Privacy Policy

Last Update: October 20, 2024

1.Scope

We care about your online privacy. This privacy policy document ("Policy") describes how the personally identifiable information ("Personal Information") you may provide on the shredfitx.com ("Website" or "Service") and/or the digital content products or digital software sold on the Website (the “App”) and any of their related products and services (all of the above, collectively, "Services") is collected, protected, used and disclosed. It also describes the choices available to you regarding our use of your Personal Information and how you can access and update this information. This Policy is a legally binding agreement between you ("User", "you" or "your") and Good Vibe Products, LLC. ("Good Vibe Products, LLC", "we", "us" or "our"). By accessing and using the Services, you acknowledge that you have read, understood, and agree to be legally bound by the terms of this Policy. You must exit all Services if you do not agree with all of the provisions of this Policy.

The Website and other Services contain links to other resources that are not owned or controlled by us. Please be aware that we are not responsible for the privacy practices of such other resources or third parties. We encourage you to be aware when you leave the Website and Services and to read the privacy statements of each and every resource that may collect Personal Information. This Policy does not apply to the practices of companies that we do not own or control, or to individuals that we do not employ or manage.

If you use any of our Services, that signifies your legal acceptance of this Policy. The effective date of the last update is at the top of this page, so visit it occasionally to see if there are any changes. We reserve the right to change this Policy at any time at our sole discretion and will notify you of any material changes to the way in which we treat Personal Information. When we do make any change, we will revise the updated date at the top of this page. We may also provide notice to you in other ways in our discretion, such as through contact information you have provided. Any updated version of this Policy will be effective immediately upon the posting of the revised Policy unless otherwise specified. Your continued use of the Website and Services after the effective date of the revised Policy (or such other act specified at that time) will constitute your consent to those changes. However, we will not, without your consent, use your Personal Information in a manner materially different than what was stated at the time your Personal Information was collected.

2.Collection of user data

When you open the Website, our servers automatically record information that your browser sends. This data may include information such as your device's IP address, browser type and version, operating system type and version, language preferences or the webpage you were visiting before you came to the Website and Services, pages of the Website and Services that you visit, the time spent on those pages, information you search for on the Website, access times and dates, and other statistics. Information collected automatically is used only to identify potential cases of abuse and establish statistical information regarding the usage and traffic of the Website and Services. This statistical information is not otherwise aggregated in such a way that would identify any particular user of the system. You can access and use the Services without telling us who you are or revealing any information by which someone could identify you as a specific, identifiable individual. If, however, you wish to use some of the features on the Website, you may be asked to provide certain Personal Information (for example, your name and e-mail address). We receive and store any information you knowingly provide to us when you create an account, publish content, make a purchase, or fill any online forms on the Website. You can choose not to provide us with your Personal Information, but then you may not be able to take advantage of some of the features of the Services. Users who are uncertain about what information is mandatory are welcome to contact us.

Here are the types of information we may collect regarding users:

1. We collect personal information necessary to create personalized fitness, nutrition, and wellness plans for our users. This includes, but is not limited to, information such as your name, username, birthdate, age, weight, email address, mailing address, phone number, and country of residence. Additionally, we may collect data related to your health and fitness needs, including injuries, health conditions that may affect exercise or nutrition, current nutrition and workout plans, and personal goals related to sleep, hydration, and wellness. For users accessing our services via mobile devices, we may also collect geolocation data (such as latitude and longitude). PLEASE NOTE THAT WHILE WE OFFER GUIDANCE ON FITNESS, NUTRITION, SUPPLEMENTS, AND BIOLOGICAL BLOOD PANEL CONSULTING, WE ARE NOT LICENSED MEDICAL PROFESSIONALS, AND OUR SERVICES SHOULD NOT BE CONSIDERED MEDICAL ADVICE. THE INFORMATION WE COLLECT IS USED SOLELY TO PROVIDE PERSONALIZED WELLNESS PLANS, AND BY USING OUR SERVICES, YOU CONSENT TO THIS DATA BEING COLLECTED AND UTILIZED FOR THE PURPOSE OF DELIVERING THESE SERVICES.

2. Payment Info: card and bank account information.

3· Communications: if you contact us for any reason, we will receive whatever information you voluntarily provide (e.g., your feedback, ratings and reviews) and any other materials you willingly submit to us such as articles and images etc.

4· Your Devices: device identifiers, phone manufacturer and carrier, browser, IP address, operating system version, mobile advertising identifiers, application installations.

5· Services Interaction: we see what content our users access, when and how they interact with the Services content/pages. Other Sources: Some of the information we collect is directly from you via the Website and other Services. However, we may also collect Personal Information about you from other sources such as public databases, social media platforms, third-party data providers, and our joint marketing partners. Personal Information we collect from other sources may include demographic information, such as age and gender, device information, such as IP addresses, location, such as city and state, and online behavioral data, such as information about your use of social media websites, page view information and search results and links.

3.USE OF DATA

In order to make the Services available to you, or to meet a legal obligation, we may need to collect and use certain Personal Information. If you do not provide the information that we request, we may not be able to provide you with the requested Services. Any of the information we collect from you may be used for the following purposes:

1. Create and manage user accounts
2. Fulfill and manage orders Deliver products or services
3. Improve products and services
4. Send administrative information
5. Send marketing and promotional communications
6. Respond to inquiries and offer support
7. Request user feedback
8. Improve user experience
9.Post customer testimonials
10. Deliver targeted advertising
11. Administer prize draws and competitions
12. Enforce terms and conditions and policies
13. Protect from abuse and malicious users
14. Respond to legal requests and prevent harm, carry out our obligations, prevent fraud, facilitate disputes between users
15. Run and operate the Services
16. Communicate with you regarding changes to your account or our Services
17. Send our newsletter, publications or other product announcements but you can unsubscribe.
18. Use your email or phone number via SMS for:
- users email addresses confirmation;
- sending invitations to the app or web Services; - sending discount codes and other information;
- sending prize information; - subscribers notifications ·
19. Accomplish any other purpose for which the information was provided.

Processing your Personal Information depends on how you interact with the Services, where you are located in the world and if one of the following applies: (i) you have given your consent for one or more specific purposes; this, however, does not apply whenever the processing of Personal Information is subject to California Consumer Privacy Act or European data protection law; (ii) provision of information is necessary for the performance of an agreement with you and/or for any pre-contractual obligations thereof; (iii) processing is necessary for compliance with a legal obligation to which you are subject; (iv) processing is related to a task that is carried out in the public interest or in the exercise of official authority vested in us; or (v) processing is necessary for the purposes of the legitimate interests pursued by us or by a third party. Note that under some applicable laws we may be allowed to process information until you object to such processing (by opting out), without having to rely on consent or any other of the following legal bases below. In any case, we will be happy to clarify the specific legal basis that applies to the processing, and in particular whether the provision of Personal Information is a statutory or contractual requirement, or a requirement necessary to enter into a contract.

4.BILLING AND PAYMENTS SECURITY

In case of services requiring payment, we request credit card or other payment account information, which will be used solely for processing payments. Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted. Where necessary for processing future payments and subject to your prior consent, your financial information will be stored in encrypted form on secure servers of our reputed payment gateway service provider who is required to treat your Personal Information in accordance with this Policy. All direct payment gateways adhere to the latest security standards as managed by the PCI Security Standards Council, which is a joint effort of brands like PayPal, Visa, MasterCard, American Express and Discover. Sensitive and private data exchange happens over a SSL secured communication channel and is encrypted and protected with digital signatures, and the Website and Services are also in compliance with PCI vulnerability standards in order to create as secure of an environment as possible for Users. We may at our option perform scans for malware from time to time for additional security and protection. 5.OTHER DISCLOSURE OF DATA

In addition to sharing your data as described above, we may disclose the collected Personal Information as follows.

We can disclose aggregated, anonymized information that does not identify any particular user can be disclosed without restriction. Depending on the requested Services or as necessary to complete any transaction or provide any service you have requested, we may contract with other companies and share your information with your consent with our trusted third parties that work with us, any other affiliates and subsidiaries we rely upon to assist in the operation of the Website and Services available to you. We can disclose your information to our contractors, business partners, third party service providers and other entities or individuals who provide support for our Services (for example, integration and API partners). We do not share Personal Information with unaffiliated third parties. These service providers are not authorized to use or disclose your information except as necessary to perform services on our behalf or comply with legal requirements. We may share your Personal Information for these purposes only with third parties whose privacy policies are consistent with ours or who agree to abide by our policies with respect to Personal Information. These third parties are given Personal Information they need only in order to perform their designated functions, and we do not authorize them to use or disclose Personal Information for their own marketing or other purposes.

We will disclose any Personal Information we collect, use or receive if required or permitted by law, such as to comply with a subpoena, or similar legal process, and when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request or to protect the property, safety, rights of the Services, the users or the public.

In the event we go through a business transition, such as a merger or acquisition by another company, or sale of all or a portion of our assets, your user account, and Personal Information likely will be among the assets transferred.

6.RETENTION OF INFORMATION

We will retain and use your Personal Information for the period necessary to comply with our legal obligations, resolve disputes, and enforce our agreements unless a longer retention period is required or permitted by law. If you reside in the European Economic Area, then GDPR Article 5, Section 1(e) applies to you. https://gdpr-info.eu/art-5-gdpr/ We may use any aggregated data derived from or incorporating your Personal Information after you update or delete it, but not in a manner that would identify you personally. Once the retention period expires, Personal Information shall be deleted. Therefore, the right to access, the right to erasure, the right to rectification and the right to data portability cannot be enforced after the expiration of the retention period.

The Personal Information you can delete may change as the Website and other Services change. When you delete Personal Information, however, we may maintain a copy of the unrevised Personal Information in our records for the duration necessary to comply with our obligations to our affiliates and partners, and for the purposes described in this Policy.

7.TRANSFER OF INFORMATION

Depending on your location, data transfers may involve transferring and storing your information in a country other than your own. We process your personal information in the United States. This is where it will be transferred to in case you are located somewhere else. By submitting any personal information to us, you agree to its transfer to and processing in the United States. You are entitled to learn about the legal basis of information transfers to a country outside the European Union or to any international organization governed by public international law or set up by two or more countries, such as the UN, and about the security measures taken by us to safeguard your information. If any such transfer takes place, you can find out more by checking the relevant sections of this Policy or inquire with us using the information provided in the “Contacting Us” section of this Policy.

8.THE RIGHTS OF USERS

You may exercise certain rights regarding your information processed by us. In particular, you have the right to do the following: (i) you have the right to withdraw consent where you have previously given your consent to the processing of your information; (ii) you have the right to object to the processing of your information if the processing is carried out on a legal basis other than consent; (iii) you have the right to learn if information is being processed by us, obtain disclosure regarding certain aspects of the processing and obtain a copy of the information undergoing processing; (iv) you have the right to verify the accuracy of your information and ask for it to be updated or corrected; (v) you have the right, under certain circumstances, to restrict the processing of your information, in which case, we will not process your information for any purpose other than storing it; (vi) you have the right, under certain circumstances, to obtain the erasure of your Personal Information from us; (vii) you have the right to receive your information in a structured, commonly used and machine readable format and, if technically feasible, to have it transmitted to another controller without any hindrance. This provision is applicable provided that your information is processed by automated means and that the processing is based on your consent, on a contract which you are part of or on pre-contractual obligations thereof.

To the extent it is forbidden by law, we will not share your personal information with third parties for their direct marketing purposes. If our practices change, we will do so in accordance with applicable laws and will notify you in advance. California law requires that operators of online services disclose how they respond to a Do Not Track signal. Some browsers have incorporated “Do Not Track” features. Most of these features, when turned on, send a signal or preference to the online service that a user visits, indicating that the user does not wish to be tracked. At this time, we do not respond to Do Not Track signals.

You can request disclosure of your information collected by us by writing to the email at the end of this Policy. We will then provide the requested information, its sources and purposes of use, in a portable and easily accessible format within 45 days of the request.

You have the right to request deletion of your personal information from our systems by submitting a request to the email at the end of this Policy. You have the right to nondiscrimination for exercising your rights. That means you cannot be denied goods or services, charged different prices, or provided different quality of goods/services for asserting your legal rights.

9.THE RIGHT TO OBJECT TO PROCESSING

Where Personal Information is processed for the public interest, in the exercise of an official authority vested in us or for the purposes of the legitimate interests pursued by us, you may object to such processing by providing a ground related to your particular situation to justify the objection. You must know that, however, in the event your Personal Information is ever processed for direct marketing purposes, you can object to that processing at any time without providing any justification. To learn whether we are processing Personal Information for direct marketing purposes, you may refer to the relevant sections of this Policy.

10.DATA PROTECTION RIGHTS IN EUROPEAN ECONOMIC AREA

If you are a resident of the European Economic Area (EEA), you have certain data protection rights and Good Vibe Products, LLC, aims to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Information. If you wish to be informed what Personal Information we hold about you and if you want it to be removed from our systems, please contact us. In certain circumstances, you have the following data protection rights:
1.You have the right to request access to your Personal Information that we store and have the ability to access your Personal Information.
2.You have the right to request that we correct any Personal Information you believe is inaccurate. You also have the right to request us to complete the Personal Information you believe is incomplete.
3. You have the right to request that we erase your Personal Information under certain conditions of this Policy.
4. You have the right to object to our processing of your Personal Information. You have the right to seek restrictions on the processing of your Personal Information.
5. When you restrict the processing of your Personal Information, we may store it but will not process it further.
6. You have the right to be provided (in a structured, machine-readable and commonly used format) a copy of the information we have on you.
7. You also have the right to withdraw your consent at any time where Good Vibe Products, LLC relied on your consent to process your Personal Information.
You have the right to complain to a Data Protection Authority about our collection and use of your Personal Information. For more information, please contact your local data protection authority in the European Economic Area.

11.CALIFORNIA PRIVACY RIGHTS

In addition to the rights as explained in this Policy, California residents who provide Personal Information (as defined in the statute) to obtain products or services for personal, family, or household use are entitled to request and obtain from us, once a calendar year, information about the Personal Information we shared, if any, with other businesses for marketing uses. If applicable, this information would include the categories of Personal Information and the names and addresses of those businesses with which we shared such personal information for the immediately prior calendar year (e.g., requests made in the current year will receive information about the prior year). To obtain this information please inquire with us using the information provided in the “Contacting Us” section of this Policy.

Furthermore, California residents have the right to opt-out of the sale of their Personal Information which may include selling, disclosing or transferring Personal Information to another business or a third party for monetary or other valuable consideration. To do so, please contact us.

12.INFORMATION SECURITY

We secure data on computer servers in a controlled, secure environment, protected from unauthorized access, use, or disclosure information you provide. We maintain reasonable administrative, technical, and physical safeguards in an effort to protect against unauthorized access, use, modification, and disclosure of Personal Information in its control and custody. However, no data transmission over the Internet or wireless network can be guaranteed. Therefore, while we strive to protect your Personal Information, you acknowledge that (i) there are security and privacy limitations of the Internet which are beyond our control; (ii) the security, integrity, and privacy of any and all information and data exchanged between you and the Website and Services cannot be guaranteed; and (iii) any such information and data may be viewed or tampered with in transit by a third party, despite best efforts.

13.DATA BREACH

In the event we become aware that the security of the Website and Services has been compromised or users Personal Information has been disclosed to unrelated third parties as a result of external activity, including, but not limited to, security attacks or fraud, we reserve the right to take reasonably appropriate measures, including, but not limited to, investigation and reporting, as well as notification to and cooperation with law enforcement authorities. In the event of a data breach, we will make reasonable efforts to notify affected individuals if we believe that there is a reasonable risk of harm to the user as a result of the breach or if notice is otherwise required by law. When we do, we will post a notice on the Website, and send you an email.

14.ADVERTISEMENTS

We may display online advertisements and we may share aggregated and non-identifying information about our customers that we or our advertisers collect through your use of the Website and other Services. We do not share with advertisers personally identifiable information about individual customers. In some instances, we may use this aggregated and non-identifying information to deliver tailored advertisements to the intended audience.

15.EMAIL MARKETING

We offer electronic newsletters and email advertisements to which you may voluntarily subscribe at any time. We are committed to keeping your e-mail address confidential and will not disclose your email address to any third parties except as allowed in this Policy. We will maintain the information sent via e-mail in accordance with applicable laws and regulations.

In compliance with the CAN-SPAM Act, any general solicitation e-mails sent from us will clearly state who the e-mail is from and provide clear information on how to contact the sender. You may choose to stop receiving our newsletter or marketing emails by following the unsubscribe instructions included in these emails or by contacting us. However, you will continue to receive essential transactional emails.

16.AFFILIATE MARKETING We may engage in affiliate marketing and have affiliate links present on the Website and other Services. If you click on an affiliate link, a cookie will be placed on your browser to track any sales for purposes of commissions.

17.COOKIE POLICY

Cookies are small bits of text data placed on your device when you visit websites. Cookies record data about your activity, such as which pages you view and what you click on. Cookies assist our Services to recognize your device when you return. For example, cookies can help us to remember your preferences, username, analyze the performance of our Services and recommend content that may be most relevant to your interests.

Here are the reasons we may use cookies:

Analytics. This type of cookie shows us which pages users view, which links are popular, etc. These cookies only provide anonymized information that does not identify anybody personally. This information is then bundled with the similar information from the other users, so that we can analyze the general usage patterns.

Essential cookies. These are necessary to provide the services that you have asked for. Without these essential cookies, our Services would not be able to operate. They are necessary to enable users to navigate through the Services and use its main features. For example, essential cookies identify registered users so that they can access member-only areas of the site. Essential cookies keep users logged in. If a subscriber disables essential cookies, that subscriber won’t be able to get to all of the content that a subscription entitles them to. These cookies don't collect information that could be utilized for the purposes of marketing or determining what places on the internet you have visited.

To show relevant advertising. If we allow ads on our Services, they can contain cookies in order to provide ads most relevant to your interests. They can also help limit the number of times you see a particular ad and to assess the effectiveness of the advertising campaign.

To improve your browsing experience. This type of cookie enables the site to remember users’ preferences and settings, such as geographic region or language. They can also be used to restrict the number of times an ad is shown, to remember which forms you have already filled in, so that you don’t have to do it again.

To implement tracking technology on our Services. This tracking does not use your personal information; it uses deidentified data (that means data that cannot be tied specifically to you). We will not combine this data with your other personal information without your prior express permission.

To implement flash cookies. These are local-stored objects that collect and store information about your preferences and navigation on our Services. Flash cookies are not managed by the same browser settings as are used for browser cookies.

To implement web beacons. Pages of our Website and App and our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags and single-pixel gifs) that permit us, for example, to count users who have visited those pages or opened an email and for other related statistics (for example, recording the popularity of certain content and verifying system integrity).

To implement pixel tracking. Pixel tracking is a process that involves the use of invisible pixel tags that consist of a few lines of computer code. Pixel tracking measures the effectiveness of advertisements and compiles aggregate and specific usage statistics. For example, if you visit our Services from an advertisement on another platform, the pixel tag will allow the advertiser to track that its advertisement brought you to our Services. If you visit our Website or App, and we link you to another website, we may also be able to determine that you were sent to and/or transacted with a third-party website. This data is collected for use in our marketing and research.

There is a way to turn off cookies by going to your browser’s Help or Settings menu. However, keep in mind that disabling cookies may limit your use of the Services and/or delay or affect the way in which it operates. You may learn more about cookies and how they work in this guide.



18.DATA SECURITY

Only our administrators are allowed to access our Website’s and App’s password-protected server where your personal information is stored. We utilize SSL. We have implemented CORS policies, applied to the server API endpoints. However, any transmission of information over the Internet has its inherent risks, so we cannot guarantee the absolute security of your personal information. Transmit personal information over the Internet at your own risk. We shall not be liable for circumvention of security measures or privacy settings on the Services. It is your responsibility to keep your login credentials, if any, confidential.

19.PERSONS UNDER 18

We do not knowingly collect any personal information about persons under the age of 18. Our Services is not directed to persons under the age of 18. If we become aware that a person under 18 has provided any personal info, it will be erased from our database as soon as reasonably possible, except when we need to keep that information for legal purposes or to notify a parent or guardian. However, portions of this data may remain in back-up archives or web logs even after we erase it from our databases. If a parent or guardian believes that a child has sent us personal information, send us an e-mail. We encourage parents and legal guardians to monitor their children's Internet usage and to help enforce this Policy by instructing their children never to provide Personal Information through the Website and Services without their permission. You must also be at least 18 years of age to consent to the processing of your Personal Information in your country (in some countries we may allow your parent or guardian to do so on your behalf).

20.'DO NOT TRACK' SIGNALS

Some browsers incorporate a Do Not Track feature that signals to websites you visit that you do not want to have your online activity tracked. Tracking is not the same as using or collecting information in connection with a website. For these purposes, tracking refers to collecting personally identifiable information from consumers who use or visit a website or online service as they move across different websites over time. How browsers communicate the Do Not Track signal is not yet uniform. As a result, the Website and other Services are not yet set up to interpret or respond to Do Not Track signals communicated by your browser. Even so, as described in more detail throughout this Policy, we limit our use and collection of your personal information.

21.HOW TO EXERCISE YOUR RIGHTS

Any requests to exercise your rights can be directed to Good Vibe Products, LLC through the “Contacting Us” section below. Please note that we may ask you to verify your identity before responding to such requests. Your request must provide information sufficient to allow us to verify that you are the person you are claiming to be or that you are the authorized representative of such person. You must include sufficient details to allow us to properly understand the request and respond to it. We cannot respond to your request or provide you with Personal Information unless we first verify your identity or authority to make such a request and confirm that the Personal Information relates to you.

22.CONTACTING US

If you would like to contact us to understand more about this Policy or wish to contact us concerning any matter relating to individual rights and your Personal Information, you may do so via the contact form on our website, send an email to hello@herbsandfit.com or write a letter to: Good Vibe Products, LLC, PO Box 1959, Parker, CO 80134.

Privacy Policy

Last Update: October 20, 2024

1.Scope

We care about your online privacy. This privacy policy document ("Policy") describes how the personally identifiable information ("Personal Information") you may provide on the shredfitx.com ("Website" or "Service") and/or the digital content products or digital software sold on the Website (the “App”) and any of their related products and services (all of the above, collectively, "Services") is collected, protected, used and disclosed. It also describes the choices available to you regarding our use of your Personal Information and how you can access and update this information. This Policy is a legally binding agreement between you ("User", "you" or "your") and Good Vibe Products, LLC. ("Good Vibe Products, LLC", "we", "us" or "our"). By accessing and using the Services, you acknowledge that you have read, understood, and agree to be legally bound by the terms of this Policy. You must exit all Services if you do not agree with all of the provisions of this Policy.

The Website and other Services contain links to other resources that are not owned or controlled by us. Please be aware that we are not responsible for the privacy practices of such other resources or third parties. We encourage you to be aware when you leave the Website and Services and to read the privacy statements of each and every resource that may collect Personal Information. This Policy does not apply to the practices of companies that we do not own or control, or to individuals that we do not employ or manage.

If you use any of our Services, that signifies your legal acceptance of this Policy. The effective date of the last update is at the top of this page, so visit it occasionally to see if there are any changes. We reserve the right to change this Policy at any time at our sole discretion and will notify you of any material changes to the way in which we treat Personal Information. When we do make any change, we will revise the updated date at the top of this page. We may also provide notice to you in other ways in our discretion, such as through contact information you have provided. Any updated version of this Policy will be effective immediately upon the posting of the revised Policy unless otherwise specified. Your continued use of the Website and Services after the effective date of the revised Policy (or such other act specified at that time) will constitute your consent to those changes. However, we will not, without your consent, use your Personal Information in a manner materially different than what was stated at the time your Personal Information was collected.

2.Collection of user data

When you open the Website, our servers automatically record information that your browser sends. This data may include information such as your device's IP address, browser type and version, operating system type and version, language preferences or the webpage you were visiting before you came to the Website and Services, pages of the Website and Services that you visit, the time spent on those pages, information you search for on the Website, access times and dates, and other statistics. Information collected automatically is used only to identify potential cases of abuse and establish statistical information regarding the usage and traffic of the Website and Services. This statistical information is not otherwise aggregated in such a way that would identify any particular user of the system. You can access and use the Services without telling us who you are or revealing any information by which someone could identify you as a specific, identifiable individual. If, however, you wish to use some of the features on the Website, you may be asked to provide certain Personal Information (for example, your name and e-mail address). We receive and store any information you knowingly provide to us when you create an account, publish content, make a purchase, or fill any online forms on the Website. You can choose not to provide us with your Personal Information, but then you may not be able to take advantage of some of the features of the Services. Users who are uncertain about what information is mandatory are welcome to contact us.

Here are the types of information we may collect regarding users:

1. We collect personal information necessary to create personalized fitness, nutrition, and wellness plans for our users. This includes, but is not limited to, information such as your name, username, birthdate, age, weight, email address, mailing address, phone number, and country of residence. Additionally, we may collect data related to your health and fitness needs, including injuries, health conditions that may affect exercise or nutrition, current nutrition and workout plans, and personal goals related to sleep, hydration, and wellness. For users accessing our services via mobile devices, we may also collect geolocation data (such as latitude and longitude). PLEASE NOTE THAT WHILE WE OFFER GUIDANCE ON FITNESS, NUTRITION, SUPPLEMENTS, AND BIOLOGICAL BLOOD PANEL CONSULTING, WE ARE NOT LICENSED MEDICAL PROFESSIONALS, AND OUR SERVICES SHOULD NOT BE CONSIDERED MEDICAL ADVICE. THE INFORMATION WE COLLECT IS USED SOLELY TO PROVIDE PERSONALIZED WELLNESS PLANS, AND BY USING OUR SERVICES, YOU CONSENT TO THIS DATA BEING COLLECTED AND UTILIZED FOR THE PURPOSE OF DELIVERING THESE SERVICES.

2. Payment Info: card and bank account information.

3· Communications: if you contact us for any reason, we will receive whatever information you voluntarily provide (e.g., your feedback, ratings and reviews) and any other materials you willingly submit to us such as articles and images etc.

4· Your Devices: device identifiers, phone manufacturer and carrier, browser, IP address, operating system version, mobile advertising identifiers, application installations.

5· Services Interaction: we see what content our users access, when and how they interact with the Services content/pages. Other Sources: Some of the information we collect is directly from you via the Website and other Services. However, we may also collect Personal Information about you from other sources such as public databases, social media platforms, third-party data providers, and our joint marketing partners. Personal Information we collect from other sources may include demographic information, such as age and gender, device information, such as IP addresses, location, such as city and state, and online behavioral data, such as information about your use of social media websites, page view information and search results and links.

3.USE OF DATA

In order to make the Services available to you, or to meet a legal obligation, we may need to collect and use certain Personal Information. If you do not provide the information that we request, we may not be able to provide you with the requested Services. Any of the information we collect from you may be used for the following purposes:

1. Create and manage user accounts
2. Fulfill and manage orders Deliver products or services
3. Improve products and services
4. Send administrative information
5. Send marketing and promotional communications
6. Respond to inquiries and offer support
7. Request user feedback
8. Improve user experience
9.Post customer testimonials
10. Deliver targeted advertising
11. Administer prize draws and competitions
12. Enforce terms and conditions and policies
13. Protect from abuse and malicious users
14. Respond to legal requests and prevent harm, carry out our obligations, prevent fraud, facilitate disputes between users
15. Run and operate the Services
16. Communicate with you regarding changes to your account or our Services
17. Send our newsletter, publications or other product announcements but you can unsubscribe.
18. Use your email or phone number via SMS for:
- users email addresses confirmation;
- sending invitations to the app or web Services; - sending discount codes and other information;
- sending prize information; - subscribers notifications ·
19. Accomplish any other purpose for which the information was provided.

Processing your Personal Information depends on how you interact with the Services, where you are located in the world and if one of the following applies: (i) you have given your consent for one or more specific purposes; this, however, does not apply whenever the processing of Personal Information is subject to California Consumer Privacy Act or European data protection law; (ii) provision of information is necessary for the performance of an agreement with you and/or for any pre-contractual obligations thereof; (iii) processing is necessary for compliance with a legal obligation to which you are subject; (iv) processing is related to a task that is carried out in the public interest or in the exercise of official authority vested in us; or (v) processing is necessary for the purposes of the legitimate interests pursued by us or by a third party. Note that under some applicable laws we may be allowed to process information until you object to such processing (by opting out), without having to rely on consent or any other of the following legal bases below. In any case, we will be happy to clarify the specific legal basis that applies to the processing, and in particular whether the provision of Personal Information is a statutory or contractual requirement, or a requirement necessary to enter into a contract.

4.BILLING AND PAYMENTS SECURITY

In case of services requiring payment, we request credit card or other payment account information, which will be used solely for processing payments. Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted. Where necessary for processing future payments and subject to your prior consent, your financial information will be stored in encrypted form on secure servers of our reputed payment gateway service provider who is required to treat your Personal Information in accordance with this Policy. All direct payment gateways adhere to the latest security standards as managed by the PCI Security Standards Council, which is a joint effort of brands like PayPal, Visa, MasterCard, American Express and Discover. Sensitive and private data exchange happens over a SSL secured communication channel and is encrypted and protected with digital signatures, and the Website and Services are also in compliance with PCI vulnerability standards in order to create as secure of an environment as possible for Users. We may at our option perform scans for malware from time to time for additional security and protection. 5.OTHER DISCLOSURE OF DATA

In addition to sharing your data as described above, we may disclose the collected Personal Information as follows.

We can disclose aggregated, anonymized information that does not identify any particular user can be disclosed without restriction. Depending on the requested Services or as necessary to complete any transaction or provide any service you have requested, we may contract with other companies and share your information with your consent with our trusted third parties that work with us, any other affiliates and subsidiaries we rely upon to assist in the operation of the Website and Services available to you. We can disclose your information to our contractors, business partners, third party service providers and other entities or individuals who provide support for our Services (for example, integration and API partners). We do not share Personal Information with unaffiliated third parties. These service providers are not authorized to use or disclose your information except as necessary to perform services on our behalf or comply with legal requirements. We may share your Personal Information for these purposes only with third parties whose privacy policies are consistent with ours or who agree to abide by our policies with respect to Personal Information. These third parties are given Personal Information they need only in order to perform their designated functions, and we do not authorize them to use or disclose Personal Information for their own marketing or other purposes.

We will disclose any Personal Information we collect, use or receive if required or permitted by law, such as to comply with a subpoena, or similar legal process, and when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request or to protect the property, safety, rights of the Services, the users or the public.

In the event we go through a business transition, such as a merger or acquisition by another company, or sale of all or a portion of our assets, your user account, and Personal Information likely will be among the assets transferred.

6.RETENTION OF INFORMATION

We will retain and use your Personal Information for the period necessary to comply with our legal obligations, resolve disputes, and enforce our agreements unless a longer retention period is required or permitted by law. If you reside in the European Economic Area, then GDPR Article 5, Section 1(e) applies to you. https://gdpr-info.eu/art-5-gdpr/ We may use any aggregated data derived from or incorporating your Personal Information after you update or delete it, but not in a manner that would identify you personally. Once the retention period expires, Personal Information shall be deleted. Therefore, the right to access, the right to erasure, the right to rectification and the right to data portability cannot be enforced after the expiration of the retention period.

The Personal Information you can delete may change as the Website and other Services change. When you delete Personal Information, however, we may maintain a copy of the unrevised Personal Information in our records for the duration necessary to comply with our obligations to our affiliates and partners, and for the purposes described in this Policy.

7.TRANSFER OF INFORMATION

Depending on your location, data transfers may involve transferring and storing your information in a country other than your own. We process your personal information in the United States. This is where it will be transferred to in case you are located somewhere else. By submitting any personal information to us, you agree to its transfer to and processing in the United States. You are entitled to learn about the legal basis of information transfers to a country outside the European Union or to any international organization governed by public international law or set up by two or more countries, such as the UN, and about the security measures taken by us to safeguard your information. If any such transfer takes place, you can find out more by checking the relevant sections of this Policy or inquire with us using the information provided in the “Contacting Us” section of this Policy.

8.THE RIGHTS OF USERS

You may exercise certain rights regarding your information processed by us. In particular, you have the right to do the following: (i) you have the right to withdraw consent where you have previously given your consent to the processing of your information; (ii) you have the right to object to the processing of your information if the processing is carried out on a legal basis other than consent; (iii) you have the right to learn if information is being processed by us, obtain disclosure regarding certain aspects of the processing and obtain a copy of the information undergoing processing; (iv) you have the right to verify the accuracy of your information and ask for it to be updated or corrected; (v) you have the right, under certain circumstances, to restrict the processing of your information, in which case, we will not process your information for any purpose other than storing it; (vi) you have the right, under certain circumstances, to obtain the erasure of your Personal Information from us; (vii) you have the right to receive your information in a structured, commonly used and machine readable format and, if technically feasible, to have it transmitted to another controller without any hindrance. This provision is applicable provided that your information is processed by automated means and that the processing is based on your consent, on a contract which you are part of or on pre-contractual obligations thereof.

To the extent it is forbidden by law, we will not share your personal information with third parties for their direct marketing purposes. If our practices change, we will do so in accordance with applicable laws and will notify you in advance. California law requires that operators of online services disclose how they respond to a Do Not Track signal. Some browsers have incorporated “Do Not Track” features. Most of these features, when turned on, send a signal or preference to the online service that a user visits, indicating that the user does not wish to be tracked. At this time, we do not respond to Do Not Track signals.

You can request disclosure of your information collected by us by writing to the email at the end of this Policy. We will then provide the requested information, its sources and purposes of use, in a portable and easily accessible format within 45 days of the request.

You have the right to request deletion of your personal information from our systems by submitting a request to the email at the end of this Policy. You have the right to nondiscrimination for exercising your rights. That means you cannot be denied goods or services, charged different prices, or provided different quality of goods/services for asserting your legal rights.

9.THE RIGHT TO OBJECT TO PROCESSING

Where Personal Information is processed for the public interest, in the exercise of an official authority vested in us or for the purposes of the legitimate interests pursued by us, you may object to such processing by providing a ground related to your particular situation to justify the objection. You must know that, however, in the event your Personal Information is ever processed for direct marketing purposes, you can object to that processing at any time without providing any justification. To learn whether we are processing Personal Information for direct marketing purposes, you may refer to the relevant sections of this Policy.

10.DATA PROTECTION RIGHTS IN EUROPEAN ECONOMIC AREA

If you are a resident of the European Economic Area (EEA), you have certain data protection rights and Good Vibe Products, LLC, aims to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Information. If you wish to be informed what Personal Information we hold about you and if you want it to be removed from our systems, please contact us. In certain circumstances, you have the following data protection rights:
1.You have the right to request access to your Personal Information that we store and have the ability to access your Personal Information.
2.You have the right to request that we correct any Personal Information you believe is inaccurate. You also have the right to request us to complete the Personal Information you believe is incomplete.
3. You have the right to request that we erase your Personal Information under certain conditions of this Policy.
4. You have the right to object to our processing of your Personal Information. You have the right to seek restrictions on the processing of your Personal Information.
5. When you restrict the processing of your Personal Information, we may store it but will not process it further.
6. You have the right to be provided (in a structured, machine-readable and commonly used format) a copy of the information we have on you.
7. You also have the right to withdraw your consent at any time where Good Vibe Products, LLC relied on your consent to process your Personal Information.
You have the right to complain to a Data Protection Authority about our collection and use of your Personal Information. For more information, please contact your local data protection authority in the European Economic Area.

11.CALIFORNIA PRIVACY RIGHTS

In addition to the rights as explained in this Policy, California residents who provide Personal Information (as defined in the statute) to obtain products or services for personal, family, or household use are entitled to request and obtain from us, once a calendar year, information about the Personal Information we shared, if any, with other businesses for marketing uses. If applicable, this information would include the categories of Personal Information and the names and addresses of those businesses with which we shared such personal information for the immediately prior calendar year (e.g., requests made in the current year will receive information about the prior year). To obtain this information please inquire with us using the information provided in the “Contacting Us” section of this Policy.

Furthermore, California residents have the right to opt-out of the sale of their Personal Information which may include selling, disclosing or transferring Personal Information to another business or a third party for monetary or other valuable consideration. To do so, please contact us.

12.INFORMATION SECURITY

We secure data on computer servers in a controlled, secure environment, protected from unauthorized access, use, or disclosure information you provide. We maintain reasonable administrative, technical, and physical safeguards in an effort to protect against unauthorized access, use, modification, and disclosure of Personal Information in its control and custody. However, no data transmission over the Internet or wireless network can be guaranteed. Therefore, while we strive to protect your Personal Information, you acknowledge that (i) there are security and privacy limitations of the Internet which are beyond our control; (ii) the security, integrity, and privacy of any and all information and data exchanged between you and the Website and Services cannot be guaranteed; and (iii) any such information and data may be viewed or tampered with in transit by a third party, despite best efforts.

13.DATA BREACH

In the event we become aware that the security of the Website and Services has been compromised or users Personal Information has been disclosed to unrelated third parties as a result of external activity, including, but not limited to, security attacks or fraud, we reserve the right to take reasonably appropriate measures, including, but not limited to, investigation and reporting, as well as notification to and cooperation with law enforcement authorities. In the event of a data breach, we will make reasonable efforts to notify affected individuals if we believe that there is a reasonable risk of harm to the user as a result of the breach or if notice is otherwise required by law. When we do, we will post a notice on the Website, and send you an email.

14.ADVERTISEMENTS

We may display online advertisements and we may share aggregated and non-identifying information about our customers that we or our advertisers collect through your use of the Website and other Services. We do not share with advertisers personally identifiable information about individual customers. In some instances, we may use this aggregated and non-identifying information to deliver tailored advertisements to the intended audience.

15.EMAIL MARKETING

We offer electronic newsletters and email advertisements to which you may voluntarily subscribe at any time. We are committed to keeping your e-mail address confidential and will not disclose your email address to any third parties except as allowed in this Policy. We will maintain the information sent via e-mail in accordance with applicable laws and regulations.

In compliance with the CAN-SPAM Act, any general solicitation e-mails sent from us will clearly state who the e-mail is from and provide clear information on how to contact the sender. You may choose to stop receiving our newsletter or marketing emails by following the unsubscribe instructions included in these emails or by contacting us. However, you will continue to receive essential transactional emails.

16.AFFILIATE MARKETING We may engage in affiliate marketing and have affiliate links present on the Website and other Services. If you click on an affiliate link, a cookie will be placed on your browser to track any sales for purposes of commissions.

17.COOKIE POLICY

Cookies are small bits of text data placed on your device when you visit websites. Cookies record data about your activity, such as which pages you view and what you click on. Cookies assist our Services to recognize your device when you return. For example, cookies can help us to remember your preferences, username, analyze the performance of our Services and recommend content that may be most relevant to your interests.

Here are the reasons we may use cookies:

Analytics. This type of cookie shows us which pages users view, which links are popular, etc. These cookies only provide anonymized information that does not identify anybody personally. This information is then bundled with the similar information from the other users, so that we can analyze the general usage patterns.

Essential cookies. These are necessary to provide the services that you have asked for. Without these essential cookies, our Services would not be able to operate. They are necessary to enable users to navigate through the Services and use its main features. For example, essential cookies identify registered users so that they can access member-only areas of the site. Essential cookies keep users logged in. If a subscriber disables essential cookies, that subscriber won’t be able to get to all of the content that a subscription entitles them to. These cookies don't collect information that could be utilized for the purposes of marketing or determining what places on the internet you have visited.

To show relevant advertising. If we allow ads on our Services, they can contain cookies in order to provide ads most relevant to your interests. They can also help limit the number of times you see a particular ad and to assess the effectiveness of the advertising campaign.

To improve your browsing experience. This type of cookie enables the site to remember users’ preferences and settings, such as geographic region or language. They can also be used to restrict the number of times an ad is shown, to remember which forms you have already filled in, so that you don’t have to do it again.

To implement tracking technology on our Services. This tracking does not use your personal information; it uses deidentified data (that means data that cannot be tied specifically to you). We will not combine this data with your other personal information without your prior express permission.

To implement flash cookies. These are local-stored objects that collect and store information about your preferences and navigation on our Services. Flash cookies are not managed by the same browser settings as are used for browser cookies.

To implement web beacons. Pages of our Website and App and our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags and single-pixel gifs) that permit us, for example, to count users who have visited those pages or opened an email and for other related statistics (for example, recording the popularity of certain content and verifying system integrity).

To implement pixel tracking. Pixel tracking is a process that involves the use of invisible pixel tags that consist of a few lines of computer code. Pixel tracking measures the effectiveness of advertisements and compiles aggregate and specific usage statistics. For example, if you visit our Services from an advertisement on another platform, the pixel tag will allow the advertiser to track that its advertisement brought you to our Services. If you visit our Website or App, and we link you to another website, we may also be able to determine that you were sent to and/or transacted with a third-party website. This data is collected for use in our marketing and research.

There is a way to turn off cookies by going to your browser’s Help or Settings menu. However, keep in mind that disabling cookies may limit your use of the Services and/or delay or affect the way in which it operates. You may learn more about cookies and how they work in this guide.



18.DATA SECURITY

Only our administrators are allowed to access our Website’s and App’s password-protected server where your personal information is stored. We utilize SSL. We have implemented CORS policies, applied to the server API endpoints. However, any transmission of information over the Internet has its inherent risks, so we cannot guarantee the absolute security of your personal information. Transmit personal information over the Internet at your own risk. We shall not be liable for circumvention of security measures or privacy settings on the Services. It is your responsibility to keep your login credentials, if any, confidential.

19.PERSONS UNDER 18

We do not knowingly collect any personal information about persons under the age of 18. Our Services is not directed to persons under the age of 18. If we become aware that a person under 18 has provided any personal info, it will be erased from our database as soon as reasonably possible, except when we need to keep that information for legal purposes or to notify a parent or guardian. However, portions of this data may remain in back-up archives or web logs even after we erase it from our databases. If a parent or guardian believes that a child has sent us personal information, send us an e-mail. We encourage parents and legal guardians to monitor their children's Internet usage and to help enforce this Policy by instructing their children never to provide Personal Information through the Website and Services without their permission. You must also be at least 18 years of age to consent to the processing of your Personal Information in your country (in some countries we may allow your parent or guardian to do so on your behalf).

20.'DO NOT TRACK' SIGNALS

Some browsers incorporate a Do Not Track feature that signals to websites you visit that you do not want to have your online activity tracked. Tracking is not the same as using or collecting information in connection with a website. For these purposes, tracking refers to collecting personally identifiable information from consumers who use or visit a website or online service as they move across different websites over time. How browsers communicate the Do Not Track signal is not yet uniform. As a result, the Website and other Services are not yet set up to interpret or respond to Do Not Track signals communicated by your browser. Even so, as described in more detail throughout this Policy, we limit our use and collection of your personal information.

21.HOW TO EXERCISE YOUR RIGHTS

Any requests to exercise your rights can be directed to Good Vibe Products, LLC through the “Contacting Us” section below. Please note that we may ask you to verify your identity before responding to such requests. Your request must provide information sufficient to allow us to verify that you are the person you are claiming to be or that you are the authorized representative of such person. You must include sufficient details to allow us to properly understand the request and respond to it. We cannot respond to your request or provide you with Personal Information unless we first verify your identity or authority to make such a request and confirm that the Personal Information relates to you.

22.CONTACTING US

If you would like to contact us to understand more about this Policy or wish to contact us concerning any matter relating to individual rights and your Personal Information, you may do so via the contact form on our website, send an email to hello@herbsandfit.com or write a letter to: Good Vibe Products, LLC, PO Box 1959, Parker, CO 80134.