Last updated: June 13, 2018
Bulletproof Media, Inc. (“Bulletproof” “we”, “us” or “our”), values your privacy. In this Privacy Notice (“Notice”), we describe the personal data that we collect from and about you on our websites, including Bulletproof.com, blog.bulletproof.com, and our other sites on which we post this Notice (collectively, the “Website”) whenever the processing of that personal data is governed by the GDPR. For the purposes of this Notice, personal data means any information relating to an identified or identifiable person. Bulletproof is the controller of any personal data collected from you on our website or elsewhere for the purpose of conducting or developing our business with you.
We collect personal data from you when you visit our Website and from third party sources, such as social networks. Principally we collect and process your personal data to provide you products and services that you request. We also collect and process your personal data in order to send you marketing communications. In some cases, we will use your personal data together with information (including personal data) collected from your device and from third parties in order to predict the products and services that most interest you. All of your personal information will be transferred and processed in the U.S., where we are located. In all cases, you have certain rights to control your personal data; you can read more about those rights by clicking here.
Collection of Information
We collect personal data and other information directly from you and about you when you visit our Website, use the services on our Website, or otherwise contact us.
Personal Data We Collect Directly From You: We collect personal data directly from you for instance when you:
The type of information that we collect from you depends on your particular interaction with our Website, and will include: your e-mail address, name, marital status, home or work address or telephone number. If you email us (or contact us otherwise), we may retain a record of such email (or other) communication (including attachments), including your email address, name, content of your email and our response. If you make a purchase from us, we also will collect your payment information (e.g., credit card information, billing name and address) in order to process the transaction. You also may choose to provide us with demographic information, such as your ZIP code, gender, preferences, interests and favorites.
Personal data requested on a form is required in order to fulfill your request or perform our contractual obligations to you. If you do not provide such personal data, we will be unable to respond to your request or perform our obligations to you.
Information We Collect Automatically: We, and our third party service providers, also automatically collect and record personal data and information about your use of our Website through cookies, web beacons, and other tracking technologies, including: your:
We use this information primarily to maintain quality of the service, and to understand how you use our Website. We also may use this information to generate general statistics regarding use of this Website. We may combine this information with other information that we collect about you. We also collect information when you view content on or otherwise interact with our Website, even if you have not created an account. For more detailed information about the various tracking technologies we use and how they work, please see below.
Information We Collect from Social Networking Sites and other Third Parties: If you choose to log into our services through Facebook Connect, we will request your permission to collect from Facebook the following information about you: your e-mail address, name, profile picture, cover photo, friends, gender, networks (e.g., school), age range, language, country, and other information that you have chosen to make public. Please note that where you chose to provide social networks with your personal data and information, these third party social networks, not we, control how they use and share your information. We may append this information to other information that we collect about you. If you “like” us on Facebook, we also may collect your email address. If you want to disconnect social media links, please contact us as indicated in Contact. You should consult the networks’ respective privacy policies for information about their practices.
User Generated Content
We invite you to participate in our forums. If you choose to post a comment, your user name, city, and any other information that you choose to post will be visible to all visitors to the Website. We are not responsible for the privacy of any information that you choose to post to our Website, including in our blogs and forums, or for the accuracy of any information contained in those postings. Any information that you disclose becomes public information. We cannot prevent such information from being used in a manner that may violate this Notice, the law or your personal privacy. You may contact us at any time at email@example.com if you wish to remove or rectify the information you provided.
Cookies and Other Tracking Technologies
Do Not Track
Our Site does not respond to Do Not Track signals and we (either directly or through third party service providers) may track your activities once you leave our Website. You may however disable certain tracking as discussed in this Notice (e.g., by disabling cookies).
You may opt-out of many third-party ad networks. The website www.youronlinechoices.eu provides information about how to turn off certain ads served by participating companies in the European Interactive Digital Advertising Alliance (“EDAA”). The website http://www.networkadvertising.org/optout_nonppii.asp provides information regarding this practice by Network Advertising Initiative (“NAI”) members, and your choices regarding having this information used by these companies, including how to “opt-out” of third-party ad networks operated by NAI members. You also may contact Direct Advertising Alliance (“DAA”) at http://www.aboutads.info/choices/ for information about opting out of targeted advertising and your choices regarding having information used by DAA member companies, including how to “opt-out” of third-party ad networks operated by DAA members. Opting out of one or more members or participating companies (many of which will be the same) only means that those members no longer will deliver targeted content or ads to you, but it does not mean you will no longer receive any targeted content or ads on our Website or other websites. You may continue to receive advertisements, for example, based on the particular website that you are viewing. Also, if your browsers are configured to reject cookies when you visit this opt-out page, or you subsequently erase your cookies, use a different computer or change web browsers, your opt-out may no longer be effective. Additional information is available at the above links.
Our Website may contain links to third-party websites. Any access to and use of such linked third-party websites is not governed by this Notice but instead is governed by the privacy policies of those third-party websites.
We encourage you to review the privacy statements of websites you choose to link to from this Website so that you can understand how those other websites collect, use and share your information. We are not responsible for the privacy statements or other content on websites other than this Website.
Reasons and Lawful Grounds for Use of Your Personal Data
Whenever we process your personal data, it is justified by a ‘lawful ground’. The lawful grounds and reasons why we process Personal Data are as follows:
Lawful ground – To perform a contract with you or take pre-contractual steps at your request:
Lawful ground – Our legitimate interests:
When the lawful ground is our legitimate interests, those interests are to process Website visitor data to conduct, develop and grow our business activities with customers, visitors and with others, and to improve our services and profitability, while limiting the use of personal data to those purposes that strictly support the conduct and development of our business as described in this Notice.
Lawful ground – When we are required to comply with an EU law:
We may share your information, including your personal data, with the following entities and in the following situations:
Transfers of Personal Data
We are located in the US, and your personal data will be transferred to the US in order to perform the terms of our agreement with you. The US does not benefit from a decision of the European Commission finding that it provides adequate protection to personal data, so we have unilaterally adopted European Commission approved Standard Contractual Clauses (2004 version) and we will abide by both the data exporter and data obligations set forth in those Clauses. When your personal data is transferred to our third party service providers in the US, we will take steps to ensure that your personal data receives the same level of protection as if it remained within the EU, including by entering into data transfer agreements using the European Commission approved Standard Contractual Clauses, or by relying on certification schemes such as the EU – US Privacy Shield. You have a right to obtain details of the safeguards applied to your personal data when transferred to the US, including a copy of the Standard Contractual Clauses that we have adopted, by contacting: firstname.lastname@example.org.
Where your personal data is subject to restriction we will only process it with your consent or for the establishment, exercise or defense of legal claims.
Please contact us at email@example.com if you wish to exercise any of your rights, or if you have any enquiries or complaints regarding the processing of your personal data.
Please note that certain services will not be available if you withdraw your consent, or otherwise delete or object to our processing of certain personal data.
We have taken certain steps to help protect the information we collect about you from loss, misuse, unauthorized access, disclosure, alteration, and destruction. Please note that no method of transmission over the Internet, or method of electronic storage, is 100% secure, however. Therefore, we cannot guarantee its absolute security.
We encourage you to take steps to protect your information against unauthorized access to your account by, among other things, choosing a robust password that nobody else knows or can easily guess and keeping your log-in and password private. We are not responsible for any lost, stolen, or compromised passwords or for any activity on your account via unauthorized password activity.
Our Website is not designed for children under eighteen (18) years of age and we do not knowingly collect their personal data. If we discover that a child under eighteen (18) has provided us with personal data, we will delete such information from our systems. If you are under the age of 18 years and you have provided personal data, please ask your parent(s) or guardian(s) to notify Bulletproof, and we will delete all such personal data.
If you have any questions about security on this Website or wish to exercise your data subject rights, you can contact us at any time, free of charge at firstname.lastname@example.org.
Notice of Privacy Statement Changes
We may update this Notice to reflect changes to our privacy practices. If we make any material changes we will notify you by email (sent to the email address specified in your account) or post the updated Notice prominently on this Website. We encourage you to periodically review this page for the latest information on our privacy practices.