PRIVACY POLICY
Effective April 8, 2024
This Privacy Policy (“Privacy Policy” or “Policy”) explains how DRMTLGY, LLC, a California limited liability company (Company” , “We” , “Us” or “Our”) may gather, collect, record, hold, distribute, share, disclose or otherwise use any information or data about any user (“User” or “You” or “Your”) of Company’s website at https://www.drmtlgy.com/ (“Company Website”) or through any other site, program, activity, technology platform, technology application, or service offered by Company (the Company Website and these other programs, activities, platform, applications, and services are collectively referred to as “Company Program(s)”).
BY CONTINUING TO USE THE COMPANY WEBSITE OR ANY OTHER COMPANY PROGRAM OFFERED BY THE COMPANY, YOU HEREBY AGREE TO BE BOUND BY ALL OF THE TERMS AND CONDITIONS OF THIS PRIVACY POLICY AS IT IS PRESENTED TO YOU AS OF THE DATE OF YOUR FIRST USE OF THE COMPANY WEBSITE OR ANY OTHER COMPANY PROGRAM.
NO CHANGES (ADDITIONS OR DELETIONS) BY YOU TO THIS POLICY WILL BE ACCEPTED BY THE COMPANY. IF YOU DO NOT AGREE TO ALL THE TERMS AND CONDITIONS OF THIS PRIVACY POLICY, OR YOU DO NOT WISH YOUR PERSONAL INFORMATION TO BE USED PURSUANT TO THIS PRIVACY POLICY, THEN YOU SHOULD NOT USE ANY THE COMPANY WEBSITE OR ANY OTHER COMPANY PROGRAM AND YOU SHOULD NOT PROVIDE ANY OF YOUR PERSONAL INFORMATION TO THE COMPANY.
1. INFORMATION WE COLLECT.
During a User’s access or use of the Company Website or any other Company Program, the Company may, either directly or by using its service providers, gather, collect, record, hold, distribute, share, disclose, or otherwise use personal information or data about You that You provide to Us, as described in Section 1.1 below, or that is automatically collected, as described in Section 1.2 below (hereinafter collectively referred to as the User’s “Personal Information”).
1.1. INFORMATION YOU PROVIDE TO US.
We collect Personal Information that You provide directly to Us, including without limitation any Personal Information You provide during Your use of the Company Website or any other Company Program. For example, we may collect Personal Information from You if You:
- Provide Us with any data about You through the Company Website or any other Company Program, or via telephone;
- Create an account with Us;
- Purchase any of the Company’s products;
- Seek customer support;
- Request an exchange or return of any of the Company’s products;
- Request any information from or about the Company, such as a newsletter, e-alert, or any other information about Our products, events, or business partners;
- Communicate with any representative of our Company;
- Communicate with Us via third party social media sites;
- Participate in any contest, loyalty program, promotion, or sweepstake;
- Apply for a job with the Company; or
- Otherwise communicate with Us.
- Your name;
- Mailing address and/or billing address;
- E-mail address;
- Phone (or mobile) number;
- Your username and password;
- Credit or debit card number and other information about the same; and
- Your purchase history.
1.2. INFORMATION AUTOMATICALLY COLLECTED.
When a User accesses or otherwise uses the Company Website or any other Company Program, We automatically collect certain Personal Information about You, including:
-
Device Information. We (or Our service providers) may collect information about the computer, tablet, phone, or other device You use to access any of the Company Programs, including the Internet Protocol address, hardware model, operating system and version, mobile network information, and other unique device identifiers (hereinafter collectively referred to as “Device Identifiers”).
-
Cookies and Other Web-based Tracking Technologies. We (or Our service providers) may use different technologies such as cookies, web beacons, or other types of small temporary files or web-based tracking technologies to gather certain information. A cookie is a small data file stored by Your web browser on Your computer or mobile device (hard drive) that helps Us to improve the way We deliver Our Company Website or other Company Programs to You, helps Us improve Your overall experience using Our Company Website or other Company Programs, and/or helps Us analyze the areas and features of Our Company Programs that are most popular or to detect fraud. Web beacons are electronic images that may be used in Our Company Programs or emails and help deliver cookies, count visits, and understand usage. Like many other websites, cookies and these other web-based tracking technologies may be used by Us (or Our service providers) during Your visit to the Company Website or other Company Program in order to improve Your individual experience as a User of the Company Website or other Company Program or to generally improve or enhance the overall functionality of the Company Website or other Company Program. While most websites automatically accept cookies for these purposes, You may be able to instruct Your browser to stop accepting cookies or prompt You before accepting a cookie from the sites You visit, including the Company Website. SEE SECTION 6.5 OF THIS PRIVACY POLICY WHICH PROVIDES FURTHER NOTICE ABOUT HOW THESE COOKIES ARE USED AND PROVIDES INSTRUCTIONS IF YOU WANT TO DISABLE ANY OF THESE COOKIES.
-
Geo-location Data. Subject to any of Your device permissions, We (or Our service providers) may be able to collect information about the precise location of Your device or may gather other general location data based on GPS data, mailing address, and/or billing address (hereinafter collectively referred to as “Geo-location Data”).
-
Social Media Information. If any of Our Company Programs offer any social media features, such as the Facebook Like button or similar social media interactive mini-programs, these features may collect Your Internet Protocol address, which page You are visiting on Our Company Program, and may set a cookie to enable the feature to function properly. Social media features are either hosted by a third party or hosted directly on Our Company Program. Your interactions with these features may be governed by the privacy policies of the company providing it (see Section 7 regarding Third Party Sites).
1.3. EMPLOYEES. We collect personal information in the context of Your role as an applicant to, an employee of, director of, or officer of, Our business. The personal information We collect in these cases may include name, Social Security number, address, date of birth, gender, race, ethnicity, bank account and routing number, tax filing status, emergency contact information, telephone number, family member names, educational background, criminal background, employment history, medical provider information, dependent name(s), date of birth, gender and address, medical insurance provider, compensation and benefits data, workplace, and title. We only use this information for purposes of evaluating qualifications related to Your job application or Your job duties; evaluating Your performance; or for providing compensation, benefits, and services in the context of the employment relationship. The personal information described in this paragraph is “Employee Data”.
1.4. SOURCES FROM WHICH WE COLLECT PERSONAL INFORMATION. We may collect Personal Information about You from a number of sources in addition to those means of collection indicated above, including offline or through sources unrelated to Your use of our Company Website. For example, We may collect Personal Information from publicly accessible sources; directly from a third party; or from a third party with Your consent. We may merge or co-mingle that Personal Information with the Personal Information We maintain about You and other data collected on or through Our Company Website. We may collect Personal Information from: advertising networks; internet service providers; data analytics providers; government entities; operating systems and platforms; and social networks.
2.1. PRIMARY WAYS WE USE YOUR INFORMATION. User’s Personal Information may be gathered, collected, recorded, held, or otherwise used by or on behalf of the Company (including by Our service providers) to provide, maintain, and improve our Services to You, including for the following purposes:
- Process Your transactions with the Company, including without limitation fulfilling Your orders, process exchanges and/or returns and send shipping notifications;
- Send support and administrative messages, and respond to Your comments, questions, and customer service requests;
- Communicate with you about products, offers, or any other events offered by Us and others, and/or to offer and provide You with news and information that the Company thinks will be of interest to You (if you prefer not to receive promotional communications from Us, you may “Opt Out” at any time by following the “Opt Out” instructions in Section 6.1 herein;
- Allowing You to sign up and participate in any other Company communication resources, including without limitation any Company newsletters or blogs (if you prefer not to continue to receive these other Company communications, You may “Opt Out” at any time by following the “Opt Out” instructions in Section 6.1 herein;
- Monitor and analyze trends, usage, and activities in connection with the Company’s goods/services and industry;
- Personalize Your experience and the advertisements and content You see when You use any Company Program based on Your preferences, interests, and browsing and purchasing behavior;
- For compliance purposes as may be required by applicable laws or regulations or as requested by any judicial process or governmental agency (including without limitation for Company’s tax reporting) or as may be requested under any subpoena;
- To facilitate Your use of various social media sharing features or other integrated tools (including, for example only, certain Facebook features, such as a Facebook “Like” button) which You may use as part of social media pages;
- To facilitate any contests, sweepstakes, loyalty programs, or promotions and process and deliver entries and rewards;
- Process Your information to evaluate Your application if You apply for a job; or
- To carry out any other purpose described to You at the time the Personal Information is collected.
2.2. OTHER WAYS WE MAY USE YOUR INFORMATION. In addition to the above, Your Personal Information may be gathered, collected, recorded, held, or otherwise used for the following additional purposes:
- Outside Professionals. To use with, or otherwise distribute, share or disclose to, any of the Company’s professional advisors such as attorneys or accountants (“Outside Professionals”) in order to facilitate the professional advice from those Outside Professionals; or
- Government Agencies. To use with, or otherwise distribute, share or disclose to, any government agencies or third parties in order to comply with, or otherwise pursuant to, any subpoena, court order, or other governmental order, law, or regulation (including without limitation tax reporting).
- Auditing. Auditing related to a current interaction with You, including, but not limited to, counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with this specification and other standards;
- Security. Helping to ensure security and integrity to the extent the use of Your Personal Information is reasonably necessary and proportionate for these purposes;
- Debugging. Debugging to identify and repair errors that impair existing intended functionality;
- Transient Use. Short-term, transient use, including, but not limited to, non-personalized advertising shown as part of a consumer’s current interaction with Us provided that Your Personal Information is not disclosed to a third party and is not used to build a profile about You or otherwise alter Your experience outside the current interaction with Us;
- Services. Performing services on Our behalf, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing analytic services, providing storage, or providing similar services on Our behalf;
- Advertising. Providing advertising and marketing services to You. With your permission, we may send You emails about Our store, new products, and other updates. With your permission, We may send You text messages about our store, new products, and other updates. Such updates include Checkout Reminders. Webhooks will be used to trigger the Checkout Reminders messaging system.
- Research. Undertaking internal research for technological development and demonstration;
- Quality and Safety. Undertaking activities to verify or maintain the quality or safety of Our products and services and to improve, upgrade, or enhance Our products and services; and
- Commercial Interests. Advancing Our commercial or economic interests, such as by inducing a person to buy, rent, lease, join, subscribe to, provide, or exchange products, goods, property, information, or services, or enabling or effecting, directly or indirectly, a commercial transaction.
2.3. The Company may also use or share Your Personal Information for another reason that is compatible with the purposes described above. For example, We consider de-identification, aggregation, and other forms of anonymization of Personal Information to be compatible with the purposes listed herein and in Your interest because the anonymization of such information reduces the likelihood of improper disclosure of that information. If We need to use Your Personal Information for an unrelated purpose, We will notify You and We will explain the legal basis which allows Us to do so.
3. SHARING OF INFORMATION
We may distribute, share or disclose Personal Information about You as follows or as otherwise described herein:
- Service Providers. We may share or disclose Your Personal Information with Our service provides or other third party vendors that We retain in connection with the provision of the Company Programs, including without limitation the following types of service providers that We may engage:
- Email, internet, or other telecommunication service providers, including website hosting;
- Cloud, other data storage, or other hosting service providers;
- Third party payment service providers, including without limitation third party credit card processors (see Third Party Application Providers below);
- Analytics companies who assist Us with various types of data analytics, web analytics, and app analytics (see Third Party Analytics Tools or Services below);
- Third parties delivery or shipping service providers;
- Other third party contractors we engage to assist Us in providing Our goods/ services;
- App design; and
- Database management.
- Third Party Application Providers. We may share or disclose Your Personal Information to third party application providers, including Shopify, credit card processors, other third party payment service providers, or intermediary services that assist in processing your payments.
- Third Party Analytics Tools or Services. We may use analytics tools or services provided by a third party analytics service provider or by using one of their tools, such as, but not limited to Google Analytics, to collect and process certain analytics data (“Third Party Analytics Tools or Services”). These Third Party Analytics Tools or Services may also collect data about Your use of other websites, apps, and online resources. SEE SECTION 6.5 OF THIS PRIVACY POLICY THAT PROVIDES FURTHER NOTICE ABOUT HOW SOME OF THESE THIRD PARTY ANALYTICS TOOLS OR SERVICES MAY USE COOKIES AND PROVIDES INSTRUCTIONS IF YOU WANT TO DISABLE ANY OF THESE COOKIES.
- Aggregated Form. We may make certain automatically-collected, aggregated, or otherwise de-identified Personal Information available to third parties for various purposes, including (i) compliance with various reporting obligations; (ii) for business or marketing purposes; or (iii) to assist such parties in understanding our Users’ interests, habits, and usage patterns for certain programs, content, services, advertisements, promotions, and/or functionality available through the Company Programs.
- Advertising/Marketing Partners. We may work with third party sales reporting companies, or third party advertising or marketing companies (collectively, “Advertising Partners”) in order to provide You with advertisements, marketing, or other information that We think may interest You. These Advertising Partners may set or access their own cookies, pixel tags, or similar technologies on our Company Programs or they may otherwise collect or have access to data about You that they may collect over time and across different online services. These Advertising Partners may also provide Us with their own independent data about potential customers and such data could include data about You previously collected by the Advertising Partner.
- Social Media Features. The Company Programs may, now or in the future, offer social media features, including certain sharing tools or other integrated tools (such as the Facebook “Like” button), which let You share actions that You take on Our social media pages. Your use of such features enables the sharing of Personal Information with the public, depending on the settings You establish with the entity that provides the social sharing feature.
- Merger, Sale, or Other Asset Transfers. We may share, disclose, or otherwise transfer Your Personal Information to the Company’s Outside Professionals (as defined in Section 2.2 herein), other advisors, potential transactional partners, or other third parties in connection with the consideration, negotiation, or completion of a corporate transaction in which We are acquired by or merged with another company or We sell, liquidate, or transfer all or a portion of Our assets. If another company or individual acquires Our business, or assets, that company or individual will possess the Personal Information collected by Us and will assume the rights and obligations regarding Your Personal Information as described in this Policy. The use of Your Personal information following any of these events will be governed by this Privacy Policy.
- As Required By Law, Subpoena or Similar Government Order. We may access, preserve, share, or disclose Your Personal Information if We believe doing so is required or appropriate to: (i) comply with all laws or regulations, including any tax reporting requirements of the Company; (ii) comply with any other law enforcement requests or legal process, such as a court order or subpoena; (iii) respond to Your requests; or (iv) protect Your, Our, or others’ rights, property, or safety. FOR THE AVOIDANCE OF DOUBT, WE MAY BE REQUIRED TO DISCLOSURE YOUR PERSONAL INFORMATION TO: (I) TAXING AUTHORITIES AS PART OF OUR TAX REPORTING REQUIREMENTS; OR (II) LAW ENFORCEMENT AUTHORITIES OR OTHER GOVERNMENTAL AGENCIES OR VIA SUBPOENA ARISING OUT OF YOUR USE OF ANY UNLAWFUL OR INFRINGING CONTENT WHILE USING ANY COMPANY PROGRAM.
- Company’s Outside Professionals. We may share or disclose Your Personal Information with any of the Company’s Outside Professionals (as defined in Section 2.2 herein) in order to facilitate the professional advice such Outside Professionals provide to the Company.
- Contractors. We disclose Personal Information to entities that help us fulfill a business or commercial purpose including, but not limited to, shipping companies that deliver Our products to You (“Contractors”). Contractors are not permitted to sell or share Your Personal Information or to use Your Personal Information other than to perform the tasks We assign to them.
- Consent. We may also share or disclose Your Personal Information with your permission.
We will keep Your Personal Information for as long as is necessary: (i) to respond to questions, complaints, or claims made by You or on Your behalf; (ii) to keep records required by law; or (iii) to perform the business functions described in this Privacy Policy. Personal Information will not be kept longer than necessary for the purpose it was collected.
5. RIGHTS OF CALIFORNIA RESIDENTS UNDER THE CALIFORNIA CONSUMER PRIVACY ACT (CCPA).
5.1. RIGHT TO ACCESS INFORMATION.
Persons who reside in California (“California Residents”) have the right to request that the Company disclose certain information about the Company’s collection and use of their Personal Information over the past 12 months. Once the Company receives and verifies Your consumer request (see Section 5.4), the Company will disclose to You:
- The categories of Personal Information We collected about You over the past 12 months.
- The sources for the Personal Information We collected about You.
- Our business or commercial purpose for collecting or selling Your Personal Information.
- The categories of third parties with whom We shared that Personal Information.
- The specific pieces of Personal Information We collected about You.
- If We sold or disclosed Personal Information for a business purpose; two separate lists disclosing:
- Sales (if any), identifying the Personal Information that each recipient purchased; and
- Disclosures for a business purpose, identifying the categories of Personal Information that each recipient obtained.
5.2. RIGHT TO DELETE INFORMATION.
If You are a California Resident, You have the right to request that the Company delete any of Your Personal Information that the Company collected and retained, subject to certain exceptions. Once the Company receives and verifies Your consumer request (see Section 5.4), the Company will delete (and direct our service providers to delete) Your Personal Information from our records, unless an exception applies. The Company may deny Your deletion request if retaining the information is necessary for the Company or its service provider(s) to:
- Complete the transaction for which We collected the Personal Information, provide a good that You requested, take actions reasonably anticipated within the context of Our ongoing business relationship with You;
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities;
- Debug products to identify and repair errors that impair existing intended functionality;
- Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law;
- Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.);
- Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information's deletion may likely render impossible or seriously impair the research's achievement, if You previously provided informed consent;
- Enable solely internal uses that are reasonably aligned with consumer expectations based on Your with Us; or
- Comply with a legal obligation; or
- Make other internal or lawful uses of that information that are compatible with the context in which You provided it.
5.3 HOW TO EXERCISE RIGHTS.
To exercise the access, data portability, deletion rights, and other rights described in this section, a California Resident must submit a verifiable consumer request to the Company by either:
- Emailing the Company at: hello@drmtlgy.com
- Writing the Company at: DRMTLGY LLC, 20660 Nordhoff St., Chatsworth, CA 91311
- Submitting a request online at https://www.drmtlgy.com/pages/ccpa-compliance
Only a California Resident, or a person registered with the California Secretary of State that a California Resident authorizes to act on the California Resident’s behalf, may make a verifiable consumer request to the Company related to the California Resident’s Personal Information. A California Resident may also make a verifiable consumer request on behalf of their minor child who is a California Resident. A California Resident may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:
- Provide sufficient information to allow the Company to verify that the person submitting the request is the person or the authorized representative of the person whose Personal Information is implicated by the request.
- Describe the California Resident’s request with sufficient detail to allow the Company to properly understand, evaluate, and respond to it.
The Company cannot respond to a California Resident’s request or provide a California Resident with Personal Information if the Company cannot verify the California Resident’s identity or authority to make the request and confirm the Personal Information relates to such California Resident. Making a verifiable consumer request does not require a California Resident to create an account with us. The Company will only use Personal Information provided in a verifiable consumer request to verify the requestor's identity or authority to make the request.
5.4. RESPONSE TIMING AND FORMAT.
If a California Resident sends a verifiable consumer request as set forth in Section 5.4 above, the Company will endeavor to respond to such verifiable consumer request within forty-five (45) days of its receipt. If the Company requires more time (up to a total aggregate of 90 days), the Company will inform the California Resident of the reason and extension period in writing. We will deliver Our written response by e-mail. Any disclosures We provide will only cover the 12-month period preceding the verifiable consumer request's receipt. The response We provide will also explain the reasons We cannot comply with a request, if applicable. For data portability requests, We will select a format to provide the California Resident’s Personal Information that is readily useable and should allow such California Resident to transmit the information from one entity to another entity without hindrance. We do not charge a fee to process or respond to a California Resident’s verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If We determine that the request warrants a fee, We will tell the California Resident why We made that decision and provide such California Resident with a cost estimate before completing such California resident’s request.
5.5. NON-DISCRIMINATION NOTICE.
The Company will not discriminate against any California Resident for exercising any of their California Resident’s rights under the CCPA. Unless permitted by the CCPA, We will not:
- Deny such California Resident any goods or services;
- Charge such California Resident different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties;
- Provide such California Resident a different level or quality of goods or services; or
- Suggest that such California resident may receive a different price or rate for goods or services or a different level or quality of goods or services.
6.1. OPT-OUT FROM RECEIVING INFORMATION FROM THE COMPANY.
6.1.1. YOU CAN OPT-OUT FROM RECEIVING INFORMATION FROM THE COMPANY. In the event a User has provided the Company with Personal Information such as that discussed above, and thereafter a User does not want to continue to directly receive further notices, or information from the Company such as emails about the Company’s products or services, the User may use the “unsubscribe” link in our emails, email Us at hello@drmtlgy.com, or contact Us at DRMTLGY LLC, 20660 Nordhoff St., Chatsworth, CA 91311, stating that the User no longer wants to receive communications directly from the Company (“Opt Out”). Once the Company has received the User’s request to Opt Out, the Company will use commercially reasonable efforts, in a commercially reasonable time period, to try to carry out such User’s request to Opt Out; provided, however, the Company will not have any obligation to retrieve, and cannot prevent the further use by others of, the User’s Personal Information that has been shared with other parties as permitted by the provisions of this Privacy Policy.
6.1.2. EFFECT OF OPT-OUT. If a User elects to Opt Out, the User will no longer receive emails directly from the Company after a commercially reasonable time from the date such User sent its Opt Out notice to the Company. However, the Company does not have any obligations under, or liability arising out of, this Privacy Policy with regard to a User’s decision to share its Personal Information with, Our use of, any other internet websites, forums, or programs that the User may have linked to via the Company Website that are not under the Company’s direct control or ownership. Accordingly, after sending Your Opt Out to the Company, You may need to contact these other entities directly regarding their use of Your Personal Information.
6.2. GEO-LOCATION DATA.
You may be able to prevent your device from sharing precise location information, including without limitation some or all of the Geo-Location Data described in Section 1.2 above, at any time through Your device’s operating system settings
6.3. DO NOT TRACK.
Some browsers have a “DO NOT TRACK” feature that lets website users inform websites or other applications that they do not want to have their online activities tracked. These “do not track” features may also give website users other choices regarding the collection of their personal identifiable information. However, these “do not track” features and “do not track’ signals are not yet uniform. ACCORDINGLY, EACH USER OF THE COMPANY WEBSITE OR ANY OTHER COMPANY PROGRAM IS HEREBY NOTIFIED THAT THE COMPANY WEBSITE AND THE OTHER COMPANY PROGRAMS ARE NOT CURRENTLY SET UP TO RESPOND TO ANY OF THE USER’S “DO NOT TRACK” FEATURES OR “DO NOT TRACK” SIGNALS.
6.4. CHILDREN; COPPA NOTICE.
This Company Website and other Company Programs are not directed to children under the age of 13. We adhere to the Children's Online Privacy Protection Act ("COPPA") and will not knowingly register or otherwise collect any Personal Information from any child under the age of 13. We ask that minors under the age of 13 not submit any Personal Information to the Company. If You have reason to believe a child under the age of 13 has provided the Company with any Personal Information, please contact the Company at hello@drmtlgy.com and request that such information be deleted from Our records.
6.5. COOKIES POLICY; HOW YOU CAN DISABLE COOKIES.
6.5.1. What Are Cookies. The Company Website uses cookies, which are tiny files downloaded to Your computer, to improve Your experience. This section describes what information they gather, how We use it and why We sometimes need to store these cookies. We will also share how You can prevent these cookies from being stored, however, this may downgrade or ‘break’ certain elements of a website’s functionality.
6.5.2. How We Use Cookies. We use cookies for a variety of reasons, as described in this Privacy Policy. Unfortunately, in most cases there are no industry standard options for disabling cookies without completely disabling the functionality and features they add to this site. It is recommended that You leave on all cookies if You are not sure whether You need them or not in case they are used to provide a service that You use.
6.5.3. Disabling Cookies. You can prevent certain cookies from being downloaded by adjusting the settings on Your browser or by electing Your preferences in the window that appears when You visit the Company Website. Be aware that disabling cookies will affect the functionality of this and many other websites that You visit. Disabling cookies may also disable certain functions and features of the Company Website.
6.5.4. The Cookies We Use
We use the following cookies. We have listed them so you can choose whether to opt-out.
_session_id, unique token, sessional
_shopify_visit, no data held, Persistent for 30 minutes from the last visit
_shopify_uniq, no data held, expires midnight (relative to the visitor) of the next day
cart, unique token, persistent for 2 weeks
_secure_session_id, unique token, sessional
storefront_digest, unique token, indefinite
We, or Our service providers, use these cookies to: store information about Your session, including any referral source and the first page you visited; track the number of times You visit the Company Website; store the contents of Your online cart; determine if You have access to password-protected portions of the Company Website. If You have signed up for our text messaging program, cookies may be used to personalize Your experience. For example, We may use cookies to send You personalized text messages, such as shopping cart reminders.
7. LINKS TO, AND USE OF, THIRD PARTY SITES OR PROGRAMS.
The Company Website or other Company Programs may now or in the future provide links or other access to Internet websites, forums, or other programs that are not under the Company’s sole control and not solely owned by the Company (collectively referred to as “Third Party Sites”). If a User clicks on a link to, or otherwise gains access to, any such Third Party Site, the User will be transported to one of these Third Party Sites.
THIS PRIVACY POLICY ONLY APPLIES TO THE COMPANY WEBSITE AND THE OTHER COMPANY PROGRAMS DIRECTLY OWNED BY THE COMPANY. THEREFORE, THIS PRIVACY POLICY: (A) DOES NOT DESCRIBE THE PRIVACY POLICIES OF ANY OF THESE THIRD PARTY SITES; AND (B) DOES NOT GOVERN THE COLLECTION OR USE OF YOUR PERSONAL INFORMATION BY THE THIRD PARTY SITES. THE COMPANY IS NOT RESPONSIBLE FOR THE PRIVACY PRACTICES OF ANY OF THESE THIRD PARTY SITES. IF A USER CLICKS ON A LINK TO, OR IS SENT TO A LINK OF, OR OTHERWISE GAINS ACCESS TO, A THIRD PARTY SITE, THE USER SHOULD REVIEW THE PRIVACY STATEMENTS OR POLICIES OF SUCH THIRD PARTY SITES (IF ANY) TO DETERMINE THAT PARTICULAR THIRD PARTY SITES’ PRACTICES WITH REGARD TO THE COLLECTION AND USE OF PERSONALLY IDENTIFIABLE INFORMATION.
WITHOUT LIMITING THE GENERALITY OF THE FOREGOING, EACH USER AGREES THAT IF THE USER USES ANY THIRD PARTY SITES IN ANY WAY, THE USER IS AWARE THAT ANY OF THE USER’S PERSONAL INFORMATION THAT THE USER PROVIDES TO THAT THIRD PARTY SITE MIGHT BE READ, COLLECTED, SHARED, DISTRIBUTED, OR OTHERWISE USED BY OTHER USERS OF THAT THIRD PARTY SITE OR BY ANY OTHER THIRD PARTIES, AND COULD BE USED TO SEND THE USER UNSOLICITED MESSAGES. THE COMPANY IS NOT RESPONSIBLE FOR ANY PERSONAL INFORMATION THAT THE USER ELECTS TO SUBMIT IN, OR OTHERWISE MAKE AVAILABLE TO, THESE THIRD PARTY SITES.
Any link to any Third Party Site from the Company Website or any other Company Program does not imply any endorsement of the privacy practices of such Third Party Site by the Company, and no such Third Party Site is authorized to make any representation or warranty on Our behalf.
8. RIGHTS UNDER THE EUROPEAN UNION’S GENERAL DATA PROTECTION REGULATION (“GDPR”)
Residents of the European Union have the following rights under the General Data Protection Regulation. All capitalized terms used in this section refer to the definitions used in the GDPR.
8.1. DATA SUBJECT RIGHTS UNDER GDPR.
Data Subjects are hereby notified that they have the following rights pursuant to the GDPR:
- The right to determine whether Personal Data has been processed;
- The right to access Personal Data that has been processed;
- The right to obtain information about how Personal Data has been processed, including without limitation: (i) the purpose of the Processing; (ii) the category of Personal Data concerned; (iii) the categories of recipients to whom the Data Subject’s Personal Data has been disclosed; (iv) the planned retention period; (v) the existence of Your right of rectification, deletion, limitation of processing, or opposition; (vi) the existence of a right to complain; (vii) the source of the collection of Personal Data if not collected from Us; (viii) and the existence of automated decision-making including profiling and, where appropriate, meaningful information about their details;
- The right to correct Personal Data stored by Us;
- The right to request the deletion of the Data Subject’s Personal Data stored by Us, subject to certain exceptions;
- The right to restrict the Processing of the Data Subject’s Personal Data if: (i) the accuracy of the Personal Data is disputed; (ii) the Processing of the Personal Data is unlawful, but the Data Subject rejects its deletion; (iii) We no longer need the Personal Data, but the Data Subject requires it to exercise or defend legal claims; or (iv) the Data Subject has objected to the Processing of the Personal Data in accordance with GDPR Article 21;
- The right of the Data Subject to receive his/her Personal Data as provided to Us, in a structured, common, and machine-readable format or to request the transfer to another person responsible;
- The right to withdraw the Data Subject’s consent to Processing of Personal Data; and
- The right of the Data Subject to complain to a Supervisory Authority, as such term is defined in the GDPR. As a general rule, the Data Subject can contact the Supervisory Authority of the Data Subject’s usual place of residence, work, or place of the alleged infringement. You can find Your local Supervisory Authority here https://edpb.europa.eu/about-edpb/about-edpb/members_en
8.2. LEGAL BASIS FOR COMPANY’S PROCESSING OF PERSONAL DATA UNDER GDPR.
The Company may process your Personal Data under the following conditions:
- Consent: You have given Your consent for processing Personal Data for one or more specific purposes.
- Performance of a contract: Provision of Personal Data is necessary for the performance of an agreement with You and/or for any pre-contractual obligations thereof.
- Legal obligations: Processing Personal Data is necessary for compliance with a legal obligation to which the Company is subject.
- Vital interests: Processing Personal Data is necessary in order to protect Your vital interests or of another natural person.
- Public interests: Processing Personal Data is related to a task that is carried out in the public interest or in the exercise of official authority vested in the Company.
- Legitimate interests: Processing Personal Data is necessary for the purposes of the legitimate interests pursued by the Company.
8.3. TRANSFERS OUTSIDE OF THE EEA.
To provide goods and services to You, Your Personal Data may be shared with Our employees outside the European Economic Area (“EEA”) and with Our service providers located outside the EEA. These non-EEA countries do not have the same data protection laws as the United Kingdom and the EEA. We will, however, ensure the transfer complies with applicable data protection laws and that Your Personal Data remains secure. Our standard practice is to use Standard Contractual Clauses that have been approved by the European Commission. If you would like further information, please contact Us or our Data Protection Officer.
8.4. DATA SUBJECT REQUESTS.
Data Subjects may exercise their rights under the GDPR, by submitting a request online at https://www.drmtlgy.com/pages/ccpa-compliance.
9. ADDITIONAL NOTICE TO NEVADA RESIDENTS.
Under Nevada Revised Statutes Chapter 603A (the “Nevada Privacy Act”), Nevada residents who have purchased goods or services from Us may notify Us not to sell their covered personal information. Covered personal information includes first and last name, address, email address, phone numbers, and identifies that allow a specific person to be contacted. If You are a Nevada resident, You may submit a request to us no to sell your covered information by emailing hello@drmtlgy.com.
10. DATA SECURITY.
To protect Your Personal Information, we take reasonable precautions and follow industry best practices to make sure it is not lost, misused, accessed, disclosed, altered or destroyed. Your Personal Information is stored in Shopify’s data storage databases. They store Your Personal Information on a secure server behind a firewall.
If You provide us with Your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored using AES-256 encryption. All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express, and Discover.
Although no method of transmission over the internet is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
11. CHANGES TO THIS PRIVACY POLICY.
We reserve the right to modify this Privacy Policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the Company Website.
12. CONTACT US.
If You have any questions relating to this Privacy Policy, please contact Us at hello@drmtlgy.com or DRMTLGY LLC 20660 Nordhoff St., Chatsworth, CA 91311. You can also contact our Data Protection Officer, Jeff Hurst, by emailing hello@drmtlgy.com, ATTN: Jeff Hurst.
13. SMS Marketing
In addition, you agree to our Messaging Terms (https://terms.pscr.pt/legal/shop/drmtlgy/terms_of_service) and Messaging Privacy Policy (https://terms.pscr.pt/legal/shop/drmtlgy/privacy_policy).