Privacy Policy

 

This Company is headquartered in the state of California, USA. The Company operates its Website on the Shopify platform.  By using our Products or accessing our Website, you herein agree to Shopify’s Privacy Policy (https://www.shopify.com/legal/privacy) and Terms of Service (https://www.shopify.com/legal/terms).  Your Personal Information will be initially processed in Ireland and then will be transferred outside of Europe for storage and further processing, including to Canada and the United States.  For more information on how data transfers comply with the GDPR, see Shopify’s GDPR Whitepaper at  https://help.shopify.com/en/manual/your-account/privacy/GDPR. 

We provide the foregoing disclosure to EU data subjects.  

The Company’s and Shopify’s processing of the Personal Information, such as the name, address, email address, or telephone number of an EU data subject (hereinafter, “Personal Information” or “Personal Data”) that is voluntarily supplied by the individual, or supplied by an authorized third party, shall always be in line with the General Data Protection Regulation (“GDPR”), and in accordance with the country-specific data protection regulations applicable to the Company.  

By means of this Privacy Policy, our Company would like to inform you of the nature, scope, and purpose of the Personal Information we collect, use and process, as defined herein.  Specifically, if you are an EU data subject visiting our Website, you are hereby informed, by means of this section of our Privacy Policy, of the rights to which you are entitled, and the recourse you may seek if you have any questions regarding the collection, use, and processing of Personal Information by the Company.

Your Privacy Rights under the GDPR.   The GDPR includes the following rights for you, as an EU data subject, if you provide Personal Information to the Company in connection with accessing the Products or visiting our Website:

• The right to be informed about how we store, use, or share your data;
• The right to access your data;
• The right to rectify your data;

1. See https://www.shopify.com/legal/dpa.

2.  Processing.   “Processing” covers a wide range of operations performed on personal data, including by manual or automated means. It includes the collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction of personal data.  See Article 4(2) and (6) of the GDPR.

3. Third Party Personal Information.   We may obtain your Personal Information from third parties, such as third parties with whom we affiliate in providing the Company’s services.  If you provide the Company with Personal Information about third parties, you warrant to the Company that any Personal Information that you provide to the Company about any third party individuals was obtained by you with full consent, that you have the legal authority to provide us with such information, and that the individual has not communicated to you that they wish to opt out of receiving communications from the Company or having the Company collect information about him or her.

• The right to have us erase your data;
• The right to prevent us from processing your data;
• The right to request copies of your data from us in a commonly-used and machine-readable format, free of charge, for the purposes of transfer to a third party, where technically feasible;
• The right to object to use or sharing of your data; and
• The right not to be subject to automated decision-making, including profiling

 Legitimate Business Interest under the GDPR.   Our use of your Personal Information is based on the legitimate business grounds that:

• The use is necessary in order to fulfill our commitments to you under our Terms of Service or other agreements with you or is necessary to enable access to our Website on your device or charge you for our Products; 
• The use is necessary for compliance with a legal obligation; 
• The use is necessary in order to protect your vital interests or those of another person or entity; 
• We have a legitimate interest in using your information – for example, to provide and update our Website or Products, to improve our Website or Products so that we can offer you an even better user experience, to safeguard our Website or Products, to communicate with you, to measure, gauge, and improve the effectiveness of our advertising, and better understand user retention and attrition, to monitor and prevent any problems with our Products, and to personalize your experience; and/or
• You have given us your consent.

Data Retention/Erasure.   We will retain your Personal Information for as long as needed to provide the applicable Products, or for a minimum period of four (4) years.  If, at any time after agreeing to this Privacy Policy, you: (1) change your mind about receiving information from us; (2) wish to revoke permission for us to retain and use your Personal Information; (3) wish to object to the processing of your Personal Information; or (4)  wish for us to erase a copy of your data, please make a request to the Company at hello@piggybackhealth.com.  If you request erasure of your data, we may retain some of your Personal Information only for legitimate business interests, such as fraud detection, prevention, and enhancing the safety of our Website; and to comply with our legal obligations, specifically our tax, legal reporting, and auditing obligations.

Our Response to Your Requests.   If you make any requests regarding your Personal Information, we will not charge you for compliance with the request.  The Company will respond and comply within one month.  The Company reserves the right to refuse or charge for requests that are manifestly unfounded or excessive.  If we refuse your request, we will tell you why

 You may email us with requests at hello@piggybackhealth.com.

we are refusing your request.  You have the right to complain to the relevant supervisory authority and to a judicial remedy, but you must do so within one month of our refusal. 

Data Controller.   With the exception of processing payments, for which Shopify is the Payments Data Controller; the Company is the “data controller,” as defined under the GDPR, or the legal entity which determines the purposes and means of the processing of Personal Information of the customers of the Company and visitors to its Website.  The Company is responsible for collecting your consent, managing consent-revoking, enabling right to access, etc.  If you wish to revoke consent for us to store, use, or share your Personal Information, you may contact us at hello@piggybackhealth.com. 

 

Data Processor.   The Company, and Shopify, as the host of the Website, is the “data processor," as defined under the GDPR, or the legal entity which processes, as this term is defined here in footnote 1, your Personal Information.  The Company maintains records of any processing activities it performs, and is able to show how the Company complies with the data protection principles under the GDPR.  It has effective policies and procedures in place.  If you have questions regarding the processing of your Personal Data, you may contact us at hello@piggybackhealth.com.  If you have any questions about how Shopify, our Website host, processes your Personal Data, you may visit their website for EU subjects at https://help.shopify.com/en/manual/your-account/privacy/GDPR. 

 

Data Protection Officer.  The Company is not formally required to designate a Data Protection Officer (“DPO”) because it is not: (1) a public authority; (2) an organization that carries out regular and systematic monitoring of individuals on a large scale; or (3) an organization that carries out large scale processing of special categories of data, such as health information or information about criminal convictions.  You may contact Melissa Kim, Manager of the Company, regarding data protection compliance and she can answer any questions you may have about your Personal Information.  She may be reached at melissa@piggybackhealth.com. 

 

Breach.   The Company has reasonable internal policies and procedures in place to effectively detect, report, and investigate a data breach.  The GDPR defines a Personal Information breach as “a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, Personal Information.”  Pursuant to the GDPR, the Company will notify you of a Personal Information breach where the Personal Information breaches are likely to present a risk to data subjects to data protection authorities (“DPAs”) without undue delay, and within 72 hours if feasible, after becoming aware of the breach; and communicate high-risk breaches to affected data subjects without undue delay.  In the unfortunate event of breach, the Company shall provide you with: (i) contact details of the DPO or other contact person for the Company, (ii) a description of the nature of the breach, (iii) likely consequences of the breach, (iv) measures the Company has taken or proposes to take to address the breach, and (v) advice on steps data subjects can take to protect themselves.

 

Note: Data Protection Impact Assessment (DPIA).   The Company is not required to undergo a DPIA because the Company’s data processing is not likely to result in a high risk to data subjects, such as in cases where: (1) new technology is being deployed; (2) profiling operations may significantly affect individuals; or (3) processing is on a large scale and involves special categories of data.  If you have any questions regarding DPIA compliance by the Company, please contact Ms. Kim.

 

Complaints.  Without prejudice to any other administrative or judicial remedy, every EU data subject shall have the right to lodge a complaint with a supervisory authority, in particular in the Member State of his or her habitual residence, place of work or place of the alleged infringement of the data subject considers that the processing of Personal Information relating to him or her infringes this Regulation.

Automatic Decision Making.  If you are a resident of the EU, you have the right to object to processing based solely on automated decision-making (which includes profiling), when that decision-making has a legal effect on you or otherwise significantly affects you.

We do not engage in fully automated decision-making that has a legal or otherwise significant effect using customer data.

Our Website host and processor, Shopify, uses limited automated decision-making to prevent fraud that does not have a legal or otherwise significant effect on you.

Services that include elements of automated decision-making include:

• Temporary deny list of IP addresses associated with repeated failed transactions. This deny list persists for a small number of hours.
• Temporary deny list of credit cards associated with deny listed IP addresses. This deny list persists for a small number of days.

III. Use, Processing, and Sharing of Personal Information  

The following information applies to anyone who shares with us his, her, or a third-party’s Personal Information.  We may use, process, and/or share your Personal Information (and we have done so in the past 12 months):

• To respond to your inquiries and your requests regarding our Website or Products.
• To send you information regarding our services and changes to our terms, conditions, and policies. 
• To complete your Website registration, process your payments, and communicate with you regarding your purchase of our Products.
• To send you marketing communication and newsletters about our Products.
• To personalize your experience on our Website.
• To inform you and allow you to participate in our Company’s promotions.  
• To facilitate social sharing functionality.
• To collaborate with business affiliates, partners, vendors, or service providers to provide you with our Products.
• In connection with our business purposes, as described above, including but not limited to data analysis, audits, fraud monitoring and prevention, developing or enhancing new and existing products and/or services, expanding our business activities, etc. 

We will not use and/or share your Personal Information:

6. Third Party Personal Information.   We may obtain your Personal Information from third parties, such as third parties with whom we affiliate in providing the Company’s services.  If you provide the Company with Personal Information about third parties, you warrant to the Company that any Personal Information that you provide to the Company about any third party individuals was obtained by you with full consent, that you have the legal authority to provide us with such information, and that the individual has not communicated to you that they wish to opt out of receiving communications from the Company or having the Company collect information about him or her.

7. Personal Information.   “Personal Information” may include, but is not limited to information that identifies you as an individual or relates to an identifiable person, such as name, postal address, telephone number, email address, etc.  The Company does not collect any Personal Information from visitors to its website that is not voluntarily provided.  The Company only collects your Personal Information when you use the Company’s Products, and when you send the Company communications in connection with your use of the Products. 

 6. Process.   “Processing” covers a wide range of operations performed on personal data, including by manual or automated means. It includes the collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction of personal data. 

• With anyone except for our Company’s authorized service providers, business affiliates, and business partners, such as Shopify, Hubspot, and Mailchimp, and strictly for business purposes.  We will give you an opportunity to opt out of sharing your Personal Information.  
• To run interest-based advertising campaigns that collect Personal Information such as email addresses, telephone numbers, and credit card numbers.
• To use or associate Personal Information with remarketing lists, cookies, data feeds, or other anonymous identifiers.
• To use or associate targeting information, such as demographics or location, with any Personal Information collected from the ad or its landing page.
• To share any Personal Information with Google or third party companies through our remarketing tag or any product data feeds which might be associated with our ads.

To send Google or third party companies precise location information without obtaining your consent.

However, we reserve the right to disclose Personal Information that we believe, in our sole discretion, to be necessary or appropriate in the following circumstances:

• As required by law, such as to comply with a subpoena, or similar legal process.
• When we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.
• To enforce our Terms and Conditions.
• To allow us to pursue available remedies or limit the damages that we may sustain.

IV. Collection of Other Information

9. Authorized service providers are companies that perform certain services including, but not limited to, fulfilling orders, processing credit card payments, delivering packages, providing customer service and marketing assistance, performing business and sales analyses, supporting the functionality of the Products, and supporting contests, sweepstakes, surveys and other features we offer, on our behalf.  These service providers may have access to your Personal Information, but to the extent necessary to perform or fulfill their business purpose.  We do not permit them to share or use any of your Personal Information for any other purpose.

10.  Affiliate businesses are those businesses with whom we may affiliate to sell our Products.  We may share information we collect, including Personal Information, with affiliated businesses.  Sharing such information with our affiliates enables us to provide you with information about a variety of Products that might interest you.  We instruct all affiliated businesses to comply with applicable privacy and security laws and, at a minimum, in any commercial email they send to you, to give you the opportunity to choose not to receive such email messages in the future.

11. Business partners are typically merchants offering the products, services, promotions, contests and/or sweepstakes in connection with or somehow related to our own Products.  We will not share your Personal Information with business partners unless you choose to participate in their offer or program.  When you choose to engage in a particular offer or program, you authorize us to share your email address and other Personal Information with the relevant business partner.

 

Personally Non-Identifiable Information:  The Company may run market research projects that seek to identify consumer segments that are interested in and/or use Femtech and women’s health products and/or services that are wholly owned by others.  As a result, on our Website or through our provision of Products to you, we may collect personally non-identifiable information about you, including but not limited to your demographic data, age, education level, profession, geographic location or gender, when you choose to use our Products. This information is not, by itself, sufficient to identify or contact you.  The Company may store such information, or it may be included in databases owned and maintained by partners, affiliates, agents, or service providers of the Company.  The Company may use such information and pool it with other information to track data related to growing the Company’s business, such as the total number of visitors to our Website and purchasers of our products.

 

Passively Collected Information:   The Company uses DocSend.com when providing the Products.  The Company may use DocSend A/B testing or other analytics to understand your interaction with the Company’s marketing one pagers and slide decks.  It may collect information on the user's date and time of page views, or other personally non-identifiable information which may include but is not limited to, for example, IP addresses, browser types, location information associated with your IP address, domain names, your interactions to an ad delivered by us or our ad technology partners and other anonymous statistical data involving your use of the Website and/or our Products.  This information cannot presently be used to specifically identify you.  

 

Aggregated Personal Data:   The Company may analyze your Personal Information provided through the Website or in connection with providing the Products to you, in aggregate form.   This aggregate information does not identify you personally.   We may share this aggregate data with our partners, affiliates, agents, or service providers for our own business purposes.   We may also disclose aggregated statistics to explain use of our Products to current and prospective business partners, potential investors, and to other third parties for other lawful, business-related purposes. 

 

Customer Credit Card Information.   The Company uses a third party, Shopify or Paypal, to process your payments and keep a protected copy of your credit card number. This billing data belongs to you, and by utilizing the Products, you grant the Company a license to use this data to bill you for Products purchased.  By accessing our Website and/or utilizing/purchasing our Products, you herein agree to Shopify’s Privacy Policy and Terms of Service located at https://www.shopify.com/legal/privacy and https://www.shopify.com/legal/terms  or Paypal’s Privacy Statement and User Agreement at https://www.paypal.com/us/webapps/mpp/ua/privacy-full and https://www.paypal.com/us/webapps/mpp/ua/useragreement-full.  You also herein agree that you have read our Terms of Service describing the fees and payment processing associated with any purchase of our Products.

 

1. Website Tracking

 

We may, either directly or through third party companies and individuals we engage to provide services to us, also:

 

• Track your use of our Website and the use of our Products for purposes of our own customer support, analytics, research, product development, fraud prevention, risk assessment, regulatory compliance, investigation, etc.
• Track your use of the Website and enable you to use and access the Products and pay for your access to the Products.  
• Track your behavior on our own Website and market and further advertise our Products to you, on our Website platform and/or on other third party websites.  You may opt out of receiving advertisements by visiting the Network Advertising Initiative (http://www.networkadvertising.org/choices/) and/or the Digital Advertising Alliance (http://www.aboutads.info/choices/).  Please note that even if you choose to opt-out of receiving targeted advertising, you may still receive advertising on the Products, generally.  The advertising will simply not be targeted or specific to your interests.

 

1. Tracking Technologies on our Website

 

The Company may use the foregoing technologies to track your activity on our Website:

 

Cookies.   When you visit our Website or otherwise interact with the Service, we may send one or more “cookies” to your computer or other devices.  Cookies are alphanumeric identifiers stored on your computer through your web browser and are used by most websites to help personalize your web experience.  Some cookies may facilitate additional site features for enhanced performance and functionality such as remembering preferences, allowing social interactions, analyzing usage for site optimization, providing custom content, allowing third parties to provide social sharing tools, and serving images or videos from third party websites.  Some features on this site will not function if you do not allow cookies.  We may link the information we store in cookies to any Personal Information that you submit while visiting our Website.  

 

We may use both session ID cookies and persistent cookies.  A session ID cookie expires when you close your browser.  A persistent cookie remains on your hard drive for an extended period of time.  Persistent cookies enable us to track and target the interests of our users to enhance the experience on our site. 

 

Functional cookies, persistent and session type, store information to enable core site functionality, such as Live Chat and Client ID remembrance.

 

Analytics cookies allow us to count page visits and traffic sources so we can measure and improve the performance of our site and our marketing campaigns.

 

Advertising cookies may be set through our Website by our advertising partners. Data may be collected by these companies that enable the companies to serve up advertisements on other sites that are relevant to your interests. 

 

Our Website is hosted on Shopify.  We may use Google Analytics, Shopify Analytics, and/or other similar analytics services, which uses cookies and other similar technologies to collect and analyze information about the use of the Products and/or Website, and report on activities and trends.  This Website may also collect information regarding the use of other websites, apps and online resources.  To that end, we provide the following links for your information:

 

• You can learn about Google’s practices by going to www.google.com/policies/privacy/partners/, and opt out of them by downloading the Google Analytics opt-out browser add-on, available at https://tools.google.com/dlpage/gaoptout. 
• You can learn more about Shopify’s privacy practices at https://www.shopify.com/legal/privacy/customers. 

 

The cookies necessary for the functionality of our Website, as hosted on Shopify’s platform, include:

 

Name	Function
_ab	Used in connection with access to admin.
_secure_session_id	Used in connection with navigation through a storefront.
cart	Used in connection with shopping cart.
cart_sig	Used in connection with checkout.
cart_ts	Used in connection with checkout.
checkout_token	Used in connection with checkout.
secret	Used in connection with checkout.
secure_customer_sig	Used in connection with customer login.
storefront_digest	Used in connection with customer login.
_shopify_u	Used to facilitate updating customer account information.

 

Reporting and analytics cookies on our Website include:

 

Name	Function
_tracking_consent	Tracking preferences.
_landing_page	Track landing pages
_orig_referrer	Track landing pages
_s	Shopify analytics.
_shopify_fs	Shopify analytics.
_shopify_s	Shopify analytics.
_shopify_sa_p	Shopify analytics relating to marketing & referrals.
_shopify_sa_t	Shopify analytics relating to marketing & referrals.
_shopify_y	Shopify analytics.
_y	Shopify analytics.

If you do not want information collected through the use of cookies, there is a simple procedure in most browsers that allows you to automatically decline cookies, or be given the choice of declining or accepting the transfer to your computer of a particular cookie (or cookies) from a particular site.  You may also wish to refer to http://www.allaboutcookies.org/manage-cookies/index.html.  

 

If you reject cookies, you may still use our site, but some features on the site may not function properly.

 

Web Beacons.   Web beacons are electronic files that signal when a webpage, advertisement, video, other content, an email or newsletter has been viewed.  They are usually invisible to you.  We may use web beacons alone or in conjunction with cookies to compile information about our Service.  Web beacons may be used to track email open rates, web page visits or form submissions.  In some cases, we tie the information gathered by web beacons to your Personal Information to gauge the effectiveness of certain communications and our marketing campaigns.

Log Files.   A Log File is a file that records either events that occur in an operating system or other software runs, or messages between different users of a communication software.  Log file information is automatically reported by your browser or mobile application each time you access the Website or use our Products.  Along with cookies and web beacons, log files help provide additional functionality to the Website and help us analyze Website and Products usage more accurately.  We and our third party tracking-utility partners may use log files on our Website to gather automatically gather and store information including, but not limited to, internet protocol (“IP”) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and clickstream data, for business purposes.  

Embedded Scripts.   An embedded script is programming code that is designed to collect information about your interactions with the Service, such as the links you click on. The code is temporarily downloaded onto your Device from our web server or a third party service provider, is active only while you are connected to the Service, and is deactivated or deleted thereafter.

Browser Fingerprinting. Collection and analysis of information from your Device, such as, without limitation, your operating system, plugins, system fonts and other data, for purposes of identification.

ETag, or entity tag. A feature of the cache in browsers. It is an opaque identifier assigned by a web server to a specific version of a resource found at a URL. If the resource content at that URL ever changes, a new and different ETag is assigned. Used in this manner ETags are a form of Device Identifier. ETag tracking may generate unique tracking values even where the consumer blocks HTTP, Flash and/or HTML5 cookies.

 

VII. Children   

 

The Children’s Online Privacy Protection Act of 1998 (COPPA) and its accompanying FTC regulation protects the privacy of American children aged 13 and under, who are using the Internet.  The GDPR sets the age at which an EU child can give their own consent in order to process their Personal Data at 16 years of age.  

 

The Website and our related Products are not intended for anyone under 16, and we do not knowingly collect information from anyone under the age of 16.  Anyone aged 16 or under should not submit any Personal Information without the permission of their parents or guardians.  Parents or guardians may, on behalf of their children, submit their children’s Personal Information.  By using the Website and our related Products, you are representing that you are at least 16 years old and that you have the relevant legal authority to submit your Personal Information or that of a third-party minor, to the Company or on the Company’s Website.

 

VIII. Links to Other Websites   

 

This Privacy Policy does not address, and we are not responsible for the privacy, information or other practices of any third parties.  This Privacy Policy applies only to this Website and the Company’s Products.  It does not apply to any third-party sites, and the inclusion of a link does not imply endorsement of the linked site or service by us or by our affiliates.

 

We are not responsible for the collection, usage and disclosure policies and practices (including the data security practices) of other organizations, such as DocSend, LinkedIn, Facebook, Instagram, Twitter, or any other app developers, app provider, social media platform provider, operating system provider, wireless service provider or device manufacturer, including any Personal Information you disclose to other organizations through or in connection with your use of the Website or our Products. 

 

1. Security

 

We maintain reasonable and appropriate, although not infallible, security precautions.  However, we cannot guarantee that hackers or unauthorized personnel will not gain access to your Personal Information, despite our reasonable efforts.  You should note that in using the Website, and/or our related Products, your information will travel through third-party infrastructures which are not under our control.  Please feel free to raise any questions, concerns or specific directions you may have regarding the privacy and security of your information to hello@piggybackhealth.com.

 

1. Data Retention

 

We will retain your Personal Information for four (4) years, or as long as needed to provide the applicable Products to you.  Our data retention period may change in the future if a longer retention period is required or permitted by law.

 

1. Do Not Track

 

Your browser setting may allow you to automatically transmit a "Do Not Track" signal to websites you visit.  The Company’s Website does not respond to "Do Not Track" signals or other mechanisms from a visitor's browser.  If, in the future, we create a program or protocol to respond to such web browser "Do Not Track" signals, we will inform you of the details of that protocol in this Privacy Policy.  To find out more about "Do Not Track," please visit https://www.allaboutdnt.com. 

 

XII. Advertising/Google Ads

 

On this Website, the Company has integrated Google Ads. Google Ads is a service for Internet advertising that allows the advertiser to place ads in Google search engine results and the Google advertising network. Google Ads allows an advertiser to pre-define specific keywords with the help of which an ad on Google’s search results only then displays when the user utilizes the search engine to retrieve a keyword-relevant search result. In the Google Advertising Network, the ads are distributed on relevant web pages using an automatic algorithm, taking into account the previously defined keywords.

The operating company of Google Ads is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, United States.

The purpose of Google Ads is the promotion of our website by the inclusion of relevant advertising on the websites of third parties and in the search engine results of the search engine Google and an insertion of third-party advertising on our website.

If a data subject reaches our website via a Google ad, a conversion cookie is filed on the information technology system of the data subject through Google. The definition of cookies is explained above. A conversion cookie loses its validity after 30 days and is not used to identify the data subject. If the cookie has not expired, the conversion cookie is used to check whether certain sub-pages, e.g, the shopping cart from an online shop system, were called up on our website. Through the conversion cookie, both Google and the controller can understand whether a person who reached a Google Ads ad on our website generated sales, that is, executed or canceled a sale of goods.

The data and information collected through the use of the conversion cookie is used by Google to create visit statistics for our website. These visit statistics are used in order to determine the total number of users who have been served through Google Ads ads to ascertain the success or failure of each Google Ads ad and to optimize our Google Ads ads in the future. Neither our company nor other Google Ads advertisers receive information from Google that could identify the data subject.

The conversion cookie stores personal information, e.g. the Internet pages visited by the data subject. Each time we visit our Internet pages, Personal Information, including the IP address of the Internet access used by the data subject, is transmitted to Google in the United States of America.  Personal Information is stored by Google in the United States of America. Google may pass these Personal Information collected through the technical procedure to third parties.

The data subject may, at any time, prevent the setting of cookies by our website, as stated above, by means of a corresponding setting of the Internet browser used and thus permanently deny the setting of cookies. Such a setting of the Internet browser used would also prevent Google from placing a conversion cookie on the information technology system of the data subject. In addition, a cookie set by Google Ads may be deleted at any time via the Internet browser or other software programs.

The data subject has a possibility of objecting to the interest based advertisement of Google. Therefore, the data subject must access from each of the browsers in use the link www.google.com/settings/ads and set the desired settings.

Further information and the applicable data protection provisions of Google may be retrieved under https://www.google.com/intl/en/policies/privacy/.

XIII. Analytics

 

 As mentioned above under the Cookies section of this Privacy Policy, we and our third party tracking-utility partners use technology on our Website to automatically gather certain information, including but not limited to internet protocol (“IP”) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and clickstream data, for analytics purposes.  Specifically, we analyze trends, administer the site, track users’ movements around the Website, and gather demographic information about our user base as a in the aggregate.  We and our third party tracking-utility partners use log files on our Website to automatically gather certain information, including but not limited to internet protocol (“IP”) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and clickstream data, for analytics purposes.  Specifically, we analyze trends, administer the site, track users’ movements around the Website, and gather demographic information about our user base as a in the aggregate.  

 

On this Website, the Company has integrated both Shopify Analytics, as the Website is hosted on Shopify and Google Analytics, which is a separate web analytics service. Web analytics is the collection, gathering, and analysis of data about the behavior of visitors to websites. A web analysis service collects, inter alia, data about the website from which a person has come (the so-called referrer), which sub-pages were visited, or how often and for what duration a sub-page was viewed. Web analytics are mainly used for the optimization of a website and in order to carry out a cost-benefit analysis of Internet advertising.

 

The operator of Google Analytics is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, United States.  The operator of Shopify Analytics is Shopify, Inc., 151 O’Connor Street, Ground floor, Ottawa, ON K2P 2L8, Canada.

 

The purpose of both analytics software systems is to analyze the traffic on our website. Analytics software uses the collected data and information, inter alia, to evaluate the use of our Website and to provide online reports, which show the activities on our websites, and to provide other services concerning the use of our Internet site for us.

 

By continuing to use our Website and/or Products, you agree to the applicable data protection provisions of Google under https://www.google.com/intl/en/policies/privacy/ and under http://www.google.com/analytics/terms/us.html, as well as the terms regarding Google Analytics at https://www.google.com/analytics/.

 

By continuing to use our Website and/or Products, you agree to Shopify’s privacy practices at https://www.shopify.com/legal/privacy, and the terms regarding Shopify Analytics in particular at https://help.shopify.com/en/manual/reports-and-analytics/shopify-reports. 

 

XIV. Your California Privacy Rights   

California “Shine the Light” Law

Under California Civil Code Section 1798.83, California customers are entitled to request information relating to whether a business has disclosed Personal Information to any third parties for the third parties’ direct marketing purposes.  This code section applies to businesses with 20 or more full or part-time employees.  At this time, the Company does not need to comply with this law, but does so voluntarily in an effort to assure you that we value your privacy.

You may request and obtain from us once a year, free of charge, certain information about the Personal Information (if any) we disclosed to third parties for direct marketing purposes in the preceding calendar year.  If applicable, this information would include a list of the categories of Personal Information that was shared and the names and addresses of all third parties with which we shared information in the immediately preceding calendar year.  If you are a California resident and would like to make such a request, please submit your request in writing to hello@piggybackhealth.com.

 

XV. Testimonials, Ratings and Reviews  

 

If you submit testimonials, ratings, or reviews of the Products directly on our Website, any Personal Information you include will be displayed on the Website.  We may also partner with third-party service providers to collect and display ratings and review content on our Website.  If you provide our third-party service providers with your Personal Information in the process of submitting your rating and review, the content and Personal Information collected by a third party will be posted on our Website, absent your express instruction not to do so.  If you want your testimonial, rating, or review removed from our Website at any time, please contact us at hello@piggybackhealth.com. 

 

XVI. Changes   

 

This Privacy Policy may be updated from time to time for any reason, at our sole discretion.  We will notify you of any material changes to our Privacy Policy by posting the new Privacy Policy on our Website, and emailing you a copy of the revised Privacy Policy or a link to it.  You are advised to consult our Website regularly for any changes. 

 

XVII. Incorporation into Terms of Service

 

By using or accessing the Website or purchasing the Products, you are accepting the practices described in this Privacy Policy, and you are consenting to our processing of your information as set forth in this Privacy Policy and as amended by us. This Privacy Policy is incorporated into, and considered a part of, the Company’s Terms of Service.

 

XVIII. Opt-Out Policy   

 

If, at any time after registering, you change your mind about receiving information from us or about the use of information volunteered by you, or if you prefer that we do not share your Personal Information with third parties for marketing purposes, please contact us at hello@piggybackhealth.com.

 

XIX. Contact Us   

 

If you have any questions or concerns relating to our use of your Personal Information, please email hello@piggybackhealth.com.  Additionally, you may reach us by postal mail at 221 Main Street, #1295, Los Altos, CA 94022.