Effective: November 8, 2018
Depending on the Service you use, we may collect different information about you, and additional privacy terms, notices, and/or disclosures may apply to your use of the Services. This policy does not cover data collected by or through third-party websites or services.
Information We Collect and Use
We collect and use personal data directly from our users, customers, prospects and other visitors to our Services inquiring about our offerings or signing up to marketing collateral.
We may collect, use, store and transfer the following types of personal data:
- Identity Data- includes first name, last name, user name or similar identifier, title, date of birth and gender
- Contact Data- includes billing address, delivery address, email address and telephone numbers
- Financial Data- includes bank account and payment card details
- Transaction Data- includes details about payments to and from you and other details of products and services you have purchased from us
- Technical Data- includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website
- Profile Data- includes your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses
- Usage Data- includes information about how you use our website, products and services
- Marketing and Communications Data- includes your preferences in receiving marketing from us and our third parties and your communication preferences
We collect personal data about users and visitors who:
- Create an account. If you create an account, we ask you to provide some basic registration information such as your name and email address. If you're registering on behalf of a company, we may also ask you to provide some details about that company as well.
- Make a purchase. If you choose to make a purchase from us, we ask you to provide billing details such as credit card or ACH information.
- Comment on a blog or report. If you leave a comment on a blog post, that comment will be publicly visible. If you choose to add annotations to your personal background report, your comment will be made available to anyone that you authorize to receive a copy of that report.
- Contact us. If you contact our customer service team, we will collect your contact information, such as phone number or email address, as well as the contents of your communication. We may also collect additional information to help us better assist you, such as technical information about your browser or information about your account with us.
- Interact with our website. If you visit our website, we will collect Technical Data about your equipment, browsing actions and patterns, whether you have an account with us or not. This includes log data, which is automatically generated by your browser every time you request a webpage, and includes your IP address, browser, user, agent, referrer, and the requested webpage. We might also request analytics data, which include cookies and third-party analytics tools like Google Analytics. This information is only used to deliver and market the Services.
Cookies We Use
Good Egg’s website may use the standard technology called a "cookie" to collect information about how you use the website.
Cookies are small data files stored on the hard drive of your computer or mobile device by a website. A cookie file can contain information such as the URL you came from, your computer's IP address (i.e., the Internet address of your computer) and domain type (e.g., .com or .org, etc.), your browser type, the country, state and telephone area code where your server is located, the pages of our website that were viewed during a visit, and any search terms that you entered on our site. We use content and preference cookies (both temporary and persistent).
This information is used for internal purposes only, and we do not link your URL or IP address to any personal data unless you have logged into our website with a Good Egg account login and password. In addition, Good Egg’s website does not allow other parties to collect personally identifiable information about an individual consumer’s online activities over time and across different websites when a consumer uses the Good Egg website.
Third Parties Or Publicly Available Sources
We may receive personal data about you from various third parties and public sources that may be located within the EU, as set out below:
- Technical Data from the following parties:
- analytics providers, such as Google
- website personalization providers
- advertising networks
- Identity and contact data from the following parties:
- search information providers
- publicly available sources
- data brokers or aggregators
- social media lead generation companies
- lead generation companies
- Contact, Financial and Transaction Data from the following parties:
- Payment and delivery services
How We Use Information We Collect From You
Your information is used to provide and improve the Services. That includes operating the website, remembering your preferences, conducting in-house research and development, preventing fraud or abuse, marketing products or services offered by us, our affiliates, or by selected partners to you, and to communicate with you about your use of the Services and address your concerns.
Most commonly, we will use your personal data in the following circumstances:
- When we need it to perform the contract we are about to enter into or have entered into with you
- When necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests
- When necessary to comply with a legal or regulatory obligation
Legal Bases for Processing
The legal bases of our processing of your personal data on our Services are described in the table below.
To provide services
Processing is necessary to provide services to you or to take steps that you request prior to providing those services.
To communicate with you;
For compliance, fraud prevention and safety purposes; or
To create anonymous data for analytics
These processing activities are based on our legitimate interests. We consider and balance potential impact on your rights and do not process your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
To comply with law
Processing is necessary to comply with our legal obligations.
With your consent
Processing is based on your consent. Where we rely on consent, you have the right to withdraw it at any time.
When We Share Your Information
In the following limited circumstances, we may share the information we collect from you:
- With your consent. We may share your information when you give us permission. You have the right to withdraw consent to marketing at any time by contacting firstname.lastname@example.org.
- De-identified and aggregated data. We may share or disclose information we collect after de-identifying and aggregating it so it cannot be linked back to an individual person.
- Fraud and abuse prevention. We may share information associated with activity flagged as fraudulent (including, but not limited to, payment information, email addresses, and unique device identifiers) with our security partners or law enforcement.
- For legal process and emergency situations. We may be required to disclose or preserve for future disclosure your personal data if we believe, after due consideration, that doing so is reasonably necessary to protect Good Egg’s rights or property or to comply with a law, regulation, valid legal process, or to prevent imminent and serious bodily harm to a person, and in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own marketing purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
What happens if I do not provide my personal data?
Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you. In this case, we may have to cancel a product or service you have with us, but we will notify you if this is the case at the time.
Your Rights and Choices
You have the right to access your personal data. You may use your account to access, correct, or change any personal data that is associated with your account. You may also email our Privacy Team at email@example.com if you have provided personal data to us but do not have an account, or if you wish to delete your account entirely. If you request for us to remove your data, we will respond to you within a reasonable timeframe.
You can ask us or third parties to stop sending you marketing messages at any time by logging into the website and checking or unchecking relevant boxes to adjust your marketing preferences or by following the opt-out links on any marketing message sent to you or by emailing firstname.lastname@example.org with the email address you wish to unsubscribe. Where you opt out of receiving these marketing messages, this will not apply to personal data provided to us as a result of the Services you contract us to perform. You will still receive account and billing notices from us, if applicable.
Data Security And Retention
Good Egg is committed to protecting the personal data that Good Egg receives. While we cannot guarantee the security of that information, we utilize a combination of online and offline security technologies, procedures and organizational measures to help safeguard personal data against loss, misuse, and unauthorized access, disclosure, alteration and destruction.
Your information is stored on secure servers in the United States. While we use acceptable industry-standard practices to protect your information, we cannot and do not guarantee that your information will be absolutely secure. Here are a few steps we take to protect your information:
- We implement technical measures to prevent unauthorized access, and keep security patches and software up-to-date
- Employee access to your information is restricted and audited
- Sensitive personal information is stored in encrypted form
- All personal information is encrypted during transfer
Personal Information Disclosure: United States or Overseas
Good Egg does not transfer personal data to third parties outside the United States or its territories, except in cases where such transfer is necessary to fulfill the services you are contracting us or have contracted us to perform. In such cases, only the minimal amount of information that is needed by the third party to complete the services is transmitted. When applicable, personal data is transmitted to third parties in compliance with the data protection laws in the originating country. Where the personal data originates in the EU, transfers can only occur either to a country with adequate data protection laws or pursuant to Privacy Shield, the EU Standard Contractual Clauses, or Binding Corporate Rules.
EU-US Privacy Shield Framework
Good Egg and its affiliate, Foley Carrier Services, LLC (together, "We") participate in the EU-US Privacy Shield Framework regarding the collection, use, and retention of personal information from European Union member countries. Good Egg has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. Foley Carrier Services, LLC also adheres to the Privacy Shield Principles and is covered under Good Egg’s self-certification. To learn more about the Privacy Shield Principles, visit here.
You can review our Privacy Shield registration here. We are subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC). We may be required to disclose personal information that we handle under the Privacy Shield in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Attn: Compliance Manager
2 Huntington Quadrangle, Suite 2S04
Melville, NY 11747
Phone: (631) 557-0112