LAST UPDATED: February 23, 2025
This privacy policy (the "Privacy Policy") explains how Diet Direct, Inc. ("Company", "we", or "us") collects, uses, shares, and protects information of the users of Company's websites and mobile or other software applications where this Privacy Policy is posted (collectively, the "Website"). This Privacy Policy is designed to fulfill our legal obligations in the places where we operate—including, without limitation and where applicable, the California Consumer Privacy Act (CCPA), the General Data Protection Regulation (GDPR), and Canada's Personal Informatoin Protection and Electornic Documents Act (PIPEDA).
Please note that this Privacy Policy only applies to the Website, and not to websites, applications, operating systems, or other platforms of third parties (collectively, "Third-Party Platforms"), even if such Third-Party Platforms are linked to or accesible from the Website.
Any information or other data provided to or gathered by Company is controlled by:
Diet Direct, Inc.
1001 Military Cutoff Rd
Suite 350
Wilmington, NC 28405
UNITED STATES
hello@dietdirect.com
"Third Parties" include any person or entity other than you and our companies and employees. Third Parties include, but are not limited to, our marketing partners and the suppliers, service providers, and other vendors that help us provide the Services. The Website may include links to Third Party Platforms.
Unless otherwise expressly stated, this Privacy Policy does not apply to any Third-Party practices, websites, mobile apps, or services. Each Third-Party Platform will have its own data collection and usage practices, and may use their own cookies, web beacons, and other technology to collect information from you. Company is not responsible for the content or practices of any Third-Party Platforms and, if you choose to visit or them, you do so at your own risk.
We collect personal data directly from you at various points during your interactions with us. We primarily collect personal data when you engage with us, whether through the Website, in person, or other means, such as:
We collect personal data from Third Parties, such as:
Like most websites and apps, we also collect data through automated technologies on our Website, such as cookies, web beacons and pixels. These practices are discussed more fully in the section below entitled Cookies and Other Data Technologies.
Through the methods identified herein, we collect the following categories of personal data:
Identifiers
We collect basic contact information, such as name, address, phone number, mobile number, email addres, date of birth, and gender.
We also collect account information, such as your account name and number, your username and password.
Commerical Data
We collect transaction information, such as details about Products and Services you have purchased or considered, your Subscription Plan (if any), and your purchasing tendencies. When you click on Product links or place items in your shopping cart, we may collect or create records regarding your shopping preferences or other purchasing or consuming history or tendencies.
We collect financial information, such as name, bank account number, credit or debit card number, billing address, and payment history.
We may collect or create inferences, such as creating a consumer profile for you or a group of customers relating to consumer preferences and trends.
Personal Background
We collect certain protected class information, such as sex, disability (e.q., when you request health accomodations, such as gluten-free food), and age.
We collect employment information when you apply for a job with Company, including your contact information, government-issued identification, professional licenses and credentials, union membership, employment history, educational background, citzenship and immigration status, military service, and references.
Audio and Visual Data
We create and store certain call recordings. When you call our customer service agents, your call may be recorded or monitored for quality assurance purposes and/or for legal compliance.
We may collect audio and visual data from you if you upload it to the Website as part of your Content, or if you authorize us to use or share Content posted to your Third-Party social media accoun(s).
Health Data
Because we sell dietary Products, we may collect health data when you provide it to us, such as your weight, height, food allergies, whether you are a candidate for or have had bariatric surgery, and informaton about whether you are pregnant or nursing.
If you are a Washington Resident, see below for our Consumer Health Data Privacy Policy.
Communications
We collect any information you communicate to us, such as to customer service agents, or via a feedback form, regardless of whether it fits into one of the other categories of personal data outliend herein. Such information is volunteered by you and we do not collect it surreptitiously.
When you communicate with us via any live chat feature on our Website, your live chat transcripts may be monitored or reviewed by the Third-Party live chat service provider.
We also collect information you communicate to Third Parties through the Website, such as information submitted by you to the Telemedicine Program, which is powered by Third-Party CareValidate Inc., and/or the contents of messages where we are not a recipient.
Geolocation
We collect general geolocation data from users of the Website by ascertaining approximate location (e.g., city or country) from the user's IP address. We do not collect or track precise geolocation data.
Other Personalized Data
We may collect other personalized data on a case-by-case basis, but only when you expressly consent to the same before it is collected.
Non-Personalized Data
We collect device, internet, and network data, such as the type of device (e.g., computer, smart phone, tablet), device ID, MAC address, mobile carrier, phone number, operating system, IP address, internet service provider, browser language, browsing history, search history, advertising ID, and any other information regarding your interaction with the Website or Company advertisement. See below for more information about cookies and other tracking technologies.
We may collect or create aggregate information or de-identified data from the personal data collected. For example, we may combine the personal data of multiple users of the Website to create data that no longer identifies the users on an individual basis but speaks to behavioral or consuming patterns. If we combine aggregate information or de-identified data with personal data, we will treat it as personal data in accordance with the provisions of this Privacy Policy.
We use personal data for the same reasons we collect it. Specifically, we process personal data for the following purposes:
| Categories of Personal Data | Purpose for Collection and Use | Lgeal Basis |
|---|---|---|
| Identifiers Commerical Data Communications Geolocation Data Non-Personalized Data |
We use this data for business purposes, including providing, improving, and securing the Website. We use information to debug and identify and repair errors that impair existing intended functionality of the Website. As explained below, we use Cookies, including those placed by Third Parties, to gather statistical information that helps us understand how you and other users engage with the Website and helps us improve its performance via technological development. | We process this data on the basis of our legitimate interest of maintaining a functional and secure Website (Article 6.1(f) GDPR). |
| Identifiers Commercial Data Communications Audio or Visual Data Health Data Geolocation Data Non-Personalized Data |
We use this data for business purposes, including responding to communications by providing you with informaton regarding your requests about Products made via the Website, our call center, email, or other channels. We will only use this information to respond to your request. | This processing is carried out to take steps at the request of the data subject prior to entering into a contract (Article 6.1(b) GDPR). |
| We also use this data for commercial purposes, including marketing our offerings to you through email, phone, and SMS. Where you indicate your express and specific consent, we will use your contact details to send you newsletters and marketing communications via email or SMS about our products and Services that may interest you. | This processing is based on your consent, pursuant to Art. 6.1(a) GDPR). | |
| We also use this data for commercial purposes, including to build a profile and create inferences. Company creates new information about you by drawing inferences from the information identified in the categories listed above, such as to create a profile about you reflecting your preferences, characteristics, psychological trends, preferences, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. Such information and profile may be used by Company for advertising purposes. | This processing is based on your consent, pursuant to Art. 6.1(a) GDPR). | |
| Identifiers Commerical Data Personal Background Health Data Communications Geolocation Data Non-Personalized Data |
We use this data for business purposes, including completing and handling your purchases, collecting payment from you, and providing all related Products and Services. We use the information we collect from you to process your payments, fulfill your orders, and ship your purchases. | We process this data on the basis of our contract with you (Article 6.1(b) GDPR). |
| We also use this data for the business purpose of addressing your special needs. During the transaction process, you may communicate data revealing information about your health or other preferences. | We process this data only on the basis of your informed and specific consent (Art. 9.2(a) GDPR). | |
| We also use this data for the business purposes of maintaing records of incidents, facilitating investigations and remedies, and preventing and detecting fraud. | We process this data on the basis of our legitimate interest of maintaining records of incidents and investigations. (Article 6.1(f) GDPR). | |
| We use this data for business purposes, including handling requests, complaints and comments. We keep track of the comments and complaints that you make on so we can respond to your requests. | We process this data in connection with our provision of Services to you, therefore on the basis of the Terms of Service (Article 6.1(b) GDPR). | |
| We also use this data for the business purpose of improving our Products, Website, and Services. Company uses the information we collect from you and other users to improve our product offerings and services. For example, we may consider analytics, demographics, and user feedback collected via the Website in determining whether there is sufficient demand for a new Product, Subscription Plan, or Service. | This processing is carried out on the basis of our legitimate interests of ensuring our customers are satisfied with the Services (Article 6.1(f) GDPR). | |
| Audio or Visual Data | We use this data for business purposes, including to document commitments made by phone or live chat, and for quality assurance and training purposes. If the call is being recorded, you will be notified at the beginning of the call. | The processing is based on the legitimate interest of the data controller. |
| We also use this data for the business purpose of complying with regulatory requirements, such as where the recording of phone calls or consent is required by law. | The processing is carried out for compliance with a legal obligation to which the data controller is subject (Article 6.1(c) GDPR). | |
| Identifiers Commerical Data Communications Geolocation Non-Personalized Data |
We use this data for business and commerical purposes, such as sending you personalized advertising communications and newsletters according to your preferences. If you submit any form or otherwise consent, whether via the Website, online, on paper, in person, or through a Third Party, indicating you wish to receive information about our Products, products and Services, we will contact you according to your preferences (e.g., email, phone, SMS/text) to inform you of our latest offers that we think might be of interest to you. See below for more information on personalized advertising and hwo to revoke consent. | The processing is based on your specific consent (Article 6.1(a) GDPR). |
| We also use this data for the business and commercial purposes of sending you information about products and Services similar to your previous Products and other transactions. See below for more information on marketing communications and how to unsubscribe. | This processing is based on our legitimate interests in informing you of similar or related products and Services that we offer and that may enhance your customer experience (Article 6.1(f) GDPR. | |
|
We also use this data for the business and commerical purposes of creating deidentified aggregate information. Company may combine your information with that of other users to create "Aggregate Information"—namely, statistical information about all users or a subset therof. Aggregate Information is pseudonymized and deidentified. In other words, Aggregate Information cannot be used to identify, relate to, describe, be capable of being associated with, or be linked, directly or indirectly, to a particular consumer, including you. In turn, Aggregate Information may be used by Company for the Business and Commerical Purposes listed herein. |
||
| Identifiers Personal Background Audio or Visual Data Communications Geolocation Non-Personalized Data |
We collect this data for business purposes, including receiving and reviewing applications for employment. | This process is based on our legitimate interests in staffing our Company (Article 6.1(f) GDPR). |
Certain categories of personal data collected—such as Health Data, financial account access information, protected class information, and some of your communications with Third Parties (e.g., email, text, or direct messages where we are not a recipient)—may qualify as "Sensitive Personal data" under applicable law.
We only collect and use Sensitive Personal Data when reasonably necessary for and proportionate to one of the following business purposes: (a) to perform certain Services, such as verifying information or for analytics; (b) to verify or maintain the quality or safety of our Services, including our Website; (c) to perform Services reasonably expected by you; (d) for short-term use where there is no disclosure or profiling; and/or (e) to resist malicious, fraudulent, or illegal actions or to ensure physical safety.
All other Sensitive Personal Data will be retained in compliance with any legislation governing the retention and deletion of such data. Unless otherwise required by law, Sensitive Personal Data will not be retained longer than two (2) years after fulfillment of the business purposes for which it was collected.
We employ industry-standard security measures to protect the Sensitive Personal Data we collect, including encryption, access controls, and regular security assessments to prevent unauthorized access, disclosure, or alteration of the data.
As part of our business, we disclose information to Third Parties as follows and for the outlined purposes, which include business purposes to provide safeguard, and improve our Products, Website, and related Services and to comply with legal and contractual obligations, as well as commercial purposes, such as to promote our Products and other offerings.
Some Services that you obtain through us are provided by Third-Party service providers and contractors. For example, the Telemedicine Program is managed by Third-Party CareValidate Inc. We need to communicate your name to such partners in order to provide you with the Concierge Services you booked. Accordingly, such disclosure is for business purposes, including to provide you with Services that you have requested, and for commercial purposes, such as to advertise our Services to you and others.
These Third-Party service providers and contractors operate in several industries, including the following:
When we provide your personal data to Third-Party service providers and contractors, we only communicate data that is strictly necessary. We also have agreements in place with our Third-Party service providers and contractors to ensure that the data we communicate to them is used only for specific purposes related to the fulfillment of your request.
Personal data of European residents may be transferred to a non-EU/EEA country if a specific Third-Party service provider or contractor is based outside the EU/EEA.
We may disclose information necessary to comply with our legal obligations, such as to respond to government requests, law enforcement inquiries, legal processes, subpoenas, and court orders.
We may disclose information when we believe it is necessary to investigate, prevent, or respond to illegal, fraudulent, or injurious actions, property damage, or other security incidents that may cause harm to us, our Products, guests, or others. We may also disclose information in good faith where necessary to investigate or enforce a violation of this Privacy Policy, our terms, or any legal rights.
We may share information with a buyer and/or its representatives for business purposes as part of a sale, merger, acquisition, or other change in control or entity status, either in whole or in part, of any company within the Company group. We reserve the right to transfer or assign your information as part of any such transaction or investigation.
We may disclose information to Third Parties as requested or consented to by you. Such disclosure may be for any business or commercial purpose as described by you.
We may disclose your information for the commercial purpose of advertising our Products and Services to others by sharing your reviews, comments, and other content uploaded by you to advertise and market our Website and the Services, including by reposting your reviews on the Website, in our advertising, or through our social media platform.
The Telemedicine Program is powered by the CareGLP™ platform by CareValidate Inc. CareGLP™ is a patient management platform that collaborates with independent physicians and practitioners providing services through the SOC2 and HIPAA Compliant Care360 platform. CareValidate Inc. does not directly offer medical or pharmacy services, and payment does not guarantee the prescription writing or dispensing process. Medical services are facilitated by independent providers. The information presented on this website is for informational purposes only and should not be considered a substitute for professional medical advice, diagnosis, or treatment. If you have questions or concerns about your health, please consult with your doctor.
The CareValidate Privacy Policy is available at https://www.carevalidate.com/privacy.
As with many companies, we use cookies, pixels, gifs, web beacons, log files, and/or similar technologies to automatically collect certain information, including device, internet, and network data, general geolocation data, inferences, and aggregate information or de-identified data, when you use the Website or interact with our digital advertising content, such as when you click on an advertisement or a link to the Website within an email. This allows us to track individual users, determine when content is accessed, and customize user experiences.
Unless you have opted out of cookies or changed your cookie settings in your internet browser, your browser automatically sends us certain device, browser, internet connection, and general geolocation information and certain internet activity information. For instance, we may collect your mobile device identifier or MAC address, ISP carrier information, date and time you access the Service, the pages you visit, and whether you click on ads.
Cookies are small text files sent by websites to users' browsers for the purpose of automatic authentication, session tracking and storing of specfic information regarding users. There are essentially three types of cookies used on the Website:
"Technical cookies" (sometimes called "strictly necessary cookies") are required for navigation within the Website and to use some of its functions (e.g. timing the display of certain pages in so-called "pop-up" mode etc.).
"Statistical cookies" (e.g., Google Analytics) are supplied and managed by Google to provide statistical analysis of access to the Website. The data collected is Non-Personalized Data, is solely collected anonymously and in aggregate form, and no personal user data is retained. You can decide not to use Google Analytics cookies by following the instructions at the following link: https://tools.google.com/dlpage/gaoptout?hl=en
"Profiling cookies" (sometimes called "marketing cookies" and/or "preference cookies") are supplied and managed by Third Parties to generate specific advertising messages based on browsing habits and the interests of individual users. These cookies do not, however, use Sensitive Personal Data. Please see below for more information on personalized advertising.
You can change your cookie settings in your internet browser and use settings on your device to manage your privacy controls. For more information and ways to opt out, see https://www.allaboutcookies.org/, and learn how to disable these tools by opting-out of third-party cookies and mobile device ID practices.
Please note that disabling cookies may impair the correct functioning of certain Website features.
Pixels are small pieces of code embedded on a website that allows website owners and third parties to track user behavior and gather information about how users interact with the website. Pixels can track actions like page views, clicks, and other related activities and are often used for Personalized Ads and website analytics.
We may use pixels on the Website to associate personal data with your device or IP address and to track and measure your engagement with the Website and Personalized Ads.
As explained above, Company uses pixels, tags, and Cookies set by Third Party partners to provide, manage, and protect the Website and to track your online behavior and provide Personalized Ads to you, including as follows:
| Third Party | Description | Privacy Policy |
|---|---|---|
| CareValidate | Company uses CareValidate cookies to facilitate the promotion and provision of the Telemedicine Program to participants and potential participants | https://www.carevalidate.com/privacy |
| CJ Affiliate | Company uses CJ Affiliate cookies to attribute sales back to the affiliate referral source. | https://www.conversantmedia.com/legal/privacy |
| Choozle | Company may use Choozle to deliver targeted ads on third-party websites. | https://choozle.com/privacy-policy/ |
| Cloudflare | Company may use the Cloudflare cookie as a security tool for managing user access to the Website. | https://www.cloudflare.com/privacypolicy/ |
| Google Ads | Company uses Google Ads to deliver personalized ads to you and other website users. | https://policies.google.com/technologies/ads |
| Google Analytics | Company uses Google Analytics to track website performance, purchase behaviour, and other financial insights. | https://policies.google.com/privacy |
| Google reCAPTCHA | Company uses Google reCAPTCHA v3 to prevent SPAM and fraudulent form submissions. | https://policies.google.com/privacy https://policies.google.com/terms |
| Meta (Facebook & Instagram) |
Company may also use the Facebook Cookie to deliver Personalized Ads to you on Facebook. Company may also use the Meta Pixel, which allows us to track and analyze the effectiveness of our advertising compaigns on Facebook and Instagram. This pixel enables us to measure the success of our advertisements by understanding the actions users take on our Website after viewing our Facebook and Instagram ads. The data collected through the Meta Pixel may be used for marketing and analytical purposes to enhance our understanding of user preferences and to improve our advertising strategies. |
https://www.facebook.com/policies/cookies/ You can manage Meta Pixel data sharing settings within the Settings section of the Facebook and Instagram apps. |
| Levo.ai | Company may use Levo.ai cookies to identify and mitigate security threats to the Website. | https://www.levo.ai/privacy-policy |
| Listrak | Company uses Listrak to send marketing communications. Information collected may be used to create demographic profiles for personalization purposes. Listrak utilizes cookies or similiar tracking technologies to collect information about your interactions with our website. This enables them to personalize your experience, for instance by sending shopping cart reminders via SMS message if you have opted into our SMS service. | https://www.listrak.com/privacy-and-terms/privacy-policy |
| Power Reviews | Company uses Power Reviews for post purchase follow up review collection - both product & seller feedback. | https://www.powerreviews.com/privacy-policy/ |
| Salesforce | Company uses Salesforce Service Cloud for on-site chat, purchase tracking, and to improve overall customer service. | https://www.salesforce.com/company/privacy/ |
| TikTok | Company may use TikTok Ad pixel, which allows us to track and analyze the effectiveness of our advertising campaigns on TikTok. The data collected through the TikTok Ad Pixel may be used for marketing and analytical purposes to enhance our understanding of user preferences and to improve our advertising strategies. | https://www.tiktok.com/legal/page/us/privacy-policy/en |
We may work with Third-Party advertising companies to process personal data (but not Sensitive Personal Data) for the commerical purpose of displaying ads tailored to your individual interests based on your online and transactional activity and to provide ad-related services such as analytics and market research (collectively, "Personalized Ads"). Third parties, in turn, may use cookie, web beacon, pixel or other similiar technology to collect personal data from you and/or associate it with other personal data collected.
We may also send you Personalized Ads in the form of email, phone, and SMS/text communications and newsletters tailored to your preferences and purchase tendencies.
When you provide us your email address via the Website (e.g., when you register your account or create a Booking), you will receive emails about your account, Products, and related Services that may include non-personalized marketing messages.
Simliarly, when you provide us your phone number and consent to receive our SMS/text messages, you may receive non-personalized marketing communications.
To opt-out of cross-devivce linking and Personalized Ads, visit www.aboutads.info/choices or perform a global opt-out on each browser and device.
You can opt-out of receiving Personalized Ads and other marketing communications by email by clicking the unsubscribe link and following any subsequent instructions.
You can opt-out of receiving Personalized Ads and other marketing communications by SMS/text message by replying STOP.
You can opt-out of receiving Personalized Ads and other marketing communications by phone by asking to be placed on Company's internal Do Not Call list.
To opt-out of Personalized Ads and other marketing communications and notifications on Third-Party platforms, such as Meta (Facebook, Instagram), Google, Android, and iOS, you can change your user serttings on such platforms.
Please note that we may still contact you regarding your Products and other transactions, even after you have opted out of marketing communications. For example, if you unsubscribe from marketing emails and subsequently complete a Booking, we will still email you a receipt and instructions specific to your Booking.
Company does not sell personal data.
As discussed over, Company participates in targeted advertising or Personalized Ads, which is also called interest-based or online behavioral advertising and may include cross-contextual advertising. Under some privacy legislation, Personalized Ads may constitute the "sale" or "sharing" of personal data, such as for business purposes (e.g., providing Products and related Services) and commercial purposes (e.g., marketing). To opt out of these practices, please see the section above about revoking consent.
We may offer incentives related to the collection, retention, or sharing of information that may be deemed a "financial incentive" or "price or service difference". If you opt in to such an offering pursuant to the terms described at the time of signup, we may collect information such as contact information, transactional information and inferences, internet or other network activity, and device information. Any difference in price or rate, such as a discount, will be reasonably related to the value of the data. If you want to withdraw from the offering, please contact us as instructed below.
Company does not solicit or knowingly collect personally identifiable information from children under the age of 13. If Company obtains actual knowledge that it has been collected such as information, that information will be immediately deleted from our database. Because Company does not collect such information it has no such information to use or disclose to third parties. Company has designed this Privacy Policy in order to comply with the Children's Online Privacy Protection Act (COPPA).
Consistent with others in our industry, we take efforts to employ technical, administrative, and physical security measures for our personal data, taking into account reasonable security procedures and accessible technology. However, no system can be completely secure; and we cannot promise, and you should not expect, that your personal data will always remain secure. Your provision of personal data is at your own risk. The safety and security of your information also depends on you. Take steps to safeguard your passwords and other data and notify us as soon as possible if you believe your account security has been breached.
Our Website does not currently respond to Do Not Track, or "DNT" requests. DNT is a feature that, when enabled, sends a signal to websites to request that your browsing not be tracked.
Company is committed to giving you the appropriate control of your own personal data. Dependent upon the laws of jurisdiction where you reside, you may have the following rights in connection to your personal data:
To exercise your data subject rights, please email us at hello@dietdirect.com.
In addition to the foregoing Privacy Rights, if you are a resident of any of the following jurisdictions within the United States, the corresponding privacy rights apply to you:
The "right to access your personal data" includes the right to request the following:
Please note that we are only required to honor "right to access" requests twice in a 12-month period.
The "right to rectify your personal data" includes the right to correct inaccuracies, considering the nature of the personal data and the purposes of the processing.
The "right to obtain erasure/deletion of your personal data" is not absolute and we will, in some cases, retain personal data as allowed by applicable laws and to support essential functionality, such as maintaining your subscription.
You may also designate an authorized agent to make a privacy rights request on your behalf.
In addition, California law requires us to identify, for the 12-month period prior to the date of this Privacy Policy, what information we may have "sold" or "shared" about you. For the 12-month period prior to the date of this Privacy Policy, Company has only sold or shared personal data about its customers as expressly described in this Privacy Policy.
The Shine the Light law permits you to request and obtain from us, once per calendar year, information about any of your personal data shared with third parties for their own direct marketing purposes, including the categories of information and the names and addresses of those businesses with which we have shared such information. To request this informaton and for any other questions about our privacy practices and compliance with California law, please contact us as described above.
The "right to access your personal data" means you have the right to confirm whether we process your personal data and access your personal data.
Please note that we are only required to honor "right to access" requests twice in a 12-month period.
The "right to rectify your personal data" includes the right to correct inaccuracies, considering the nature of the personal data and the purposes of the processing.
The "right to obtain erasure/deletion of your personal data" is not absolute and we will, in some cases, retain personal data as allowed by applicable laws and to support essential functionality, such as maintaining your subscription.
You have the right to opt out of the processing of your personal data for purposes of targeted advertising, the sale of personal data, and/or profiling in furtherance of decisions that produce legal or similarly significant effects. Please see our Do Not Sell or Share My Personal Information page for information on exercising this right.
Please note that we do not process your personal data using machine learning and/or profiling methods in ways that would impact you in a legal or similarly significant manner.
If we deny your privacy request, you have the right to appeal our decision. To appeal a decision we have made regarding your request, you may contact us using our contact details provided above. We will repsond to appeals within 45 days.
You may also designate an authorized agent to make a privacy rights request on our behalf.
We reserve the right to update, modify, add or remove portions of this information notice at any time. Significant changes to the processing of your personal data will require your approval, in accordance with the applicable legislation. If you would like to obtain a copy of the current or a previous version of the informaton notice, please contact us using our contact details provided above.
Effective Date: February 23, 2025
This Consumer Health Data Privacy Policy ("Health Data Policy") supplements the Diet Direct Privacy Policy (the "General Privacy Policy") and applies solely to residents of states with consumer health data legislation that mandate such a policy. This Health Data Policy describes how Diet Direct Inc. ("Company", "we", or "us") collects, uses, shares, and protects your Consumer Health Data, as defined below. To the extent there are circumstances where some of the personal data collected or processed by Company may be considered "consumer health data" under Washington's My Health My Data Act (MHMDA) and any similar legislation, this Health Data Policy applies. To the extent there are any conflicts between the General Privacy Policy and this Health Data Policy this Health Data Policy will govern.
As used herein, "Consumer Health Data" means personal informaton that is linked or reasonably linkable to a consumer and that identifies the consumer's past, present, or future physical or mental health status. This includes, but is not limited to:
Consistent with our General Privacy Policy, we collect the following categories of Consumer Health Data from Washington residents:
We collect Consumer Health Data from the following sources:
We use your Consumer Health Data for the following purposes, consistent with the General Privacy Policy:
We may share your Consumer Health Data with the following categories of recipients, consistent with the General Privacy Policy:
You may have the following regarding your Consumer Health Data:
To exercise your rights, please contact us using the contact information provided in the "WHO WE ARE" section of our General Privacy Policy. We will respond to your request within the timeframes required by law.
We implement and maintain reasonable security measures to protect your Consumer Health Data from unauthorized access, use, or disclosure, as described in the General Privacy Policy.
We may update this Health Data Policy from time to time. We will post any changes on our Website and update the "Effective Date" above.
If you have any questions about this Health Data Policy or our practices regarding Consumer Health Data, please contact us using the information in the "WHO WE ARE" section of the General Privacy Policy.