Health Friendly NFP, Inc. (referred to as “Company,” “we,” “us” or “our”) respects your privacy and is committed to protecting your privacy online. The purpose of this document (the “Privacy Policy”) is to explain to you how we use information that we have collected from and about you. If, after reviewing the Privacy Policy, you have questions about the types of information we collect, how we use it, or similar issues, please contact us at legal@health-friendly.org.

This Privacy Policy applies to the services (“the Services”) provided through the Company Shop By Diet website located at https://www. health-friendly.org (the “Website”) and all mobile platforms made available by the Company to deliver the Services (the “App”). It does not apply to the practices of other companies that Company does not own or control nor does it apply to information of any kind provided to the Company by advertisers or other business partners. Links to other websites are governed by their own policies.

If this Privacy Policy is not acceptable to you, you should discontinue using the Services.

The Privacy Policy will let you know:

• What information we collect from or about you
• What we use your information for
• In what ways we may disclose your information to other parties
• The kinds of security measures in place to protect against loss or misuse of your personal information
• How long we retain your information
• What cookies are, and other forms of tracking that may be in use on the Website and App
• Other privacy policies to which you may become subject when you use the Services
• How you can access, update, or delete your Personally Identifiable Information
• What happens if we make changes to the Privacy Policy

‍

1. What information do we collect from or about you?

In this Policy, we refer to two types of user information: Personally Identifiable Information (sometimes referred to as “PII”) and non-Personally Identifiable Information.

Personally Identifiable Information refers to any information that can be used to uniquely identify, contact, or locate you. Examples of Personally Identifiable Information include a name, physical address, e-mail address, telephone number, date of birth, or a credit card number.

The Company collects only the PII that you voluntarily provide to us, such as when you register to use the Services, set up a profile, create content, sign up for a special offer, enter a sweepstakes or promotion, or complete a survey. If you purchase products or subscribe for paid services, you might also be asked to provide your credit card and related information for billing purposes.

You might also be asked for, or choose to provide, additional information about yourself that does not, itself, specifically identify you. This is non-Personally Identifiable Information. However, some information of this kind, such as your age, gender, health condition (e.g., height, weight, medication issues, and medications), geographic location and shopping preferences, may be required or merely requested when you register for the Services, and may be associated with your PII.

Company may also automatically collect other types of non-Personally Identifiable Information as you use the Services, including technical information (such as your internet protocol (“IP”) address, mobile device ID, or browser type) and usage information (such as location data, preferred language, the parts of the Services you have visited, which links you have clicked and other information about how you interact with the Services). This information is anonymous, and is not associated with your PII, although it may be associated with other pieces of anonymous information about you.

‍

2. What do we use your information for?

Your Personally Identifiable Information may be used in one of the following ways:

• To contact you regarding your account. These communications may include notices regarding changes to our policies, service updates, account management procedures and customer service transactional messages.
• To email you newsletters or tips about how to use the Services, inform you of product updates, or notify you about our own special offers or those of our third-party partners.
• To bill your credit card or other specified form of payment, in accordance with the Terms of Use.

Non-Personally Identifiable Information may be used in one of the following ways:

• To enable us to generate aggregate data about site traffic and site interaction and about user characteristics, preferences and purchases, in each case as long as such data is sufficiently extracted, modified or transformed so that it cannot be reverse-engineered or otherwise identified at the individual user-level from inspecting, analyzing or further processing the data .
• To customize your experience (your information helps us to better respond to your individual needs).
• To show you advertisements or recommend products and meals most relevant to your profile characteristics.
• To make improvements to the Website, App and Services.
• To inform potential partners and advertisers about the size and characteristics of our audience.

‍‍

3. Do we disclose any information to other parties?

The Company does not sell or trade your Personally Identifiable Information to outside parties. We may disclose your Personally Identifiable Information to entities who help us operate the Website and App, conduct our business, or provide the Services to you, such as white label partners, credit card processors, customer service centers, or e-mail marketing providers. All such partners are bound to keep your information confidential.

We may disclose Personally Identifiable Information, including to local, state, or federal law enforcement officials, when we believe in good faith that the law requires such action, or when required to do so by order of a court or other compulsory legal process. We may also share Personally Identifiable Information in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, or to prevent harm to the Website and App.

We may transfer your Personally Identifiable Information if we are acquired by or merge with another company. We will notify you in accordance with the procedures contained in this Privacy Policy if your information will become subject to a different privacy policy.

We may use or distribute information about you and your use of the Services in ways that do not reveal Personally Identifiable Information. For example, we share anonymous user information with advertisers and advertising networks to enable the display of targeted, relevant advertisements. We may also provide anonymous usage data or summary characteristics of our audience to potential partners and advertisers or post such information on publicly accessible areas of the Website and App.

Information you post in publicly accessible areas of the Website and App may be available to other users.

‍

4. How secure is your personal information?

The security of our user data is very important to us. We store your information securely, using industry-compliant encryption technology. Credit card numbers, for instance, are protected by tokenization technology. When you enter other sensitive information on our web forms, we encrypt the transmission of that information using transport layer security (TLS).

‍

5. How long do we retain your information?

The retention period of collected information depends on the type of information and the reasons why we collect it.

Your account information is retained while your account is active, unless you request us to delete the information or close your account in which case some information may still be retained for a reasonable time in case you decide to re-activate your account. We may also retain some information we believe in good faith is necessary for legal and regulatory compliance, research and development, business matters, and improvement of our Services, in which case we would anonymize and encrypt such information until complete deletion.

If you request us to delete your information or close your account, some of the information you shared through the Services may still be accessible by those with whom you shared it.

‍

6. Do we use cookies or other forms of tracking?

Cookies are small files that a website or one of its service providers transfers to your computer’s storage device via your Web browser (if your browser is configured to permit this) that enable its systems to recognize your browser and store certain information. We use “cookies” to collect information and improve our Services. We may use “persistent cookies” to save your preference for auto-logins to the Service. We may use “session ID cookies” to enable certain features of the Service, to better understand how you interact with the Service and to monitor aggregate usage and web traffic routing on the Service.

Cookies cannot be used to run programs or deliver viruses to your computer. Cookies are uniquely assigned to your computer, and can only be read by a web server of the website that issued the cookie to you.

Depending on your web browser, you may have the ability to accept or decline cookies. Most web browsers default to accept cookies but enable you to configure settings to decline them. For further information about disabling cookies, you can visit www.allaboutcookies.org. If you choose to decline cookies, you may not be able to sign in or use other features of the Services that depend on cookies.

We integrate with tools made available by social media companies such as Facebook and Twitter, in order to offer social features such as content sharing. These companies may use cookies or other tracking technologies in order to recognize you when you use their tools in the future.

Do Not Track (DNT) technology is a feature provided by browsers and mobile devices. By turning this feature on or off, users can allow or prevent websites from collecting information about their online activities. We acknowledge users’ DNT settings.

The Company maintains internal logs of usage of the Services. Logs include information such as IP address, browser type and version, computer processing speed, connection speed, clickstream data, and computer operating system. We use logs mainly for internal systems administration and diagnostic purposes, and to detect improper use of the site. Logs may also be used to generate aggregate, non-Personally Identifiable Information for advertisers or other third parties. The Company may collect such usage logs even if the App is not open on your device, or you do not have the Website open.

We do not use cookies, similar technologies, or its internal logs to associate your Personally Identifiable Information with data about your use of the site.

If you register for any part of the Services, we may offer you the option to save certain information, such as your username and password, via Local Device Storage (LDS). You can disable LDS on your device or browser; however, doing so may render a portion of the Services to not function properly.  

‍

7. Other privacy policies to which you may be subject

The Services provide you with the ability to share content externally on Facebook, Twitter and other third-party websites and services. Your use of those sites and their use and display of the content that you share there is subject to their privacy policies and online terms of use, and is not under the control of the Company.

Occasionally, we may include or offer third-party products or services on the Website or App that include links to external websites. For example, advertisements, promotional offers, “free gifts,” and other links on the Website and App or included in an email from the Company, may bring you to external web pages not controlled by the Company. These third-party sites have separate and independent privacy policies and terms of service, which will govern the use of any Personally Identifiable Information that you provide. While the Company is not responsible for the use of your information by third parties, we nevertheless seek to protect our users and the integrity of our Website and App, and we therefore invite your feedback about these sites.‍

‍

8. How can you access, update or delete your Personally Identifiable Information?

All account settings can be changed from the App or https:// health-friendly.org. This includes reviewing and changing Personally Identifiable Information, setting email preferences for non-account related emails, canceling or deactivating your account.

Administrative and account-related communications are necessary to ensure we provide our users with the highest level of service; therefore, registered users are not permitted to opt out from receipt of these communications, except in that event that you cancel your registration for the Services entirely.

New types of marketing communications might be added from time to time. Users who visit the “Profile and User Settings” section of the Website or App can opt out of receiving future marketing communications or they can unsubscribe by following instructions contained in the messages they receive.

Anonymous information relating to your past usage of the Services may remain in our archived records after your account has been deleted, and any content that you have contributed to the Services will remain visible to the same extent as if you remained a registered user of the Website or App. If you wish to have all information that you have posted to be deleted, please contact us at legal@health-friendly.org, and we will make reasonable efforts to honor your request. In response to your request, we may elect to make your content invisible to other users of the Services and the public rather than deleting it entirely.‍

‍

10. What if we make changes to our Privacy Policy?

Because enhancements to the Services we provide may affect the information that we collect and the manner in which we use it, this Privacy Policy may change from time to time. All changes will be incorporated into the written policy and posted here. The date of last revision to the Privacy Policy is indicated at the bottom of this page.

The Company will provide you with the opportunity to accept or reject significant changes to the Privacy Policy during your next sign-on to the Services. If you do not agree to the modifications, your access to the Services may be discontinued. ‍

‍

11. What if you have questions that are not answered here?

If there are any questions regarding this Privacy Policy, you may contact us at legal@health-friendly.org or by mailing us at:

‍

Health Friendly, NFP Inc.

Attn: Privacy​321 Linden St.​Winnetka, IL 60093

‍

Last reviewed: December 2023

--

PRIVACY POLICY ADDENDUM
FOR RESIDENTS OF CALIFORNIA USING THE SERVICES
IN RELATION TO EVENTS ORGANIZED BY RESIDENTS OF CALIFORNIA

‍

Effective October 1, 2022

Your Rights and Choices

The California Consumer Privacy Act of 2018 (“CCPA”) provides consumers residing in California (“California Consumers”) with specific rights regarding their personal information. This Notice supplements the Synergy Online Privacy Policy and applies solely to California Consumers.  

Personally Identifiable Information (“personal information”) is defined for purposes of this section of the Policy as information that identifies, relates, describes, references, is reasonably capable of being associated with, or could reasonably be linked to, directly or indirectly, you as an individual. Personal information includes information collected directly from you if you choose to purchase products, use certain services available on our sites or personal information that you voluntarily provide, such as information included in response to a questionnaire or survey, or if you apply for a job at our company.

Under the CCPA and the unique consumer rights described below, personal information does not include:

• Publicly available information from government records;
• De-identified or aggregated consumer information;
• Health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and the California Confidentiality of Medical Information Act (“CMIA”) or clinical trial data; and
• Personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (“FRCA”), the Gramm-Leach-Bliley Act (“GLBA”), the California Financial Information Privacy Act (“FIPA”), and the Driver’s Privacy Protection Act of 1994.

‍

Collecting of Personal Information

In particular, we have collected the following categories of personal information from our consumers within the last twelve (12) months:

We obtain the categories of personal information listed above from the following categories of sources:

• Directly from you. We collect your information when you complete forms or you purchase services.
• Indirectly from you. We collect your information when you are browsing on our website.

‍

Use of Personal Information

We may disclose personal information we collect for one or more of business purposes described in

Section 3 of our Privacy Policy ("Do we disclose any information to other parties?").

‍

Sharing of Personal Information

We may disclose your personal information to a third party for a business purpose or sell your personal information, subject to your right to opt-out of those sales. When we disclose personal information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract.

‍

Disclosures of Personal Information for a Business Purpose

In the preceding twelve (12) months, we have disclosed the following categories of personal information for a business purpose:

Category F: Internet or other similar network activity.

Category K: Inferences drawn from other personal information.

‍

Sales of Personal Information

In the preceding twelve (12) months, we have not sold any of your personal information unless a transfer of this information to an advisor, broker or third-party insurance marketer was authorized by you.  

We do not collect or share the personal information of any covered consumers under the age of 16.

‍

Access to Specific Information and Data Portability Rights

Subject to the exceptions set forth in the CCPA, you have the right to request that we disclose certain information to you about our collection and use of your personal information covered over the past 12 months. Once we receive and confirm your verifiable consumer request, we will disclose to you:

• The categories of personal information we collected about you;
• The categories of sources for the personal information we collected about you;
• Our business or commercial purpose for collecting or selling your personal information;
• The categories of third parties with whom we share personal information;
• The specific pieces of personal information we collected about you;
• If we sold or disclosed your personal information for a business purpose, two separate lists disclosing:

• sales, identifying the personal information categories that each category of recipient purchased; and
• disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.

You can make this request by contacting us at this email address: legal@health-friendly.org.

‍

Deletion Request Rights

Subject to the exceptions in the CCPA, you have the right to request that we delete any of your personal information collected from you and retained by us. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.

We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:

• Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you;
• Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities;
• Debug products to identify and repair errors that impair existing intended functionality;
• Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law;
• Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.);
• Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent;
• Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us;
• Comply with a legal obligation; and
• Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

You can make this request by contacting us at this email address: legal@health-friendly.org.

‍

Exercising Access, Data Portability, and Deletion Rights

Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child.

You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:

• Provide sufficient information, commensurate to the type or sensitivity of the information you are requesting, that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative; and
• Describe your request in sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

‍

Response Timing and Format

We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up 90 days), we will inform you of the reason and extension period in writing. If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option. Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily usable and should allow you to transmit the information from one entity to another entity without hindrance, specifically by electronic mail communication.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

‍

Non-Discrimination

We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:

• Deny you goods or services.
• Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
• Provide you a different level or quality of goods or services.
• Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

However, we may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive we offer will reasonably relate to your personal information’s value and contain written terms that describe the program’s material aspects. Participation in a financial incentive program requires your prior opt in consent, which you may revoke at any time.

‍

Other California Privacy Rights

California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of our Website that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to legal@health-friendly.org or write to us at Health Friendly NFP, Inc., Attn: Privacy, 321 Linden St., Winnetka, IL 60093.

‍

Changes to Our Privacy Notice

We reserve the right to amend this California privacy notice at our discretion and at any time. When we make changes to this California privacy notice, we will post the updated notice on the Website and update the notice’s effective date. Your continued use of our website following the posting of changes constitutes your acceptance of such changes.

Changes to this California privacy notice will not affect our use of previously provided personal information.

‍

Contact Information

If you have any questions about this California privacy notice, the ways in which we collect and use your information described in this notice, your choices and rights regarding such use, please feel free to contact us as follows:

• Sending an email request to:  legal@health-friendly.org

• Sending a letter to:​​Health Friendly, NFP Inc.

Attn: Privacy​321 Linden St.​Winnetka, IL 60093