CertClean – PRIVACY POLICY

Last Updated: January 11, 2022 Hello! We are CertClean Inc. (“CertClean”, “Clean Beauty Awards”, “we,” “us,” or “our”), and thank you for your interest in becoming a user and member of the CertClean and or Clean Beauty Awards community. CertClean takes great care to protect your private and personal information under applicable legislation. Before entering CertClean’s Clean Beauty Awards program, please read and understand our Privacy Policy, which tells you what personal information we collect about you, how we use that personal information, how this information may be shared, and what choices and rights you have with respect to this information. Our Privacy Policy applies to your access and use of all CertClean services and content, which includes the CertClean website at [https://www.CertClean.com](https://www.certclean.com/), and CertClean’s Clean Beauty Awards website at https://www.CleanBeautyAwards.com (collectively, the “Services”). CertClean is headquartered in Guelph, Ontario and our Services are provided to you by CertClean Inc. If you are a resident of the European Union (“EU”), CertClean Inc. is the controller of your personal data for the purposes of the EU data protection legislation. This policy was originally written in English. To the extent a translated version conflicts with the English version, the English version governs. Unless indicated otherwise, this Privacy Policy does not apply to third party products or services or the practices of companies that we do not own or control, including other companies you might interact with on or through the Services. ### 1. WE COLLECT, USE, SHARE AND OTHERWISE PROCESS INFORMATION CertClean relies on a number of legal bases to collect, use, share, and otherwise process the information we have about you for the purposes described in this Privacy Policy, including: - as necessary to provide the Services and fulfill what we promised in our Terms of Service. - where you have consented to the processing of your information; - where necessary to comply with a legal obligation, such as a court order or to exercise or defend legal claims; - to protect your vital interests, or those of others, such as in the case of emergencies; - where you have made the information public; - where necessary in the public interest; and - where necessary for the purposes of CertClean or a third party’s legitimate interests, such as those of our service providers and partners. ### 2. OUR LEGITIMATE INTERESTS The legitimate interests of CertClean and our third-party service providers and partners include: - providing and improving the Services. This is necessary to continually provide the Services to you, and to keep developing and improving such Services. - Keeping the Services safe and secure. We do so as it is necessary to ensure the Services are secure, and to protect against fraud, spam and abuse, etc. ### 3. INFORMATION CERTCLEAN COLLECTS ABOUT YOU When you use CertClean, we collect various types of information about you. Some of this information like user accounts and email address, can be used to identify you (“Personally Identifying Information” or “PII”), and some of this information, like activity and log data, cannot be used to identify you (“Non-Personally Identifying Information” or “Non-PII”). The amount and type of personal information we ask for depends on the nature of the interaction. CertClean will only collect such information as is necessary or appropriate to fulfill the purpose of the User’s requested interaction with CertClean. We collect information in a few different ways, including information that you entered when you sign up and from third parties (for example, if you choose to log in with Facebook), Information you provide us We collect information that you provide us, including: - Account and profile information: We collect information you provide us to sign up for an account, such as your name, email, username and password, phone number and address, as well as product information and or brand and or personal biographies and social media handles - Content you submit: We collect information and content that you submit through our site, such as when you submit a new product for inclusion in the Clean Beauty Awards program. - Purchase information: If you purchase products, such as an entry to the Clean Beauty Awards program, we collect certain information in order to process your order, such as phone number, shipping address and payment details (credit card, Paypal information, etc). - Communications: When you communicate with us (via email, etc.), we store a copy of your communications. - Surveys and contests: If you choose to participate in any of our surveys, or promotions, we will collect the information you provide us at that time. Such information is generally considered to be personally identifying information. ### Information from third parties We collect information that third parties provide us, including information from other platforms, publicly available information, and information from our partners, service providers and retail affiliates. The information we receive from these other platforms for log in or sign up purposes will generally be considered Personally Identifiable Information. - Publicly available information: CertClean may collect information that you make available to the public, such as when you make an Instagram post about the certification and or the Clean Beauty Awards on your public Instagram page. - Service Providers: We may receive information about you from our partners, service providers and retail affiliates. For example, Mailchimp may provide us with your updated email address. ### Information automatically collected when you use the Services We collect certain information automatically whenever you use the Services. - Device information: We also collect information that your device provides us in connection with your use of the Services, such as your mobile device type, system language, mobile carrier, browser type, IP address, etc. - Cookies and similar technology: We use cookies in connection with your use of the Services to collect information related to what you see and interact with. Cookies are small files placed on your hard drive that assist us in providing our services. We may use cookies to collect usage information, determine our total audience size and traffic and determining which areas of the Website are of greatest interest to users. - Web Beacons/Pixel Tags. These are invisible tags placed on certain pages of our Website. When you access our Website, pixel tags generate a notice of that visit. They usually work in conjunction with cookies, registering when a particular computer visits a particular page. If you turn off cookies, the pixel tag will simply detect an anonymous website visit. We may use web beacons to recognize users and access traffic patterns. ### 4. USE OF INFORMATION In general, we use both Personally Identifiable Information and Non-Personally Identifiable Information in order to administer, operate and provide the Services to you. Here are some of the ways that we use your information: ### How we use your Personally Identifiable Information - trouble shooting technical issues that you encounter; - to analyze, evaluate and improve the functionality and experience of our Services. For example, we use crash reporting to be able to fix issues promptly. - to respond to customer service inquiries when you contact us; - to prevent fraud and to maintain a quality experience for our business purposes or legal reasons; - to enforce our Terms of Service and Privacy Policy; - to provide you with system or administrative messages relating to the Services; - to let you know about new features or updates to our Terms of Service or Privacy Policy; - to send you information about your relationship or transactions with us; - to send you marketing communications (where you have opted-in to receive such messages); - to administer surveys, contents or promotions (to the extent that you have opted-in to participate in these). ### How we use your Non-Personally Identifiable Information - to analyze, evaluate and improve our Services functionality and experience. For example, we use crash reporting to be able to fix issues promptly and analytics to gain insight into what actions you are taking within the mobile app; - to personalise your CertClean experience, such as suggesting blog content that you may want to be apart of - to display relevant advertising to you and evaluate whether such advertising is of interest to you, such as displaying certain promotions of clean products that you have recently viewed; ### Aggregated Statistics We may also de-identify or aggregate the information collected in connection with the Services, in ways that do not personally identify you. From time to time, we may use this non-identifying aggregated information to perform statistical analyses of user behavior and demographics in order to measure the interest in and use of the CertClean Services, or to publish trends such as number of downloads, number of active users, etc. Any use of your information that is incompatible with these uses will be disclosed to you in advance so that you may opt out of such uses at your discretion. ### 5. SHARING YOUR INFORMATION CertClean will not rent or sell your information to anyone. If any of your information is shared or disclosed to third parties, it will only be so that we can provide you with the full suite of CertClean Services. We share your information in the following ways: ### Service Providers We may share your information with third parties who provide services to CertClean, such as hosting by Heroku, mailing list management by Mailchimp, e-commerce solutions by Shopify, analytics and reporting by Google Analytics and, and push notifications by OneSignal, etc. These service providers will only have access to the information necessary to perform these limited functions on our behalf and are required to protect and secure your information. Except as otherwise stated in this Privacy Policy, these third party service providers are required not to use your information other than to provide the services requested by us. ### Legal Requests We cooperate with law enforcement inquiries and demands for information that are made under force of law. Therefore, we may disclose your information (a) to any governmental authority as part of an investigation to determine our compliance with any applicable law, rule, or regulation (including privacy laws, rules, and regulations), in accordance with the applicable law (b) in response to a court order, subpoena, discovery request, or other lawful judicial or administrative proceeding, in accordance with the applicable law (c) as otherwise required under any applicable law. We may also disclose your information if we determine in good faith that disclosure is reasonably necessary or appropriate to protect the property rights of CertClean, third parties, yourself or the public at large. ### Related Business Affiliates We may share your information with affiliates under common control with us, who are required to comply with the terms of this Privacy Policy with regards to your information. ### Sale of Business If CertClean becomes involved in a business merger, acquisition, securities offering, bankruptcy, reorganization, dissolution or other similar transaction, we may share or transfer your information in connection with such transaction. If we do this, such disclosure will be subject to confidentiality arrangements that are typical of such transactions. ### Marketing We do not share your information with third parties for promotional purposes unless you have opted-in to such disclosure. If you have opted-in to have your information shared, you may choose to opt-out from receiving further communications from any third party that is not our agent or service provider at any time by contacting the marketing partner/affiliate directly. ### FAQ If you send us a request for information or support in relation to our Services, we reserve the right to publish the content of your request (with any PII removed) for the purposes of clarifying our Services for other users (e.g. in a “FAQs” section). ### 6. PROTECTING YOUR INFORMATION *We will be at the industry standard when it comes to protecting your information.* CertClean strives to protect your information. We use commercially reasonable administrative, technical, and physical measures to safeguard your information in our possession against loss, theft and unauthorized use, disclosure or modification. We follow generally accepted industry standards to protect the information submitted to us, both during transmission and once we receive it. For data transmission security, we use standard encryption protocols (SSL/HTTPS) for transmission of information. The encryption process protects your information by scrambling it before it is sent to us from the App. Our hosting service providers for our database and application are reputable third-party hosting service providers whose privacy, security, transparency and industry-specific standards are best-in-class. Our systems and databases are backed up regularly to help protect your information in case of an uncontrollable catastrophe. Unfortunately, no data transmission over the mobile applications and the internet and no storage of data can be guaranteed to be 100% secure. Therefore, while we strive to make all reasonable efforts to use commercially acceptable means to protect your information, we cannot warrant the security of any information you transmit to us, and you acknowledge that there is always some risk when transmitting information to us through the Services. ### 7. DATA RETENTION *Your information will be kept with us as long as your account is active.* We retain information as long as it is necessary to provide the Services to you and others, subject to any legal obligations to further retainer such information. Information associated with your account will generally be kept until it is no longer necessary to provide the Services or until you ask us to delete it or your account is deleted, whichever comes first. We may however retain information from deleted accounts to comply with the law, to prevent fraud, collect fees, resolve disputes, troubleshoot problems, assist with investigations, enforce the Terms of Service and take other actions permitted by law. The information we retain will, of course, be subject to this Privacy Policy. Information about you that is no longer necessary and relevant to provide our Services to you may be de-identified and aggregated with other non-personal data to provide insights which are commercially valuable to CertClean, such as statistics related to the use of the Services. ### 8. MANAGING YOUR SETTINGS *Manage your settings in the “Profile” and “Settings” section of the app!* ### Adjusting Notification and Email Preferences If you originally subscribed or opted-in to receive newsletter communications from CertClean, you may unsubscribe by following the instructions contained at the bottom of each type of email. All other notification settings, if applicable, may be found in the “Profile” section of the site. ### Updating Account Information You may correct, amend or update profile or account information that is inaccurate at any time by adjusting that information in your account settings. ### Deleting Information and Accounts You may request that your account is deleted by contacting us at: [info@CertClean.com](mailto:info@CertClean.com), CertClean will generally respond to your request within 14 business days. ### 9. EU MEMBER RIGHTS If you are habitually located in the European Union, you have the right to access, rectify, download or erase your information, as well as the right to restrict and object to certain processing of your information. While some of these rights apply generally, certain rights apply only in certain limited circumstances, We described this rights below: ### Access and Porting You can access much of your information by logging into account and accessing the “Profile” or “Settings” screen. If you require additional access or to download a copy of your data, please contact us at: info@CertClean.com. CertClean will generally respond to your request within 14 business days. ### Correcting and Deleting You can also rectify, restrict, limit or delete much of your information by logging into your account and accessing the “Profile” section on the site. If you are unable to do this please contact us at info@CertClean.com. CertClean will generally respond to your request within 14 business days. ### Object Where we process your information based on our legitimate interests explained above, or in the public interest, you can object to this processing in certain circumstances. In such cases, we will cease processing your information unless we have compelling legitimate grounds to continue processing or where it is needed for legal reasons. ### Revoke Consent Where you have previously provided your consent, you have the right to withdraw your consent to the processing of your information at any time. In certain cases, we may continue to process your information after you have withdrawn consent if we have a legal basis to do so or if your withdrawal of consent was limited to certain processing activities. ### Complain Should you wish to raise a concern about our use of your information (and without prejudice to any other rights you may have), you have the right to do so with your local supervisory authority. ### Response We will respond to all requests that we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws. We may ask you to verify your identify in order to help us respond efficiently to your request. ### 10. INTERNATIONAL TRANSFERS OF PERSONAL INFORMATION The Services are hosted and operated from within the United States and Canada. If you are located outside of the United States or Canada and choose to use the Services or provide information to us, you acknowledge and understand that your information will be transferred, processed and stored in the United States or Canada, as it is necessary to provide the Services and our obligations to you under the Terms of Service. ### 11. CHILDREN The Services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from individuals under 18 years of age. In the event that we learn that we have collected personal information from a child under 18 years of age, we will take appropriate steps to delete that information. If you become aware or believe that a child has provided us with personal information, please contact us as provided in the Contact Us section. ### 12. ADDITIONAL DETAILS ### Links To Other Websites. CertClean Services may contain links to other websites on the internet maintained by third parties. Clicking on a link to a third party site will make you leave the Services and go to the site you requested. We cannot control the activities of third parties. Therefore, we cannot accept responsibility for any use of your PII by such third parties, and we cannot guarantee that these third parties will adhere to the same privacy practices as CertClean. We encourage you to carefully review the privacy policies of any other service provider from whom you request services. ### Social Media Features and Widgets. CertClean Services may include social media features and widgets (“Social Media Features”) such as the Facebook “Share” function. You agree that the Social Media Features may collect your IP address, which page you are visiting on our Site and Services, and may set a cookie to enable the Social Media Features to function properly. Your interactions with these Social Media Features are governed by the respective privacy policy of the company providing the feature. ### 13. CHANGES IN THIS PRIVACY POLICY CertClean reserves the right to make changes to this Privacy Policy at any time and in our sole discretion, so please check back frequently. If we decide to change our privacy practices, we will post the changes to this Privacy Policy, on the home page of our Site, by sending you an e-mail update, and/or any other places we deem appropriate so that you can be made aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it. If you have questions about this Privacy Policy, please contact us at info@CertClean.com