Date: October 1, 2019
Keto-Mojo (hereinafter “Keto-Mojo” “we,” “our,” or “us”) is committed to safeguarding and handling your Personal Information in a responsible and secure manner.
We may modify this Policy at any time, without prior notice, and changes may apply to any Personal Information we already hold about you, as well as any new Personal Information collected after the Policy is modified. If we make changes, we will notify you by revising the date at the top of this Policy. We will provide you with advanced notice if we make any material changes to how we collect, use or disclose your Personal Information or that impact your rights under this Policy. If you continue to access or use our Services after receiving the notice of changes, you acknowledge your acceptance of the updated Policy.
In addition, we may provide you with real time disclosures or additional information about the Personal Information handling practices of specific parts of our Services. Such notices may supplement this Policy or provide you with additional choices about how we process your Personal Information.
Section 1 – Information We Collect Through Your Use of the Services
Personal Information is any information that identifies you or makes you identifiable. We collect different types of Personal Information when you’re accessing or using our Services, including:
- Information you provide to us. In connection with the Services, we may ask you to provide these categories of Personal Information:
- Account Information: Information you provide about yourself to access our Services, including name, email address, phone number, mailing address, and password, so that we may communicate with you and provide you with the Services.
- Self-Reported Information: Information you provide about yourself, including your question responses, demographics, life style, diet, weight loss goals, or any other data you submit while using our Services.
- Payment Information: If and when you make an order through our Services, you will need to provide us with a credit card for payment, including billing information such as your billing address, phone number, and name on the payment card. A third-party service provider stores and processes this information securely and only for purposes of marking an order through our Services.
- Voluntary Information: Information you provide to us voluntarily by completing web forms, participating in polls, or contributing to blogs, postings, contacting customer service, and other mediums constitutes Voluntary Information.
- Usage Information automatically collected. When you use the Services, we automatically collect information about the Services you use and how you use them (“Usage Information”), as described below.
- Service Data: We collect information about your interactions with the Services, such as the pages or other content you view, and other actions you perform while using the Services.
- Log Data: We automatically collect log information when you use the Services. This might include your IP address, access times, hardware and software information, device information, device event information (e.g. crashes, unsuccessful logins, browser type), the web page you’ve viewed or engaged with before or after using the Services, and other relevant information. We collect and monitor this data in order to keep track of the security and privacy of your account.
- Cookies and Similar Tracking Technologies: We may use various tracking technologies to collect and store information about your use of our Services. We use these tools to ensure that you receive a personalized experience, to provide you with certain functions on our Services, to keep your account safe, and to improve and optimize our Services. Please refer to the “Cookies and Similar Tracking Technologies” section below for more information.
- Information from our devices. If you purchase any of our tests or health information gathering devices, the readings and/or results may be automatically transmitted to us or we may ask you to self-report the outcomes to us within your account or through another means of secure transmission. For example, our Glucose Ketone Index our Keto-Mojo Meter will handle, store, and analyze your bio sample, including a blood sample and you may submit your results to us in your account.
- Information from third parties. From time to time, Keto-Mojo may allow you to connect or transfer your information to or from a third-party application or service. If you choose to participate, we may collect Personal Information about you from the third party. Once the Personal Information has been transferred to Keto-Mojo from a third party, you may or may not be able to rescind or remove the information.
Section 2 – How We Use Your Information
Your Personal Information can be used for various purposes, including:
- To Provide Our Services. When you access or use our Services, we process certain Personal Information about you to be able to provide you with our Services. Some examples of how we process your Personal Information in our Services include, but are not limited to:
- To coordinate and communicate about logistics and tracking of your test order,
- To pay for the Services, and
- To analyze or predict certain characteristics or outcomes within your account.
We cannot provide you with our Services without such processing of your Personal Information.
- To Communicate with You. When you sign up for our Services, you will receive Service-related communications. Our Service-related communications are transactional messages about your account, billing information, your results, surveys, support, customer service, research you may be interested in or are participating in, policy changes, or other Service-related notifications. We may also use your Personal Information for marketing, promotional, or sweepstakes related communications and initiatives. You can manage your email preferences and opt out of certain communications. However, service-related communications are necessary for us to continue to provide our Services to you.
- To Enforce our Terms, Agreements, or Policies. To maintain a safe, secure, and trusted environment for you when you use the Services, we use your Personal Information to make sure our terms, policies, and agreements with you and any third parties are enforced. We actively monitor, investigate, prevent, and mitigate any suspected or actual prohibited activities on our Services. We are required to process your Personal Information for this purpose to provide our Services.
- For Product Research and Development. We want to ensure our Services are continually improving and expanding so that we meet and exceed your needs and expectations. To do so, we may process your Personal Information to improve, optimize, or expand our Services or features of our Services. We do so by processing information about your use of the Services, any information you provide to us, and by measuring, tracking, and analyzing trends and usage in connection to your use or the performance of our Services. We take additional security measures when processing your Personal Information for such purposes, such as by de-identifying (or “pseudonymizing”) your Personal Information and limiting access to such data. Without processing your information for such purposes, we may not be able to ensure your continued satisfaction when using our Services.
- For Scientific Research and Clinical Trial Support. Keto-Mojo may use your de-identified or pseudonymized Personal Information conduct, whether independently, in collaboration with third parties, or sponsored by a third party, scientific research aimed at the creation of generalizable knowledge. Research may ultimately be published in a peer-reviewed journal or commercialized either by Keto-Mojo or a third party, but will not include your name or other Account Information. In addition, the Keto-Mojo Services, including our devices, may be used to support clinical trials. Information collected through our Services as part of a clinical trial may be used by Keto-Mojo for any of the above-listed purposes, or any purpose permissible under applicable law.
- To Comply with Applicable Laws. We may be required to process your Personal Information under certain laws and regulations, such as tax laws. We will also process any and all information to law enforcement agencies or others if required to do so by law or in the good faith belief that such preservation or disclosure is reasonably necessary to: (a) comply with legal or regulatory process (such as a judicial proceeding, court order, or government inquiry) or obligations that we may owe pursuant to ethical and other professional rules, laws, and regulations; (b) enforce the Keto-Mojo Terms of Service and other policies; (c) respond to claims that any content violates the rights of third parties; or (d) protect the rights, property, or personal safety of Keto-Mojo, its employees, its users, its clients, and the public. We cannot provide the Services to you without such processing.
Section 3 – How We Share Your Information
We may share your Personal Information as follows:
- Third-Party Service Providers. We may use third parties to perform certain services on our behalf in connection with the Services such as:
- to process and store data, including your Personal Information;
- to track, analyze, and modify our Services;
- for marketing, advertising, and distribution;
- to assist us in providing you with customer support; and
- to support our IT and security efforts.
Online Store. Shopify, Inc. hosts the online e-commerce platform that allows us to sell our products and Services to you. Personal Information is stored by Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.
If you choose a direct payment gateway to complete your purchase Shopify will store your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers. For more insight, you may also want to read Shopify’s Terms of Service or Privacy Statement.
Google Analytics. Google Analytics is as an analytics service provider. Learn more about how Google collects and uses data here. To opt out of Google Analytics Advertising Features please use Google Ad Settings. To opt out of Google Analytics entirely please use this link.
The third parties we work with do not have permission to use the information we share with them beyond what is necessary to assist us. We execute agreements with third parties to ensure they use adequate safeguards when processing your Personal Information in accordance with this Policy.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.
For these providers, we recommend that you read their privacy policies so you can understand the manner in which your Personal Information will be handled by these providers. In particular, remember that certain providers may be located in or have facilities that are located a different jurisdiction than either you or us. If you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
- Merger, Bankruptcy, or Corporate Reorganization. We may disclose and transfer your Personal Information to a subsequent owner, co-owner, or operator of Keto-Mojo or the Services, or in connection with a merger, consolidation, restructuring, the sale of substantially all of our interests and/or assets (i.e., a bankruptcy proceeding), or other corporate change. We will notify you with any choices you may have regarding your Personal Information when we are engaged in a merger, bankruptcy, or corporate reorganization.
- Legal Obligations and Safety. We may share your Personal Information if it is reasonably necessary to:
- Comply with a valid legal process (e.g., subpoenas, warrants, court orders, etc.);
- Comply with requests or investigations by public authorities;
- Comply with applicable laws or regulations;
- Enforce or apply the Keto-Mojo policies or policies of our business partners;
- Protect the security or integrity of the Services; or
- Protect the rights, property, or safety of Keto-Mojo, our employees or users, partners and affiliates, or other natural persons.
- For any other purpose, with your consent. We may share your Personal Information on your behalf or at your request. We will only do so with your specific consent. If you provide your consent to share your information, you may withdraw your consent at any time. Withdrawing your consent will not undo or reverse the lawfulness of any previous processing, and in some cases Personal Information may not be retrieved once shared. Contact us at firstname.lastname@example.org if you would like to withdraw your consent.
Section 4 – Your Choices
- Your Account. You may access your Keto-Mojo Account Information by going to the “Your Account” page. You can edit your Account Information as necessary, such as your email address, name, phone number, and more. When you update your Account Information, we may keep a copy of your previous account details for our records and to prevent fraud or other activities that violate our terms, policies and agreements. However, if you do not provide us with some of your Personal Information, such as your name or email, we will no longer be able to provide you with access to our Services.
- Self-Reported and Voluntary Information. You may choose not to provide us with some of your Personal Information. For example, you are not required to complete any survey we send to you. In some instances, you may be able to edit your answers to forms, surveys or features you submit to us. If you cannot find the information you are looking for in your account, please contact us at email@example.com with your request.
- Communication Preferences. If you do not want to receive emails from us, please adjust your communication preferences or click the unsubscribe link within the email you received from us. You will not be able to unsubscribe from Service-related communications as they are necessary for us to continue offering you the Services.
- Account Deletion. At any time, you can delete your account or delete our App from your mobile device. Deleting our App does not delete your account or the related Personal Information. If you wish to delete your account completely, please email us at firstname.lastname@example.org. Please note that Keto-Mojo’s deletion of your Personal Information is subject to limitations, including any applicable legal retention requirements.
If you are located in the European Economic Area, the United Kingdom or Switzerland, please refer to the section below entitled, “Notice to Individuals in the European Economic Area, the United Kingdom and Switzerland” for information about additional choices and rights to your Personal Information.
Section 5 – Third-Party Services
Section 6 – Security
To protect your Personal Information, we take reasonable precautions and follow industry standard practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. You should be aware that, unfortunately, no system can be 100% secure. There will always be a risk that your Personal Information gets compromised. We also depend on you to keep your Account Information secure by keeping your password confidential and taking precautions to keep others from accessing your account. Please notify us immediately at email@example.com if you become aware of any unauthorized access to or use of your account.
Section 7 – Children’s Privacy
By using this site, you represent that you are at least the age of majority in your jurisdiction of residence, or that you are the age of majority in your jurisdiction of residence and you have given us your consent to allow any of your minor dependents to use this site. Please contact us if you believe we have collected Personal Information about a child without consent from their parent or guardian so we can take action to prevent such access and to delete their Personal Information from our Services.
Section 8 – Retention
We generally retain your Personal Information as long as necessary to fulfill the purposes of collection or to comply with applicable law. Otherwise we will try to delete your Personal Information upon your request or when we no longer need it for the purposes it was originally collected. We will not delete any Personal Information that also relates to other individuals, unless such other individuals also wish to delete their Personal Information at the same time.
Section 9 – Notice to Individuals in the European Economic Area, the United Kingdom and Switzerland
This section only applies to individuals using or accessing our Service while located in the European Economic Area, the United Kingdom, or Switzerland (collectively, the “European Countries”) at the time of data collection.
We may ask you to identify which country you are located in when you use or access some of the Services, or we may rely on your IP address to identify which country you are located in. When we rely on your IP address, we cannot apply the terms of this section to any individual that masks or otherwise hides their location information from us so as not to appear located in European Countries. If any terms in this section conflict with other terms contained in this Policy, the terms in this section shall apply to individuals in a European Country.
Our Relationship to You. Keto-Mojo is a data controller with regard to any Personal Information collected from individuals accessing or using its Services. A “data controller” is an entity that determines the purposes for which and the manner in which any Personal Information is processed.
Legal Bases for Processing Your Personal Information. We rely on the following Legal Bases under the EU General Data Protection Regulation in processing your Personal Information.
- Section 2(1) To Provide Our Services.
- Section 2(2) To Provide You with Service-Related Communications.
- Section 2(2) To Enforce our Terms, Agreements, or Policies.
- Section 3(1) Third-Party Service Providers.
- Section 3(2) Merger, Bankruptcy, or Corporate Reorganization.
- Section 3(3) Legal Obligations and Safety.
- The legal basis to process your sensitive Personal Information through our Services, including in order to “Provide Our Services”, perform “Product Research and Development”, and conduct “Scientific Research and Clinical Trial Support”, is your consent. You may withdraw your consent at any time by deleting your account, which can be completed by emailing us at firstname.lastname@example.org; however, the withdrawal of your consent will not affect the lawfulness of processing based on consent before its withdrawal.
Marketing. We will only contact you if you are located in a European Country by electronic means (including email or SMS) based on our legitimate interests, as permitted by applicable law or your consent. If you do not want us to use your Personal Information in this way, please click the unsubscribe link at the bottom of any of our email messages to you or contact us at email@example.com. You can object to direct marketing at any time and free of charge.
Individual Rights. We provide you with the rights described below when you use our Services. We may limit your individual rights requests: (a) where denial of access is required or authorized by law; (b) when granting access would have a negative impact on other’s privacy; (c) to protect our rights and properties; or (d) where the request is frivolous or unrealistic. If you would like to exercise your rights under applicable law, please contact us at firstname.lastname@example.org.
- You can request access or deletion of your Personal Information.
- You can correct or update your Personal Information, object to processing or your Personal Information, ask us to restrict processing of your Personal Information or request portability of your Personal Information.
- If we collected and processed your Personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of the processing we conducted prior to your withdrawal, nor will it affect processing of your Personal Information conducted in reliance on lawful processing grounds other than consent.
- You have the right to complain to your local data protection authority about our collection ad use of your Personal Information.
If you believe we have infringed or violated your privacy rights, please contact us at email@example.com so that we may resolve your dispute directly.
Transfer of Your Personal Information. When you access or use our Services, your Personal Information may be processed in the United States or any other country in which Keto-Mojo, its affiliates, or service providers maintain facilities. Such countries or jurisdictions may have data protection laws that are less protective than the laws of the jurisdiction in which you reside. If you do not want your information transferred to, processed, or maintained outside of the country or jurisdiction where you are located, you should immediately stop accessing or using the Services.
We transfer your Personal Information subject to appropriate safeguards as permitted under the Data Protection Laws. We also rely on legal transfer mechanisms such as Standard Contractual Clauses or we work with U.S. based third parties that are certified under the EU-U.S. and Swiss-U.S. Privacy Shield Framework.
Section 10 – Notice to Individuals in California
California law permits California residents to ask us for a notice that identifies the categories of Personal Information that we share with our affiliates and/or third parties for marketing purposes, and that provides contact information for such affiliates and/or third parties. If you are a California resident and would like a copy of this notice, please submit a written request to us at the address provided under the “Contact Information” section.
Section 11 – Do Not Track Signals
Currently, we do not monitor or take any action with respect to Do Not Track signals or other mechanisms, which means that we collect information about your online activity both while you are using the Services and after you leave our Services.
Questions & Contact Information
If you would like to access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information please contact our Privacy Compliance Officer at firstname.lastname@example.org or by mail at:
Re: Privacy Compliance Officer
952 School Street
Napa, California, U.S. 94559