We are On The Green LLC (“Company”, “Us”, “We”) registered in California with file number 201922110170 of 550 W Date Street, Unit 615, San Diego CA 92101 USA.
The procedures and principles set out herein must be followed at all times by the Company, its employees, agents, contractors, or other parties working on behalf of the Company. If you are a resident of California USA, you should refer to our section 14 “California Residents” below.
If you are a resident of the United Kingdom or the European Economic Area (meaning all European Union member states together with Norway, Lichtenstein and Iceland) you may have additional rights to those set out in this Policy. In that case you should refer to our associated company website: https://www.onthegreencbd.co.uk/.
2. Types of data collected
We collect several different types of information for various purposes to provide and improve our Service to you:
Whenever engaging with Us, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you (“Personal Data”). Personally identifiable information includes:
· Email address
· First name and last name
· Phone number
· Address, State, Province, ZIP/Postal code, City
· Financial/billing information (not stored by Us).
We use your Personal Data to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you.
You may opt out of receiving any, or all, of these communications from us by following the unsubscribe link or instructions provided in any email we send. Marketing consent is not required as a condition of use of any of our products or services.
We may also collect information on how our website is accessed and used (“Usage Data”). This Usage Data may include information such as your computer’s IP address, browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.
Tracking Cookies Data
You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our website.
Examples of Cookies we use:
· Session Cookies. We use Session Cookies to operate our website.
· Preference Cookies. We use Preference Cookies to remember your preferences and various settings.
· Security Cookies. We use Security Cookies for security purposes.
3. Use of data
We use the collected data for various purposes:
· To provide and maintain our website, products and services.
· To notify you about changes to our products and services.
· To allow you to participate in interactive features of our website when you choose to do so.
· To provide customer support.
· To gather analysis or valuable information so that we can improve our products and services
· To monitor the usage of our Service
· To detect, prevent and address technical issues
· To provide you with news, special offers and general information about other goods, services and events which we offer that are similar to those that you have already purchased or enquired about unless you have opted not to receive such information.
We are not in the business of selling personal data to third parties, in the course of providing our products and services, or otherwise.
4. Retention of data
We will retain your Personal Data only for as long as we have a legitimate business or legal need to do so. Our retention periods depend on the type of data and its purpose.
We will retain your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), to resolve disputes, and to enforce our legal agreements and policies.
We will retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our Service, or we are legally obligated to retain this data for longer time periods.
5. Transfer of data
Your information, including Personal Data, may be transferred to— and maintained on— computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction.
We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with these Data Privacy Notices and no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.
6. Disclosure of data
We may disclose your Personal Data in the good faith belief that such action is necessary:
· To comply with a legal obligation
· To protect and defend our rights or property
· To prevent or investigate possible wrongdoing in connection with the Service
· To protect the personal safety of users of the Service or the public.
· To protect against legal liability.
7. Security of data
The security of your data is important to us, but remember that no method of transmission over the internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable, best practice, and state-of-the-art means to protect your Personal Data, we cannot guarantee its absolute security.
8. Your rights
We aim to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data.
Whenever made possible, you can update your Personal Data directly within your account settings section. If you are unable to change your Personal Data, please contact us to make the required changes.
If you wish to be informed what Personal Data we hold about you and if you want it to be removed from our systems, please contact us.
You can submit a justified request:
· To access and receive a copy of the Personal Data we hold about you.
· To rectify any Personal Data held about you that is inaccurate.
· To request the deletion of Personal Data held about you.
You have the right to data portability for the information you provide to us. You can request to obtain a copy of your Personal Data in a commonly used electronic format so that you can manage and move it.
You may exercise your right to object, if no opt-out mechanism is otherwise made available to you (including objecting to the basis of use for the purpose of our legitimate interest), by sending an email to us.
Please note that we may ask you to verify your identity before responding to such requests.
9. Service Providers
We may employ third party companies and individuals to facilitate our Service (“Service Providers”), to provide the Service on our behalf, to perform Service-related services or to assist us in analyzing how our Service is used.
These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
We may use third-party Service Providers to monitor and analyze the use of our Service.
We may use third-party software Service Providers to manipulate images and PDFs that you may upload to the Service. Images and PDFs provided to our third-party image manipulation Service Providers could include Personal Data, and we use our best endeavors to ensure that they adhere at least to the same standards of data privacy as our own.
We may use third-party software Service Providers for sending and receiving email, SMS, push messages and support interactions. Messages provided to our third-party messaging Service Providers could include Personal Data, and we use our best endeavors to ensure that they adhere at least to the same standards of data privacy as our own.
We may provide paid products and/or services within our website. In that case, we use third-party services for payment processing.
10. Links to other sites
We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services.
11. Children’s privacy
Our website does not address anyone under the age of 16 (“Children” or “Child”). Additionally, if you are under the age of majority in your jurisdiction (most commonly, 18 years of age), you represent that your parent or legal guardian has reviewed and agreed to this Policy.
We do not knowingly collect personally identifiable information from anyone under the age of 16. If you are a parent or guardian and you are aware that your Child has provided Us with Personal Data, please contact Us. If we become aware that we have collected Personal Data from Children without verification of parental consent, we take steps to remove that information from our servers.
13. Contact us
14. California Residents
The California Consumer Privacy Act (“CCPA”) applies to you if you are a “Consumer” as defined by that Act. The CCPA defines a consumer as either an individual who is in the State for other than a temporary or transitory purpose or an individual who is domiciled in the State who is outside the State for a temporary or transitory purpose. Therefore, California law may provide you with certain rights regarding our use of your personal information.
We set forth below the provisions which we believe apply in our dealings with you, but it is your responsibility to check the full provisions of the Act which you can find here on the website of the State of California Department of Justice.
14.1 “Do Not Track” under the CCPA:
We do not support Do Not Track (“DNT”). Do Not Track is a preference you can set in your web browser to inform websites that you do not want to be tracked. You can enable or disable Do Not Track by visiting the Preferences or Settings page of your web browser. We are not aware of any processes for others collecting personal information about your activities on our websites over time and across third party websites, apps, or other online services, nor do we knowingly collect information about your activities over time across third party sites and services.
14.2 “Do Not Sell My Personal Information” under the CCPA: As we set forth in section 3 “Use of Data” above, we are not in the business of selling personal data to third parties in the course of providing our products and services, or otherwise. Further, the CCPA gives you a specific right to require Us not to sell your personal information, and you may so indicate your preference by checking this box in a document that identifies you to Us:
Do Not Sell My Personal Information
14.3 CCPA – General Preamble:
Terms defined in the CCPA have the same meaning when used in this Policy. Note that provision of this CCPA notice is not an admission on our part that we are a “business” within the meaning of the CCPA, and nothing in this Policy may be construed as such an admission.
This notice to you is effective upon the effective date of enforcement of the CCPA, which took place on January 1, 2020.
14.4 Personal information we collect:
We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular person (“Personal Information”) that falls within the following categories of personal information, and have done so within the last 12 months:
Category Information Collected
Identifiers A real name, postal address, unique identifier, online identifier, Internet Protocol address, email address, and account name.
Personal Information categories listed in
the California Customer Records statute
(Cal. Civ. Code § 1798.80(e)) A name, address, telephone number, financial and business information.
Commercial information Records of services purchased, obtained, or considered, or other transaction histories.
Internet or other similar network activity A consumer’s interaction with a website.
Personal Information does not include:
(a) publicly available information from government records;
(b) deidentified information or aggregate consumer information;
(c) information excluded from the CCPA’s scope; and
(d) personal information covered by certain sector-specific privacy laws.
We obtain the categories of Personal Information listed above from the following categories of sources:
· directly from you or publicly available sources. For example, from forms you complete or products and services you purchase or sell, or from information you choose to display in publicly accessible social media accounts.
· indirectly when you use our services (eg cookies when using our website).
14.5 Our use of Personal Information:
We may use or disclose the Personal Information we collect for the purposes set forth in this Policy, and one or more of the following business purposes:
· to fulfill or meet the reason you provided the information. For example, if you share your name and contact information to request a price quote
or ask a question about our products or services, we will use that Personal Information to respond to your inquiry. If you provide your Personal Information to purchase a product or service, we will use that information to process your payment and facilitate delivery,
· to provide, support, personalize, and develop our website, products, and services,
· to create, maintain, customize, and secure your account with Us.
· to process your requests, purchases, transactions, and payments and prevent transactional fraud,
· to provide you with support and to respond to your inquiries, including to investigate and address your concerns and monitor and improve our responses,
· to deliver content and product and service offerings relevant to your interests, including targeted offers and ads through our sites, third-party sites, and via email or text message (with your consent, where required by law),
· to help maintain the safety, security, and integrity of our website, products and services, databases and other technology assets, and business,
· for testing, research, analysis, and product development,
· to respond to law enforcement requests and as required by applicable law, court order, or governmental regulations,
· as described to you when collecting your Personal Information or as otherwise set forth in the CCPA,
· auditing related to a current interactions and concurrent transactions, including, but not limited to, counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with this specification and other standards,
· detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity,
· debugging to identify and repair errors that impair existing intended functionality,
· to evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Information held by Us is among the assets transferred.
We will not collect additional categories of Personal Information or use the Personal Information we collected for materially different, unrelated, or incompatible purposes without providing you notice. We will not sell Personal Information (other than in connection with a sale of business or merger as explained above).
14.6 Sharing personal information:
We may disclose any or all of the categories above of your Personal Information to a third party for a business purpose, as set forth in section 9 “Service Providers” above, and we have done so in the last 12 months. When we disclose Personal Information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that Personal Information confidential and not use it for any purpose except performing the contract. The CCPA prohibits third parties who purchase the Personal Information we hold from reselling it unless you have received explicit notice and an opportunity to opt-out of further sales.
We disclose your Personal Information for a business purpose to the following categories of third parties:
• third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your Personal Information in the same way as set out in this Policy,
• any other third parties to whom you have permitted us to disclose your personal information,
• as set forth in this Policy.
14.7 Your rights and choices:
You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable consumer request, we will disclose to you:
· the categories of Personal Information we collected about you,
· the categories of sources for the Personal Information we collected about you,
· our business or commercial purpose for collecting or selling that Personal Information,
· the categories of third parties with whom we share that Personal Information,
· the specific pieces of Personal Information we collected about you (also called a data portability request),
· if we sold or disclosed your Personal Information for a business purpose, two separate lists disclosing: (a) sales, identifying the personal information categories that each category of recipient purchased; and (b) disclosures for a business purpose, identifying the Personal Information categories that each category of recipient obtained.
14.8 Deletion request rights:
You have the right under the CCPA to request that we delete any of your Personal Information that we have collected and retained, subject to certain exceptions. Once we receive and confirm a verifiable consumer request (see below), we will delete (and direct our service providers to delete) relevant Personal Information from our records, unless an exception applies.
We may deny California residents’ deletion request if retaining the information is necessary for us or our service provider(s) to:
· complete the transaction for which we collected the Personal Information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with the requesting individual, or otherwise perform our contract with a requesting individual,
· detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities,
· debug products to identify and repair errors that impair existing intended functionality,
· exercise free speech, ensure the right of another to exercise their free speech rights, or exercise another right provided for by law,
· enable solely internal uses that are reasonably aligned with consumer expectations,
· comply with a legal obligation,
· make other internal and lawful uses of that information that are compatible with the context in which you provided it.
14.9 Verifiable consumer request:
To exercise the access, data portability, and deletion rights under the CCPA described above, please submit to Us a verifiable consumer request by email to us at email@example.com or as set forth in the Contact section of our website.
Only a California resident, or a person registered with the California Secretary of State that a California resident has authorized to act on their behalf, may make a verifiable consumer request related to their Personal Information. A California resident may also make a verifiable consumer request on behalf of their minor child.
A verifiable consumer request for access or data portability can only be made twice within a 12-month period. The verifiable consumer request must provide sufficient information that allows us to reasonably verify the California resident about whom we collected Personal Information or an authorized representative, and contain sufficient detail that allows us to properly understand, evaluate, and respond to it. We cannot respond to your request or provide Personal Information if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to you.
Making a verifiable consumer request does not require you to create an account on our website. However, we do consider requests made through your password protected account sufficiently verified when the request relates to Personal Information associated with that specific account. We will only use Personal Information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
We will endeavor to respond to a verifiable consumer request within 45 days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically.
Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your Personal Information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
We will not discriminate against you for exercising any of your CCPA rights. Except as permitted by the CCPA, we will not:
deny you goods or services,
· charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties,
· provide you a different level or quality of goods or services,
· suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
14.11 California’s “Shine the Light” law (Civil Code Section § 1798.83):
This law permits users of our website that are California residents to request certain information regarding our disclosure of Personal Information to third parties for their direct marketing purposes. To make such a request, please send an email to Us.
- We are committed to providing you with the best possible experience, which includes the security, privacy and integrity of your Personal Information.
- You may opt out of receiving any, or all, communications from us by following the unsubscribe link or instructions provided in any communication we send, or by contacting us at any time