your mobile device settings may provide functionality to limit use of the advertising ID associated with your mobile device for interest-based advertising purposes.

For more information about cookies, including how to see what cookies have been set on your computer or mobile device and how to manage and delete them, visit www.allaboutcookies.org.  If you do not accept our cookies, you may experience some inconvenience in your use of our Sites. For example, we may not be able to recognize your computer or mobile device and you may need to log in every time you visit our Sites.

If you choose to opt-out of targeted advertisements, you will still see advertisements online, but they may not be relevant to you. Even if you do choose to opt out, not all companies that serve online behavioral advertising are included in this list, and so you may still receive some cookies and tailored advertisements from companies that are not listed.

For more information about how we collect, use and share your information, see our Privacy Policy.

Changes

Information about the cookies we use may be updated from time to time, so please check back on a regular basis for any changes.

Questions

If you have any questions about this Cookie Notice, please contact us by email at privacy@humnutrition.com.

Last modified December 20th, 2022.