Last Updated: June 8, 2020
Keto-Mojo (hereinafter “Keto-Mojo” “we,” “our,” or “us”) is committed to safeguarding and handling your Personal Information in a responsible and secure manner.
We may modify this Policy at any time, without prior notice, and changes may apply to any Personal Information we already hold about you, as well as any new Personal Information collected after the Policy is modified. If we make changes, we will notify you by revising the date at the top of this Policy. We will provide you with advanced notice if we make any material changes to how we collect, use or disclose your Personal Information or that adversely impact your rights under this Policy. If you continue to access or use our Services after receiving the notice of changes, you acknowledge your acceptance of the updated Policy.
In addition, we may provide you with real time disclosures or additional information about the Personal Information handling practices of specific parts of our Services. Such notices may supplement this Policy or provide you with additional choices about how we process your Personal Information.
Section 1 – Information We Collect Through Your Use of the Services
Personal Information is any information that identifies you or makes you identifiable. We collect different types of Personal Information when you access or use our Services, including:
1. Information you provide to us. In connection with the Services, we may ask you to provide these categories of Personal Information:
- Account Information: Information you provide about yourself to access our Services, including name, email address, phone number, mailing address, and password, so that we may communicate with you and provide you with the Services.
- Self-Reported Information: Personal health information you provide about yourself, including your question responses, demographics, lifestyle, diet, weight loss goals, or any other data you submit while using our Services.
- Payment Information: If and when you make an order through our Services, you will need to provide us with a credit card for payment, including billing information such as your billing address, phone number, and name on the payment card. A third-party service provider stores and processes this information securely and only for purposes of marking an order through our Services.
- Voluntary Information: Information you provide to us voluntarily by completing web forms, participating in polls, or contributing to blogs, postings, contacting customer service, and other mediums constitutes Voluntary Information.
2. Usage Information automatically collected. When you use the Services, we automatically collect information about the Services you use and how you use them (“Usage Information”), as described below.
- Service Data: We collect information about your interactions with the Services, such as the pages or other content you view, and other actions you perform while using the Services.
- Log Data: We automatically collect log information when you use the Services. This might include your IP address, access times, hardware and software information, device information, device event information (e.g. crashes, unsuccessful logins, browser type), the web page you’ve viewed or engaged with before or after using the Services, and other relevant information. We collect and monitor this data in order to keep track of the security and privacy of your account.
- Cookies and Similar Tracking Technologies: We may use various tracking technologies to collect and store information about your use of our Services. We use these tools to ensure that you receive a personalized experience, to provide you with certain functions on our Services, to keep your account safe, and to improve and optimize our Services. Please refer to the “Cookies and Similar Tracking Technologies” section below for more information.
3. Information from our devices. If you purchase any of our tests or health information gathering devices, the readings and/or results may be automatically transmitted to us or we may ask you to self-report the outcomes to us within your account or through another means of secure transmission.
4. Information from third parties.From time to time, Keto-Mojo may allow you to connect or transfer your information to or from a third-party application or service. If you choose to participate, we may collect Personal Information about you from the third party. Once the Personal Information has been transferred to Keto-Mojo from a third party, you may request that we rescind or remove the information by contacting email@example.com.
Section 2 – Cookies & Other Tracking Technologies
Keto-Mojo may collect information by using technologies and methodologies, such as tags, web beacons or other similar technologies that enable tracking as you browse our Services. Cookies are small files used by many websites that reside on your computer’s hard drive and store information about your use of a particular site.
Generally, we use first-party and third-party cookies for the following purposes: to make our Services function properly; to provide a secure browsing experience during your use of our Services; to collect passive information about your use of our Services; to measure how you interact with our marketing campaigns; to help us improve our Services; and to remember your preferences for your convenience.
We may use the following types of cookies on our Services:
- Strictly Necessary Cookies – These cookies are essential because they enable you to use our Services. For example, strictly necessary cookies allow you to access secure areas on our Services. Without these cookies, some services cannot be provided. These cookies do not gather information about you for marketing purposes. This category of cookies is essential for our Services to work and they cannot be disabled.
- Functional Cookies – We use functional cookies to remember your choices so we can tailor our Services to provide you with enhanced features and personalized content. For example, these cookies can be used to remember your name or preferences on our Services. We do not use functional cookies to target you with online marketing. While these cookies can be disabled, this may result in less functionality during your use of our Services.
- Performance or Analytic Cookies – These cookies collect passive information about how you use our Services, including webpages you visit and links you click. We use the information collected by such cookies to improve and optimize our Services. We do not use these cookies to target you with online marketing. You can disable these cookies.
Your browser may provide you with the option to refuse some or all browser cookies. You may also be able to remove cookies from your browser. You can exercise your preferences in relation to cookies served on our Services by taking the steps outlined below:
- First-Party Cookies. You can use the browser with which you are viewing this Site to enable, disable or delete cookies. To do this, follow the instructions provided by your browser (usually located within the “Help”, “Tools” or “Edit” settings). Please note, if you set your browser to disable cookies, you may not be able to access secure areas of the Site. Also, if you disable cookies other parts of the Services may not work properly. You can find more information about how to change your browser cookie settings at http://www.allaboutcookies.org.
- Third-Party Cookies. To opt-out of third-party advertising networks and similar entities that use advertising cookies go to http://www.aboutads.info/choices. Once you click the link you may choose to opt-out of such advertising from all participating advertising companies or only advertising provided by specific advertising entities. For more information about third-party advertising networks and similar entities that use these technologies, please see http://www.aboutads.info/consumers.
We do not control third-parties’ collection or use of your information to serve interest-based advertising. However, these third-parties may provide you with ways to choose not to have your information collected or used in this way. In addition, most web browsers provide help pages relating to setting cookie preferences. More information may be found for the following browsers here:
Do Not Track
Some Internet browsers, such as Internet Explorer, Firefox, and Safari, include the ability to transmit “Do Not Track” or “DNT” signals. Since uniform standards for “DNT” signals have not been adopted, our Sites do not currently process or respond to “DNT” signals.
Section 3 – How We Use Your Information
Your Personal Information can be used for various purposes, including:
1. To Provide Our Services. When you access or use our Services, we process certain Personal Information about you to be able to provide you with our Services. Some examples of how we process your Personal Information in our Services include, but are not limited to:
- To coordinate and communicate about logistics and tracking of your test order,
- To pay for the Services, and
- To analyze or predict certain characteristics or outcomes within your account.
We cannot provide you with our Services without such processing of your Personal Information.
2. To Communicate with You. When you sign up for our Services, you will receive Service-related communications. Our Service-related communications are transactional messages about your account, billing information, your results, surveys, support, customer service, research you may be interested in or are participating in, policy changes, or other Service-related notifications. We may also use your Personal Information for marketing, promotional, or sweepstakes related communications and initiatives. You can manage your email preferences and opt out of certain communications. However, service-related communications are necessary for us to continue to provide our Services to you.
3. To Enforce Our Terms, Agreements or Policies. To maintain a safe, secure, and trusted environment for you when you use the Services, we use your Personal Information to make sure our terms, policies, and agreements with you and any third parties are enforced. We actively monitor, investigate, prevent, and mitigate any suspected or actual prohibited activities on our Services. We are required to process your Personal Information for this purpose to provide our Services.
4. For Product Research and Development. We want to ensure our Services are continually improving and expanding so that we meet and exceed your needs and expectations. To do so, we may process your Personal Information to improve, optimize, or expand our Services or features of our Services. We do so by processing information about your use of the Services, any information you provide to us, and by measuring, tracking, and analyzing trends and usage in connection to your use or the performance of our Services. We take additional security measures when processing your Personal Information for such purposes, such as by de-identifying (or “pseudonymizing”) your Personal Information and limiting access to such data. Without processing your information for such purposes, we may not be able to ensure your continued satisfaction when using our Services.
5. For Scientific Research and Clinical Trial Support. Keto-Mojo may use your de-identified or pseudonymized Personal Information conduct, whether independently, in collaboration with third parties, or sponsored by a third party, scientific research aimed at the creation of generalizable knowledge. Research may ultimately be published in a peer-reviewed journal or commercialized either by Keto-Mojo or a third party, but will not include your name or other Account Information. In addition, the Keto-Mojo Services, including our devices, may be used to support clinical trials. Information collected through our Services as part of a clinical trial may be used by Keto-Mojo for any of the above-listed purposes, or any purpose permissible under applicable law.
6. To Comply with Applicable Laws. We may be required to process your Personal Information under certain laws and regulations, such as tax laws. We will also process any and all information to law enforcement agencies or others if required to do so by law or in the good faith belief that such preservation or disclosure is reasonably necessary to: (a) comply with legal or regulatory process (such as a judicial proceeding, court order, or government inquiry) or obligations that we may owe pursuant to ethical and other professional rules, laws, and regulations; (b) enforce the Keto-Mojo Terms of Service and other policies; (c) respond to claims that any content violates the rights of third parties; or (d) protect the rights, property, or personal safety of Keto-Mojo, its employees, its users, its clients, and the public. We cannot provide the Services to you without such processing.
Section 4 – How We Share Your Information
We may share your Personal Information as follows:
1. Third-Party Service Providers. We may use third parties to perform certain services on our behalf in connection with the Services such as:
- to process and store data, including your Personal Information;
- to track, analyze, and modify our Services;
- for marketing, advertising, and distribution;
- to assist us in providing you with customer support; and
- to support our IT and security efforts.
2. Online Store. Shopify, Inc. hosts the online e-commerce platform that allows us to sell our products and Services to you. Personal Information is stored by Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.
If you choose a direct payment gateway to complete your purchase Shopify will store your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers. For more insight, you may also want to read Shopify’s Terms of Service or Privacy Statement.
3. Google Analytics. Google Analytics is as an analytics service provider. Learn more about how Google collects and uses data here. To opt out of Google Analytics Advertising Features please use Google Ad Settings. To opt out of Google Analytics entirely please use this link.
The third parties we work with do not have permission to use the information we share with them beyond what is necessary to assist us. We execute agreements with third parties to ensure they use adequate safeguards when processing your Personal Information in accordance with this Policy.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.
For these providers, we recommend that you read their privacy policies so you can understand the manner in which your Personal Information will be handled by these providers. In particular, remember that certain providers may be located in or have facilities that are located a different jurisdiction than either you or us. If you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
4. Merger, Bankruptcy, or Corporate Reorganization. We may disclose and transfer your Personal Information to a subsequent owner, co-owner, or operator of Keto-Mojo or the Services, or in connection with a merger, consolidation, restructuring, the sale of substantially all of our interests and/or assets (i.e., a bankruptcy proceeding), or other corporate change. We will notify you with any choices you may have regarding your Personal Information when we are engaged in a merger, bankruptcy, or corporate reorganization.
5. Legal Obligations and Safety. We may share your Personal Information if it is reasonably necessary to:
- Comply with a valid legal process (e.g., subpoenas, warrants, court orders, etc.);
- Comply with requests or investigations by public authorities;
- Comply with applicable laws or regulations;
- Enforce or apply the Keto-Mojo policies or policies of our business partners;
- Protect the security or integrity of the Services; or
- Protect the rights, property, or safety of Keto-Mojo, our employees or users, partners and affiliates, or other natural persons.
6. For any Other Purpose, with Your Consent. We may share your Personal Information on your behalf or at your request. We will only do so with your specific consent. If you provide your consent to share your information, you may withdraw your consent at any time. Withdrawing your consent will not undo or reverse the lawfulness of any previous processing, and in some cases Personal Information may not be retrieved once shared. Contact us at firstname.lastname@example.org if you would like to withdraw your consent.
Section 5 – Your Choices
1. Your Account. You may access your Keto-Mojo Account Information by going to the “Your Account” page. You can edit your Account Information as necessary, such as your email address, name, phone number, and more. When you update your Account Information, we may keep a copy of your previous account details for our records and to prevent fraud or other activities that violate our terms, policies and agreements. However, if you do not provide us with some of your Personal Information, such as your name or email, we will no longer be able to provide you with access to our Services.
2. Self-Reported and Voluntary Information. You may choose not to provide us with some of your Personal Information. For example, you are not required to complete any survey we send to you. In some instances, you may be able to edit your answers to forms, surveys or features you submit to us. If you cannot find the information you are looking for in your account, please contact us at email@example.com with your request.
3. Communication Preferences. If you do not want to receive emails from us, please adjust your communication preferences or click the unsubscribe link within the email you received from us. You will not be able to unsubscribe from Service-related communications as they are necessary for us to continue offering you the Services.
4. Account Deletion. At any time, you can delete your account or delete our App from your mobile device. Deleting our App does not delete your account or the related Personal Information. If you wish to delete your account completely, please email us at firstname.lastname@example.org. Please note that Keto-Mojo’s deletion of your Personal Information is subject to limitations, including any applicable legal retention requirements.
If you are located in the European Economic Area, the United Kingdom or Switzerland, please refer to the section below entitled, “Notice to Individuals in the European Economic Area, the United Kingdom and Switzerland” for information about additional choices and rights to your Personal Information.
Section 6 – Third-Party Services
Section 7 – Security
To protect your Personal Information, we take reasonable precautions and follow industry standard practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with AES-256 encryption. You should be aware that, unfortunately, no system can be 100% secure. There will always be a risk that your Personal Information gets compromised. We also depend on you to keep your Account Information secure by keeping your password confidential and taking precautions to keep others from accessing your account. Please notify us immediately at email@example.com if you become aware of any unauthorized access to or use of your account.
Section 8 – Children’s Privacy
By using this site, you represent that you are at least the age of majority in your jurisdiction of residence, or that you are the age of majority in your jurisdiction of residence and you have given us your consent to allow any of your minor dependents to use this site. Please contact us if you believe we have collected Personal Information about a child without consent from their parent or guardian so we can take action to prevent such access and to delete their Personal Information from our Services.
Section 9 – Retention
We generally retain your Personal Information as long as necessary to fulfill the purposes of collection or to comply with applicable law. Otherwise we will try to delete your Personal Information upon your request or when we no longer need it for the purposes it was originally collected. We will not delete any Personal Information that also relates to other individuals, unless such other individuals also wish to delete their Personal Information at the same time.
Section 10 –Notice to Individuals in California
This Section 9 applies only to California residents and contains the information that the Californian Consumer Privacy Act of 2018 (“CCPA”) requires us disclose. For purposes of this Section 9 only, “Personal Information” has the meaning given in the CCPA, but excludes information exempted from the scope of the CCPA. This Section describes Keto-Mojo’s collection, use and sharing practices in relation to Personal Information of California residents during the twelve (12) months preceding the effective date of this notice, and informs California residents of their rights with respect to that Personal Information.
Below is a summary of the “Personal Information” categories, as identified and defined by the CCPA (see California Civil Code section 1798.140 (o)), that Keto-Mojo collects, the reason Keto-Mojo collects the Personal Information, where Keto-Mojo obtains the Personal Information, and the parties with whom Keto-Mojo may share your Personal Information.
Keto-Mojo collects the following categories of Personal Information about you when you use our Services:
- identifiers such as a name, contact information, and online identifiers, such as device IP address and identification numbers associated with your devices;
- commercial information such as records of products or services purchased, obtained, or considered by you;
- Internet or other electronic information regarding you browsing history, search history, the webpage visited before you came to the website, length of visit and number of page views, click-stream data, locale preferences, your mobile carrier, date and time stamps associated with transactions, and system configuration information;
- audio recordings of your voice to the extent you call us, as permitted under applicable law;
- geolocation, to the extent you have configured your device to permit us to collect such information; and
- inferences about your preferences, characteristics, behavior and attitudes.
We generally do not collect protected classifications, education-related information, professional or employment information, physical description, biometric information, or sensory information. We describe the sources from which we collect this information in Section 1 – Information We Collect Through Your Use of the Services, above.
We collect your Personal Information for the business purposes described in Sections 2 – How We Use Your Information above, including for analytics, to support your use of our Services, to provide you requested marketing materials or customer support, to store cookies, and to ensure the integrity of the website and related services. The CCPA defines a “business purpose” as the use of Personal Information for the business’s operational purposes, or other notified purposes, provided the use of Personal Information is reasonably necessary and proportionate to achieve the operational purpose for which the Personal Information was collected or another operational purpose that is compatible with the context in which the Personal Information was collected.
The categories of third parties with whom we may share your Personal Information are listed in Section 3 – How We Share Your Information, above and include our website, marketing, analytics, and security service providers, and law enforcement authorities when required to do so.
Your Rights and Choices
As a California resident, you have rights in relation to your Personal Information; however, your rights are subject to certain exceptions. For instance, we cannot disclose specific pieces of Personal Information if the disclosure would create a substantial, articulable, and unreasonable risk to the security of the Personal Information, your account with us or the security of our network systems.
You may exercise your California privacy rights to know, access and deletion by emailing us at firstname.lastname@example.org. Please note that we will need to confirm your identity and California residency to process your requests to exercise your rights to know, access or delete your Personal Information. We cannot process your request if you do not provide us with sufficient detail to allow us to understand and respond to it.
- Right Against Discrimination. You are entitled to exercise the rights described above free from discrimination. This means that we will not penalize you for exercising your rights by taking actions. We will not discriminate against you for exercising your right to know, access, deletion or to opt-out of sales.
- Right to Know. You have the right to request the following information about how we have collected and used your Personal Information during the past twelve (12) months:
- The categories of Personal Information that we have collected.
- The categories of sources from which we collected Personal Information.
- The business or commercial purpose for collecting and/or selling Personal Information.
- The categories of third parties with whom we share Personal Information.
- Whether we have disclosed your Personal Information for a business purpose, and if so, the categories of Personal Information received by each category of third party recipient.
- Whether we have sold your Personal Information, and if so, the categories of Personal Information received by each category of third party recipient.
- Right to Access. You have the right to request a copy of the specific Personal Information we collected about you during the twelve (12) months before your request.
- Right to Deletion. You have the right to request a copy of the specific Personal Information we collected about you during the twelve (12) months before your request.
- Right to Opt-Out of Sales. You have the right to opt-out of having your Personal Information sold. We do not sell your Personal Information.
California law permits California residents to ask us for a notice that identifies the categories of Personal Information that we share with our affiliates and/or third parties for marketing purposes, and that provides contact information for such affiliates and/or third parties. If you are a California resident and would like a copy of this notice, please submit a written request to us at the address provided under the “Contact Information” section, below.
Section 11 – International Transfers
Individuals located in the European Economic Area (“EEA”), the United Kingdom or Switzerland at the time they access our Services, please see section 12, below.
Section 12 – Notice to Individuals in the European Economic Area, the United Kingdom and Switzerland
This section only applies to individuals using or accessing our Service while located in the European Economic Area, the United Kingdom, or Switzerland (collectively, the “European Countries”) at the time of data collection.
We may ask you to identify which country you are located in when you use or access some of the Services, or we may rely on your IP address to identify which country you are located in. When we rely on your IP address, we cannot apply the terms of this section to any individual that masks or otherwise hides their location information from us so as not to appear located in European Countries. If any terms in this section conflict with other terms contained in this Policy, the terms in this section shall apply to individuals in a European Country.
1. Our Relationship to You. Keto-Mojo is a data controller with regard to any Personal Information collected from individuals accessing or using its Services. A “data controller” is an entity that determines the purposes for which and the manner in which any Personal Information is processed.
2. Legal Bases for Processing Your Personal Information. We rely on the following Legal Bases under the EU General Data Protection Regulation in processing your Personal Information.
- Section 2(1) To Provide Our Services.
- Section 2(2) To Provide You with Service-Related Communications.
- Section 2(2) To Enforce our Terms, Agreements, or Policies.
- Section 3(1) Third-Party Service Providers.
- Section 3(2) Merger, Bankruptcy, or Corporate Reorganization.
- Section 3(3) Legal Obligations and Safety.
- The legal basis to process your sensitive Personal Information through our Services, including in order to “Provide Our Services”, perform “Product Research and Development”, and conduct “Scientific Research and Clinical Trial Support”, is your consent. You may withdraw your consent at any time by deleting your account, which can be completed by emailing us at email@example.com; however, the withdrawal of your consent will not affect the lawfulness of processing based on consent before its withdrawal.
3. Marketing. We will only contact you if you are located in a European Country by electronic means (including email or SMS) based on our legitimate interests, as permitted by applicable law or your consent. If you do not want us to use your Personal Information in this way, please click the unsubscribe link at the bottom of any of our email messages to you or contact us at firstname.lastname@example.org. You can object to direct marketing at any time and free of charge.
4. Individual Rights. We provide you with the rights described below when you use our Services. We may limit your individual rights requests: (a) where denial of access is required or authorized by law; (b) when granting access would have a negative impact on other’s privacy; (c) to protect our rights and properties; or (d) where the request is frivolous or unrealistic. If you would like to exercise your rights under applicable law, please contact us at email@example.com.
- You can request access or deletion of your Personal Information.
- You can correct or update your Personal Information, object to processing or your Personal Information, ask us to restrict processing of your Personal Information or request portability of your Personal Information.
- If we process your Personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of the processing we conducted prior to your withdrawal, nor will it affect processing of your Personal Information conducted in reliance on lawful processing grounds other than consent.
- If you believe we have infringed or violated your privacy rights, please contact us at firstname.lastname@example.org so that we may resolve your dispute directly. If you believe our processing of Personal Information infringes the GDPR, you have a right to lodge a complaint with your local data protection authority.
5. Transfer of Your Personal Information. When you access or use our Services, your Personal Information may be processed in the United States or any other country in which Keto-Mojo, its affiliates, or service providers maintain facilities. Such countries or jurisdictions may have data protection laws that are less protective than the laws of the jurisdiction in which you reside. If you do not want your information transferred to, processed, or maintained outside of the country or jurisdiction where you are located, you should immediately stop accessing or using the Services.
We transfer your Personal Information subject to appropriate safeguards as permitted under the Data Protection Laws. We also rely on legal transfer mechanisms such as Standard Contractual Clauses or we work with U.S. based third parties that are certified under the EU-U.S. and Swiss-U.S. Privacy Shield Framework.
Questions & Contact Information
If you would like to access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information please contact our Privacy Compliance Officer at email@example.com or by mail at:
Re: Privacy Compliance Officer
952 School Street, Ste 212
Napa, California, U.S. 94559