Effective: May 1, 2020
Depending on the Service you use, we may collect different information about you, and additional privacy terms, notices, and/or disclosures may apply to your use of the Services. This policy does not cover data collected by or through third-party websites or services.
Information We Collect and Use
We collect and use personal data directly from our users, customers, prospects and other visitors to our Services inquiring about our offerings or signing up to marketing collateral.
We may collect, use, store and transfer the following types of personal data:
- Identity Data- includes first name, last name, username or similar identifier, title, date of birth and gender
- Contact Data- includes billing address, delivery address, email address and telephone numbers
- Financial Data- includes bank account and payment card details
- Transaction Data- includes details about payments to and from you and other details of products and services you have purchased from us
- Technical Data- includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website
- Profile Data- includes your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses
- Usage Data- includes information about how you use our website, products and services
- Marketing and Communications Data- includes your preferences in receiving marketing from us and our third parties and your communication preferences
We collect personal data about users and visitors who:
- Create an account. If you create an account, we ask you to provide some basic registration information such as your name and email address. If you're registering on behalf of a company, we may also ask you to provide some details about that company as well.
- Make a purchase. If you choose to make a purchase from us, we ask you to provide billing details such as credit card or ACH information.
- Comment on a blog or report. If you leave a comment on a blog post, that comment will be publicly visible. If you choose to add annotations to your personal background report, your comment will be made available to anyone that you authorize to receive a copy of that report.
- Contact us. If you contact our customer service team, we will collect your contact information, such as phone number or email address, as well as the contents of your communication. We may also collect additional information to help us better assist you, such as technical information about your browser or information about your account with us.
Interact with our website. If you visit our website, we will collect Technical Data about your equipment, browsing actions and patterns, whether you have an account with us or not. This includes log data, which is automatically generated by your browser every time you request a webpage, and includes your IP address, browser, user, agent, referrer, and the requested webpage. We might also request analytics data, which include cookies and third-party analytics tools like Google Analytics. This information is only used to deliver and market the Services.
Cookies We Use
Good Egg’s website may use the standard technology called a "cookie" to collect information about how you use the website.
Other than aggregate cookie or tracking information, none of the information you provide us will ever be sold or rented to anyone outside Good Egg. Nor will your information be shared with anyone other than our preferred providers.
The only exception is when we have to share information with government agencies or other companies who are assisting us in fraud prevention or an investigation. We may do so when (1) permitted or required by law, (2) trying to protect against or prevent actual or potential fraud or unauthorized transactions or (3) investigating fraud which has already taken place.
Third Parties Or Publicly Available Sources
We may receive personal data about you from various third parties and public sources that may be located within the EU, as set out below:
- Technical Data from the following parties:
- analytics providers, such as Google
- website personalization providers
- advertising networks
- Identity and contact data from the following parties:
- search information providers
- publicly available sources
- data brokers or aggregators
- social media lead generation companies
- lead generation companies
- Contact, Financial and Transaction Data from the following parties:
- Payment and delivery services
How We Use Information We Collect From You
Your information is used to provide and improve the Services. That includes operating the website, remembering your preferences, conducting in-house research and development, preventing fraud or abuse, marketing products or services offered by us, our affiliates, or by selected partners to you, and to communicate with you about your use of the Services and address your concerns.
Most commonly, we will use your personal data to engage in a conversation with you, our prospective client. By voluntarily submitting your information to our website, we assume that you would like us to contact you about the services we provide. In an extremely rare circumstance, the law may compel us to disclose your information to a law enforcement agency, national security agency, the court, or other public body in a jurisdiction to which we are subject to the law. However, if Good Egg is compelled to disclose your information, we will consider your interests, our business interest, the interests of our clients, public safety implications, and our legal obligations.
Also, your information will not be reused for a new purpose. It shall only be used for the original purpose for which it was collected, unless any of the following is true:
- The purpose of the new use is compatible with the purpose of its original use,
- You have been notified of the new use and been given the opportunity to object to its new use, or
- The new use is otherwise permitted or compelled by law.
Legal Bases for Processing
The legal bases of our processing of your personal data on our Services are described in the table below.
To provide services
Processing is necessary to provide services to you or to take steps that you request prior to providing those services.
To communicate with you;
For compliance, fraud prevention and safety purposes; or
To create anonymous data for analytics
These processing activities are based on our legitimate interests. We consider and balance potential impact on your rights and do not process your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
To comply with law
Processing is necessary to comply with our legal obligations.
With your consent
Processing is based on your consent. Where we rely on consent, you have the right to withdraw it at any time.
When We Share Your Information
In the following limited circumstances, we may share the information we collect from you:
- With your consent. We may share your information when you give us permission. You have the right to withdraw consent to marketing at any time by contacting email@example.com.
- De-identified and aggregated data. We may share or disclose information we collect after de-identifying and aggregating it so it cannot be linked back to an individual person.
- Fraud and abuse prevention. We may share information associated with activity flagged as fraudulent (including, but not limited to, payment information, email addresses, and unique device identifiers) with our security partners or law enforcement.
- For legal process and emergency situations. We may be required to disclose or preserve for future disclosure your personal data if we believe, after due consideration, that doing so is reasonably necessary to protect Good Egg’s rights or property or to comply with a law, regulation, valid legal process, or to prevent imminent and serious bodily harm to a person, and in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own marketing purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions
What happens if I do not provide my personal data?
Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you. In this case, we may have to cancel a product or service you have with us, but we will notify you if this is the case at the time.
Your Rights and Choices
You have the right to access your personal data. You may use your account to access, correct, or change any personal data that is associated with your account. You may also email our Privacy Team at firstname.lastname@example.org if you have provided personal data to us but do not have an account, or if you wish to delete your account entirely. If you request for us to remove your data, we will respond to you within a reasonable timeframe.
You can ask us or third parties to stop sending you marketing messages at any time by logging into the website and checking or unchecking relevant boxes to adjust your marketing preferences or by following the opt-out links on any marketing message sent to you or by emailing email@example.com with the email address you wish to unsubscribe. Where you opt out of receiving these marketing messages, this will not apply to personal data provided to us as a result of the Services you contract us to perform. You will still receive account and billing notices from us, if applicable.
Data Security And Retention
Good Egg is committed to protecting the personal data that Good Egg receives. While we cannot guarantee the security of that information, we utilize a combination of online and offline security technologies, procedures and organizational measures to help safeguard personal data against loss, misuse, and unauthorized access, disclosure, alteration and destruction.
Your information is stored on secure servers in the United States. While we use acceptable industry-standard practices to protect your information, we cannot and do not guarantee that your information will be absolutely secure. Here are a few steps we take to protect your information:
- We implement technical measures to prevent unauthorized access, and keep security patches and software up-to-date
- Employee access to your information is restricted and audited
- Sensitive personal information is stored in encrypted form
- All personal information is encrypted during transfer
While we have measures implemented to prevent unauthorized access ranging from maintaining a properly trained staff to technical protocols layered into the system, we may encounter unauthorized access since there is no security measure that is 100% effective. Good Egg is not responsible for the unauthorized use of your information nor for any lost, stolen, or compromised passwords or other authentication information, or for any activity on your account via unauthorized activity. WE EXPRESSLY DISCLAIM ANY REPRESENTATION OR WARRANTY, WHETHER EXPRESS OR IMPLIED, WITH RESPECT TO ENSURING, GUARANTEEING, OR OTHERWISE OFFERING ANY DEFINITIVE PROMISE OF SECURITY IN CONNECTION WITH YOUR INFORMATION OR TECHNICAL INFORMATION.
Personal Information Disclosure: United States or Overseas
Good Egg does not transfer personal data to third parties outside the United States or its territories, except in cases where such transfer is necessary to fulfill the services you are contracting us or have contracted us to perform. In such cases, only the minimal amount of information that is needed by the third party to complete the services is transmitted. When applicable, personal data is transmitted to third parties in compliance with the data protection laws in the originating country. Where the personal data originates in the EU, transfers can only occur either to a country with adequate data protection laws or pursuant to Privacy Shield, the EU Standard Contractual Clauses, or Binding Corporate Rules.
EU-US Privacy Shield Framework
Good Egg complies with the EU-US Privacy Shield Framework. To learn more information and to view our commitment, click here.
California Consumer Privacy Act
The California Consumer Privacy Act (CCPA) provides Californian residents with certain consumer rights. To learn more about your rights and the information we collect, click here.
Attn: Compliance Counsel
2 Huntington Quadrangle, Suite 2S04
Melville, NY 11747
Phone: (631) 557-0112
Effective Date: May 24, 2019
Last Updated: May 1, 2020. Some of these updates include:
- Expanded Cookies policy
- Additional guidance on the CCPA
- Easy-to-access Privacy Shield disclosure