INTRODUCTION
This Privacy Notice (“Notice”) explains how and why Chanelle McCoy Health Ltd and its subsidiaries (“Pureis” or the “Company”) collects, stores, uses, and discloses personal data, or Personal Data as defined by applicable law (“Personal Data”). When you use our services or visit our websites and applications, as well as the rights and choices individuals have regarding such Personal Data. For the purposes of this Notice, Personal Data includes sensitive Personal Data as defined by applicable privacy laws. This Notice is meant to help you understand your privacy rights and choices.
Please note, this Notice applies to the extent we process Personal Data on our own behalf, as a controller, and our information practices depend on how you interact with us (online or offline) and which of our websites you visit. This Notice describes Pureis’ global information practices.
By visiting our websites or using any of our services you acknowledge and understand that your Personal Data will be handled as described in this Notice and you consent to the processing of your Personal Data where required by applicable law. Your use of our websites or services, and any dispute over privacy, is subject to this Notice and our Terms of Use, including its applicable limitations on damages and the resolution of disputes. The Company Terms of Use are incorporated by reference into this Notice.
TYPES OF PERSONAL DATA WE COLLECT
We may collect the following categories and types of Personal Data, depending on what product or service you use:
- Contact information: name, email address, mailing address, phone number;
- Account Information: when you register for an account with us, we collect your name, email address, password, and any other information used in connection with accessing your account;
- Other identifying information: IP address, passwords and other security information for authentication and access, username, social media handle or digital or electronic signature, and your photograph if you provide it to us (for example product testimonials);
- Biographical and demographic information: date of birth, age, gender, nationality, marital status;
- Payment-related information: name, payment details, and financial account information to complete a transaction with you;
- Commercial information: records of products or services purchased, obtained, or considered, or other purchasing or consuming histories;
- Communications and interactions: when you email, call, or otherwise communicate with members of our teams, we collect and maintain a record of your contact details, communications, and our responses, including correspondence via chat sessions, social media channels, forums and in other areas of the services;
- Professional or employment-related information of job applicants: current or past job history or performance evaluations, education records, salary range;
- Device and Browsing Information: when you visit our websites or use our services, we may collect IP address, browser type, domain names, and similar device and browsing information;
- Website Activities and Usage: we also collect activity information related to your use of our services, such as the links clicked, searches conducted, and other activity and usage information;
- Location Information: we may also collect or derive location information about you, such as through your IP address. If you choose to enable location-based sharing with us through your device settings, we may collect precise location information, such as GPS coordinates, to provide content that is more relevant to your location and to otherwise improve your interactions with our services. You may turn off location data sharing through your device settings.
Further information is provided in our Cookie Statement;
- Audio and visual information: security camera recordings in our facilities;
- Health and medical information: medical condition, information about physical and mental health conditions and diagnoses, treatments for medical conditions, family medical history and medications (including the dosage, timing, and frequency) and medical insurance details related to adverse events; your voluntary participation for instance in a weight loss or smoking cessation program;
- Contests and promotions: if you participate in our contests and promotions we will collect your name, age, email address, and other registration information. We may also use your Personal Data to administer rebates, where applicable;
- Events and other requests: we collect Personal Data related to your participation in our events as well as other requests that you submit to us related to our services. For example, if you register for or attend an event that we host or sponsor, we may collect information related to your registration for and participation in such event. When you fill out a ‘Contact Us’ form, sign up for our mailing lists, or otherwise request information from us, we collect and maintain records of your requests;
- Preferences: we may collect information about your preferences regarding communications, your use of services, and any other preferences or requests you provide when interacting with us;
- Business Development Information: to assess and pursue potential business opportunities, we may collect and receive Personal Data about current, former, and prospective vendors, business partners, and agents, including name, company information, contact details, and communications records; and
- Publicly available information: we may collect Personal Data about you from public databases and social media platforms regarding your interactions with us. For example, we may review LinkedIn profiles of job applicants or Instagram profiles of social media campaign entrants.
HOW WE COLLECT PERSONAL DATA
Pureis collects Personal Data in a variety of ways depending on how you interact with us:
- We collect Personal Data directly from you. This includes Personal Data that you communicate to us through direct interactions with Pureis, through our services, websites, social media, registrations, applications, surveys, etc. For example, we collect data you provide to sign up for an online account, to send us a request for information, to take advantage of special offers and discounts, to register for events sponsored by Pureis, to submit an online job application, to interact with us on our Facebook pages, Twitter, Instagram, etc.
- We collect Personal Data automatically. We collect certain Personal Data about your interactions with our websites, platforms, applications, and services through auto-technologies, such as cookies. For more information about this, please see our Cookie Statement.
- We collect Personal Data in accordance with applicable law from available public sources. This includes Personal Data that is published in public profiles; for example, LinkedIn, Facebook, etc.
- We collect Personal Data from third parties. We collect certain Personal Data from service providers and business partners. We receive this Personal Data from third parties that are authorized to do so as specified by their own privacy and data protection policies or in accordance with the law. For example, this data may be collected for soliciting consumer reviews of products.
WHY WE COLLECT PERSONAL DATA
Pureis will only process your Personal Data where we have a lawful basis for doing so. Additional details regarding our lawful bases for processing Personal Data are set out below:
LEGITMATE INTEREST – Where we use your Personal Data to:
- Conduct our business: to provide and operate our services, fulfill your requests, and for similar service and support purposes;
- Allow us to communicate with you: to respond to your requests or inquiries, provide support for products and services, provide you with important updates, administrative information, required notices, organize, and manage professional events, including your participation in such events;
- Market our products to you: to sell our products to you, to send you news, information and promotional materials about our products, our services, our brands, our operations, to post testimonials or product reviews from you where you have provided your specific consent for us to do so;
- Conduct research and surveys: to administer surveys and questionnaires, such as for market research or member satisfaction purposes;
- Manage and plan events: for event planning and management, including registration, attendance, connecting you with other event attendees, and contacting you about relevant events and services;
- Improve and develop our products and services: identify usage trends, understand how you and your device interacts with our services, determine the effectiveness of our promotional campaigns, conduct surveys, offer special programs, activities, trials, events, or promotions via our services, carry out market or consumer studies; or
- Personalize your experience when using our services: ensure that our services are presented in the way that best suits you and present you products and offers tailored to you, we do so as this is necessary for the purpose of our legitimate interests or those of a third party.
Important: Before we process your Personal Data to pursue our legitimate interests for the purposes mentioned, we determine if such processing is necessary and consider the impact of our processing activities on your fundamental rights and freedoms.
CONTRACT – Where we use your Personal Data to:
- Provide you access to our online services, applications, and platforms, and to manage your online accounts;
- Allow us to identify or authenticate you to allow you to create and access accounts with us, or to identify or authenticate you by government-issued ID or Healthcare Professional number, when necessary, and
- Process payments from you and facilitate future payments.
LEGAL OBLIGATIONS – Where we use your Personal Data to:
- Comply with legal or regulatory obligations that apply to Pureis, including to monitor the safety of our products, manage adverse events, and carry out prevention and investigatory activities. We may also use your Personal Data to carry out administrative formalities, comply with government registration requirements or declarations, or conduct audits;
- Respond to legal requests from administrative or judicial authorities, in accordance with applicable laws, comply with a subpoena, or legal process; or
- Ensure security and protect our rights and interests for fraud monitoring and prevention, to maintain the security of our services and operations, protect the rights, privacy, safety, or property of Pureis or third parties, and to allow us to pursue available remedies or limit the damages that we may incur, as necessary.
CONSENT – Where we use your Personal Data to:
- Send you marketing and advertising content related to your interactions with our digital assets including websites, newsletters, and mobile applications.
- Process health related data related to your interactions with our products and services.
Important: If you give consent for us to use your Personal Data for a particular purpose, you have the right at any time to withdraw consent to the future use of that Personal Data for some or all those purposes by writing to the address specified below.
HOW WE DISCLOSE PERSONAL DATA
We may disclose (with your consent where required by applicable law) the Personal Data we collect to:
- Our subsidiaries and affiliates: where allowed and consistent with legal requirements;
- Vendors: who we rely on to provide certain services. Examples of our vendors include email, IT services and SMS providers, web hosting providers, analysis firms, advertisers, payment processing companies, customer service and support providers and development companies and fulfillment companies. These service providers will be given limited access to your Personal Data only to the extent reasonably necessary to deliver the services they are engaged to provide. They are generally required to process any Personal Data collected from you, including on our behalf, in a manner that is consistent with applicable privacy laws or this Notice. Service providers that process your Personal Data on our behalf also commit to implement reasonable security measures;
- Other website users: any information that you post to our websites, including, without limitation, reviews, comments, and other text will be available to users of the websites at your direction;
- Third-party analytics and advertising partners: through our use of cookies and with your consent as explained in our Cookie Statement, internet or other electronic network activity for the purposes of payment processing, customer relationship management, consulting, email communications, product feedback and helpdesk services.
We use Google services, including Google Ads and Google Analytics, that use cookies and similar technologies to collect and analyze data about the use of this website or mobile application, to compile reports on activity and trends, and to personalize ads. You can learn more about Google’s privacy practices by visiting: Google Privacy & Terms.
- A buyer or other successor: in the event of a merger, acquisition, reorganization, or other sale or transfer of some or all of Pureis’ assets;
- A governmental agency or representative: for mandatory reporting including reporting adverse events, tax reporting, or other regulatory reporting requirements;
- Regulators, courts or third parties to comply with any court order, law, or legal process, including to respond to a legitimate government request, or to protect your safety or the safety of others;
- Data security providers, law firms, law enforcement agencies, data protection authorities: in the case of a suspected data breach, to communicate with outside parties, such as experts in data breach detection or relevant government authorities, as necessary.
STORING PERSONAL DATA
We will store Personal Data only for as long as necessary for the purposes described above, as required by law, to collect fees owed or for the exercise or defense of any legal claims [We may further retain Personal Data in an anonymous or aggregated form where that information would not identify you personally.]
SAFEGUARDING PERSONAL DATA
We maintain reasonable physical, electronic, and procedural safeguards intended to protect the confidentiality and security of Personal Data transmitted to us. While we make efforts to protect our information systems, no website, mobile application, computer system, or transmission of information over the internet or any other public network can be guaranteed to be 100% secure. We encourage you to use caution when using the internet.
YOUR RIGHTS UNDER THE GDPR
If you are within the EEA or the UK, this section provides additional information applicable to you. Chanelle McCoy Health is the controller with respect to your Personal Data.
You have the following rights under the GDPR:
- You Have the Right to Access. You have the right to obtain a copy of your Personal Data at any time.
- You Have the Right to Rectification. You have the right to request that we correct or complete any Personal Data you believe is inaccurate or incomplete.
- You Have the Right to be Forgotten. Under certain conditions, you have the right to request that we delete your Personal Data.
- You Have the Right to Restrict Processing. Under certain conditions, you have the right to object to the processing of your Personal Data.
- You Have the Right to Data Portability. Under certain conditions, you have the right to request we transfer Personal Data we have collected about you either to another organization, or directly to you.
- You Have the Right to Object. Where we are relying on a legitimate purpose, to use and disclose Personal Data, you may object to such use or disclosure of your Personal Data, and we will cease to use and process the Personal Data for that purpose, unless we can show there are compelling legitimate reasons or legal claims for processing to continue.
- You have the right to withdraw your consent at any time to processing that is based on your consent.
Please note that in some circumstances, we may not be able to fully comply with your request, such as if it is extremely impractical, if it jeopardizes the rights of others, or if it is not required by law, but in those circumstances, we will respond to notify you of such a decision. In some cases, we may also need you to provide us with additional information, which may include Personal Data, if necessary to verify your identity and the nature of your request.
To exercise any of these rights, please click here. Proof of identification may be required as a security measure prior to fulfilling any requests.
Additionally, you always have the right not to share any of your Personal Data with Pureis.
Furthermore, you have the right to provide consent to receive newsletters, announcements, or other communications and/or services from us. If you revoke that consent, we may still send you necessary administrative messages (e.g., in case of a product recall, etc.).
Finally, you Have the Right to File Complaint: you may lodge a complaint about our practices with respect to your Personal Data with the supervisory authority of your country or EU Member State. We encourage you to contact us so we can address any privacy concern you may have. A list of Supervisory Authorities is available here.
MORE INFORMATION FOR RESIDENTS OF AUSTRALIA
We are bound by the Privacy Act 1988 (Cth) and the Australian Privacy Principles.
If you do not provide us with your Personal Data, we may not be able to provide you with our services, communicate with you, fulfill your orders and requests, process your payments, or provide similar services and support.
How we store Personal Data
We store most Personal Data in computer systems and databases operated either by us or by our external service providers. Some Personal Data may be recorded in securely stored paper files.
We implement and maintain processes and security measures to protect your Personal Data which we hold from misuse, interference, or loss, and from unauthorized access, modification, or disclosure. These processes and systems include: [note: the following are examples only]
- the use of identity and access management technologies to control access to systems on which Personal Data is processed and stored;
- requiring all employees to comply with internal information security policies and practices; and
- monitoring and regularly reviewing our practices against our own policies and industry best practice.
Do we disclose Personal Data to overseas recipients?
In accordance with the information set out in the section above titled “How We Disclose Personal Data,” some of the recipients or databases to whom Personal Data is disclosed or held may be located outside Australia.
Those recipients may be located in a range of countries, including the Republic of Ireland, the U.S., U.K., and certain other EU locations.
Access to and correction of your Personal Data
You may request access to, or correction of, your Personal Data by contacting us as set out below in the “Contact Us” section. Please note, there are circumstances where we are not required to grant you access to or a correction of your Personal Data.
There is no charge for requesting access to or correction of your Personal Data, but we may require you to meet our reasonable costs in providing you with access (such as photocopying costs or costs for time spent on collating large amounts of material).
We will respond to your requests to access or correct Personal Data in a reasonable time and will take all reasonable steps to ensure that the Personal Data we hold about you remains accurate, up to date and complete.
Complaints
If you have a complaint about the way in which we have handled any privacy issue, including your request for access to or correction of your Personal Data, you should contact us at the details set out below in the “Contact Us” section.
We will consider your complaint and determine whether it requires further investigation. We will notify you of the outcome of this investigation and any subsequent internal investigation.
You may also approach an independent advisor or contact the Office of the Australian Information Commissioner (www.oaic.gov.au) for guidance on alternative courses of action which may be available.
AUTOMATED DECISIONS
Automated decisions are defined as decisions about individuals that are based solely on the automated processing of data and that produce legal effects that significantly affect the individuals involved. We may make automated decisions in relation to you or your Personal Data. If automated decisions are made, affected persons will be given an opportunity to express their views on the automated decision in question and object to it.
CHILDREN’S PRIVACY
Our services are not designed for children, and we do not knowingly collect Personal Data from children under 16. If we discover that a child under 16 has provided us with Personal Data in violation of applicable law, we will delete such information from our systems. If you are a parent and you believe we have collected your child’s information in violation of applicable law, please contact us as set forth in the section below titled “Contact Us.”
LINKS TO THIRD PARTY WEBSITES
Our websites may have links to third party websites and content. We do not control those websites or content and are not responsible for the third party’s privacy practices. We encourage you to read their privacy policies to understand how they use your information.
INTERNATIONAL DATA TRANSFERS
Pureis may transfer your Personal Data where Pureis’ affiliates and subsidiaries assist with processing the data for the purposes described above.
Many of the countries will be within the European Economic Area (“EEA”) or will be ones which the European Commission has approved and will have data protection laws which are the same as or broadly equivalent to those in the European Union. However, some transfers may be to countries which do not have equivalent protections, and in that case we will use reasonable efforts to implement contractual protections for the Personal Data, especially in the transfer of said data, through the implementation of appropriate or suitable safeguards, including Standard Contractual Clauses approved by the European Commission.
CHANGES TO THIS NOTICE
This Notice is current as of the Effective Date set forth above. We may change this Notice from time to time, so please be sure to check back periodically. We encourage you to stay informed about our privacy and cookie practices by reviewing this Notice and our Cookie Statement whenever you interact with us. In certain cases, we may provide you with additional notice of changes to this Notice, such as by a pop-up banner on the website.
CONTACT US
If you have any questions about this Notice or our privacy practices please contact our Data Protection Officer at information@pureiscbd.com
27/3/2024