Privacy Policy

This Privacy Policy describes how heynutrition.com (the “Site” or “we”) collects, uses, and discloses your Personal Information when you visit or make a purchase from the Site.

Collecting Personal Information

When you visit the Site, we collect certain information about your device, your interaction with the Site, and information necessary to process your purchases. We may also collect additional information if you contact us for customer support. In this Privacy Policy, we refer to any information that can uniquely identify an individual (including the information below) as “Personal Information”. 

 

See the list below for more information about what Personal Information we collect and why.

Device information

  • Examples of Personal Information collected: version of web browser, IP address, time zone, cookie information, what sites or products you view, search terms, and how you interact with the Site.
  • Purpose of collection: to load the Site accurately for you, and to perform analytics on Site usage to optimize our Site.
  • Source of collection: Collected automatically when you access our Site using cookies, log files, web beacons, tags, pixels and web browser events.
  • Disclosure for a business purpose: shared with our processor Shopify & Google Analytics.

Order information

  • Examples of Personal Information collected: name, billing address, shipping address, payment information (including credit cards, PayPal, ShopPay, AmazonPay, GPay, Apple Pay or any other payment processor listed during checkout), email address, and phone number.
  • Purpose of collection: to provide products or services to you to fulfill our contract, process your payment information, arrange for shipping, and provide you with invoices and/or order confirmations, communicate with you, screen our orders for potential risk or fraud, and when in line with the preferences you have shared with us, provide you with information or advertising relating to our products or services.
  • Source of collection: collected from you.
  • Disclosure for a business purpose: shared with our processor Shopify and our shipping fulfillment software Linnworks.

Customer support information

  • Examples of Personal Information collected: We may also collect interest information, such as color preference, birthday, various sizes, etc.
  • Purpose of collection: to provide customer support.
  • Source of collection: collected from you.
  • Disclosure for a business purpose: This information may be shared with our customer service platform, ReAmaze.

Minors

The Site is not intended for individuals under the age of 18. We do not intentionally collect Personal Information from children. If you are the parent or guardian and believe your child has provided us with Personal Information, please contact us at the address below to request deletion.

Sharing Personal Information

We share your Personal Information with service providers to help us provide our services and fulfill our contracts with you, as described above. 

 

For example:

 

  • We use Shopify to power our online store. You can read more about how Shopify uses your Personal Information here: https://www.shopify.com/legal/privacy.
  • We may share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful requests for information we receive, or to otherwise protect our rights.
  • We may share your information with our Email marketing provider Klaviyo.
  • We may share your information with our SMS marketing provider Postscript.
  • We may share your information with our Customer Service Portal provider ReAmaze.
  • We may share your information with our Mobile App provider TapCart.
  • We may share your information with our analytics platform Daasity.
  • We may share your information with our Sales Tax platform TaxJar.
  • We may share your information with our Customer Rewards platform Smile.
  • We may share your information with our Subscription platform ReCharge.
  • We may share your information with our Reviews platform Stamped.

Behavioral Advertising

As described above, we use your Personal Information to provide you with targeted advertisements or marketing communications we believe may be of interest to you. For example:

 

  • We use Google Analytics to help us understand how our customers use the Site. You can read more about how Google uses your Personal Information here: Google Privacy Policy.You can also opt out of Google Analytics here: Google Analytics Opt-out Browser Add-on Download Page.
  • We share information about your use of the Site, your purchases, and your interaction with our ads on other websites with our advertising partners. We collect and share some of this information directly with our advertising partners, and in some cases through the use of cookies or other similar technologies (which you may consent to, depending on your location).

For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at FAQ - NAI: Network Advertising Initiative.

You can opt out of targeted advertising by visiting the ad partners' sites themselves and opting out of remarketing:

 

Additionally, you can opt out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at: http://optout.aboutads.info.

Using Personal Information

We use your personal information to provide our services to you, which includes: offering products for sale, processing payments, shipping and fulfillment of your order, and keeping you up to date on new products, services, and offers.

When you purchase something from our store, as part of the buying and selling process, we collect the personal information you give us such as your name, address and email address.

When you browse our store, we also automatically receive your computer’s internet protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system.

Email marketing (if applicable): With your permission, we may send you emails about our store, new products and other updates.

Text marketing (if applicable): With your permission, we may send text messages about our store, new products, and other updates. Updates include Checkout Reminders. Webhooks will be used to trigger the Checkout Reminders messaging system.

Lawful basis

Pursuant to the General Data Protection Regulation (“GDPR”), if you are a resident of the European Economic Area (“EEA”), we process your personal information under the following lawful bases:

 

  • Your consent;
  • The performance of the contract between you and the Site;
  • Compliance with our legal obligations;
  • To protect your vital interests;
  • To perform a task carried out in the public interest;
  • For our legitimate interests, which do not override your fundamental rights and freedoms.

Retention

When you place an order through the Site, we will retain your Personal Information for our records unless and until you ask us to erase this information. For more information on your right of erasure, please see the ‘Your rights’ section below.

Automatic decision-making

If you are a resident of the EEA, you have the right to object to processing based solely on automated decision-making (which includes profiling), when that decision-making has a legal effect on you or otherwise significantly affects you.

 

We do engage in fully automated decision-making that has a legal or otherwise significant effect using customer data.

 

Our processor Shopify uses limited automated decision-making to prevent fraud that does not have a legal or otherwise significant effect on you.

 

Services that include elements of automated decision-making include:

 

  • Temporary denylist of IP addresses associated with repeated failed transactions. This denylist persists for a small number of hours.
  • Temporary denylist of credit cards associated with denylisted IP addresses. This denylist persists for a small number of days.

Your rights

GDPR

You have the right to access the Personal Information we hold about you, to port it to a new service, and to ask that your Personal Information be corrected, updated, or erased. 

Your Personal Information will be initially processed in Ireland and then will be transferred outside of Europe for storage and further processing, including to Canada and the United States. 

If you are a resident of the United Kingdom, the UK GDPR as defined in the Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019, the Data Protection Act 2018 and the Privacy and Electronic Communications (EC Directive) Regulations 2003 will apply to the protection of your personal data when you shop on our website. For more information on how data transfers comply with the GDPR, see Shopify’s GDPR Whitepaper: https://help.shopify.com/en/manual/your-account/privacy/GDPR.

If you are a resident of the European Union, the Regulation (EU) 2016/679 (General Data Protection Regulation) and any applicable local laws, statutes and regulatory guidance will apply to the protection of your personal data when you shop on our website. As a resident of the European Union, you can direct your data protection queries to our customer support department by contacting us at the address below.

CCPA

If you are a resident of California, Virginia, or Colorado, you have the right to access the Personal Information we hold about you (also known as the ‘Right to Know’), to port it to a new service, and to ask that your Personal Information be corrected, updated, or erased. If you would like to exercise these rights, please contact us through the contact information below.

 

CALIFORNIA, COLORADO, AND VIRGINIA PRIVACY RIGHTS

 

heynutrition.com (collectively, “Site,” “us,” “we,” and “our") provides this California, Virginia, and Colorado Privacy Notice (the “Supplemental State Privacy Policy”) for visitors, users, and others who reside in the States of California, Virginia, and Colorado.  The Supplemental State Privacy Policy supplements the information contained in the Privacy Notice and applies solely to visitors, users, and others who reside in the States of California, Virginia, and Colorado.  To the extent any provision in this Supplemental State Privacy Policy conflicts with a provision of the Privacy Notice, the Supplemental State Privacy Policy shall govern with respect to visitors, users, and others who reside in the States of California, Virginia, and Colorado. 

 

Personal Information Collection:

 

Site collects information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household (“personal information”).  Site collects the following categories of personal information:

 

Identifiers, such as real name, alias, postal address, unique personal identifier, online identifier, internet protocol address, email address, account name, or other similar identifiers.

  • Categories of personal information described in Cal. Civ. Code § 1798.80(e), such as name, signature, physical characteristics or description, address, telephone number, bank account number, credit card number, debit card number, or any other financial information.
  • Characteristics of protected classifications under state or federal law, such as age, citizenship, and sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions).
  • Commercial information, such as records of products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
  • Biometric information.
  • Internet or other electronic network activity information, such as browsing history, search history, and information regarding a consumer’s interaction with an internet website, application, or advertisement. 
  • Geolocation data.
  • Audio, electronic, visual, thermal, olfactory, or similar information.
  • Inferences drawn from other personal information to create a profile about a consumer reflecting a consumer’s preferences, characteristics, and trends.

 

Personal information does not include: publicly available information lawfully made available from government records, deidentified or aggregated consumer information, or information excluded from the California Consumer Privacy Act, the Virginia Consumer Data Protection Act, or the Colorado Privacy Act.

 

Use of Personal Information:

 

Site may use or disclose the personal information collected for one or more of the following business or commercial purposes:

 

To fulfill or meet the reason for which the information is provided. 

 

  • To provide you with information, products, or services that you request from us, including answering your queries and notifying winners in promotions.
  • To provide you with phone calls, text message notifications, email alerts, and other notices concerning our products or services.  For example, to notify you of delivery status, to be able to send you relevant marketing offers and information such as newsletters and our catalogs, to contact you in the event of a problem with delivery of your items, and to inform you of new or changed services.
  • To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection and managing your account by carrying our credit checks.
  • To be able to analyze your personal data to provide you with relevant marketing offers and information.
  • To be able to validate that you are of legal age for shopping online.
  • To improve our website.
  • Testing, research, analysis, and product and service development.
  • As necessary or appropriate to protect the rights, property, or safety of us, our employees, our customers, or others.
  • To respond to law enforcement requests and as required by applicable law, court order, or government regulations.
  • As described to you when collecting your personal information.
  • Rights of California, Virginia, and Colorado Residents:

 

California, Virginia, and Colorado residents have the following rights:

 

Right to Know About Personal Information Collected, Disclosed, or Sold

You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months.  Once Site receives and confirms your verifiable consumer request (instructions and description below), Site will disclose to you:

 

The categories of personal information we collected about you:

  • The categories of sources for the personal information we collected about you;
  • Our business or commercial purpose for collecting or selling that personal information;
  • The categories of third parties with whom we share that personal information;
  • The specific pieces of personal information we collected about you; and/or
  • If Site sold or disclosed your personal information for a business purpose, including lists of sales, identifying the categories of personal information that each category of recipient purchased or obtained.

 

Directly from you, the consumer:

  • Indirectly from third parties and service providers, including partners and affiliates;
  • Directly and indirectly from our website.
  • Site collected the categories of personal information listed above for the following business or commercial purposes:

 

Affiliates:

  • Service providers;
  • Third parties to which consumers authorized us to disclose personal information in connection with products or services provided to consumers.
  • Right to Request Deletion of Personal Information
  • You have the right to request that heynutrition.com delete any of your personal information that heynutrition.com collected from you and retained, subject to certain exceptions. Once heynutrition.com receives and confirms your verifiable consumer request (instructions and description below), heynutrition.com will delete, and direct our service providers to delete, your personal information from our records, unless an exception applies.

 

heynutrition.com may deny your request to delete your personal information if retaining the information is necessary for us or our service providers, subject to certain exemptions based on your state of residence.

 

You can delete this information by sending us a formal email at support@heynutrition.com with “Delete Information” in the subject line. 

 

Right to Request Personal Information

 

You have the right to request your personal information that heynutrition.com collected from you and retained, subject to certain exceptions. Once heynutrition.com receives and confirms your verifiable consumer request (instructions and description below), heynutrition.com will provide your personal information from our records, unless an exception applies.

 

You can request your personal information by sending us a formal email at support@heynutrition.com with “Personal Information Request '' in the subject line. 

 

The Sale of Your Information 

 

We DO NOT sell your information to third parties.

 

What Personal Information Do I Provide to Verify My Identity?

 

heynutrition.com takes the privacy of your personal information seriously and wants to ensure that we provide only you or your authorized agent with your personal information. Applicable law also requires that we verify the identity of each person who makes a request to know what personal information we have about you or to delete the personal information we have about you.  To verify your identity, we ask you to provide your:

 

  • First name*
  • Last name*
  • Middle initial
  • Email address
  • Phone number
  • Order number
  • *required field

 

How to Submit a Request Using an Authorized Agent

 

An authorized agent is a person or business who has authorization to request to know what personal information we have about you, to delete the personal information we have about you, or to opt out of the sale of personal information on behalf of a California, Virginia, or Colorado resident. Authorized agents use the same links described above to submit requests.

 

If you are submitting a request on behalf of another person, we require a valid power of attorney or other documentation demonstrating your authority to submit this request. This can be a letter or other documentation signed by the California, Virginia, or Colorado resident authorizing you to submit this request. 

 

How Do I Send You My Documentation?

 

If you submit a request via email at support@heynutrition.com, you must include the appropriate above listed documentation in order for us to act on your request. If you submit your request over the phone by calling us at PHONE you will also be asked to email your forms to support@heynutrition.com. 

 

Response Timing and Format

 

Site will confirm receipt of a request within 10 days and provide information about how we will process the request. We endeavor to substantively respond to a verifiable consumer request within 45 days of its receipt.  If we require more time (up to 90 days), we will inform you of the reason and extension period in writing by mail or electronically, at your option. 

 

California Shine the Light Law:

 

California Civil Code Section 1798.83 permits our visitors who are California residents to request certain information regarding our disclosure of personal data to third parties for their direct marketing purposes. To make such a request, please contact support@heynutrition.com. 



Cookies

A cookie is a small amount of information that’s downloaded to your computer or device when you visit our Site. We use a number of different cookies, including functional, performance, advertising, and social media or content cookies. Cookies make your browsing experience better by allowing the website to remember your actions and preferences (such as login and region selection). This means you don’t have to re-enter this information each time you return to the site or browse from one page to another. Cookies also provide information on how people use the website, for instance whether it’s their first time visiting or if they are a frequent visitor.

 

We use the following cookies to optimize your experience on our Site and to provide our services.

Cookies Necessary for the Functioning of the Store

Name

Function

 

_ab

Used in connection with access to admin.

_secure_session_id

Used in connection with navigation through a storefront.

cart

Used in connection with shopping cart.

cart_sig

Used in connection with checkout.

cart_ts

Used in connection with checkout.

checkout_token

Used in connection with checkout.

secret

Used in connection with checkout.

secure_customer_sig

Used in connection with customer login.

storefront_digest

Used in connection with customer login.

_shopify_u

Used to facilitate updating customer account information.


Reporting and Analytics

Name

Function

_tracking_consent

Tracking preferences.

_landing_page

Track landing pages

_orig_referrer

Track landing pages

_s

Shopify analytics.

_shopify_s

Shopify analytics.

_shopify_sa_p

Shopify analytics relating to marketing & referrals.

_shopify_sa_t

Shopify analytics relating to marketing & referrals.

_shopify_y

Shopify analytics.

_y

Shopify analytics.

 

Other cookie-based platforms we use include but are not limited to: Klaviyo, PostScript, TapCart, OrderHive, Daasity, Google Analytics, Bing, Yahoo, AOL, Verizon Media, TikTok, Google Adwords, Google Adsense, ReCharge, Smile Rewards and others. These providers are subject to change without notice.

 

The length of time that a cookie remains on your computer or mobile device depends on whether it is a “persistent” or “session” cookie. Session cookies last until you stop browsing and persistent cookies last until they expire or are deleted. Most of the cookies we use are persistent and will expire between 30 minutes and two years from the date they are downloaded to your device.

You can control and manage cookies in various ways. Please keep in mind that removing or blocking cookies can negatively impact your user experience and parts of our website may no longer be fully accessible.

 

Most browsers automatically accept cookies, but you can choose whether or not to accept cookies through your browser controls, often found in your browser’s “Tools” or “Preferences” menu. For more information on how to modify your browser settings or how to block, manage or filter cookies can be found in your browser’s help file or through such sites as www.allaboutcookies.org.

 

Additionally, please note that blocking cookies may not completely prevent how we share information with third parties such as our advertising partners. To exercise your rights or opt-out of certain uses of your information by these parties, please follow the instructions in the “Behavioral Advertising” section above.

Do Not Track

Please note that because there is no consistent industry understanding of how to respond to “Do Not Track” signals, we do not alter our data collection and usage practices when we detect such a signal from your browser.

Changes

We may update this Privacy Policy from time to time in order to reflect, for example, changes to our practices or for other operational, legal, or regulatory reasons.

Contact Us

For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by Email at support@heynutrition.com or by mail using the details provided below:

 

HeyNutrition

[ATTN: COMPLIANCE OFFICER]

Kemp House,

152 - 160 City Road,

London, England,

EC1V 2NX



If you are not satisfied with our response to your complaint, you have the right to lodge your complaint with the relevant data protection authority. You can contact your local data protection authority.

Last updated: November 23rd, 2022