BariatricPal respects the privacy of our customers and has developed this Privacy Policy to demonstrate our commitment to protecting your privacy. This Privacy Policy is intended to describe for you, as an individual who uses the BariatricPal website, places orders by phone, uses our other services, or who otherwise provides us with information through phone, mobile application, chat, fax, mail, at a retail store, or with information through various means ("Services"), the information we collect, how that information may be used, with whom it may be shared, and your choices about such uses and disclosures.

We encourage you to read this Privacy Policy carefully when using our Services or transacting business with us. By using our Services or otherwise doing business with us, you accept the practices described in this Privacy Policy.

We encourage you to read the BariatricPal Privacy Policy carefully when using our Services or transacting business with us. By using our Services or otherwise doing business with us, you accept the practices described in the BariatricPal Privacy Policy.

If you have any questions about our privacy practices, please refer to the "How to Contact Us" section of this Privacy Policy.

INFORMATION WE MAY COLLECT

As described more in this section, we may collect information that can identify you ("personal information"), such as your name, phone number, mailing address, and e-mail address, (i) when you (or other users) provide it to us when using our Services, or (ii) from other BariatricPal businesses, from our business partners, or from other third parties. We may combine the personal information that we receive from different sources. When you provide personal information through our Services, the information may be sent to servers located in the United States and other countries around the world.

  • INFORMATION YOU PROVIDE. We may collect and store any personal information you enter on our online Services, provide to us by phone, furnish to our customer service department, or give to us in some other manner. This includes identifying information, such as your name, address, e-mail address, and telephone number, and, if you transact business with us, financial information such as your payment method (valid credit card number, type, expiration date, or other financial information). We also may request information about your interests and activities, your gender and age, your opinion about products and services that we offer, and other demographic information. Interactions with our Services may be monitored, recorded, and retained for our use, and we may use third-party service providers to collect, store, and analyze information you provide when you use or interact with our Services.

  • INFORMATION FROM OTHER SOURCES. We may also periodically obtain both personal and non-personal information about you from other Affiliate businesses, business partners, contractors, and other third parties and add it to our account information or other information we have collected. Examples of information that we may receive include: updated delivery and address information, purchase history, and additional demographic information.

  • INFORMATION ABOUT OTHERS. We may also collect and store personal information about other people that you provide to us. If you use our Services to send others (friends, relatives, colleagues, etc.) a product as a gift, information that may interest them, or messages (such as invitations) through our Services, we may store your personal information and the personal information of each such recipient.

  • OTHER INFORMATION. We may also collect information that does not identify you.

We also may collect other types of information in the following ways when you use our online Services:

  • TRACKING TECHNOLOGY. We and our service providers may use a variety of tracking technologies that collect usage information whenever you interact with our Services. We may combine certain automatically-collected information with other information we obtain about you, which may include data we obtain from external parties. We or external parties may collect personal information about your online activities over time and across different online services when you use the Services. We may use tracking technologies and personal information that we have collected to enable our Services to function, for analytics and research to improve our Services and product offerings, to determine your location, for security, for marketing and online behavioral advertising, and for our other business purposes. Please see below for more information about some of the tracking technologies that we use.
  • INFORMATION COLLECTED AUTOMATICALLY. We automatically collect information from your browser when you use our online Services. This information may or can include your IP address, your browser type and language, access times, the content of any undeleted cookies that your browser previously accepted from us (see "Cookies" below), and the referring website address.

  • COOKIES. Cookies enhance our ability to serve you. Basically, they're pieces of text that a website stores on your computer—an identification code of sorts. This cookie can be accessed by the website when you revisit it.

    We use two types of cookies: session cookies and persistent cookies. Session cookies terminate shortly after you terminate your internet session. Persistent cookies are stored on your hard drive until they expire or are deleted. Both types of cookies help provide an enhanced user experience since they recall your use of the Internet and our services, shopping preferences, shopping cart information, and your password.

    We understand that not everyone wants to permit the use of cookies. The Help portion of the toolbar on most browsers will tell you how to prevent your browser from accepting cookies and how to disable cookies, but we recommend that you leave cookies turned on so that you can take full advantage of the shopping features we offer.

    You may also review "HOW GOOGLE USES INFORMATION FROM SITES OR APPS THAT USE OUR SERVICES", (located at www.google.com/policies/privacy/partners/ ).

    We may allow third parties, including Affiliate companies, advertising companies, and ad networks, to display advertisements on our online Services. These companies may use tracking technologies, such as cookies, to collect information about users who view or interact with their advertisements. Our online Services do not provide any other personal information to these third parties, but they may collect information about where you, or others who are using your computer or device, saw and/or clicked on the advertisements they deliver, and possibly associate this information with your subsequent visits to the advertised websites. They also may combine this information with personal information they collect from you. The collection and use of that information is subject to the third party's privacy policy. This information allows them to deliver targeted advertisements and gauge their effectiveness. Some of these third-party advertising companies may be advertising networks that are members of the Network Advertising Initiative, which offers a single location to opt out of ad targeting from member companies (www.networkadvertising.org).

  • OTHER TECHNOLOGIES. We may use standard Internet technology, such as web beacons and other similar technologies, to track your use of our online Services and enable us to customize our online Services and advertisements. We also may include web beacons and other similar technologies in promotional or other e-mail messages or newsletters to determine whether messages have been opened and acted upon. The information we obtain in this manner enables us to customize the services we offer visitors to our online Services to deliver targeted advertisements and to measure the overall effectiveness of our online advertising, content, programming, or other activities.

    Web beacons (also known as clear gifs, pixel tags, or web bugs) are tiny graphics with a unique identifier, similar in function to cookies, and are used to track the online movements of web users or to access cookies. Unlike cookies which are stored on the user's computer hard drive or device, web beacons are embedded invisibly on the web pages (or in e-mail) and are about the size of the period at the end of this sentence. Web beacons may be used to deliver or communicate with cookies, to count users who have visited certain pages, and to understand usage patterns. We also may receive an anonymous identification number if you come to our online Services from an online advertisement displayed on a third-party website.

  • MOBILE SERVICES: We may also collect information from your mobile device if you have downloaded any Affiliate mobile application(s). This information is generally used to help us deliver the most relevant information to you. Examples of information that may be collected and used may include, but are not limited to your geographic location, how you use the Affiliate application(s), and information about the type of device you use. To opt out of sharing this information, such as location, please review the terms and conditions before you download the application, review the settings on your mobile device, or you may choose at any time to uninstall the Affiliate application(s) from your mobile device.

  • Personal information we collect from third parties: BariatricPal collects personal information from other companies. This can include updated address and shipping instructions information; credit information; information from advertisers; information from Facebook, Twitter and other similar platforms; information that is collected automatically through your use of our services; information from entities that provide information that supplements personal information we already have. The categories of third-party sources may include advertising networks, internet service providers, data analytics providers, government entities, operating systems and platforms, social networks, and data brokers.

If you post information about yourself or others, or communicate with others using our Services, please note that we cannot control who reads your postings or what they do with the information you provide. We encourage you to use caution in posting personal information.

HOW WE MAY USE INFORMATION WE COLLECT

In General. We may use information that we collect about you to:

  • Fulfill your requests for products and services;
  • Offer products and services that may be of interest to you;
  • Customize the advertising and content that you see on our Services and on other sites;
  • Facilitate use of our Services; communicate with you by email, postal mail, telephone, and/or mobile devices about products or services that may be of interest to you either from us, our Affiliates, or other third parties;
  • Manage your account and your preferences and provide you with customer support;
  • Perform research and analyze use of and improve our Services, products, and other services, including performing research and analysis about your use of, or interest in, our products, services, or content, or products, services, or content offered by others;
  • Identify and protect against fraudulent transactions and other misuses of our Services;
  • Verify your eligibility and deliver prizes in connection with contests and sweepstakes;
  • If you sign up for our text messaging program, cookies may be used to personalize your experience (e.g., send you personalized text messages such as shopping cart reminders);
  • Enforce our Terms of Service and other terms and conditions;
  • Manage our business; and
  • Perform functions as otherwise described to you at the time of collection.

Financial Information. We may use financial information or payment method to process payment for any purchases or sales made on our online Services or by phone, to enroll you in the discount, rebate, and other programs in which you elect to participate, to pre-qualify you for credit card and other offers that you might find of interest, to protect against or identify possible fraudulent transactions, and otherwise as needed to manage our business.

Please review "Your choices about collection and use of your information" below.

WITH WHOM WE MAY SHARE INFORMATION WE COLLECT

We will not share your personal information with others except as indicated below, or except when we inform you in advance and give you the opportunity to opt out.

We may share personal information with:

  • AUTHORIZED SERVICE PROVIDERS: We may share your personal information with our authorized service providers that perform certain services on our behalf. These services may include fulfilling orders, processing credit card payments, delivering packages, providing customer service and marketing assistance, performing business and sales analysis, supporting our online Services' functionality, and supporting contests, sweepstakes, surveys, and other features offered through our online Services, catalogs, by phone, or by mail. These service providers may have access to personal information needed to perform their functions but are not permitted to share or use such information for any other purposes.

  • AFFILIATES: We are part of a family of businesses. We may share information we collect, including personal information, with our Affiliate companies. Sharing information with our Affiliate companies enables us to provide you with information about a variety of products and services that might interest you. Our Affiliate companies also will comply with applicable privacy and security laws and, at a minimum, in any commercial e-mail they send to you, will give you the opportunity to choose not to receive such e-mail messages in the future.

  • BUSINESS PARTNERS: When you make purchases or engage in promotions offered through our online Services, catalogs, or through our other Services, we may share personal information with the businesses with which we partner to offer you those products, services, promotions, contests, and/or sweepstakes. When you elect to engage in a particular merchant's offer or program, you authorize us to provide your e-mail address and other information to that merchant.

  • DIRECT MAIL PARTNERS: From time to time, we may share our postal mailing list with selected providers of goods and services that may be of interest to you.

  • OTHER BUSINESSES: with which we partner or which we carefully select to offer you products, services, and promotions through our Services;

  • OTHER SITUATIONS
    • In response to a subpoena or similar investigative demand, a court order, or a request for cooperation from a law enforcement or other government agency; to establish or exercise our legal rights; to comply with legal requirements; to defend against legal claims; or as otherwise required by law. In such cases, we may raise or waive any legal objection or right available to us.

    • When we believe disclosure is appropriate in connection with efforts to investigate, prevent, or take other action regarding illegal activity, suspected fraud or other wrongdoing; to protect and defend the rights, property, or safety of our company, our customers, our employees, or others; to comply with applicable law or cooperate with law enforcement; or to enforce our online Services' terms and conditions or other agreements or policies.

    • In connection with a substantial corporate transaction, such as the sale of our business, a divestiture, merger, consolidation, or asset sale, or in the unlikely event of bankruptcy.

Any third parties to whom we may disclose personal information may have their own privacy policies that describe how they use and disclose personal information. Those policies will govern use, handling, and disclosure of your personal information once we have shared it with those third parties as described in this Privacy Policy. If you want to learn more about their privacy practices, we encourage you to visit the websites of or to otherwise contact those third parties. These entities or their servers may be located either inside or outside the United States.

AGGREGATED AND NON-PERSONAL INFORMATION. . We may share aggregated and non-personal information we collect under any of the above circumstances and also with advertisers and others. We may also share it with third parties and our Affiliates to develop and deliver targeted advertising on our online Services, on websites of third parties, or by other means. We may combine non-personal information we collect with additional non-personal information collected from other sources. We also may share aggregated information with third parties, including advisors, advertisers, and investors, for the purpose of conducting general business analysis. For example, we may tell our advertisers the number of visitors to our online Services and the most popular features or services accessed. This information does not contain any personal information and may be used to develop online Services or other content and services that we hope you and other users will find of interest and to target content and advertising.

THIRD-PARTY WEBSITES

There are a number of places on our online Services where you may click on a link to access other websites that do not operate under this Privacy Policy. For example, if you click on an advertisement or a link on our online Services, you may be taken to a website that we do not control. These third-party websites may independently solicit and collect information, including personal information, from you and, in some instances, provide us with information about your activities on those websites. We recommend that you consult the privacy statements of all third-party websites you visit by clicking on the "privacy" link typically located at the bottom of the webpage you are visiting.

Some third-party websites are co-branded with our trademarks and those of our business partners. They may have the look and feel of our online Services, but the URL in your browser window will indicate that you are visiting a different site. Our Privacy Policy applies only to information collected by BariatricPal.

HOW YOU CAN ACCESS YOUR INFORMATION

If you have an online account with us, you have the ability to review and update your personal information online by logging into your account. You can also review and update your personal information by contacting us by phone. More information about how to contact us is provided below.

If you have an account with us, you also may choose to close your account at any time by contacting BariatricPal customer service. After you close your account, you will not be able to sign in to our online Services or access any of your personal information on our online Services. However, you can open a new account at any time. If you close your account, we may still retain certain information associated with your account for analytical purposes and recordkeeping integrity, as well as to prevent fraud, collect any fees owed, enforce our terms and conditions, take actions we deem necessary to protect the integrity of our online Services or our customers, or take other actions otherwise permitted by law. In addition, if certain information has already been provided to third parties as described in this Privacy Policy, retention of that information will be subject to those third parties' policies.

YOUR CHOICES ABOUT COLLECTION AND USE OF YOUR INFORMATION

You may choose:

  • You can choose not to provide us with certain information, but that may result in you being unable to use certain features of our online Services or our other services because such information may be required in order for you to register as a member; purchase products or services through our online Services or by phone; participate in a contest, promotion, survey, or sweepstakes; ask a question; or initiate other transactions;

  • To stop receiving promotional e-mails or newsletters from us, you can modify your e-mail subscription settings in My Account. You can also click Unsubscribe on any of the promotional emails you have received. Lastly, please contact Customer Service at the Company Contact Points below. We may send you other types of transactional and relationship e-mail communications, such as service announcements, administrative notices, and surveys, without offering you the opportunity to opt out of receiving them. Please note that changing information in your account, or otherwise opting out of receipt of promotional e-mail communications will only affect future activities or communications from us. If we have already provided your information to a third party before you have changed your preferences or updated your information, you may have to change your preferences directly with that third party.

  • Opt-out. We may share your name and mailing address with carefully selected businesses for purposes of sending you relevant catalog, magazine or fundraising offers in the mail. If you do not wish to receive mailings from other companies or to have personal information shared with other companies, for their own direct marketing, please contact us by phone, e-mail or mail.

  • Under our Do-Not-Call policy you may instruct us not to call you for marketing purposes by contacting BariatricPal customer service. We will implement your instructions within 30 days. We have policies and procedures in place and train our employees to honor your request. Please note that we may still need to call you for servicing or other non-marketing purposes.

  • Stop receiving promotional text messages by texting STOP to 22658. Consent to receiving text messages is not a condition of purchase.

  • To delete or decline cookies (which are discussed above) by changing your browser settings, although if you do so, some of the features or services of our online Services may not function properly;

  • To review and update your personal information by contacting us at the e-mail address below or, if you have an online account for our Services, by logging into that account.
Our Company Contact Points

Toll-Free: 1 (855) 957.2725

Email: store@BariatricPal.com

Mail: BariatricPal
Attn: Customer Service
25 Corporate Circle 
Suite #118 
Albany, NY 12203  

HOW WE PROTECT YOUR PERSONAL INFORMATION

We take appropriate security measures (including physical, electronic, and procedural measures) to help safeguard your personal information from unauthorized access, alteration and disclosure. For example, only authorized employees are permitted to access personal information, and they may do so only for permitted business functions. In addition, we use encryption in the transmission of your sensitive personal information between your system and ours, and we use firewalls to help prevent unauthorized persons from gaining access to your personal information.

We want you to feel confident using our online Services to transact business. However, no system can be completely secure. Therefore, although we take steps to secure your information, we do not promise, and you should not expect, that your personal information, searches, or other communications will always remain secure. You should also take care with how you handle and disclose your personal information and should avoid sending personal information through insecure e-mail. Please refer to the Federal Trade Commission's website at www.ftc.gov/bcp/menus/consumer/data.shtm for information about how to protect yourself against identity theft.

USER-SUBMITTED CONTENT (BLOGS, BULLETIN BOARDS, REVIEWS, PROFILES, CHAT ROOMS, ETC.)

We may provide areas on our online Services where you can post information about yourself and others, create a profile, and communicate with others, as well as post reviews of products, establishments, contractors, and the like, or upload content (e.g., pictures, videos, audio files, etc.). In addition, such postings may appear on other websites or when searches are executed on the subject of your posting. Also, whenever you voluntarily disclose personal information on publicly viewable web pages, that information will be publicly available and can be collected and used by others. For example, if you post your e-mail address, you may receive unsolicited messages. We cannot control who reads your posting or what others may do with the information you voluntarily post, so we encourage you to exercise discretion and caution with respect to your personal information. Once you have posted information, you will not be able to edit or delete such information.

CHILDREN'S PRIVACY

As the General Terms of Use require customers be 18 years of age or older to use our platforms, we do not knowingly collect personal information from children under the age of 13.

VISITING OUR ONLINE SERVICES FROM OUTSIDE THE UNITED STATES

This Privacy Policy is intended to cover collection of information on our online Services from residents of the United States. If you are visiting our online Services from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States where our servers are located, and our central database is operated. The data protection and other laws of the United States and other countries might not be as comprehensive as those in your country. Please be assured that we seek to take reasonable steps to ensure that your privacy is protected. By using our Services, you understand that your information may be transferred to our facilities and those third parties with whom we share it as described in this Privacy Policy.

NO RIGHTS OF THIRD PARTIES

This Privacy Policy does not create rights enforceable by third parties or require disclosure of any personal information relating to users of our Services.

CHANGES TO THIS PRIVACY POLICY

We will occasionally update this Privacy Policy to reflect changes in our practices and services.

HOW TO CONTACT US

If you have any questions about this Privacy Policy or our information-handling practices, or if you would like to request information about our disclosure of personal information to third parties for their direct marketing purposes, please contact us by e-mail or postal mail as follows:

Privacy Contact
BariatricPal
25 Corporate Circle 
Suite #118 
Albany, NY 12203 
store@BariatricPal.com

YOUR CALIFORNIA PRIVACY RIGHTS

California Residents:

  • If you are a resident of California, in addition to the rights set forth above, you have the right to request information from us regarding the manner in which we share certain categories of personal information with third parties and Affiliates for their direct marketing purposes. California law gives you the right to send us a request at a designated address to receive the following information:
    1. the categories of information we disclosed to third parties for their direct marketing purposes during the preceding calendar year;
    2. the names and addresses of the third parties that received that information; and
    3. if the nature of the third party's business cannot be determined from their name, examples of the products or services marketed.
        1. We may provide this information in a standardized format that is not specific to you. The designated e-mail address for these requests is store@BariatricPal.com.

        2. Currently, our online Services do not recognize automated browser signals regarding "do not track" instructions, except to the extent set forth below with respect to the global privacy control browser signal. If we develop this capability in the future, we will describe how we do so in the BariatricPal Privacy Policy. Please note that third parties may collect personal information about your online activities over time and across different websites when you use our online Services or browse other websites. For more information about "Do Not Track," please visit www.allaboutdnt.com.

        The following sections relate to customers who live in states that have specific privacy laws and specific rights under these privacy laws.

        However, if you are not a resident of a state below, but would like to obtain information or take other actions that residents of such states may take, please submit a request here or call us at 1-(855)-957-2725. We will use reasonable efforts to respond to your request.

        For security purposes, we do not send sensitive information (like credit card numbers or other sensitive information) if you ask for a copy of personal data. And when we delete personal data, we may retain information to comply with our legal obligations or our records retention practices.

        CALIFORNIA PRIVACY STATEMENT

        This section is referred to as the "California Privacy Statement" and is provided in connection with the California Consumer Privacy Act (or "CCPA"). Some terms in this California Privacy Statement are defined in CCPA.

        This California Privacy Statement describes our practices within the last 12 months regarding personal information about people who are consumers under CCPA. This California Privacy Statement does not apply to human resources information or business-to-business information. If you would like information about human resources data or business- to-business communications data, please reach out to your contact at our company.

        This California Privacy Statement does not apply to information that is excluded from the definition of “personal information” under CCPA. or to information or activity that is subject to exemptions under CCPA.

        We may update our Privacy Policy or this California Privacy Statement from time to time or provide additional notices where required or appropriate.

        This California Privacy Statement supplements our other privacy notices and policies and shall govern in the event of a conflict between this California Privacy Statement or other privacy notices and policies.

        COLLECTED PERSONAL INFORMATION.

        Categories of Personal Information. We collect personal information about users of our services who are California consumers including, personal information in the following categories:

        • Identifiers, such as a real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers
        • Personal information records (described in Cal. Civ. Code § 1798.80(e)), such as name, signature, social security number, physical characteristics or description, address, telephone number, driver’s license or state identification card number, employment, employment history, bank account number, credit card number, debit card number, or other financial information, medical information
        • Characteristics of protected classifications under California or federal law
        • Commercial information, such as records of personal
        • property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies
        • Internet or other electronic network activity information
        • Geolocation data
        • Audio, electronic, visual, thermal, olfactory, or similar information
        • Sensitive personal information
          Following categories:
          • Social security, driver’s license or state identification card
          • account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account
        • Inferences drawn from any of the categories of information identified above

        Retention. We retain personal information and sensitive personal information in the categories above pursuant to our retention schedule, which is based on the purposes for which we collect and process the information, legal and regulatory requirements, and our legitimate business purposes.

        SOURCES OF PERSONAL INFORMATION. We collect personal information from different sources., including:

        Personal information we collect from you. We collect personal information that you provide directly to us. Personal information we collect in this way includes your identifiers, personal information records, characteristics of protected classifications, commercial information, audio, electronic, visual, thermal, olfactory or similar information, professional or employment-related information, non-public education information, and the categories of sensitive personal information described above.

        Personal information we collect from other people. We collect some personal information about you from other people such as when a customer uses features in our services to refer friends and family to us by or when a customer purchases. an item for another recipient. Typically, personal information we collect in this way may include your identifiers, personal information records, and commercial information.

        Personal information we collect automatically. We collect some personal information automatically when you use our services, such as browsing and use information; information about devices that you use to access our services, and information collected through cookies, pixels, and similar technology. The categories of personal information collected automatically include identifiers, commercial information, internet or other electronic network activity information, geolocation data, and audio, electronic, visual, thermal, olfactory or similar information.

        Personal information we create. We create some personal information when you use our services or in the operation of our business. This includes information that may be categorized as identifiers, commercial information, internet or other electronic network activity information, and inferences.

        Personal information we collect from other companies. We collect personal information from other companies, including advertising networks, internet service providers, data analytics providers, government entities, operating systems and platforms, social networks, and data brokers. The categories of personal information we collect from these types of sources may include any category of personal information listed above.

        PURPOSES FOR COLLECTING, SELLING, OR SHARING PERSONAL INFORMATION. 

        We collect, use, sell or share personal information for the following business or commercial purposes:

          • Performing services, such as:
            • Account provision and maintenance, including creating and managing your account with us; providing customer service; verifying customer information; and providing other services in the course of our business operations;

            • Product sales and fulfillment, including selling products; processing and shipping orders to you or to recipients you designate; managing returns; processing refunds; managing warranties

            • Customer service and communications, including responding to requests, comments, or questions through email, text message, telephone calls, postal mail, chat functions; forms and product review capabilities; reviewing recorded calls or content of other communications for quality or customer service purposes; responding to requests for information and taking action that may be requested under CCPA

            • Marketing and advertising, such as contextual marketing and advertising; personalizing user experience and marketing, including targeted product display; targeted marketing and advertising through the services; marketing through emails, text messages, and other communications methods; re-targeted marketing and advertising across other websites, devices, and platforms; auditing related to counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with this specification and other standards; engaging in analytics to personalize user experience; managing and communicating through our presence on social media platforms and other platforms

            • Payment-related activities, including processing payments, checking creditworthiness, evaluating payment options, providing finance, managing installment payment programs, participating in private label credit card programs

            • Providing technology to enable use and operation of services; providing storage

          • Maintaining and improving services and user experience, including:

            • Creating and updating applications, websites, and other features or functionality used by that we use

            • Debugging to identify and repair errors that may affect how the services function;

            • Engaging in analytics related to improving services or user experience

            • Product safety or quality activities.

          • Fraud prevention and information security, including:

            • Measures to verify identity when an account is used for ordering or when the account is otherwise accessed;

            • Helping to ensure security and integrity, including by detecting and responding to fraud or security incidents

            • Limiting payment fraud

            • Protecting against other malicious, deceptive, or illegal activity

          • Short-term, transient use permitted under CCPA

          • Internal research, including:

            • Developing and demonstrating technology

            • Conducting research, analytics, surveys, and focus groups to improve customer experiences, develop services and products, provide better marketing and advertising.

          • Other business purposes for which we provide notice, including:

            • Legal obligations, including prosecuting people responsible for fraudulent, malicious, deceptive or illegal activities; defending claims; notifying of product recalls or other issues related to products; enforcing and notifying of our terms and conditions, privacy statement, forum guidelines, and other policies and changes to such terms and conditions, privacy statement and other policies; and for records retention purposes.

          • Any other purposes consistent with our applicable privacy statements

        We collect, sell or share sensitive personal information for the following purposes:

            • To perform the services or provide the goods reasonably expected by an average consumer who requests those goods or services
            • Helping to ensure security and integrity, including;
              • Enabling networks or information systems to detect security incidents that compromise the availability, authenticity, integrity, and confidentiality of stored or transmitted personal information
              • Detecting security incidents, resisting malicious, deceptive, fraudulent, or illegal actions and helping to prosecute those responsible for those actions
              • Ensuring physical safety of natural persons
            • Short-term, transient use permitted under CCPA
            • Performing services for our business operations, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing analytic services, providing storage, or providing similar services for our business operations
            • Undertaking activities to verify or maintain the quality or safety of a service or device that is owned, made, made for, or controlled by us, and to improve, upgrade, or enhance a service or device that is owned, made, made for, or controlled by us

        We do not use or disclose sensitive personal information for purposes to which the right to limit use and disclosure applies under the CCPA.

        SALES OR SHARING OF PERSONAL INFORMATION. We sell or share personal information that is within the categories in the table below. Beside each category of personal information are the categories of third parties to which such personal information is sold or shared. Items of sensitive personal information are noted with an asterisk.

        CATEGORIES OF PERSONAL INFORMATION SOLD OR SHARED

        CATEGORIES OF THIRD PARTIES

        Identifiers

        Marketing and advertising

        Payment and collection services

        Personal information records (as described in described in Cal. Civ. Code § 1798.80(e))

        Marketing and advertising

        Payment and collection services

        Commercial information

        Marketing and advertising

        Payment and collection services

        Internet or other electronic network activity information

        Marketing and advertising

        Payment and collection services

        Geolocation data

        Marketing and advertising

        Payment and collection services

        Audio, electronic, visual, thermal, olfactory, or similar information

        Marketing and advertising

        Payment and collection services

        Inferences

        Marketing and advertising


        As we require customers be 18 years of age or older to use our services, we have no actual knowledge of sales or sharing of personal information of consumers under 16 years of age.

        DISCLOSURES OF PERSONAL INFORMATION FOR BUSINESS PURPOSES. We disclose personal information that is within the categories in the table below for business purposes. Beside each category of personal information are the categories of service providers and contractors to which such personal information is disclosed for business purposes. Items of sensitive personal information are noted with an asterisk.

        CATEGORIES OF PERSONAL INFORMATION DISCLOSED FOR BUSINESS PURPOSES

        CATEGORIES OF SERVICE PROVIDERS AND CONTRACTORS

        Identifiers

        Breach/fraud detection, prevention, and response
        Consulting and business services
        Mandatory recipients (i.e., recipients with which we are obligated to share personal information) Marketing and advertising
        Order fulfillment
        Payment and collection services
        Research and analytics
        Security
        Shipping
        Social media platforms
        Technology services
        Temporary staff
        Website and application developers

        Personal information records (as described in described in Cal. Civ. Code § 1798.80(e))

        Breach/fraud detection, prevention, and response
        Consulting and business services
        Mandatory recipients (i.e., recipients with which we are obligated to share personal information) Marketing and advertising
        Order fulfillment
        Payment and collection services
        Research and analytics
        Security
        Shipping
        Social media platforms
        Technology services
        Temporary staff
        Website and application developers

        Commercial information

        Breach/fraud detection, prevention, and response
        Consulting and business services
        Mandatory recipients (i.e., recipients with which we are obligated to share personal information) Marketing and advertising
        Order fulfillment
        Payment and collection services
        Research and analytics
        Security
        Shipping
        Social media platforms
        Technology services
        Temporary staff
        Website and application developers

        Internet or other electronic network activity information

        Breach/fraud detection, prevention, and response
        Consulting and business services
        Mandatory recipients (i.e., recipients with which we are obligated to share personal information) Marketing and advertising
        Order fulfillment
        Payment and collection services
        Research and analytics
        Security
        Shipping
        Social media platforms
        Technology services
        Temporary staff
        Website and application developers

        Geolocation data

        Breach/fraud detection, prevention, and response
        Consulting and business services
        Mandatory recipients (i.e., recipients with which we are obligated to share personal information) Marketing and advertising
        Order fulfillment
        Payment and collection services
        Research and analytics
        Security
        Shipping
        Social media platforms
        Technology services
        Temporary staff
        Website and application developers

        Audio, electronic, visual, thermal, olfactory, or similar information

        Breach/fraud detection, prevention, and response
        Consulting and business services
        Mandatory recipients (i.e., recipients with which we are obligated to share personal information) Marketing and advertising
        Order fulfillment
        Payment and collection services
        Research and analytics
        Security
        Shipping
        Social media platforms
        Technology services
        Temporary staff
        Website and application developers

        * Social security, driver’s license or state identification card

        Breach/fraud detection, prevention, and response
        Mandatory recipients (i.e., recipients with which we are obligated to share personal information)
        Payment and collection services
        Security
        Technology services
        Temporary staff
        Website and application developers

        * Account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account

        Fraud detection, fraud prevention, and security
        Mandatory recipients (i.e., recipients with which we are obligated to share personal information)
        Payment and collection service
        Technology services
        Temporary staff
        Website and application developers

        Inferences

        Breach/fraud detection, prevention, and response
        Consulting and business services
        Mandatory recipients (i.e., recipients with which we are obligated to share personal information) Marketing and advertising
        Order fulfillment
        Payment and collection services
        Research and analytics
        Security
        Shipping
        Social media platforms
        Technology services
        Temporary staff
        Website and application developers


        FINANCIAL INCENTIVES

        We may from time-to-time offer “Incentives” such as discounts on goods, discounts on shipping, prizes for participating in contests, and other similar incentives. In connection with offering Incentives, we may collect a name, email address, phone/text number, or other personal data; as further described in in the specific Incentive. To the extent that we collect personal data of a California consumer participating in connection with offering an Incentive, then the value of the personal data provided in connection with the Incentive is generally calculated as the value of the Incentive less our expenses in operating the Incentive program and other costs associated with our business activities related to the Incentive.

        AUTHORIZED AGENTS. A California consumer participating in an Incentive may opt-in to the Incentive by following the method of participation used for the Incentive. California consumers also have the right to withdraw from an Incentive at any time through the methods described in the terms and conditions of the Incentive program. Additionally, if an Incentive is related to receiving marketing emails or marketing text messages, a participating California consumer can withdraw from the Incentive by unsubscribing from the relevant communications, using the methods described in our Privacy Statement.

        CCPA RIGHTS Following are rights of California consumers under CCPA. To exercise these rights, please contact us. Please note that, if you submit a request to know, request to delete or request to correct, you may be asked to provide 2-3 pieces of personal information that we will match against our records to verify your identity.

        Deletion A California consumer has the right to request the deletion of personal information we have collected from the consumer, but CCPA permits some personal information to be retained, notwithstanding a consumer’s deletion request.

        Correction Taking into account the nature of personal information and the purposes of processing personal information, a California consumer has the right to request the correction of the consumer’s personal information if it is inaccurate.

        Right to Know A California consumer has the right to request the disclosure of (1) the categories of personal information we have collected about that consumer; (2) the categories of sources from which that personal information is collected; (3) the business or commercial purpose for collecting, selling or sharing the personal information; (4) the categories of third parties to whom we disclosed personal information; (5) the categories of personal information that we sold, and for each category identified, the categories of third parties to which we sold that particular category of personal information; and (6) the categories of personal information that we sold, and for each category identified, the categories of third parties to which we sold that particular category of personal information.

        A California consumer also has the right to request the specific pieces of personal information we have collected about that consumer.

        Opt-out of sales or sharing A California consumer has the right to opt out of sales or sharing of personal information about that consumer. If you choose to use the Global Privacy Control (GPC) browser signal, you will only be opted out of online sales or sharing of personal information, and you will need to log in to retain settings or turn it on for each browser you use. To submit a request to opt out of offline sales and sharing, please contact us.

        Non-Discrimination. A California consumer has the right that a business shall not discriminate against you because you exercised your rights under CCPA.

        Agents Authorized agents may submit requests on a consumer's behalf by submitting the request through the same means listed under the rights above. Authorized agents must establish their qualification to act as an agent and we will still require verification directly from the consumer, unless the authorized agent possesses an appropriate power of attorney.

        Nevada Privacy Statement

        If you are a Nevada resident and would like to make a request under Chapter 603A of the Nevada Revised Statutes, you may email us at store@BariatricPal.com. Please include "Nevada" in your email subject line and include the following information in your email: your name, Nevada resident address, and email address.

        Virginia Privacy Statement

        This section is referred to as the "Virginia Privacy Statement" and is provided in connection with the Virginia Consumer Data Protection Act (or “VCDPA”). Some terms in this Virginia Privacy Statement are defined in VCDPA

        This Virginia Privacy Statement only applies to people who are consumers under VCDPA.

        This Virginia Privacy Statement does not apply to information that is excluded from the definition of “personal data” under VCDPA or to information or activity that is subject to exemptions under VCDPA.

        This Virginia Privacy Statement supplements our other privacy notices and policies and shall govern in the event of a conflict between this Virginia Privacy Statement or other privacy notices and policies. However, if any other notice about VCDPA is provided at the point of collection, then that other notice shall govern in the event of a conflict with this Virginia Privacy Statement as permitted by applicable law.

        Categories of personal data We process personal data when you use our services, including personal data in the following categories:

        • Account information, such as credentials to access your accounts with us including password; security questions and answers; user names
        • Communication information, such as the content messages sent through chat functions, emails, texts, or information that you send to us; recorded calls; technical information related to communications such as time, date or length of the communication
        • Contact information, such as your name; email address; street address; zip code; telephone number; texting number
        • Event information, such as information you provide if you participate in contests or sweepstakes; customer group or focus group information; in-person or remote attendance or participation in broadcasts or other events
        • External information obtained from other sources, such as demographic information; updated shipping information
        • Financial information, such as payment card information; gift card information; installment payment information; information related to private label credit card programs associated with our business
        • Forum or feedback information, such as comments you make in any forum that we make available; product reviews; answers you provide in surveys
        • Government identifier information, such as social security number (e.g., if you apply for a private label credit card); or driver’s license or identification card information
        • Information about others, such as name and shipping details of people to whom you send gifts or other purchases; people who you refer to our services through referral features included in our services
        • Location information, such as your location when you use our services or make a purchase
        • Order and purchase information, such as items you add or remove to a shopping cart; items you purchase; items you return; items you activate (e.g., computer) after purchase; wish list information
        • Preferences information, such as preferred sizes or colors of clothing
        • Technical and online information, such as identifiers of devices you use to connect to our services; internet protocol addresses; social media or other online identifiers; information from other platforms where we interact including social media platforms operated by other companies
        • User interaction information, such as pages you were visiting when you came to our websites and pages you went to when you left our website; pages browsed; items you look at, hover over or click; information you type into the services; interactions with advertisements; information collected through cookies, pixels, beacons, and other tracking technology
        • Video and audio information, such as video or images that you send to us or upload into the services; recordings we make if you participate in events that we are recording
        • Other information that you provide in your use of our services; information that we collect in the operation of our business
        • Information created or inferred based on the categories above, such as analytics information

        The examples in the categories above are not exclusive, and other kinds of personal data are included in these categories.

        Purposes for processing personal data. We process personal data for the following purposes:

        • Performing services, such as:
          • Account provision and maintenance, including creating and managing your account with us; providing customer service; verifying customer information; and providing other services in the course of our business operations
          • Product sales and fulfillment, including selling products; processing and shipping orders to you or to recipients you designate; managing returns; processing refunds; managing warranties
          • Customer service and communications, including responding to requests, comments, or questions through email, text message, telephone calls, postal mail, chat functions; maintaining user forms and product review capabilities; reviewing recorded calls or content of other communications for quality or customer service purposes; responding to requests for information and taking action that may be requested under the VCDPA
          • Marketing and advertising, such as contextual marketing and advertising; personalizing user experience and marketing, including targeted product display; targeted marketing and advertising through the services; marketing through emails, text messages, and other communications methods; re-targeted marketing and advertising across other websites, devices, and platforms; auditing related to counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with this specification and other standards; engaging in analytics to personalize user experience managing and communicating through our presence on social media platforms and other platforms
          • Payment-related activities, including processing payments, checking creditworthiness, evaluating payment options, providing financing, managing installment payment programs, participating in private label credit card programs
          • Providing technology to enable use and operation of services; providing storage

        • Maintaining and improving services and user experience, including:
          • Creating and updating applications, websites, and other features or functionality that we use
          • Debugging to identify and repair errors that may affect how the services function
          • Engaging in analytics related to improving services or user experience
          • Product safety or quality activities

        • Fraud prevention and information security, including:
          • Measures to verify identity when an account is used for ordering or when the account is otherwise accessed
          • Helping to ensure security and integrity, including by detecting and responding to fraud or security incidents
          • Limiting payment fraud
          • Protecting against other malicious, deceptive, or illegal activity

        • Internal research, including:
          • Developing and demonstrating technology
          • Conducting research, analytics, surveys, and focus groups to improve customer experiences, develop services and products, provide better marketing and advertising

        • Other business purposes for which we provide notice, including:
          • Legal obligations, including prosecuting people responsible for fraudulent, malicious, deceptive or illegal activities; defending claims; notifying of product recalls or other issues related to products; enforcing and notifying of our terms and conditions, privacy statement, forum guidelines, and other policies and changes to such terms and conditions, privacy statement and other policies; and for records retention purposes

        • Undertaking activities to verify or maintain the quality or safety of a service or device that is owned, made, or controlled by us, and to improve, upgrade, or enhance a service or device that is owned, made, or controlled by us

        • Any other purposes consistent with our applicable privacy statements

        Third parties, We use third parties to help us in the operation of our business, and these third parties may have access to any of the personal data described in the categories of personal data above.

        The categories of third parties with which we share personal data includes:

        • Shipping companies
        • Order fulfillment companies
        • Payment processors
        • Advertising and marketing companies
        • Social media platforms
        • Fraud detection, fraud prevention, and security companies
        • Research and analytics companies
        • Website and application developers
        • Technology services providers
        • Analytics companies
        • Temporary Staff Providers

        VCDPA Rights. Following are rights of Virginia consumers under VCDPA. Please see below with respect to the right to opt out of profiling. To exercise any other right, please contact us

        Access. A Virginia consumer has the right to ask us to confirm whether or not we process personal data about the Virginia consumer and to access such personal data. We provide access to such personal data by providing you with a copy of such personal data.

        Copy. A Virginia consumer has the right to obtain a copy of the consumer's personal data that the consumer previously provided to the controller.

        Correction. Taking into account the nature of personal data and the purposes of processing personal data, a Virginia consumer has the right to have inaccuracies in the consumer’s personal information corrected.

        Deletion. A Virginia consumer has the right to request the deletion of the consumer’s personal data, but VCDPA permits some personal data to be retained, notwithstanding a consumer’s deletion request.

        Sale of personal data. A Virginia consumer has the right to opt out of sales of personal data. While we do not engage in sales of personal data under VDCPA, you may opt out of such sales if we do so in the future.

        Profiling. A Virginia consumer has the right to opt out of profiling in furtherance of decisions that produce legal or similarly significant effects concerning the consumer. While we do not engage in activities that come within the scope of profiling under VDCPA, you may opt out of such profiling if we do so in the future. To opt out of future profiling, please contact us at store@BariatricPal.com.

        Targeted Advertising. We engage in targeted advertising. A Virginia consumer has the right to opt out of targeted advertising.

        Appeal. A Virginia consumer has the right to appeal our decision with respect to a request to exercise a VDCPA right.