Privacy | Terms | Discalimer
CHRONIC CONDITION RESCUE PRIVACY POLICY
Last Updated: December 12, 2024
At Chronic Condition Rescue, LLC d/b/a SIBO SOS and our subsidiaries (“CCR,” “we,” “us,” or “our”), we take your privacy very seriously. This Privacy Policy contains important information about our information and privacy practices, including how we collect, use, disclose, sell, share, store, and retain your personal information. It also explains your rights regarding your personal information and how to contact us or supervisory authorities if you have a complaint or request.
- INTRODUCTION
We collect, use, and are responsible for certain personal information about you and serve as a:
- “Controller” of personal information under the EU General Data Protection Regulation (GDPR), which applies across the European Economic Area (EEA) and under the
- “Controller” under the UK General Data Protection Regulation
- “Business” under the California Consumer Privacy Act of 2018 (CCPA), as amended by the California Privacy Rights Act of 2020 (CPRA)
This Privacy Policy applies to all information collected through all CCR Services, including:
- Our consumer-facing websites, https://www.sibosos.com, http://members.sibosos.com/, https://shivansarna.com, https://www.digestionssos.com, https://thescienceandwisdomofmenopause.com/, https://dollarsperminute.com, and https://www.shivansyogastudio.com, including but not limited to and any and all sites associated with all CCR Services, the Summit Service and Subscription Services (the “CCR Sites“)
- Our online summit production and management services (“Summit Service“)
- Our subscription-based services, including membership programs, recurring content access, and premium features (“Subscription Services“)
- Our social media pages
- Our mobile and web applications (“CCR Apps“)
- HTML-formatted email messages linking to this Privacy Policy
- All content, tools, videos, audio recordings, downloadable materials, courses, digital products, add-ons, upgrades, services, and other materials we produce and/or publish (collectively, “Content“)
- Any other products and services we offer through any venues, websites, and mobile applications that direct you to this Privacy Policy
(Collectively, the “CCR Services“)
This Privacy Policy will help you understand:
- What information we collect
- How we use your information
- What choices you have regarding your information
- How we protect your privacy when you use CCR Services, purchase Content, participate in events or promotions, or interact with us in any way
By using CCR Services, you accept the practices described in this Privacy Policy. If you do not agree to these terms, please do not use CCR Services. We reserve the right to modify this Privacy Policy from time to time. Your continued use of CCR Services following any changes indicates your acceptance of those changes. If we make material changes or plan to apply modifications retroactively to personal information already in our possession, we will provide you with specific notice.
Please note that this Privacy Policy applies only to information we collect directly through CCR Services. It does not apply to information you provide to third-party platforms used to access CCR Services. We encourage you to review the privacy policies of any third-party services you use to access CCR Services.
This Privacy Policy should be read in conjunction with our Terms and Conditions, which set out the contract between you and us.
- DEFINED TERMS
The following terms will have the meanings indicated below throughout this Privacy Policy. Please refer to our Subscriber Terms of Service or the CCR Consumer Agreement for any capitalized terms not defined here.
General Terms
- “Account” means a unique account created for you to access our CCR Services or parts of our CCR Services.
- “Affiliate” means an individual or entity that promotes CCR Services and receives compensation, typically a percentage of sales, for customers they refer to CCR through tracked links, promotional codes, or other referral methods. Affiliates are independent marketers and are not employees, agents, or representatives of CCR.
- “CCR,” “we,” “us,” or “our” refers to Chronic Condition Rescue, LLC d/b/a SIBO SOS and its subsidiaries.
- “Content” means all content, videos, training materials, products, services, and other materials we produce and make available through CCR Services.
- “Device” means any device that can access CCR Services, such as a computer, cellphone, or digital tablet.
- “End User” means any individual who interacts with CCR Services, uses our mobile applications, books appointments, purchases products or services, creates an Account to access CCR Services, interacts with our Subscribers through CCR Services, or accesses or uses any part of CCR Services in any capacity.
- “Information” may refer to either Personal Information or Other Information.
- “Other Information” means any information that does not reveal your specific identity or does not relate to an individual, such as usage data not linked to any unique identifiers.
- “Subscriber” means any individual, business or entity that subscribes to (or otherwise accesses or uses) our Subscription Memberships or Summit Service, including any staff, employees, consultants, advisors, or independent contractors accessing CCR Services on the Subscriber’s behalf.
- “Third-party Site” means any website, social media site, platform, service, or application not owned or controlled by CCR through which a User can access CCR Services or to which CCR Services may link. This includes, but is not limited to, social media platforms, payment processors, authentication services, and analytics providers.
- “Usage Data” means data collected automatically, either generated by the use of CCR Services or from the CCR Services infrastructure itself (for example, the duration of a page visit).
- “You” means the individual accessing or using CCR Services, or the company or other legal entity on behalf of which such individual is accessing or using CCR Services.
Data Protection Terms
- “Cookies” are small files placed on your Device by CCR Services, containing details of your browsing history and other tracking information.
- “Data Controller” (for GDPR purposes) refers to CCR as the legal person that alone or jointly with others determines the purposes and means of processing Personal Data.
- “Do Not Track” (DNT) means your right as an End User to control how your online activities are monitored and tracked across websites. This privacy control:
- Allows you to communicate your preferences about data collection and tracking
- Can be enabled through browser settings or privacy controls
- Tells websites and third parties whether you consent to having your online activity tracked
- Helps protect your privacy by limiting cross-site tracking, behavioral advertising, and the collection of your browsing history
- Is recognized and supported by various web browsers and online services
- May be implemented differently across different browsers and platforms
- Is one of several tools you can use to manage your online privacy preferences
The effectiveness of DNT signals depends on whether websites and services are configured to recognize and honor these preferences. CCR’s response to DNT signals is described in the “Tracking and Cookies” section of this policy.
- “Personal Information” means data that relates to or about an identified or identifiable natural person or, where applicable, household as defined under relevant law. This includes but is not limited to:
- Name, postal address, telephone number, email address
- Unique online identifiers
- Account credentials
- Financial information
- Device identifiers
- Location data
- Usage patterns
- “Sensitive Personal Information” includes:
- Account credentials
- Precise geolocation
- Racial or ethnic origin
- Health information
- Sexual orientation
- Genetic and biometric data
- Private communications
- “Special Category Personal Information” (under GDPR) includes personal information revealing:
- Racial or ethnic origin
- Political opinions
- Religious or philosophical beliefs
- Trade union membership
- Genetic data
- Biometric data
- Health data
- Data concerning sex life or sexual orientation
Regulatory Terms
- “CCPA/CPRA” refers to the California Consumer Privacy Act as amended by the California Privacy Rights Act of 2020.
- “Consumer” (for CCPA/CPRA purposes) means a natural person who is a California resident, including:
- Every individual in the USA for other than a temporary purpose
- Every individual domiciled in the USA who is temporarily outside the USA
- “COPPA” refers to the Children’s Online Privacy Protection Act, a U.S. federal law that protects the privacy of children under 13 years of age online. COPPA requires websites and online services to obtain parental consent before collecting personal information from children and to provide specific privacy protections for any such information collected.
- “GDPR” refers to the EU General Data Protection Regulation and, where applicable, the UK General Data Protection Regulation. Under GDPR, you may be referred to as the “Data Subject” or “User.”
- USE OF CCR SERVICES BY MINORS
The CCR Services are not directed or targeted at children under the age of 13, and we request that they do not provide Personal Information through our Site(s) or Apps. In compliance with the Children’s Online Privacy Protection Act (“COPPA”), should we learn that a user of the Site or the CCR Services is under the age of 13, we will make reasonable efforts to notify the child’s parent(s) and will delete any information accidentally collected.
- CATEGORIES OF PERSONAL INFORMATION WE COLLECT ABOUT YOU
The personal information we collect varies depending upon your use of CCR Services and your interactions with us. We maintain and collect this information in accordance with applicable privacy laws, including CCPA/CPRA, GDPR, COPPA, and other relevant regulations.
Core Categories of Personal Information
- Basic Identifiers
- Name and aliases
- Email address
- Postal address
- Phone numbers
- Online identifiers (IP addresses, device IDs)
- Account credentials
- Emergency contact information
- Collected: Yes
- Customer Records Information
- Financial data (payment information, purchase history)
- Billing and shipping information
- Account information
- Authentication credentials
- Education information (when voluntarily provided)
- Collected: Yes
- Protected Classifications
- Age (for eligibility verification)
- Gender (when voluntarily provided)
- Nationality (when voluntarily provided)
- Collected: Only when voluntarily provided
- Commercial Information
- Purchase history
- Product preferences
- Subscription records
- Customer service interactions
- Collected: Yes
- Internet and Network Activity
- Browsing history on CCR Sites
- Search history
- Interaction with CCR Services
- Device information
- Browser type and settings
- Operating system information
- Collected: Yes
- Geolocation Data
- Approximate location (IP-based)
- Precise location (with explicit consent)
- Mobile device location services
- Collected: Yes, with permission
- User-Generated Content
- Images uploaded to CCR Services
- Comments and feedback
- Forum posts
- Chat communications
- Collected: Yes, when provided
Special Categories and Sensitive Personal Information
As defined under GDPR and CCPA/CPRA, we may collect the following sensitive information with explicit consent:
- Account login credentials
- Payment account access information
- Precise geolocation
- HOW WE COLLECT YOUR INFORMATION
We may collect your information from the following categories of sources:
- Voluntary Information
- Most personal information we gather is provided voluntarily by you
- Some personal information is required to access certain CCR Services
- You control what optional information to share
- Automatic Collection
- Some information is collected automatically when you use CCR Services
- Collection occurs through cookies and similar technologies
- You can control automatic collection through your device settings
- Third-Party Information
- We may receive information from third-party sources
- This includes service providers, partners, payment processors, and public sources
- Third-party collection is subject to their respective privacy policies
- De-identified Information
- We commit to maintaining de-identified information without re-identification
- Aggregated data may be used for analysis and improvement of services
Information Not Covered
Under CCPA/CPRA, personal information does not include:
- Publicly available information from government records
- De-identified or aggregated consumer information
- Information covered by specific privacy laws such as HIPAA, CMIA, FRCA, GLBA, or FIPA
Changes To Information Collection
If we decide to collect additional categories of personal information or use collected information for materially different purposes, we will update this Privacy Policy and, where required by law, obtain appropriate consent.
Notice for EU/UK Residents
For End Users in the European Union or United Kingdom, we obtain explicit consent before collecting and processing personal data as required by GDPR. You have the right to withdraw this consent at any time.
- HOW WE MAY USE YOUR PERSONAL INFORMATION
While legal requirements guide our data practices, we want you to feel comfortable understanding exactly what we do with your information and why.
Our Approach to Using Your Information
Before we use your personal information, we ensure we have a valid reason to do so. These reasons might include fulfilling our contract with you, complying with the law, pursuing legitimate business interests, or having your permission. Let’s break this down in a way that’s easy to understand:
When We Have a Contract with You
We use your information to deliver what we’ve promised. This includes:
- Providing your access to CCR Services
- Processing your payments and orders
- Keeping your account up to date
- Responding to your questions about our services
- Making sure you get what you signed up for
When We Have Legal Obligations
Sometimes the law requires us to use your information. For example:
- Verifying your identity to prevent fraud
- Maintaining accurate records for tax purposes
- Responding to legal requests from authorized authorities
- Following health and safety regulations
- Complying with consumer protection laws
When It Helps Us Run Our Business Better
We sometimes use your information to improve our business operations, but only when it makes sense and doesn’t unfairly impact your privacy. This includes:
- Finding ways to serve you better
- Training our team to provide better support
- Protecting our systems from unauthorized access
- Understanding which services are most popular
- Making our website easier to use
When We’re Communicating With You
We use your information to keep in touch, including:
- Sending important updates about our services
- Letting you know about changes to our policies
- Sharing news about features you might like
- Responding to your messages and feedback
- Helping you with any problems you encounter
Marketing (With Your Preferences in Mind)
If you’re interested in hearing about our offerings, we might:
- Share news about services similar to ones you’ve used
- Tell you about special offers we think you’ll like
- Invite you to events or programs you might enjoy
Don’t worry – you can always tell us if you’d rather not receive these communications.
Promotional Communications
We appreciate our clients and would love to keep you updated on all the great things we’re doing! From time to time, we may send you communications (via email, text, phone or mail) to share exciting announcements about our products and services, including special offers, promotions, or new offerings that we think you’ll find valuable.
We believe it’s in both of our legitimate interests for us to process your personal information for these promotional purposes (see “How and why we use your personal information” above). This means we typically don’t need to obtain additional consent from you to send these types of communications. But if consent is ever required, we will ask for your permission first in a clear and separate request.
You are in full control of your promotional communication preferences and can opt out at any time. Simply reach out through any of these convenient methods:
- Contact us directly at in**@ch********************.com
- Click the “unsubscribe” link provided in any of our emails
- Reply “STOP” to any of our text messages
- Update your preferences easily in our Manage Your Preference Center link provided in any of our emails
There may be occasions where we’ll reach out to reconfirm your marketing preferences with us, such as if you request information on additional products or services from CCR in the future. We may also contact you to ensure your preferences are up to date in the event of any changes to applicable laws, regulations or our business structure.
A Special Note About Sensitive Information
For our European friends (EEA Data Subjects): We handle sensitive personal information with extra care and only with your explicit permission. This includes information about your health, biometric data, or other special categories of data.
Important Things To Know
- You can always ask us to explain how we’re using your information
- We regularly review our practices to ensure we’re using your information responsibly
- We keep your information only as long as we need it
- We’re always working to protect your information from unauthorized access
Changes to How We Use Information
If we need to use your information in a new way, we’ll let you know and update this policy. Your privacy matters to us, and we want you to be informed about any changes that might affect you.
Want to know more about how we use your information or have concerns? We’re happy to explain further – just reach out to us at in**@ch********************.com.
Important Notes About Legitimate Business Interests and Special Categories
- Legitimate Interests A legitimate interest is our business or commercial reason for using your information, balanced against your rights and interests. Our legitimate interests include:
- Providing efficient and secure services
- Improving our offerings
- Protecting against fraud
- Operating our business effectively
- Consent-Based Processing
- Marketing communications (where required)
- Use of sensitive personal information
- Cookies and tracking technologies (where required)
- You have the right to withdraw consent at any time
- Special Categories of Personal Information For EEA End Users: We process special category personal information only with your explicit consent or where permitted by law.
- California Residents’ Personal Information Under CCPA/CPRA, we use personal information for:
- Business purposes as defined by law
- Commercial purposes with appropriate protections
- Operational needs with required safeguards
Limiting Use of Sensitive Personal Information
For California residents, you have the right to limit the use of sensitive personal information to that which is necessary to perform services or provide goods reasonably expected by an average consumer.
- WHO WE SHARE YOUR PERSONAL INFORMATION WITH
At CCR, we are committed to handling your personal information with the greatest care. And want you to know the limited circumstances in which we may share your personal information and data with third parties. So here are the categories of individuals and entities with whom we may share your information.
Affiliates
We may share your personal information with our Affiliates for the purposes described in this Privacy Policy. CCR is responsible for managing any jointly used personal information.
Service Providers and Integrated Partners
We work with trusted service providers and integrated partners who assist us in operating and delivering our services. These partners may process your personal data on our behalf in compliance with this Privacy Policy. We ensure that each provider is contractually obligated to protect your information and only use it for the specific purposes we’ve engaged them for, which may include:
- Website hosting and infrastructure provision
- Data analysis and analytics
- Payment processing and order fulfillment
- Customer service and technical support
- Email delivery and marketing campaigns
- Credit card processing and auditing
Event Hosts, Sponsors, and Organizers
If you register for or attend a CCR summit or event, we may share your personal information with the hosts, sponsors, or organizers of that particular event. This data sharing allows them to plan and manage the event effectively, communicate important updates, and follow up with relevant information or offers post-event. Please review the specific privacy policies or notices provided for each summit or event to understand how your data will be handled.
Subscribers
If you are an End User interacting with one of our Subscribers through our services, we may share your information with that Subscriber. Please contact the Subscriber directly for more details on their specific privacy practices.
Third-Party Marketing and Promotions
We may share your information with third parties for marketing purposes, consistent with your communication preferences.
Sweepstakes and Contests
If you participate in sweepstakes, contests, or similar promotions, we may share your information with the sponsors of those events, in accordance with your choices.
Other Users and Social Media
When you post content on message boards, dashboards, challenges, chat, profile pages, blogs, or other interactive services, that information may be visible to other users. If you connect your social media accounts to your CCR account or our social media pages, information related to your social sharing activity may be shared with your social media provider.
Other Users/User-Generated Content
Any personal information or content that you voluntarily disclose in user-generated content on our services, such as in posts, comments, or testimonials, becomes publicly available and can be collected and used by others. This content may also appear on other websites or web searches. Please exercise caution before choosing to share personal information in these public spaces.
Information Disclosed for Our Protection and the Protection of Others
We may disclose your personal information to government authorities, law enforcement, or private parties when we believe it is necessary or appropriate to:
- Respond to legal claims and processes, including subpoenas and warrants;
- Protect the rights, property, and safety of CCR, our users, or the public; or
- Investigate and halt any activity we consider illegal, unethical, or legally actionable
We are committed to cooperating with officials in such cases while ensuring appropriate measures are taken to protect your privacy rights.
Corporate/Business Transactions
In the event that CCR is involved in a merger, acquisition, sale, joint venture, reorganization or other corporate transaction, we retain a legitimate interest in disclosing or transferring your personal information to the relevant parties, including during negotiations leading to such transactions. Those parties may include acquiring entities, targets, advisors or others involved in the deal.
Please note that we may use and disclose non-personal information for any purpose, except where prohibited by applicable law. If required to treat non-personal information as personal under relevant laws, we will use it only for the purposes outlined for personal information in this policy. In some cases we may combine non-personal and personal information; if so the combined information will be considered personal information and protected accordingly.
Your privacy remains our top priority. If you have any questions about how your personal information may be shared, please contact us at in**@ch********************.com. We’re here to address your concerns and maintain your trust in CCR.
- PERSONAL INFORMATION WE SOLD OR SHARED
We understand that your personal information is just that—personal. That’s why we want to be clear about what data CCR may have sold or shared and to assure you that any such actions were taken with the utmost consideration for your privacy rights and in compliance with applicable laws.
In the past 12 months, we may have sold or shared the following categories of personal information:
- Identifiers: This could include things like your name, alias, postal address, unique personal identifier, online identifier, IP address, email address, account name, or similar identifiers.
- Personal Details: Information that identifies, relates to, describes, or is capable of being associated with you, such as your name, signature, address, telephone number, education, employment, employment history, bank account number, credit or debit card number, or other financial information.
- Protected Classifications: Characteristics of protected classifications under California or federal law.
- Commercial Information: Records of personal property, products, or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
- Biometric Information: Physiological, biological, or behavioral characteristics that can be used to establish individual identity.
- Internet or Network Activity: Information such as your browsing history, search history, and interactions with websites, applications, or advertisements.
- Geolocation Data: Information about your physical location or movements.
- Sensory Data: Audio, electronic, visual, thermal, olfactory, or similar information.
- Professional or Employment Information: Current or past job history or performance evaluations.
- Education Information: Information that is not publicly available personally identifiable information as defined in the Family Educational Rights and Privacy Act (FERPA).
- Inferences: Inferences drawn from any of the above information to create a profile about your preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
We want to assure you that any sale or sharing of personal information was done in accordance with the law and with appropriate safeguards in place to protect your rights. If you have any questions or concerns about this, please don’t hesitate to reach out to us at in**@ch********************.com.
- CATEGORIES OF INFORMATION WE MAY HAVE DISCLOSED FOR A BUSINESS PURPOSE
At CCR, we want you to feel confident that when we disclose your data for business purposes, we do so with your best interests in mind and in full compliance with applicable laws.
In the preceding 12 months, we may have disclosed the following categories of personal information for various business purposes:
- Identifiers: This includes information such as your name, alias, postal address, unique personal identifier, online identifier, IP address, email address, account name, or other similar identifiers that can be used to identify you.
- Personal Information: Categories Listed in the California Customer Records Statute (Cal. Civ. Code § 1798.80(e)), which encompasses information like your name, signature, physical characteristics or description, address, or telephone number.
- Protected Classification Characteristics Under California or Federal Law: This category includes personal attributes such as age, race, color, ancestry, national origin, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, sexual orientation, or genetic information (including familial genetic information).
- Commercial Information: Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies fall under this category.
- Biometric Information: This includes physiological, biological, or behavioral characteristics that can be used to establish individual identity, such as fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.
- Internet or Other Similar Network Activity: Information about how you interact with our websites, applications, or advertisements, including your browsing history, search history, and clickstream data.
- Geolocation Data: Information that can be used to identify your physical location or movements.
- Sensory Data: Audio, electronic, visual, thermal, olfactory, or similar information.
- Inferences Drawn from Other Personal Information: This category includes information that may be used to create a profile about you reflecting your preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
Rest assured that any disclosure of your personal information for business purposes is done with utmost care and in accordance with applicable laws. If you have any questions or concerns about how your data may have been shared, please don’t hesitate to reach out to us at in**@ch********************.com.
- HOW LONG WE WILL KEEP YOUR PERSONAL INFORMATION
First and foremost, we’ll retain your personal information for as long as you have an active account with us or while we’re providing you with our products or services. We believe in maintaining a strong relationship with our clients and ensuring that we have the necessary information to serve you effectively.
After our direct engagement with you ends, we’ll hold onto your personal information for a bit longer, but only as long as necessary for a few key reasons:
- Addressing Your Concerns: If you have any questions, complaints, or claims, we want to make sure we have the information needed to respond thoroughly and appropriately.
- Demonstrating Fair Treatment: We believe in treating all of our clients fairly, and retaining your information helps us show that we’ve upheld this commitment to you.
- Legal Compliance: In some cases, the law requires us to keep records for a specified period. We’ll always adhere to these legal obligations.
Know this: we won’t keep your personal information indefinitely. We’ve put a lot of thought into determining the right retention periods for different types of data, and we have a detailed records management policy that guides these decisions.
When it’s time to say goodbye to your personal information, we’ll either securely delete it or anonymize it so that it can no longer be associated with you.
- CALIFORNIA CONSUMERS: YOUR RIGHTS UNDER THE CCPA/CPRA
If you’re a California resident, you have specific rights under the California Consumer Privacy Act of 2018 (CCPA) and the California Privacy Rights Act of 2020 (CPRA). Here’s what you need to know:
Right to Know and Access
You have the right to know and request that we disclose the following information to you, free of charge:
- The categories and specific pieces of personal information, including sensitive personal information, that we’ve collected about you
- The categories of sources from which we collected your personal information
- Our business or commercial purposes for collecting, selling, or sharing your personal information
- The categories of third parties with whom we share your personal information
Please note that we are not required to:
- Retain any personal information about you that was collected for a single one-time transaction if, in the ordinary course of business, that information about you is not retained
- Reidentify or otherwise link any data that, in the ordinary course of business, is not maintained in a manner that would be considered personal information; or
- Provide the personal information to you more than twice in a 12-month period
Right to Delete
You can request that we delete the personal information we’ve collected about you, subject to certain exceptions. We’ll use commercially reasonable efforts to honor your request unless we need to retain the information to:
- Complete a transaction, provide a service, or perform a contract with you
- Protect against security incidents and illegal activities
- Debug and repair errors
- Exercise free speech or other legal rights
- Comply with laws like the California Electronic Communications Privacy Act
- Conduct research in the public interest, in line with applicable laws
- Enable internal uses reasonably aligned with your expectations
- Fulfill other compatible, lawful purposes
Right to Correct
If we have inaccurate personal information about you, you can ask us to correct it. We’ll use commercially reasonable efforts to make the corrections unless an exception applies.
Right to Opt-Out of Sale or Sharing
You can opt out of the sale of your personal information or the sharing of your information for targeted advertising by unsubscribing – provided in any of our emails.
Right to Limit Use of Sensitive Personal Information
You can limit our use of your sensitive personal information to what’s necessary to:
- Provide requested goods or services
- Perform services like security, quality control, and transaction processing
- Other purposes authorized by regulations
To exercise this right, click unsubscribe in any of our emails.
Right to Non-Discrimination and Protection Against Retaliation
We won’t discriminate against you for exercising your CCPA/CPRA rights. This means we won’t:
- Deny goods or services
- Charge different prices, except as allowed by law
- Provide a different level or quality of goods or services
- Suggest you’ll receive a different price or quality of goods or services
We’ll only use differences reasonably related to the value your data provides or for approved loyalty or club programs.
Exercising Your Rights
To submit requests related to CCPA/CPRA rights, follow the designated links or contact us. We may need to verify your identity before fulfilling your request. If we can’t complete a request, we’ll explain why. In some cases, you may be entitled to appeal a decision we make about your request.
Please note that we’re not required to retain personal information collected for a single transaction if we don’t normally keep that data, reidentify or link data that’s not maintained as personal information or provide personal information to you more than twice in a 12-month period.
We appreciate your privacy rights as a California consumer and are committed to providing you with the information and choices you’re entitled to under the law. If you have any questions, don’t hesitate to reach out to us.
- EEA DATA SUBJECTS: YOUR RIGHTS UNDER THE EU GDPR
If you’re a resident of the European Economic Area (EEA), you have specific rights under the EU General Data Protection Regulation (GDPR). Here’s an overview of your rights and how we support them:
- Right to Be Informed: You have the right to know when and how we collect and use your personal information. We’ll always provide clear, transparent information about our data practices.
- Right to Access: Want to know what personal information we have about you? Just ask! You have the right to request a copy of the data we’ve collected, and we’ll provide it to you free of charge.
- Right to Rectification: If you believe any of the personal information we hold about you is inaccurate, let us know. You have the right to have your data corrected, and we’ll make the necessary updates.
- Right to Be Forgotten: In certain situations, you can ask us to delete your personal information. If there are no legal obligations preventing us from doing so, we’ll erase your data from our systems.
- Right to Restriction of Processing: Under specific circumstances, such as when you contest the accuracy of your data, you can ask us to limit how we process your personal information until the issue is resolved.
- Right to Data Portability: If you want to take your data elsewhere, we’ll make it easy. You have the right to receive a copy of your personal information in a structured, commonly used, and machine-readable format, so you can transmit it to another service.
- Right to Object: You can object to your personal information being processed for direct marketing purposes at any time. In certain other situations, you may also object to our continued processing of your data.
- Right Not to Be Subject to Automated Decision-Making: We respect your right not to be subject to decisions based solely on automated processing, including profiling, that significantly impact you. If we ever engage in this type of processing, we’ll give you the opportunity to contest the decision and seek human review.
Legal Basis for Processing
When we process your personal information, we do so under specific legal grounds. These may include:
- Consent: When you’ve given us clear permission to process your data for a particular purpose.
- Contract: When processing your data is necessary to fulfill a contract we have with you.
- Legal Obligation: When we’re required to process your data to comply with the law.
- Vital Interests: When processing is necessary to protect someone’s life.
- Public Interest: When processing is related to a task carried out in the public interest or in the exercise of official authority.
- Legitimate Interests: When we have a genuine and legitimate reason to process your data, and those interests aren’t overridden by your rights and interests.
We’ll always be clear about which legal basis we’re relying on and are happy to provide more details upon request.
Exercising Your Rights
If you want to exercise any of your GDPR rights or have questions about our data practices, don’t hesitate to contact us info@ch********************@gm***.com
For more information on your rights under the GDPR, check out the guidance from the UK Information Commissioner’s Office (ICO) on individual rights.
- WHERE YOUR PERSONAL INFORMATION IS HELD
We want you to know that your personal information is in good hands. We may store your data at our offices, with our sister/child companies, or with trusted third-party agencies, service providers, representatives, and agents. For our European End Users, please be aware that some of these partners may be located outside the European Economic Area (EEA).
When we share your information with third parties outside the EEA, we take extra steps to ensure your data remains protected. You can find more details on how we safeguard your information in the “Transferring Your Personal Information Out of the EEA” section below.
We’re committed to being transparent about where your personal information is held and how it’s protected. If you have any questions, please don’t hesitate to reach out to us.
- TRANSFERRING YOUR PERSONAL INFORMATION OUT OF THE EEA
To our EEA Users, know that in order to provide you with the best possible services, we may sometimes need to share your personal information with partners outside the EEA. This could happen when:
- We work with offices or service providers located outside the EEA
- You are based outside the EEA
- There is an international aspect to the services we’re providing you
We understand that these transfers are subject to special rules under European and UK data protection laws, which are summarized above. To ensure your data remains secure, we take the following measures:
- Adequate Countries: Some non-EEA countries have been recognized by the European Commission as providing an adequate level of data protection. You can find the full list of these countries at https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/rules-international-data-transfers_en.
- Standard Contractual Clauses: For transfers to countries not considered adequate, like the United States, we use standard data protection contract clauses approved by the European Commission. You can obtain a copy of these clauses by contacting us (see “How to Contact Us” below).
- EU-U.S. and Swiss-U.S. Data Privacy Frameworks: CCR complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. Data Privacy Framework (UK Extension to the EU-U.S. DPF), and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Learn more about the DPF program and view our certification at https://www.dataprivacyframework.gov/.
If you have any concerns about how we handle your personal information under the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, or the Swiss-U.S. DPF, we’re here to help. You can submit a complaint to TRUSTe, an alternative dispute resolution provider, at https://feedback-form.truste.com/watchdog/request. In certain circumstances, you may also be able to invoke binding arbitration. Find more information at https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf?tabset-35584=2.
We want you to feel confident that your personal information is being transferred securely and in compliance with all relevant data protection laws. If you have any questions or would like more information, please contact our Data Protection Officer at in**@ch********************.com.
- CHANGES TO THIS PRIVACY POLICY
CCR may make changes to this Privacy Policy from time to time. Any changes will become effective when we post a modified version of the Privacy Policy to our Site(s). If we make material changes to the Privacy Policy, we may also notify you by posting notice on our Site(s, within the applicable CCR Services, or by sending you a notice via email. If you continue using the CCR Services after we post a notice of our changes, you will be deemed to have accepted them. If you do not agree to any changes we make, you must stop using the CCR Services, Site(s) and App(s) immediately. You are responsible for reading, understanding, and agreeing to the latest version of our Privacy Policy before using the CCR Services. The “Last Updated” date listed at the top of this Privacy Policy indicates when we last updated it.
- CONTACT US
If you have any questions regarding this Privacy Policy, feel free to reach out to us at ou can in**@ch********************.com or via postal mail at:
CHRONIC CONDITION RESCUE, LLC
Attn: Legal – Privacy Policy Issues
1497 Main Street, #304
Dunedin, FL 36498
If you are in the EEA, you may also:
- Contact our Data Protection Officer responsible for your country or region, if applicable at in**@ch********************.com, or
- Lodge a complaint with a data protection authority for your country or region or where an alleged infringement of applicable data protection law occurs. A list of data protection authorities is available at http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080.
- SUB-PROCESSORS
The following is a list of current third-party vendors that may either directly or indirectly collect information from you in their capacity as a Sub-Processor. Please review the relevant privacy policies (links current as of the date of publication of this Privacy Policy) for further information on how each third-party handles your Personal Information:
Simplero: https://simplero.com/legal
Amazon: https://www.amazon.com/gp/help/customer/display.html?nodeId=GX7NJQ4ZB8MHFRNJ&ref_=footer_privacy
Stripe: https://stripe.com/us/privacy
Mailchimp: https://mailchimp.com/legal/privacy