Privacy Notice for California Residents
Effective Date: 10/11/2022
Last Reviewed on: 10/11/2022
This Privacy Notice for California Residents supplements the information contained in Shefit Operating Company, LLC’s ("SHEFIT" or "we" "us" "our") general Privacy Policy found at https://shefit.com/policies/privacy-policy and applies solely to all visitors, users, and others who reside in the State of California ("consumers" or "you"). If you are a California resident, California law provides you with additional rights regarding our use of your personal information. We provide this notice in accordance with the California Consumer Privacy Act of 2018 and California Privacy Rights Act of 2020 (collectively the "CCPA") and any terms defined in the CCPA have the same meaning when used in this Notice.
Information We Collect.
We collect information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household ("personal information"). Personal information does not include:
- Publicly available information from government records or lawfully obtained, truthful information that is a matter of public concern.
- Deidentified or aggregated consumer information.
- Information excluded from the CCPA's scope, such as health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA), the California Confidentiality of Medical Information Act (CMIA), or clinical trial data.
- Personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FCRA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver's Privacy Protection Act of 1994.
In particular, we have collected the following categories of personal information from or about consumers within the last twelve (12) months:
Category |
Examples |
Collected |
A. Identifiers. |
Real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers. |
YES |
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). |
Name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories. |
YES |
C. Protected classification characteristics under California or federal law. |
Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information). |
YES |
D. Commercial information. |
Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. |
YES |
E. Biometric information. |
Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data. |
NO |
F. Internet or other similar electronic network activity. |
Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement. |
YES |
G. Geolocation data. |
Physical location or movements. |
YES |
H. Sensory data. |
Audio, electronic, visual, thermal, olfactory, or similar information. |
NO |
I. Professional or employment-related information. |
Current or past job history or performance evaluations. |
NO |
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)). |
Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. |
NO |
K. Inferences drawn from other personal information. |
Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. |
YES |
L. Sensitive Information |
Government identifiers (social security, driver's license, state identification card, or passport number); Complete account access credentials (usernames, account numbers, or card numbers combined with required access/security code or password); Precise geolocation; Racial or ethnic origin; Religious or philosophical beliefs; Union membership; Genetic data; Mail, email, or text messages contents; Unique identifying biometric information; Health, sex life, or sexual orientation information. |
NO |
We obtain the categories of personal information listed above:
- Directly from you. For example, from forms you complete or Services you purchase.
- Indirectly from you. For example, from observing your actions on SHEFIT Website.
Use of Personal Information.
We use the information we collect in the following ways:
- To fulfill or meet the reason you provided the information. For example, if you share your name and contact information to request a price quote or ask a question about our products or services, we will use that personal information to respond to your inquiry. If you provide your personal information to purchase a product or service, we will use that information to process your payment and facilitate delivery. We may also save your information to facilitate new product orders or process returns.
- To provide, support, personalize, and develop our website, products, and services.
- To create, maintain, customize, and secure your account with us.
- To process your requests, purchases, transactions, and payments and prevent transactional fraud.
- To provide you with support and to respond to your inquiries, including to investigate and address your concerns and monitor and improve our responses.
- To personalize your website experience and to deliver content and product and service offerings relevant to your interests, including targeted offers and ads through our website, third-party sites, and via email or text message (with your consent, where required by law).
- To help maintain the safety, security, and integrity of our website, products and services, databases and other technology assets, and business.
- For testing, research, analysis, and product development, including to develop and improve our website, products, and services.
- To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
- As described to you when collecting your personal information or as otherwise set forth in the CCPA.
- To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us about our consumers is among the assets transferred.
Sharing Personal Information.
We may disclose your personal information to a third party for a business purpose. When we disclose personal information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract.
We share your personal information for a business purpose to the following categories of third parties:
- with service providers, and other third parties we use to support our business as needed for them to provide us with services that help us with our business activities and promote our products to you;
- with Software/IT service providers we use to support our business and who are bound by contractual obligations to keep personal information confidential and use it only for the purposes for which we disclose it to them;
- when we believe sharing is necessary to protect our rights, preserve safety, investigate fraud or other wrongdoing;
- when required by law, which includes complying with any court order, law, or legal process, including responding to a government or regulatory request;
- in connection with the sale, transfer or financing of our business or its assets;
- to enforce or apply our agreements, including for billing or collection purposes; and
- for any other purpose disclosed by us when you provide the information.
Disclosures of Personal Information for a Business Purpose.
In the preceding twelve (12) months, SHEFIT has disclosed the following categories of personal information for a business purpose:
Category A: Identifiers.
Category B: California Customer Records personal information categories.
Category C: Protected classification characteristics under California or federal law.
Category D: Commercial information.
Category F: Internet or other similar network activity.
Category G: Geolocation data.
Category K: Inferences drawn from other personal information.
We have disclosed your personal information for a business purpose to the following categories of third parties:
- Service providers
- Marketing and advertising providers
Sale and Sharing of Personal Information.
California residents may opt out of the “sale” or “sharing” of their personal information. While SHEFIT does not monetize your information, we share information with businesses who provide cross-platform advertising and related tracking and analytics for our products in a way that falls under the CCPA’s broad definition of “sale” or “share.” SHEFIT does not knowingly sell the information of minors under the age of 16 without affirmative consent.
We share the following categories of personal information with marketing and advertising providers for the purposes described in this Privacy Notice:
- Commercial information
- Internet or other similar network activity
- Inferences drawn from other personal information
If you would like to opt out of the use of your personal information for such purposes that may be considered a “sale” or “sharing” under California law, you may do so as outlined here https://shefit.com/pages/opt-out
Your Rights and Choices.
The CCPA provides California residents with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.
- Access, Use Limitation, and Data Portability Rights.
You have the right to request that we limit the use and disclosure of certain personal information, opt-out of the use of certain personal information, as well as disclose certain information to you about our collection and use of your personal information over the past 12 months. You may request that we:
- Disclose to you the categories of personal information we collected about you.
- Disclose to you the categories of sources for the personal information we collected about you.
- Disclose to you our business or commercial purpose for collecting or selling that personal information.
- Disclose to you the categories of third parties with whom we share that personal information.
- Disclose to you the specific pieces of personal information we collected about you (also called a data portability request).
- Disclose to you if we sold, shared, or otherwise disclosed your personal information for a business purpose, separately disclosing:
- Sales, identifying the personal information categories that each category of recipient purchased;
- Sharing, identifying the personal information categories that we shared with each category of recipient; and
- Disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.
- Disclose to you if we used automated decision-making technology to evaluate or create a profile of you and provide information about the logic involved in such decision-making processes, including descriptions of the likely outcome.
- Stop using automated decision-making technology to evaluate you, create a profile of you, and make predictions about your future behavior.
- Limit the use and disclosure of your “sensitive personal information,” as that term is defined in the CCPA. At your request, we will use “sensitive personal information” only for purposes necessary to provide the Services.
- Deletion Request Rights.
You have the right to request that we delete your personal information that we have collected from you and retained, subject to certain exceptions. Once we receive and confirm your consumer rights request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.
We may deny your deletion request if retaining the information is necessary for us, or our service provider(s), to:
- Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, or otherwise perform our contract with you.
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
- Debug products to identify and repair errors that impair existing intended functionality.
- Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
- Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.).
- Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information's deletion may likely render impossible or seriously impair the research's achievement, if you previously provided informed consent.
- Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
- Comply with a legal obligation.
- Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
- Correcting Your Personal Information.
You have the right to request that we correct any inaccurate information we hold about you. Upon receipt and verification of your request to correct inaccurate personal information, we will use commercially reasonable efforts to correct your personal information as directed by you, pursuant to the law and applicable regulations.
- Exercising Access, Use Limitation, Data Portability, Deletion, and Correction Rights.
To exercise the access, use limitation, data portability, and deletion rights described above, please submit a consumer rights request to us by any of the following methods:
- By calling 1-866-768-4872
- By emailing: support@shefit.com
- By visiting WWW.SHEFIT.COM
Only you, or someone legally authorized to act on your behalf, may make a consumer rights request related to your personal information. You may also make a consumer rights request on behalf of your minor child. To designate an authorized agent, please contact us through the methods noted above. Only the consumer or authorized agent may make a consumer rights request related to their personal information. An “authorized agent” is a person (or a business entity registered with the California Secretary of State) that consumers have authorized to act on their behalf or an individual granted authority under a written power of attorney issued pursuant to California Probate Code sections 4000 to 4465.
If you are an authorized agent who wishes to submit a request to know, a request to limit use, a request to delete, or a request to opt-out on behalf of another consumer, please submit to us sufficient information to allow us to verify your identity to a reasonably high degree of certainty and either:
- Proof of authorization to submit the request, written and signed by the consumer; or
- A power of attorney pursuant to Probate Code sections 4000 to 4465.
We may deny a request from an authorized agent who does not submit adequate proof that they have been authorized by the consumer to act on the consumer's behalf. We may also contact the consumer directly to confirm their identity and that they provided you permission to submit the request on the consumer's behalf.
You may only make a consumer rights request for deletion, access, or data portability twice within a 12-month period. The consumer rights request must:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.
Making a consumer rights request does not require you to create an account with us. However, we do consider requests made through your password protected account sufficiently verified when the request relates to personal information associated with that specific account.
We will only use personal information provided in a consumer rights request to verify the requestor's identity or authority to make the request.
- Response Timing and Format.
We endeavor to respond to a consumer rights request within forty-five (45) days of its receipt. If we require more time (up to 45 days), we will inform you of the reason and extension period in writing.
Any disclosures we provide will only cover the 12-month period preceding our receipt of your request. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your consumer rights request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
Non-Discrimination.
We will not discriminate against you for exercising any of your CCPA rights.
However, we may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive we offer will reasonably relate to your personal information's value and contain written terms that describe the program's material aspects. Participation in a financial incentive program requires your prior opt-in consent, which you may revoke at any time.
California Do Not Track Disclosure.
Do Not Track (“DNT”) is a privacy preference that you can set in your web browsers, which allows you to opt out of tracking by websites and online services. We do not currently recognize or respond to DNT signals. For more information about DNT, please see www.eff.org/issues/do-not-track.
California Shine the Light.
California's "Shine the Light" law (Civil Code Section § 1798.83) permits users of our Services who are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to support@shefit.com.
California Business and Professions Code Section 22581.
California residents under the age of 18 who are registered users of online sites, services, or applications have a right under California Business and Professions Code Section 22581 to remove, or request and obtain removal of, content or information they have publicly posted. To remove content or information you have publicly posted, please send a detailed description of the specific content or information you wish to have removed using the Contact Information below. Please be aware that your request does not guarantee complete or comprehensive removal of content or information posted online and that the law may not permit or require removal in certain circumstances.
Contact Information.
If you have any questions or comments about this notice, the ways in which SHEFIT collects and uses your information, your choices and rights regarding such use, or wish to exercise your rights under California law, please do not hesitate to contact us at:
- Phone: 866.768.4872
- Email: support@shefit.com
- Website: www.shefit.com
- Postal Address: 4400 Central Parkway, Hudsonville, MI 49428