What we collect.
We collect data that could be defined as “personal information” pursuant to the California Consumer Privacy Act of 2018 (“CCPA”).
Why we collect it.
We collect only that information necessary to comply with applicable laws and provide the services offered on this website and in our stores. We do not “sell” personal information within the traditional meaning of that word but do disclose or transmit certain categories of personal information for a business purpose.
What we don’t collect.
We don’t collect data from children under age 13 unless expressly approved by a parent/guardian and we don’t collect biometric data from customers.
How we share the information we collect.
We only share the information we collect in order to provide the services offered on this website or at our facilities, to comply with your requests, and with our vendors. ActiveCampaign, Avochato, HubSpot, MailChimp, I Heart Jane, Mj Platform, and Sprout Policies.
How to request deletion or data transfer.
Contact us. Provide specific detail (your name, email, customer number) to us at the following because we can only use what you provide.
Phone: 1 (888) 914-9661 PIN 228983
Email: [email protected] and write “Do Not Sell My Information” on the subject line.
Postal Address: 1201 Vine Street, #201, Healdsburg, CA 95448, ATTENTION: PRIVACY
Effective Date: January 1, 2020
Last reviewed and updated on: February 17, 2021
Information We Collect
Our Website collects information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (“personal information“). Specifically, Company, through Its website, apothecarium.com (“Website”), and/or on forms completed and submitted by consumers, has collected the following categories of personal information from its consumers within the last twelve (12) months:
A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.
2. Personal information categories listed in the California Customer Records statute.
A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.
3. Protected classification characteristics.
Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).
4. Commercial purchasing information.
Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
5. Biometric information.
Genetic, physiological, behavioral, and biological characteristics, or other identifier or identifying information, sleep, health, or exercise data.
6. Internet or network activity.
Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.
7. Geolocation data.
Physical location or movements.
8. Information Typically Detected by the Senses.
Audio, electronic, visual, or similar information.
9. Professional or employment-related information.
Current or past job history, or performance evaluations (employees only).
10. Non-public education information.
Education records directly related to a student and maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.
11. Inferences drawn from the above personal information.
Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
*Some personal information may fall into multiple categories.
Personal information does not include:
Company obtains the categories of personal information listed above from the following categories of sources:
Use of Personal Information
We may use, or disclose the personal information we collect for one or more of the following business purposes:
Company will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice. Such notice may be posted here.
Sharing Personal Information
The CCPA defines the sale of personal information as the “selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer’s personal information by the business to another business or a third party for monetary or other valuable consideration.”
We do not sell personal information within the traditional meaning of that word but we have collected and disclosed or transmitted the foregoing categories of personal information for valid business purposes. When we disclose personal information for a business purpose, we do so pursuant to a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract.
We share your personal information with the following categories of third parties:
Your Rights and Choices
You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and verify your request we will disclose to you:
Subject to certain exceptions you have the right to request that Company delete any of your personal information that we collected from you and retained. Once we receive verify your request we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.
We will deny your deletion request if retaining the information is necessary for us or our service provider(s) to:
If you have any questions or comments about this notice, the ways in which The Apothecarium collects and uses your information, your choices and rights regarding such use, or wish to exercise the access, data portability, opt-out or deletion rights described above, please do not hesitate to contact us.
Contact Information – DNS Request
To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us via one of the following:
Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child. PLEASE NOTE that we DO NOT PERMIT persons under the age of 21 to access our website and those under the age of 21 (or 18 with a valid doctor’s recommendation) to access our premises. To the extent we collect personal information from any person aged 14 to 16 years that information is only collected with the express written consent of the individual. To the extent we collect personal information from any person aged 13 years or fewer that information is only collected with the express written consent of his/her/their parent or guardian.
You may only make a request for access or data portability twice within a 12-month period. The verifiable request must:
We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. We will only use personal information provided in a verifiable request to verify the requestor’s identity or authority to make the request.
We endeavor to respond to a verifiable request within forty-five (45) days of its receipt. If we require more time, we will inform you of the reason and extension period in writing.
Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
Other California Privacy Rights
California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of our Website that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please contact us via:
Changes to Our Privacy Notice
This Policy applies to The Apothecarium and its parent, subsidiaries, and affiliates. The Apothecarium reserves the right to amend this privacy notice at our discretion and at any time. When we make changes to this privacy notice, we will post the updated notice on the Website and update the notice’s effective date. Your continued use of our Website following the posting of changes constitutes your acceptance of such changes.