OnPoint Nutrition
Privacy Policy
PRIVACY POLICY
Last updated March 01, 2024
Privacy Notice of OnPoint Nutrition LLC (DBA OnPoint Nutrition)
At OnPoint Nutrition LLC, your privacy is of paramount importance to us. As a company, we are committed to maintaining the confidentiality and safety of your personal information. In this Privacy Policy, we detail our approach to safeguarding your data as it pertains to the collection, utilization, and disclosure of the information you provide while using our Services. The term "Services" encompasses a variety of interactions, including but not limited to:
- Navigating through our primary website, OnPoint Nutrition, or any other websites we operate that include a link to this Privacy Policy.
- Engaging with our sales and marketing initiatives, or attending events that we organize or participate in.
- Involvement in various activities we conduct, which are further elaborated on within this document.
Whenever you interact with our Services, you're entrusting us with your personal information, and we do not take this responsibility lightly. We have instituted this Privacy Policy to give you a clear understanding of how we handle your information, from the moment you visit our websites to every other interaction you may have with our brand. It is our pledge to remain transparent about the data we collect, the purposes for which it is used, and the circumstances under which it may be shared.
We encourage you to read this Privacy Policy carefully to become informed about our privacy practices. By accessing and using our Services, you acknowledge that you have read, understood, and agreed to the terms and conditions of this Privacy Policy. If you have any concerns about how we manage your personal information, please feel free to reach out to us. We are dedicated to not only providing you with exceptional nutritional guidance, but also to ensuring that your personal information remains secure throughout your journey with OnPoint Nutrition LLC.
Have Questions or Concerns?
This privacy notice aims to clarify your privacy rights and choices. If our information practices are not agreeable to you, we request that you refrain from using our Services. For any inquiries or concerns you might have, please reach out to us at info@onpoint-nutrition.com.
OVERVIEW OF PRIVACY POLICY HIGHLIGHTS
This synopsis serves as a roadmap to the core elements of our privacy policy.
ACQUIRING YOUR PERSONAL DATA
In the course of your interactions with our Services, we gather personal data that reflects your activities, choices, and the functionalities and products you select.
MANAGEMENT OF SENSITIVE DATA
We only process sensitive personal data when it is critical for our services, with your unequivocal permission, or in accordance with applicable legal statutes.
EXTERNAL SOURCES OF DATA
We may receive information about you from external entities, such as public databases, marketing partners, social media platforms, and other third-party sources. For a comprehensive insight into this, examine the External Sources of Data segment.
UTILIZATION OF YOUR DATA
We employ your data to provide and refine our Services, communicate with you, safeguard against fraudulent activity, and comply with legal obligations. We also process data based on your consent for various purposes, always ensuring a legitimate basis for such processing.
SHARING YOUR PERSONAL DATA
We may disclose your personal data under specific conditions to select third parties.
PROTECTION OF YOUR INFORMATION
Our commitment to protecting your personal data is realized through strategic organizational and technical safeguards. However, we acknowledge that no security system is impervious to all potential threats.
YOUR RIGHTS REGARDING PRIVACY
Depending on your jurisdiction and the relevant privacy laws, you may possess a range of rights related to your personal data.
HOW TO EXERCISE YOUR PRIVACY RIGHTS
Should you wish to exercise your privacy rights, you are encouraged to contact us at info@onpoint-nutrition.com. Your requests will be processed in accordance with the appropriate data protection legislation.
COMPREHENSIVE PRIVACY POLICY
For a thorough grasp of our practices related to data collection and usage, we recommend reading our Full Privacy Policy.
TABLE OF CONTENTS
1) Overview of Our Data Collection Methods
2) Key Reasons for Processing Your Personal Data
3) Data Processing Legal Bases for EU, UK, and Canadian Residents
4) Disclosure Practices: Sharing Your Personal Data
5) Third-Party Websites and Services
6) Cookie and Tracking Technology Usage
7) Data Retention and Deletion Policy
8) Security Measures and Limitations
9) Child Safety and Age Restrictions
10) Your Rights and Choices under the Data Protection Law
11) Do-Not-Track Signal Acknowledgment
12) Overview of Personal Information Collection and Use
13) Personal Information Sharing and Usage Policy
14) California Privacy Rights Disclosure
15) California Consumer Privacy Act (CCPA) Notice
16) Colorado Privacy Act (CPA) Rights
17) Connecticut Data Privacy Act (CTDPA) Rights
18) Utah Consumer Privacy Act (UCPA) Rights
19) Virginia Consumer Data Protection Act (VCDPA) Rights
20) Privacy Compliance for Australia and New Zealand
21) Affiliate Disclosure Statement for OnPoint Nutrition
22) Privacy Notice Update Policy
23) Contact and Feedback Guidance
24) Your Data Rights and Request Procedure
25) HubSpot Call Recording
26) Cookie Policy
1) Overview of Our Data Collection Methods
Introduction to Data Collection Practices
As a data controller, we have an obligation to inform you about the nature, scope, and purpose of the personal data we collect, use, and process. We are committed to ensuring that we gather personal information responsibly and in accordance with applicable data protection laws.
Voluntary Disclosure of Personal Information
We collect personal data that you voluntarily provide to us. This voluntary submission occurs when you register for our Services, show interest in our offerings, participate in our activities, or communicate with us for any purpose. We will ask you to provide personal information that is necessary for the services you are seeking or for the purpose of the interaction.
Categories of Personal Information Collected
The extent and type of personal information we collect from you are contingent upon your interactions with us, the Services you use, the choices you make, and the products and features you utilize. The following non-exhaustive list details the categories of personal information we may collect:
- Identification Data: This includes your full name, contact numbers, email addresses, and physical mailing addresses.
- Contact Preferences: Your preferred methods of contact and times to be reached.
- Authentication Information: Data that assists in verifying your identity when you access our services, such as usernames and passwords.
- Financial Data: Billing addresses, debit/credit card numbers, and other payment transaction information.
- Transactional Details: Records of the purchases and transactions you have made with us.
Collection of Sensitive Personal Information
Our collection of sensitive personal information is conducted with the utmost care and is limited to instances where it is strictly necessary. We will obtain your explicit consent or rely on other lawful bases as permitted by applicable law for processing such information. Sensitive information may include, but is not limited to:
- Health Information: Details pertaining to your health that are relevant to the services provided, such as dietary restrictions or disabilities requiring accommodation.
Payment Information Collection and Processing
In connection with any payments for purchases you make, we will collect essential financial information, such as your payment method and security code. The processing and storage of this payment information are managed by our third-party service provider, Chargebee Inc. Their handling of your personal information is governed by their privacy policy, which we encourage you to review.
Responsibility for Accuracy
You bear the responsibility for ensuring that the personal information you provide to us is precise, complete, and up-to-date. It falls within your remit to promptly notify us of any changes to your personal information, including but not limited to changes in contact details or financial information. Our commitment to protecting your personal data extends to facilitating updates and corrections to ensure the continued accuracy and integrity of the data we hold.
Automated Information Collection
Certain types of information are gathered automatically through your interaction with our Services.
When you access, utilize, or navigate our Services, we automatically collect information about you. This automatically collected information does not identify you by name or direct contact details. However, it may include technical and device-related details such as your IP address, browser specs, type of device used, operating system, language settings, URL of the referring page, device name, country, and other details about your use of our Services. Our reasons for collecting this data are to ensure the security and functioning of our Services, as well as for our internal analytics and reporting.
Consistent with common business practices, our collection process may involve cookies and similar tracking technologies.
Details of the Information Collected
- Log and Usage Data: This is technical data that our servers collect automatically, which is recorded in log files. It may include details like IP addresses, browser types, device specifications, and interactions with our Services, such as time stamps, viewed pages, search histories, and feature usage. It also encompasses device event data, including system activities and failure reports.
- Device Data: We gather data related to the device you use to access our Services. This may cover IP addresses, device and app IDs, browser types, hardware models, your ISP or mobile carrier, operating system, and system configurations.
- Location Data: We collect data indicating your device's location, which may vary in precision. We may utilize technologies like GPS to ascertain your actual location based on IP address. You can disable this feature by declining location access on your device or deactivating the device's location settings. Opting out may affect the functionality of the services available to you.
- Third-Party Services Data: We also collect data through third-party services integrated with our platform:
- Sakari: Text messages, including phone numbers, message content, timestamps, and delivery receipts.
- Acuity: Data for scheduling appointments, such as usernames, contact information, appointment settings, and no-show occurrences.
- Zapier: Transfer of user data between services, including the details of actions triggered and the outcomes of the data transfer processes.
- Jotform: Collection of health-related information via forms, securing the transmission of medical history, insurance specifics, and personal identifiers compliant with HIPAA.
- Clarity & Hotjar: Interaction data, like clicks, mouse movements, scrolling actions, and interactions with web elements.
- Google Analytics: Anonymized IP addresses, user demographics, page views, session lengths, and navigation paths through the website.
- Videoask: Information from quiz interactions, including user responses, video engagement, and potential feedback.
- Shopify: Customer data such as names, addresses, payment details, purchasing patterns, and store browsing activities.
- Zoom: Details of meeting participants, meeting durations, and recordings (if made).
- Chargebee: Information on subscription management, payment details, and billing history.
- QuickBooks: Accounting-related data, including financial transactions, invoicing, and payment details.
Information collected from other sources
In order to enhance our ability to provide relevant marketing, offers, and services to you and update our records, we may obtain information about you from other sources, such as public databases, joint marketing partners, affiliate programs, data providers, and from other third parties. This information includes mailing addresses, job titles, email addresses, phone numbers, intent data (or user behavior data), Internet Protocol (IP) addresses, social media profiles, social media URLs, and custom profiles, for purposes of targeted advertising and event promotion.
2) Key Reasons for Processing Your Personal Data
Comprehensive Purpose of Personal Data Processing
We engage in a multifaceted approach to processing your personal data, tailored to the nature of your interactions with our Services. The detailed objectives for which your information is processed include:
- Account Creation and Management: We process personal data to facilitate the creation of your account, enable secure login procedures, and maintain the overall functionality of your user account. This includes verifying your identity, ensuring proper authorization, and providing customer support.
- Provision of Requested Services: We utilize your information to deliver the services you specifically request, ensuring they are tailored to meet your needs and preferences.
- Customer Support and Inquiry Response: When you reach out with questions or require assistance, we process your data to provide timely and effective support, resolving any service-related issues that may arise.
- Administrative Notifications: We use your information to send you essential communication regarding our products and services, including updates to our terms, conditions, and policies, and other pertinent administrative information.
- Order Processing and Management: To efficiently handle and manage your transactions, we process personal data for order fulfillment, payment processing, and handling of returns and exchanges through our Services.
- Facilitation of User Interactions: Where our services include user-to-user communication options, we process your data to enable these interactions, ensuring you can connect with other users as intended.
- Feedback and Engagement: We process personal data when soliciting feedback to enhance our services, and to maintain engagement with you regarding your experiences with our Services.
- Marketing Communications: With your consent and in line with your marketing preferences, we process your personal information to send you promotional messages, offers, and other marketing materials. You retain full control over your participation in such communications and can opt out at any time.
- Personalized Advertising: We process your data to curate and present advertising content that is customized to your interests, based on your activity, location, and preferences, aiming to enhance your experience with our Services.
- Service Security and Integrity: Your data is processed as part of our ongoing efforts to maintain the security and integrity of our Services. This includes implementing measures for fraud monitoring and prevention.
- Analytical Insights and Trends: We analyze how you interact with our Services to gain insights into usage patterns, which assists us in making informed decisions to improve our services.
- Marketing Campaign Analysis: To understand the effectiveness of our promotional campaigns, we process your information, helping us to refine our marketing strategies and deliver content that is more relevant to your preferences.
- Emergency Response: In exceptional circumstances that pose a threat to an individual's vital interests, such as scenarios that may result in harm, we process personal data to take necessary protective actions.
Legal Grounds for Processing Your Data
Our processing of your personal data is built upon a solid legal foundation, comprising various principles and legalities, such as:
- Explicit Consent: We may process your data when you have given clear consent for us to do so for a specific purpose.
- Contractual Requirements: Processing may be necessary to fulfill contractual obligations we have with you, or because you have asked us to take specific steps before entering into a contract.
- Legal Compliance: We may process your data where it is necessary for compliance with a legal obligation to which we are subject.
- Legitimate Business Interests: We process your data when it's necessary for our legitimate interests or the interests of a third party, provided those interests do not override your interests or rights.
These processing activities are in strict adherence to the prevailing data protection and privacy legislation.
3) Data Processing Legal Bases for EU, UK, and Canadian Residents
EU and UK Residents
Under the General Data Protection Regulation (GDPR) and UK GDPR, we are required to provide a lawful basis for processing personal data. The following outlines the legal grounds upon which we rely:
- Consent: We may process your personal data if you have explicitly consented to its use for one or more specific purposes. You have the right to withdraw your consent at any time.
- Performance of a Contract: We may process personal data when necessary to fulfill a contract with you or to take steps at your request before entering into such a contract.
- Legitimate Interests: Your personal data may be processed if we determine that the processing is necessary to pursue our legitimate business interests, provided that these interests do not override your rights and freedoms. Legitimate interests may include:
- Sending promotional offers and discounts on our products and services.
- Creating and delivering personalized advertising.
- Conducting analysis to improve our service offerings.
- Supporting our marketing operations.
- Diagnosing and preventing fraudulent activities.
- Enhancing the user experience through understanding how our services are utilized.
- Legal Obligations: We may process personal data to comply with our legal obligations, which could include responding to lawful requests by public authorities or adhering to legal requirements in litigation.
- Vital Interests: In rare situations, we may process personal data to protect an individual’s vital interests, such as in cases where it's necessary to prevent imminent harm to a person.
Canadian Residents
For residents of Canada, our processing of your personal data is based on the following:
- Consent: We may process your personal data when you provide express consent for a clearly defined purpose. Implied consent may apply in certain situations where your intention to consent is inferred from your actions. You may withdraw your consent at any point.
In certain cases where Canadian law permits, we may process your personal data without consent:
- Critical Interests: If the processing is in the manifest interest of an individual and timely consent is not feasible.
- Legal Investigations: For the purposes of carrying out investigations and detecting and preventing fraud.
- Business Transactions: Under specific conditions for business transaction purposes.
- Insurance Claims: If the data is within a witness statement necessary for insurance claim assessment.
- Next of Kin Communications: For identifying individuals who are injured, ill, or deceased and communicating with their next of kin.
- Financial Abuse: If there is a reasonable basis to believe that an individual may be a victim of financial abuse.
- Breach Investigations: If consent might compromise the integrity of data needed for investigating a breach of an agreement or legal violation.
- Legal Compliance: If processing is required to comply with a subpoena, warrant, court order, or similar legal processes.
- Employment-Related: If the information is generated by an individual’s employment, business, or profession, and the processing is consistent with the purposes for which the data was produced.
- Journalistic, Artistic, or literary purposes: If the collection is strictly for journalistic, artistic, or literary purposes.
- Publicly Available Information: If the information is publicly available as defined by regulations.
4) Disclosure Practices: Sharing Your Personal Data
Circumstances and Entities with Whom We May Share Your Data
In the course of our business operations, it is occasionally necessary for us to disclose or transfer your personal data under certain conditions. These circumstances include:
- Business Reorganizations: In the event that we undergo a business transition, such as a merger, acquisition by another company, reorganization, or sale of all or a portion of our assets, your personal information may be among the assets transferred or shared. Such transactions may necessitate the sharing of your data with prospective or actual purchasers, or receiving it from sellers. It is our practice to seek appropriate protection for information in these types of transactions.
- Analytics and Tracking: We utilize Google Analytics, a web analytics service provided by Google Inc. ("Google"), to gather data regarding the usage of our Services. This tool helps us measure traffic and usage trends, which in turn assists us in improving our services. The Google Analytics features we implement are as follows:
- Remarketing with Google Analytics: This feature allows us to reach people who have previously visited our Services and match the right people with the right message.
- Google Display Network Impression Reporting: We use this to understand the impact of our ads within the Google Display Network through aggregated reports that show us how many people saw our ads.
- Google Analytics Demographics and Interest Reporting: We utilize information from Google's Interest-based advertising or third-party audience data to better understand the demographics and interests of our users.
To withdraw consent from being tracked by Google Analytics across all websites, you can download and install the Google Analytics Opt-out Browser Add-on available at https://tools.google.com/dlpage/gaoptout. Additionally, you can control the information Google uses to show you ads through Google Ads Settings, and if you wish to opt out of interest-based advertising on mobile apps, you may use the settings provided on your device or consider the use of opt-out tools such as http://optout.networkadvertising.org/ and http://www.networkadvertising.org/mobile-choice.
For comprehensive information regarding Google’s data usage and protection practices, we encourage you to review the Google Privacy & Terms web page.
Legal Compliance and Safeguarding of Information
Our policy is to only share your personal information within the bounds of the law. In every instance where we might share your data, we strive to ensure that your information is protected and that the sharing complies with applicable privacy laws and regulations. We commit to maintaining the confidentiality and integrity of your personal data and to using it only in ways that are consistent with your expectations and the purposes for which it was collected.
5) Third-Party Websites and Services
The Services may link to third-party websites, online services, or mobile applications and/or contain advertisements from third parties that are not affiliated with us and which may link to other websites, services, or applications. Accordingly, we do not make any guarantee regarding any such third parties, and we will not be liable for any loss or damage caused by the use of such third-party websites, services, or applications. The inclusion of a link towards a third-party website, service, or application does not imply an endorsement by us. We cannot guarantee the safety and privacy of the data you provide to any third parties. Any data collected by third parties is not covered by this privacy notice. We are not responsible for the content, privacy, security practices, or policies of any third parties, including other websites, services, or applications that may be linked to or from the Services. You should review the policies of such third parties and contact them directly to respond to your questions.
6) Cookie and Tracking Technology Usage
We may use cookies and similar tracking technologies (like web beacons and pixels) to access or store information.
7) Data Retention and Deletion Policy
We will only keep your personal information for as long as it is necessary for the purposes set out in this privacy notice, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements). No purpose in this notice will require us to keep your personal information for longer than the period of time during which users have an account with us.
When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize such information, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
8) Security Measures and Limitations
We have implemented appropriate and reasonable technical and organizational security measures designed to protect the security of any personal information we process. However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information. Although we will do our best to protect your personal information, the transmission of personal information to and from our Services is at your own risk. You should only access the Services in a secure environment.
9) Child Safety and Age Restrictions
We do not knowingly solicit data from or market to children under 18 years of age. By using the Services, you represent that you are at least 18 or that you are the parent or guardian of such a minor and consent to such a minor dependent’s use of the Services. If we learn that personal information from users less than 18 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records. If you become aware of any data we may have collected from children under the age of 18, please contact us at info@onpoint-nutrition.com.
10) Your Rights and Choices under the Data Protection Law
Your Legal Rights Under Data Protection Laws
If you reside within certain jurisdictions, such as the European Economic Area (EEA), the United Kingdom (UK), Switzerland, or Canada, you are afforded specific rights under the prevailing data protection legislation. These rights include:
- Accessing Personal Information: You have the right to request access to your personal data and to receive a copy of it.
- Correcting Personal Information: You have the right to have any incorrect or incomplete personal information rectified.
- Erasure of Personal Information: You have the right to request the deletion of your personal data in certain circumstances.
- Restricting Processing: You have the right to request that the processing of your personal information be restricted.
- Data Portability: Where applicable, you may have the right to have your personal data transferred to another organization.
- Automated Decision-Making: You have the right not to be subject to decisions based solely on automated processing, including profiling, which has legal or similarly significant effects on you.
- Objecting to Processing: You have the right to object to the processing of your personal information under certain conditions.
To exercise these rights, please reach out to us using the contact details provided herein.
Complaints
Residents of the EEA or UK who believe that their personal information is being unlawfully processed have the right to lodge a complaint with their local data protection authority. Similarly, residents of Switzerland may address their complaints to the Federal Data Protection and Information Commissioner.
Consent Withdrawal
If we process your personal data on the basis of your consent, you have the right to withdraw this consent at any time without affecting the lawfulness of processing based on consent before its withdrawal. To withdraw your consent, please contact us using the contact details herein.
Direct Marketing Opt-Out
You may opt out of receiving marketing and promotional communications by following the unsubscribe instructions included in these communications or by reaching out to us as per the contact information provided.
Account Information Management
You may review, amend, or delete your account information by:
- Contacting us through the provided contact details.
Upon request for account termination, we will deactivate or delete your account and information from our active databases, subject to certain exceptions, such as for fraud prevention, problem troubleshooting, investigation assistance, enforcement of legal terms, and compliance with legal obligations.
Cookies and Tracking Technologies
Web browsers generally accept cookies by default, but you have the option to set your browser to remove or reject cookies, which may impact certain features or services of our Services.
For inquiries or comments regarding privacy rights, please email us at info@onpoint-nutrition.com.
11) Do-Not-Track Signal Acknowledgment
Many web browsers, as well as certain mobile operating systems and applications, provide a Do-Not-Track ("DNT") option that you can enable to express your preference for privacy, indicating that you do not wish your online browsing activities to be tracked. Currently, there is no consistent industry standard that dictates how DNT requests should be managed. This means that we do not have the capability to recognize or respond to DNT signals from your browser at this time. Should there be a widely adopted approach to DNT, and it becomes obligatory for us to implement such a method in the future, we will update our privacy policy accordingly to reflect our adherence to this practice.
12) Overview of Personal Information Collection and Use
What categories of personal information do we collect?
We have collected the following categories of personal information in the past twelve (12) months:
Category |
Examples |
Collected |
A. Identifiers |
Real name, alias, postal address, telephone or mobile number, unique personal identifier, online identifier, IP address, email address, account name |
YES |
B. Personal information (California Records) |
Name, contact information, education, employment history, and financial information |
YES |
C. Protected classification (law) |
Gender, date of birth |
YES |
D. Commercial information |
Transaction details, purchase history, financial details, and payment information |
YES |
E. Biometric information |
Fingerprints, voiceprints |
NO |
F. Internet/network activity |
Browsing history, search history, online behavior, interest data, interactions with websites, apps, systems, ads |
YES |
G. Geolocation data |
Physical device location |
YES |
H. Sensory data |
Images, audio, and video recordings related to business activities |
YES |
I. Professional/employment-related information |
Business contact details for services provision, job title, work history, and professional qualifications (job applicants) |
YES |
J. Education information |
Student records, directory information |
NO |
K. Inferences from personal information |
Profiles or summaries created from collected personal information about an individual’s preferences and characteristics |
NO |
L. Sensitive personal information |
N/A |
NO |
We will use and retain the collected personal information as needed to provide the Services or for:
- As long as the user has an account with us.
We may also collect other personal information outside these categories through instances where you interact with us in person, online, or by phone or mail in the context of:
- Receiving help through our customer support channels;
- Participation in customer surveys or contests; and
- Facilitation in the delivery of our Services and to respond to your inquiries.
13) Personal Information Sharing and Usage Policy
Sharing of Personal Information
As a valued user of our services, we recognize the importance of your personal information and take the responsibility of handling it with the utmost care. In certain circumstances, we may share your personal information with third-party service providers. These instances are guided by stringent contractual agreements that dictate the confidentiality and security of your data.
Use of Personal Information for Business Purposes
In our commitment to innovation and excellence, we occasionally utilize personal information for our internal business objectives. These activities may include research and development to enhance our technology and service offerings. Such internal use of your data is not synonymous with "selling," as defined by applicable privacy legislation.
Our Stance on Selling or Sharing Personal Information
We wish to affirm that in the last twelve months, we have neither disclosed nor sold any personal information to third parties for business or commercial purposes. Furthermore, it is our policy to abstain from selling or sharing personal information about visitors to our website, our users, and other consumers in the future.
Commitment to Transparency and Non-Disclosure
We pledge a continued commitment to not selling or sharing personal information. Should there be any changes to this policy, those will only occur with clear communication and transparency regarding the nature of such changes. Our priority is to maintain the trust you place in our services, and a part of that is ensuring you are informed, and your personal data is protected.
14) California Privacy Rights Disclosure
As a resident of California, you are provided specific privacy entitlements. California Civil Code Section 1798.83, known colloquially as the "Shine The Light" law, grants you the privilege to annually request, free of charge, information regarding the disclosure of your personal information by OnPoint Nutrition to third parties for the third parties' direct marketing purposes.
Your Rights Under the "Shine The Light" Law:
- Annual Report: Once per year, you have the right to request a report that details the categories of your personal information, if any, that we have shared with third parties for their direct marketing purposes during the immediately preceding calendar year.
- Third-Party Information: This report will include the names and addresses of these third parties.
- Request Submission: To submit this request, please contact us in writing using the contact details provided at the end of this document. Be sure to indicate that you are a California resident making a "Shine The Light" request.
Taking Action on Your Privacy Rights
We are dedicated to ensuring the privacy of our users, and we will handle your requests with due care and in compliance with the applicable California privacy laws.
How to Exercise Your Rights:
- Written Requests: Please submit any requests in writing to info@onpoint-nutrition.com. Your request should clearly describe your requirements and verify your identity as a California resident.
- Verification Process: We may need to verify your identity before processing your requests, and this may require us to ask for additional information.
- Response Timeframe: Upon verification of your identity, we will act on your request promptly and in accordance with the mandated timeframes under California law.
15) California Consumer Privacy Act (CCPA) Notice
This notice is specifically tailored for individuals residing in the State of California, as defined under the California Consumer Privacy Act (CCPA). According to the California Code of Regulations, a "resident" is identified by two criteria:
- An individual situated in the State of California for purposes other than temporary or transitory.
- An individual with a domicile within the State of California who may be out of state for a temporary or transitory purpose.
All other individuals are considered "non-residents." Should you meet the criteria of a "resident," we are committed to upholding the rights and fulfilling the obligations pertaining to your personal information as stipulated by the CCPA.
Your Rights Under the CCPA
Right to Request Deletion of Personal Information
As a California resident, you have the right to request the deletion of your personal information from our records. We will comply with your request and delete any personal information we hold about you, with certain exceptions where the law permits or requires us to maintain the data, such as:
- Another consumer's right to free speech must be protected.
- If we need to comply with a legal obligation.
- When processing is necessary to safeguard against illicit activities.
Right to Know About Personal Information Collected, Disclosed, or Sold
You have the right to receive specific information regarding our practices related to your personal information. Upon your request, we will provide you with:
- Confirmation of whether we are collecting your personal information.
- The categories of personal information collected.
- The purposes for which the collected information is being used.
- Disclosure of any sales or sharing of personal information with third parties.
- The categories of personal information we have sold, shared, or disclosed for business purposes.
- The categories of third parties to whom your information was sold, shared, or disclosed for business purposes.
- The business or commercial reasons for collecting, selling, or sharing personal information.
- The specific pieces of personal information we have collected about you.
We are not required to re-identify or otherwise link any data that is disidentified or to provide consumer information if it is not in a form that is associated with you.
Right to Non-Discrimination for Exercising Privacy Rights
We will not practice discrimination against you for exercising any of your CCPA rights. Your valuation for goods and services will remain the same, and you will not be penalized for exercising your rights.
Right to Limit the Use and Disclosure of Sensitive Personal Information
At present, we do not process sensitive personal information for purposes that would require limitations under the CCPA.
Verification Process for Requests
Upon receipt of your request to exercise any CCPA rights, we will undertake a process to verify your identity to ensure request accuracy and protection against fraudulent claims. This process may include matching the information provided by you with the information we already have on file.
We will use the information submitted in your request solely for the purposes of verification. If we are unable to verify your identity using our existing records, we may request additional information for verification purposes. Any additional information provided will be deleted from our records as soon as the verification process is complete.
Additional Privacy Rights
- Right to Object: You have the right to object to the processing of your personal information.
- Right to Correction: You can request correction of your personal data if it is inaccurate or outdated, or ask to restrict the processing of the information.
- Authorized Agent: You have the right to designate an authorized agent to make a CCPA request on your behalf. We will require proof of the agent's authorization to act for you.
- Right to Opt-Out: You have the right to opt out of the future sale or sharing of your personal information. We will respond to an opt-out request within 15 days of receipt.
How to Exercise Your CCPA Rights
To exercise the rights described above, please submit a request by:
- Emailing us directly at info@onpoint-nutrition.com.
We invite you to reach out to us with any concerns or complaints regarding our handling of your personal data. Your feedback is valuable as we strive to improve our privacy practices.
16) Colorado Privacy Act (CPA) Rights
Attention residents of Colorado: This section is exclusively for you, detailing your privacy rights under the Colorado Privacy Act (CPA). The CPA bestows upon you a series of rights concerning your personal data, but it's important to recognize that these rights have certain limitations. There may be instances where we are legally permitted to refuse your request as outlined by the law.
Your Privacy Rights Under the CPA:
As a Colorado resident, the CPA empowers you with the following rights over your personal data:
- The Right to be Informed: You have the right to know if we are currently processing your personal data.
- The Right to Access: You can request to review your personal data that we hold.
- The Right to Correct: If you identify errors in your personal data in our records, you have the right to have these inaccuracies corrected.
- The Right to Delete: You may request the deletion of your personal data from our records and databases.
- The Right to Data Portability: You have the right to receive a copy of your personal data that you have previously provided, in a format that allows for easy transfer to another entity.
- The Right to Opt-Out: You are entitled to opt out of the processing of your personal data, particularly if it is used for targeted advertising, the sale of personal data, or profiling, which may lead to significant legal effects or similarly substantial impacts.
How to Exercise Your Rights:
To exercise any of the aforementioned rights, you may reach out to us through the following channels:
- Email: Send your request to info@onpoint-nutrition.com. Please include sufficient details to enable us to process your request effectively.
What to Do If Your Request Is Declined:
In the event that we do not take action on your request, you have the right to appeal our decision. Should you choose to do so, please:
- Appeal by email: Contact us at info@onpoint-nutrition.com to submit your appeal. Clearly state your reasons for appealing the original decision.
Upon receiving your appeal, we are obligated to review it and respond within forty-five (45) days. We will inform you in writing of the action taken or not taken in response to your appeal, along with an explicit written explanation detailing the rationale behind our decision.
17) Connecticut Data Privacy Act (CTDPA) Rights
If you are a resident of Connecticut, this section is specifically crafted to inform you about your rights under the Connecticut Data Privacy Act (CTDPA). It is important to note that while the CTDPA affords you a range of rights designed to protect your personal data, there may be circumstances under which we might lawfully decline your request, in adherence to legal exceptions.
Your Rights Under the CTDPA:
The CTDPA grants you the following rights regarding your personal data:
- The Right to be Informed: You have the right to know whether we are processing your personal data.
- The Right to Access: You can request access to your personal data that we collect and hold.
- The Right to Correction: If you find any inaccuracies within your personal data that we possess, you have the right to have those inaccuracies corrected.
- The Right to Deletion: You have the right to request the deletion of your personal data that is in our possession.
- The Right to Data Portability: You can obtain a copy of your personal data that you have previously provided to us, in a format that facilitates easy transfer.
- The Right to Opt-Out: You have the option to opt out of the processing of your personal data for targeted advertising, the sale of personal data, or profiling that may lead to decisions with legal or similarly significant effects on you.
Exercising Your Rights:
To exercise any of the rights outlined above, you are welcome to submit a request by:
- Email: Contacting us at info@onpoint-nutrition.com. Please specify which right you intend to exercise and include any relevant details to help us process your request efficiently.
Appealing Our Decision:
In the event that we decide not to take action on your request, and you disagree with our decision, you have the right to appeal. To initiate an appeal, you should:
- Email: Send your appeal to info@onpoint-nutrition.com, detailing your concerns and reasons for appealing our initial decision.
Upon receipt of your appeal, we will review your request and provide you with a written response within sixty (60) days. This response will outline the action taken or not taken, along with a comprehensive written explanation detailing the reasons behind our decision.
18) Utah Consumer Privacy Act (UCPA) Rights
For residents of Utah, this notice is specifically tailored to inform you of the rights you hold under the Utah Consumer Privacy Act (UCPA). While the UCPA provides a framework for the protection of your personal data, please be aware that your rights under the Act may have certain limitations. On occasion, we may be unable to accommodate a request based on legal exceptions or requirements.
Understanding Your Rights Under the UCPA:
As a Utah resident, the UCPA grants you a series of rights regarding the collection, processing, and management of your personal data. These rights include, but may not be limited to:
- The Right to be Informed: You possess the right to be informed about whether we are currently processing your personal data.
- The Right to Access: You are entitled to access your personal data that we have collected.
- The Right to Deletion: You have the authority to request the deletion of your personal data from our systems and records.
- The Right to Data Portability: You can request to obtain a copy of your personal data that you have previously provided to us, in a format that is both secure and portable.
- The Right to Opt-Out: You have the option to opt out of the processing of your personal data when it is utilized for targeted advertising or the sale of personal data.
Please be aware that while the UCPA empowers you with these rights, they are not without their boundaries. There are specific instances where we may be legally permitted to refuse your request based on the context of the situation or if an exemption is applicable under the law.
How to Exercise Your Rights:
To act upon these rights, you may submit a request by reaching out to us through the following methods:
- Email: Send your request to info@onpoint-nutrition.com with an appropriate subject line indicating your intent to exercise your UCPA rights.
- Online: Visit our dedicated privacy rights portal at info@onpoint-nutrition.com to submit your request or learn more about how we handle personal data.
When you contact us to exercise any of your rights under the UCPA, please provide sufficient information to allow us to verify your identity and residency. This step ensures the protection of your privacy and personal data by preventing unauthorized access or changes to your information.
19) Virginia Consumer Data Protection Act (VCDPA) Rights
As residents of Virginia, you are afforded certain protections and privileges under the Virginia Consumer Data Protection Act (VCDPA). We provide the following expanded definitions and descriptions to ensure clarity regarding your rights and our obligations.
Definitions:
- Consumer: Within the context of the VCDPA, a consumer is defined as a natural person who is a resident of the Commonwealth of Virginia and who is acting solely in an individual or household capacity. This definition explicitly excludes any natural persons engaging in activities that pertain to commercial enterprises or employment contexts.
- Personal Data: Personal data encompasses any piece of information that can be directly or indirectly associated with an identified or identifiable living individual. Exceptions to this definition include data that has been anonymized to the extent that the individual is no longer identifiable, as well as information that is lawfully made available through governmental records or widely distributed media.
- Sale of Personal Data: The term "sale of personal data" refers to any instance where personal data is exchanged for monetary compensation by the data controller or processor.
Virginia Rights Regarding Personal Data:
As a Virginia resident, you are entitled to several key rights under the VCDPA, which include:
- The Right to be Informed: You have the right to be informed about whether your personal data is being processed by us.
- The Right to Access: You have the right to access and review your personal data that we may have collected and processed.
- The Right to Correction: If you discover any inaccuracies within your personal data, you have the right to correct such inaccuracies.
- The Right to Deletion: You may request the deletion of your personal data from our records and processing activities.
- The Right to Data Portability: You have the right to receive a copy of your personal data, in a readily usable format, that you have previously provided to us.
- The Right to Opt-Out: You may opt out of certain processing activities of your personal data, specifically those involving targeted advertising, the sale of your personal data, or profiling that may contribute to decisions that have legal or other significant effects on you ("profiling").
Exercising Your Rights Under the VCDPA:
To exercise any of the rights mentioned above, feel free to reach out to us via email at info@onpoint-nutrition.com. We are committed to honoring your rights under the act and will respond to your requests in accordance with the VCDPA's stipulations.
When using an authorized agent to exercise your rights, the agent must provide proof of their valid authorization to act on your behalf. Should such proof not be presented, we reserve the right to deny the request.
Verification Process
We may request that you provide additional information reasonably necessary to verify you and your consumer's request. If you submit the request through an authorized agent, we may need to collect additional information to verify your identity before processing your request.
Upon receiving your request, we will respond without undue delay, but in all cases, within forty-five (45) days of receipt. The response period may be extended once by forty-five (45) additional days when reasonably necessary. We will inform you of any such extension within the initial 45-day response period, together with the reason for the extension.
Right to Appeal
If we decline to take action regarding your request, we will inform you of our decision and the reasoning behind it. If you wish to appeal our decision, please email us at info@onpoint-nutrition.com. Within sixty (60) days of receipt of an appeal, we will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions. If your appeal is denied, you may contact the Attorney General to submit a complaint.
20) Privacy Compliance for Australia and New Zealand
Our handling of your personal information adheres to the requirements established by Australia's Privacy Act 1988 and New Zealand's Privacy Act 2020 (collectively referred to as the "Privacy Acts"). We are committed to upholding the obligations and conditions specified within these legislative frameworks.
Privacy Notice Requirements
This privacy notice is crafted to meet the stringent notice requisites of both Privacy Acts. It outlines the nature of personal information we collect from you, the sources from which we obtain it, the specific purposes for which we use it, and other entities with whom your personal information may be shared.
Consequences of Withholding Personal Information
Should you choose not to provide certain essential personal information, it could impinge on our ability to:
- Provide you with the requested products or services.
- Address your inquiries or assist with your requests effectively.
- Administer and manage your account with our services.
- Authenticate your identity and secure your account against unauthorized access or fraud.
Your Privacy Rights
You retain the right to request access to, or correction of, your personal information at any time.
Filing a Complaint
If you have reason to believe that we are processing your personal information in a manner that contravenes the stipulated Privacy Principles, you are entitled to lodge a complaint. Concerns regarding a breach of the Australian Privacy Principles may be directed to the Office of the Australian Information Commissioner. For breaches relating to New Zealand's Privacy Principles, you may contact the Office of the New Zealand Privacy Commissioner.
Proactive Engagement
We encourage you to reach out to us first with any concerns regarding your personal information, as we are eager to resolve any issues in compliance with the respective Privacy Acts of Australia and New Zealand.
21) Affiliate Disclosure Statement for OnPoint Nutrition
In compliance with the guidelines set forth by the Federal Trade Commission (FTC), OnPoint Nutrition hereby informs you, the user, that certain links present on our website are affiliate links. An affiliate link is a specific URL that contains the affiliate's ID or username. In adherence to the FTC's requirements, we provide explicit notice when affiliate links are embedded within our content. For the purpose of full disclosure, you should presume that any and all links leading you to products or services are affiliate links that we will receive compensation from should you choose to purchase. Please note that there will be no additional cost to you in the event that you decide to make a purchase through one of our affiliate links. Furthermore, OnPoint Nutrition participates in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to Amazon.com. As part of this program, OnPoint Nutrition is eligible to earn from qualifying purchases made through our links to Amazon.com. Your support in purchasing through these links enables OnPoint Nutrition to continue providing valuable content and to keep the site operational. We thank you for your support.
22) Privacy Notice Update Policy
Regular Updates
In our commitment to comply with legal standards and best practices, we may periodically make changes to this privacy notice. When we do so, we will update the “Revised” date at the top of the notice to reflect the date of the latest changes.
Effectiveness of Changes
Any amendments made to this privacy notice will come into effect immediately upon being made accessible to you. It is important to regularly review this notice to ensure you remain informed of any updates.
Notification of Material Changes
If there are any important changes to our privacy practices, we promise to notify you in a clear and noticeable way. This might include making a prominent announcement on our platform or sending you a direct communication, like an email, depending on the nature of the modifications.
Your Responsibility to Stay Informed
We advise you to review our privacy notice on a regular basis so that you always know our current practices regarding the collection, use, and sharing of your information. Staying informed allows you to better protect your privacy and be aware of any new consent that you may need to provide.
Our Commitment to Transparency
We are dedicated to maintaining transparency about how we handle your personal data. If you have any questions about our privacy notice or the information we collect, please do not hesitate to contact us.
Contact for More Information
For additional information or clarification regarding updates to this privacy notice, please get in touch with us using the email info@onpoint-nutrition.com.
23) Contact and Feedback Guidance
Inquiries and Feedback
If you have any inquiries, feedback, or require clarification about this privacy notice, we welcome you to contact us. We are committed to addressing your concerns and providing detailed information as needed.
Communication Channels
To reach out to us regarding this notice, please use the following contact method:
- Email: Send us a message at info@onpoint-nutrition.com. We aim to respond promptly and efficiently to all correspondence.
Assistance and Support
Our dedicated team is available to support you with any privacy-related questions you might have, or to assist you in understanding the nuances of our privacy practices.
Legal Compliance
We take your privacy concerns seriously and strive to comply with all applicable laws and regulations in the management and protection of your personal information.
Further Correspondence
Should you feel your concerns were not adequately addressed, you have the right to contact the relevant data protection authority in your jurisdiction. However, we request that you reach out to us first so we may attempt to resolve the issue directly.
24) Your Data Rights and Request Procedure
Based on the applicable laws of your country, you may have the right to request access to the personal information we collect from you, change that information, or delete it. To request to review, update, or delete your personal information, please visit: info@onpoint-nutrition.com.
Your Rights Over Your Information
In accordance with the data protection laws applicable in your region or country, you are entitled to certain rights regarding the personal information that we hold about you. These rights allow you to:
- Access: You can request an overview of the personal information we have about you.
- Correction: If you believe that any information we are holding on you is incorrect or incomplete, you can request that we correct or supplement it.
- Erasure: You can request that we delete or remove your personal information from our systems.
Exercising Your Rights
To exercise any of these rights, please get in touch with us by sending an email to info@onpoint-nutrition.com. We will respond to your request within a reasonable timeframe and notify you of the action we have taken.
Additional Information
When making a request, we may need you to provide us with additional information to verify your identity and ensure the security of the data we hold. We will only retain personal information for as long as necessary for the purposes for which it was collected, as required by law, or as needed to resolve disputes and enforce our agreements.
If you have an account with us, you may also review and update your personal information through the account settings feature on our platform.
Please note that we may not be able to accommodate a request to delete information if we believe the retention of the information is necessary for us to comply with our legal obligations, resolve disputes, enforce our agreements, or for another one of our legitimate business interests.
Further Assistance
For any further questions or concerns about our use of your personal information and this privacy policy, please contact us at info@onpoint-nutrition.com.
25) HubSpot Call Recording
We use HubSpot to manage our customer relationships. As part of using HubSpot, we may record and store phone calls made through HubSpot for training and quality assurance purposes.
How We Use Call Recordings
The call recordings are securely stored in HubSpot and can only be accessed by authorized members of our customer support, sales, and admin team. We may use call recordings to:
- Train our customer support team on best practices for handling calls
- Monitor call quality and identify areas for improvement
- Resolve customer issues and complaints by reviewing details of past conversations
- Comply with legal and regulatory obligations
Retention of Call Recordings
We retain call recordings indefinitely, unless a request is made to delete a specific recording or retaining the recording would conflict with legal requirements. Recordings may also be deleted periodically as part of our data management practices.
Your Rights Regarding Call Recordings
You have the right to request copies of any call recordings that involve your personal information pursuant to applicable law. You can also request that we delete specific recordings. To do so, please contact us at info@onpoint-nutrition.com.
Opting Out of Call Recording
You can opt-out of call recording by informing the customer support representative who answers your call that you do not consent to the call being recorded. Opting out may limit our ability to fully address your issue on the call.
26) Cookie Policy
We use cookies and similar tracking technologies on our website and in our communications with you. Cookies are small data files that are placed on your computer or mobile device when you visit our website. Cookies serve various functions, like authenticating users, remembering user preferences, tracking user behavior, and providing targeted advertising.
Types of Cookies We Use
We use the following types of cookies on our website:
- Essential cookies: These cookies are necessary for certain functions on our website to work properly, such as allowing you to navigate between pages and access secure areas. Disabling these cookies may impair the functioning of our website.
- Analytical/performance cookies: These cookies help us understand how visitors interact with our website by providing information about the areas visited, time spent on the site, and other similar information. This helps us improve our website and make it more user-friendly.
- Targeting/advertising cookies: These cookies collect information about your browsing habits and may be used to tailor marketing content to you and deliver targeted ads. They remember the websites you have visited and share this information with social networks, advertisers, and other partners.
- Third-party cookies: We sometimes use third-party services, like analytics or advertising providers, that may place their own cookies on your device. We don't control the use of these third-party cookies.
How to Manage Cookies
You can control and manage cookies through your browser settings. You can choose to accept all cookies, reject certain types of cookies, or configure your browser to prompt you each time a cookie is sent to your computer or mobile device.
For detailed instructions on adjusting your cookie preferences, please consult your browser's help section or visit the website of the browser company.
Changes to this Cookie Policy
From time to time, we may make updates to this Cookie Policy. Any changes will be communicated by posting the revised policy on this page. Additionally, if applicable, we will notify you through email and/or a noticeable announcement on our website.