The privacy and protection of your data is a big deal to us, and so is being transparent about how we collect, use, store and disclose information about you. This policy is intended to help you understand:
Our Privacy Principles
We take steps intended to meet and exceed privacy principles and requirements with respect to Personal Information under applicable Canadian privacy legislation. The Policy explains to our Members (“you” or “your”) how we collect, use, store, disclose and protect your Personal Information. Personal Information is information about an identifiable individual, as more particularly described under applicable privacy legislation. The Policy applies to our collection, use and disclosure of personal information in Canada. The Policy does not apply to information about our employees, information that is not Personal Information or information we collect by means or from other sources other than through the Service or our Site. Please note that this policy does not extend to information that you may provide to us or that we might acquire by other means than through our Site, such as by email or through any webpage operated by third parties, including the Facebook group.
Information We Collect
We collect information about you when you provide it to us, when you use our Site, and when other sources provide it to us, as further described below.
Information You Provide to Us
Account and Profile Information. We ask for Personal Information such as your name and email address when you inquire about, request or register for a Member account with That Clean Life or if you have correspondence with us. We may also ask for other demographic information. We keep track of your preferences when you select settings within our Site. We may also retain any messages you send to us and may collect information you provide in your Member account page.
Content You Provide Through Our Site. This content includes any information about you that you may choose to include. Content also includes the photos and links you upload to the Site. Examples of content we collect and store include: the name of a plan, recipe, business, or collection, descriptions of plans or collections, comments you enter on a recipe, recipe image uploads, or avatar and business logo uploads.
Content You Provide Through Our Websites. We collect other content that you submit to social media or social networking websites operated by us. For example, you provide content to us when you provide feedback or when you participate in any surveys, contests, promotions, sweepstakes, activities or events.
Information You Provide Through Our Support Channels. You may choose to submit information regarding a problem you are experiencing with our Site. Whether you open a support ticket, speak to one of our team members directly or otherwise engage with our support team, you will be asked to provide contact information, a summary of the problem you are experiencing, and any other documentation, screenshots or information that would be helpful in resolving the issue.
Payment Information. If you sign up for a monthly or yearly membership, we will ask for additional information, such as your credit card number and billing address.
Information We Collect Automatically When You Use Our Site
Your Use of Our Site. We keep track of certain information about you when you visit and interact with our Site. This information includes the features you use; the recipes, plans, collections you edit; the images you upload to the Site.
Device and Connection Information. We collect information about your computer, phone, tablet, or other devices you use to access the Site. This device information includes your connection type and settings when you use our Site. We also collect information through your device about your operating system, browser type, IP address, duration of your visits, URLs of referring/exit pages, device identifiers, as well as the web pages you consulted. How much of this information we collect depends on the type and settings of the device you use to access our Site. You can learn more about how Mixpanel collects data when you access our Site here.
Information We Receive From Other Sources
Other Users of Our Site. Other users of our Site may provide information about you when they submit content through the Site. For example, you may be mentioned by someone else on a comment. We also receive your email address from other Site users when they provide it in order to deliver you recipes and plans via the Site.
Use of Information
How we use the information we collect depends in part on how you use our Services, and any preferences you have communicated to us. Below are the specific purposes for which we use the information we collect about you.
To Provide the Services and Personalize Your Experience. We use information about you to provide the Services to you, including to process transactions with you, authenticate you when you log in, provide customer support, and operate and maintain the Site.
For Research and Development. We use collective learnings about how people use our Site and feedback provided directly to us to troubleshoot and to identify trends, usage, activity patterns and areas for improvement of the Site. For example, we used information collected about how users favourite recipes from within the product to design a better, more user-friendly Collections feature.
To Communicate with You About the Services. We use your contact information to send transactional communications via email and within the Services, including confirming your purchases, reminding you of membership cancellations, responding to your comments, questions and requests, providing customer support, and sending you technical notices, updates, security alerts, and administrative messages. Depending on your settings, we send you email notifications when you or others interact on the Services, for example, when you are @mentioned on a recipe. We also send you communications as you onboard to help you become more proficient in using the Site. These communications are part of the Services and in most cases you cannot opt out of them. If an opt out is available, you will find that option within the communication itself.
To Market, Promote, and Drive Engagement with the Site. We use your contact information and information about how you use the Site to send promotional communications that may be of specific interest to you, including by email and by displaying ads on platforms like Facebook. These communications are aimed at driving engagement and maximizing what you get out of the Services, including information about new features, survey requests, newsletters, and events we think may be of interest to you. We also communicate with you about special offers, or other updates related to the membership or Services your inquired about. You can control whether you receive these communications as described below under Opt-out of communications.
Customer Support. We use your information to resolve technical issues you encounter, to respond to your requests for assistance, and to repair and improve the Site.
For Safety and Security. We use information about you and your Service use to verify accounts and activity, to monitor suspicious or fraudulent activity and to identify violations of Service policies.
To Protect Our Legitimate Business Interests and Legal Rights. Where required by law or where we believe it is necessary to protect our legal rights, interests and the interests of others, we use information about you in connection with legal claims, compliance, regulatory, and audit functions, and disclosures in connection with the acquisition, merger or sale of a business.
With Your Consent. We use information about you where you have given us consent to do so for a specific purpose not listed above. For example, we may publish testimonials or featured customer stories to promote the Services, with your permission.
Sharing of Information
We share information we collect about you in the ways discussed below, including in connection with possible business transfers, but we are not in the business of selling information about you to advertisers or other third parties.
Sharing With Other Service Users
Community Forums. Our websites offer publicly accessible blogs. You should be aware that any information you provide in these websites - including profile information associated with the account you use to post the information - may be read, collected, and used by any member of the public who accesses websites. Your posts and certain profile information may remain even after you terminate your account. We urge you to consider the sensitivity of any information you input into these Services. To request removal of your information from publicly accessible websites operated by us, please contact us as provided below. In some cases, we may not be able to remove your information, in which case we will let you know if we are unable to and why.
Sharing With Third Parties
Service Providers. We work with third-party service providers to provide website and application development, hosting, maintenance, backup, storage, virtual infrastructure, payment processing, analysis and other services for us, which may require them to access or use information about you. If a service provider needs to access information about you to perform services on our behalf, they do so under instruction from us, including abiding by policies and procedures designed to protect your information.
Links to Third-Party Sites. The Services may include links that direct you to other websites or services whose privacy practices may differ from ours. Your use of and any information you submit to any of those third-party sites is governed by their privacy policies, not this one.
With Your Consent. We share information about you with third parties when you give us consent to do so. For example, we often display personal testimonials of satisfied customers on our public websites. With your consent, we may post your name alongside the testimonial. Consent to the collection, use and disclosure of personal information may be given in various ways. Consent can be express or implied. You may provide us with consent in circumstances where notice has been provided to you about our intentions with respect to your personal information and you have not withdrawn your consent for an identified purpose. By providing That Clean Life with Personal Information, you consent to our collection, use and disclosure of such information for the purposes described above or otherwise at the time of collection. You may withdraw your consent to our collection, use and disclosure of your Personal Information at any time, subject to contractual and legal restrictions and reasonable notice. Note that if you withdraw your consent to certain uses of your Personal Information, we may no longer be able to provide you with certain services (including, but not limited to, the Service).
Compliance With Enforcement Requests and Applicable Laws; Enforcement of Our Rights. We will share information where required to do so by law or subpoena or if we reasonably believe that such action is necessary to (1) conform to the law, comply with legal process served on us or our affiliates, or investigate, prevent, or take action regarding suspected or actual illegal activities; (2) to enforce the Terms, take precautions against liability, to investigate and defend ourselves against any claims or allegations, to assist government enforcement agencies, or to protect the security or integrity of our Site; and/or (3) to exercise or protect the rights, property, or personal safety of That Clean Life, our Members or others. Additionally, That Clean Life may disclose information as necessary to meet legal, regulatory, insurance, audit, and security requirements, and as otherwise with your consent or as permitted or required by law (including as required by applicable Canadian and foreign laws applicable to That Clean Life or our agents and service providers, and including lawful requirements to disclose Personal Information to government authorities in those countries).
Sharing With Affiliated Companies
Business Transfers. We may use and disclose information to parties connected with the proposed or actual financing, securitization, insuring, sale, assignment or other disposal of all or part of That Clean Life or our business or assets, for the purposes of evaluating and/or performing the proposed transaction. Assignees or successors of That Clean Life or our business or assets may use and disclose information for similar purposes as those described in this Policy. You will be notified via email and/or a prominent notice on the Services if a transaction takes place, as well as any choices you may have regarding your information.
Storage of Information
Information Storage and Security
We use data hosting service providers in the United States to host the information we collect, and we use technical measures to secure your data. While we implement safeguards designed to protect your information, no security system is impenetrable and due to the inherent nature of the Internet, we cannot guarantee that data, during transmission through the Internet or while stored on our systems or otherwise in our care, is absolutely safe from intrusion by others. We will respond to requests about this within a reasonable timeframe. Since ThatCleanLife cannot certify under the Privacy Shield as we are not US-based, we rely on the security, policy, safeguards, and Privacy Shield certification achieved by our vendors to meet data storage protection requirements. For more information, please see Security.
How Long We Keep Information
How long we keep information we collect about you depends on the type of information, as described in further detail below. After such time, we will either delete or anonymize your information or, if this is not possible (for example, because the information has been stored in backup archives), then we will securely store your information and isolate it from any further use until deletion is possible.
Account Information. We retain your account information until you delete your account. We also retain some of your information as necessary to comply with our legal obligations, to resolve disputes, to enforce our agreements, to support business operations and to continue to develop and improve our Services. Where we retain information for Service improvement and development, we take steps to eliminate information that directly identifies you, and we only use the information to uncover collective insights about the use of our Services, not to specifically analyze personal characteristics about you.
Marketing Information. If you have elected to receive marketing emails from us, we retain information about your marketing preferences unless you specifically ask us to delete such information. We retain information derived from cookies and other tracking technologies for a reasonable period of time from the date such information was created.
Access and Control of Information
You have the right to request a copy of your information, to object to our use of your information (including for marketing purposes), to request the deletion or restriction of your information, or to request your information in a structured, electronic format. Below, we describe the tools and processes for making these requests. You can exercise some of the choices by logging into the Services and using settings available within the Services or your account. For all other requests, please contact us as provided below.
Access and Update Your Information. Our Services give you the ability to access and update certain information about you from within the Site. For example, you can access your profile information from your account. You can update your profile information within your profile settings and modify content that contains information about you using the editing tools associated with that content.
Cancel Membership. You may cancel your membership to the Services through your account settings at anytime. Please be aware that canceling your membership does not delete your information from the Site; your information remains visible to other Service users based on your past participation within the Site. For more information on how to delete your information, see below.
Delete Your Information. Our Services give you the ability to delete certain information about you from within the Site. For example, you can remove content that contains information about you using the editing tools associated with that content and you can remove certain profile information within your profile settings. Please note, however, that we may need to retain certain information for record keeping purposes, to complete transactions or to comply with our legal obligations.
Request That We Stop Using Your Information. In some cases, you may ask us to stop accessing, storing, using and otherwise processing your information where you believe we don't have the appropriate rights to do so. For example, if you created a Services account for demo purposes, you can request that we delete your account as provided in this policy. Where you gave us consent to use your information for a limited purpose, you can contact us to withdraw that consent, but this will not affect any processing that has already taken place at the time. You can also opt-out of our use of your information for marketing purposes by contacting us, as provided below. When you make such requests, we may need time to investigate and facilitate your request. If there is a delay or dispute as to whether we have the right to continue using your information, we will restrict any further use of your information until the request is honored or the dispute is resolved, provided your administrator does not object (where applicable).
Opt Out of Communications. You may opt out of receiving promotional communications from us by using the unsubscribe link within each email, updating your email preferences within your Service account settings, or by contacting us as provided below to have your contact information removed from our promotional email list or database.
Data Portability. Data portability is the ability to obtain some of your information in a format you can move from one service provider to another (for instance, when you transfer your mobile phone number to another carrier). Depending on the context, this applies to some of your information, but not to all of your information. Should you request it, we will provide you with an electronic file of your basic account information and the information you create, like your own recipes and plans.
ThatCleanLife is incorporated in Canada. Information collected via our Site, through direct interactions with you, or from use of our Services may be transferred from time to time to third parties, located throughout the world, and may be hosted anywhere in the world, including countries that may not have laws of general applicability regulating the use and transfer of such data. To the fullest extent allowed by applicable law, by using any of the above, you voluntarily consent to the trans-border transfer and hosting of such information.
We are committed to protecting the privacy of children. Our Service is not designed for or directed to children under the age of 18. We do not collect personal information from any person we actually know is under the age of 18. If we become aware that a child under 18 has provided us with personal information, we will take steps to delete such information. If you become aware that a child has provided us with personal information, please contact us as provided below.
We take intelligent steps to protect your Personal Information using physical, electronic or procedural security measures appropriate to the sensitivity of the information in our custody or control.
All data is encrypted via SSL/TLS when transmitted from our servers to your browser. The database backups, which occur every 24 hours, are also encrypted. Our software infrastructure is updated regularly with the latest security patches. All network requests, successful and unsuccessful, are logged. All log data is encrypted and unified, enabling secure access to full historical network activity records.
Our infrastructure is hosted in the US with Heroku, a Salesforce company. More information about their Privacy Shield certification can be found here.
We also store data in US data centers with Amazon Web Services (AWS). More information about their Privacy Shield certification can be found here.
We never store your credit card information on our servers. All credit card transactions are done through Stripe which forces HTTPS for all services in addition to encrypting on disk all credit card numbers with AES-256. For further detailed information please read our Attestation of Compliance, SAQ A, Version 3.0.
Additionally, we use other third-party subprocessors to provide our Services. These third parties have access to your personal data only to perform specific tasks on our behalf and are obligated not to disclose or use it for any other purpose. We ensure each subprocessor has instituted safeguards everywhere personal data is processed:
- Mixpanel, Product Analytics Software;
- Help Scout, Customer Service Software;
- Sentry, Error Tracking Software;
- Papertrail, Log Management Software;
- Mailgun, Transactional Email API Service;
- ProfitWell, SaaS Metrics Software;
- LeadDyno, Affiliate Marketing Software;
- Zapier, Task Automation Software.
- Wistia, Video Hosting Software.
- Transistor, Podcast Hosting Software.
Security isn't just about technology, it's about trust. Over the past few years we've worked hard to earn the trust of over tens of thousands of users worldwide. We'll continue to work hard every day to maintain that trust. Longevity and stability is core to our mission at ThatCleanLife.
We reserve the right, at our sole discretion, to modify, alter or replace any part of the Policy without prior notice. Your continued use of our website and application after the changes constitutes your acceptance of the changes. Additional features on the website and/or the Service are subject to the Policy. It is your responsibility to review the Policy periodically for changes.
If you wish to make inquiries or complaints or have other concerns about our personal information practices, you may email us at firstname.lastname@example.org.