PRIVACY POLICY

Last Updated: April 2, 2019

INTRODUCTION

Replenish Health values the trust our users and customers place in us when they give us access to their personal data. The Privacy Policy describes how we work to maintain that trust and protect that information.

This Privacy Policy describes how your personal information is collected, used, and shared when you visit or make a purchase from https://www.replenishhealth.net (the “Site”) operated by St John Enterprises (“us”, “we”, or “our”).

PERSONAL INFORMATION WE COLLECT

When you visit the Site, we automatically collect certain information about your device, including information about your web browser, IP address, time zone, and some of the cookies that are installed on your device. Additionally, as you browse the Site, we collect information about the individual web pages or products that you view, what websites or search terms referred you to the Site, and information about how you interact with the Site. We refer to this automatically-collected information as “Device Information.”

We collect Device Information using the following technologies:

  • “Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier. For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org.
  • “Log files” track actions occurring on the Site, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.
  • “Web beacons,” “tags,” and “pixels” are electronic files used to record information about how you browse the Site.

Additionally, when you make a purchase or attempt to make a purchase through the Site, we collect certain information from you, including your name, billing address, shipping address, payment information including credit card numbers, email address, and phone number. We refer to this information as “Order Information.”

We may also collect other contact information about you such as Skype name, Facebook ID, and other messaging account information so that we can contact you by your preferred methods.

In addition, we may collect health information from you that you have shared with us on our Site through comments and via our Contact Form, through our Client Portal, via email, mail, phone, messaging apps, and/or through our social media accounts. We do not share this information with third parties unless otherwise requested by you, except where you have chosen to post that information publicly through our Site or social media accounts. We store this information to better understand your health concerns and to determine how we may help you improve your diet and lifestyle factors.

We may collect your profile picture if you join our online community (become a member), sign-up for one of our online courses or memberships, submit a recipe, or comment on our Site.

When we talk about “Personal Information” in this Privacy Policy, we are talking both about Device Information and Order Information.

COMMENTS

When visitors leave comments on the Site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

MEDIA

If you upload images to the Site, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the Site. Images to consider are profile pictures and images for recipe submission. Here is more information on what EXIF GPS data is and how to easily remove it from your images: https://us.norton.com/internetsecurity-how-to-how-to-remove-gps-and-other-metadata-locations-from-photos.html.

WEBSITE PLUGINS

Some of the plugins we use on our Site may interact with your Personal Information. Below is a list of the plugins that may do so and how they use your Personal Information.

Plugin: ActiveCampaign

Our Email Service Provider is ActiveCampaign and is used to collect data through our Contact Form and email opt-in forms. The information you submit through the forms on our website will be shared to our ActiveCampaign account until such a time as you unsubscribe from our email list. We also use ActiveCampaign’s site tracking which tracks visitors and their page visits and events. We use this information for advanced segmenting of our email list and to provide more targeted emails. You can read ActiveCampaigns Privacy Policy here: https://www.activecampaign.com/privacy-policy

Plugin: Akismet

We collect information about visitors who comment on Sites that use our Akismet anti-spam service. The information we collect depends on how the User sets up Akismet for the Site, but typically includes the commenter’s IP address, user agent, referrer, and Site URL (along with other information directly provided by the commenter such as their name, username, email address, and the comment itself).

Plugin: Chatfuel Customer Chat

To make contacting us simple and easy for visitors to our website, we offer Customer Chat through Facebook Messenger via the Chatfuel Customer Chat Plugin. The conversations that take place through this plugin will be stored on Facebook Messenger. We may also share some of your information to our ActiveCampaign account if you choose to share your email address with us through Facebook Messenger. You can read the Chatfuel and Facebook Messenger Privacy Policies below.

https://chatfuel.com/PrivacyPolicy.pdf

https://www.facebook.com/full_data_use_policy

Plugin: Cooked Pro

If you choose to submit a recipe to our website then you will be asked to set-up a user profile. This information is stored on our BlueHost server until such a time as you delete your user profile.

Plugin: Google Analytics

We use Google Analytics to help us understand how our customers use the Site. You can read more about how Google uses your Personal Information here: https://www.google.com/intl/en/policies/privacy/. You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.

Plugin: Jetpack

Activity

This feature only records activities of a site’s registered users, and the retention duration of activity data will depend on the site’s plan and activity type.

Data Used: To deliver this functionality and record activities around site management, the following information is captured: user email address, user role, user login, user display name, WordPress.com and local user IDs, the activity to be recorded, the WordPress.com-connected site ID of the site on which the activity takes place, the site’s Jetpack version, and the timestamp of the activity. Some activities may also include the actor’s IP address (login attempts, for example) and user agent.

Activity Tracked: Login attempts/actions, post and page update and publish actions, comment/pingback submission and management actions, plugin and theme management actions, widget updates, user management actions, and the modification of other various site settings and options. Retention duration of activity data depends on the site’s plan and activity type. See the complete list of currently-recorded activities (along with retention information).

Data Synced (?): Successful and failed login attempts, which will include the actor’s IP address and user agent.

Protect

Data Used: In order to check login activity and potentially block fraudulent attempts, the following information is used: attempting user’s IP address, attempting user’s email address/username (i.e. according to the value they were attempting to use during the login process), and all IP-related HTTP headers attached to the attempting user.

Activity Tracked: Failed login attempts (these include IP address and user agent). We also set a cookie (jpp_math_pass) for 1 day to remember if/when a user has successfully completed a math captcha to prove that they’re a real human. Learn more about this cookie.

Data Synced (?): Failed login attempts, which contain the user’s IP address, attempted username or email address, and user agent information.

Subscriptions

Data Used: To initiate and process subscriptions, the following information is used: subscriber’s email address and the ID of the post or comment (depending on the specific subscription being processed). In the event of a new subscription being initiated, we also collect some basic server data, including all of the subscribing user’s HTTP request headers, the IP address from which the subscribing user is viewing the page, and the URI which was given in order to access the page (REQUEST_URI and DOCUMENT_URI). This server data used for the exclusive purpose of monitoring and preventing abuse and spam.

Activity Tracked: Functionality cookies are set for a duration of 347 days to remember a visitor’s blog and post subscription choices if, in fact, they have an active subscription.

Plugin: LearnDash LMS

We collect information about you during the course purchase process (PayPal and/or Stripe), as well as information relating to your course progression and quiz performance.

What We Collect and Store

When you purchase from us, we’ll ask you to provide your email address. We’ll use this information for purposes, such as, to:

–Send you information about your account and order

–Create your account for our LMS

If you register a free account then we will store your email address.

We store information about you for as long as your account exists.

We store course progress, including completion status, quiz scores, assignments and/or essay submissions (if applicable).

We will also store comments on courses, lessons, topics, assignments, and essays if you choose to leave them.

Who On Our Team Has Access

Members of our team have access to the information you provide us. For example, both Administrators and Group Leaders can access:

–Order information such as your enrolled courses, course progress and username / email address.

Any additional information added in your WordPress User Profile can also be visible to the administrator(s).

What We Share With Others

The information you provide to us in your LMS account could be shared with other applications and plugins that we use that include, but may not be limited to, analytics/reporting tools, marketing services (such as our email service ActiveCampaign), payment gateways, gamification programs, and third party embeds. You can find further information concerning these applications and plugins, and how they use your data, throughout our Privacy Policy Page.

Payments

We accept payments through PayPal and/or Stripe. When processing payments, some of your data will be passed to PayPal and/or Stripe, including information required to process or support the payment, such as the purchase total and billing information.

Please see the PayPal Privacy Policy and the Stripe Privacy Policy for more details.

Plugin: LearnDash Notes

If you sign-up for one of our courses you will be provided with an area to take notes. The information you type in the notes area can only be viewed by yourself and our Course Administrators and is held on our website server until you choose to delete your notes.

Plugin: LearnDash Pro Panel

This is used by our Course Administrators and aids in communication with our students through their provided email addresses.

Plugin: Smush

Note: Smush does not interact with end users on your website. The only input option Smush has is to a newsletter subscription for site admins only. If you would like to notify your users of this in your privacy policy, you can use the information below.

Smush sends images to the WPMU DEV servers to optimize them for web use. This includes the transfer of EXIF data. The EXIF data will either be stripped or returned as it is. It is not stored on the WPMU DEV servers.

Smush uses the Stackpath Content Delivery Network (CDN). Stackpath may store web log information of site visitors, including IPs, UA, referrer, Location and ISP info of site visitors for 7 days. Files and images served by the CDN may be stored and served from countries other than your own. Stackpath’s privacy policy can be found here.

Smush uses a third-party email service (Drip) to send informational emails to the site administrator. The administrator’s email address is sent to Drip and a cookie is set by the service. Only administrator information is collected by Drip.

COOKIES

“Cookies” are small pieces of information that are stored by your browser on your computer’s hard drive.

We use cookies on our Site to improve functionality and enable a better website experience for our users. Cookies are set by certain plugins, social media, and analytics.

HOW WE USE COOKIES

Like most websites, we use cookies for a variety of purposes in order to improve your online experience, for analytics and for marketing, but specifically, we use Cookies on the Site for the following purposes:

Analytical Purposes: We use cookies to analyze user activity in order to improve the Site. For example, we can use cookies to look at demographics such as where our users are from. We can use such analysis to gain insights about how to improve the functionality and user experience of the Site.

Your Preferences & User Experience: We use cookies to gather certain information about users, such as browser type, server, language preference, and country setting, in order to store user preferences on our Site to make your user experience more consistent and convenient. For example, we may store the recent searches you have performed in a cookie so that we can allow you to easily repeat those searches when you return to our Site. In addition, we use cookies to maintain your logged in state when you visit our Site repeatedly. We may also use your IP address to determine your geographic location in order to provide you with the most relevant search results.

Marketing: We use cookies from third-party partners such as Google and Facebook for marketing purposes. These cookies allow us to display Replenish Health promotional material to you on other sites you visit across the Internet. Replenish Health may also share information about your behavior on the Site with third parties (including operators of third-party websites and/or social networking sites) in order to show you targeted advertisements and other content that has been customized for you.

Security Purposes: We use cookies to limit certain types of cyber attacks.

Testing, Usability, and Performance Improvement Purposes: We use cookies to ensure users receive a consistent user experience while we conduct A/B testing on certain aspects of our Site in order to improve our product offerings. We also use cookies to improve the performance and reliability of our Site.

MANAGING COOKIES IN YOUR BROWSER

Use the options in your web browser if you do not wish to receive a cookie or if you wish to set your browser to notify you when you receive a cookie. You can easily delete and manage any cookies that have been installed in the cookie folder of your browser by following the instructions provided by your particular browser manufacturer.

If your browser is not listed here, consult the documentation that your particular browser manufacturer provides. You may also consult your mobile device documentation for information on how to disable cookies on your mobile device. If you disable all cookies, you may not be able to take advantage of all the features of this Site. Please note that if you have not cleared your cookies or cache, the contents of which may affect autofill functions on the Replenish Health site and you are responsible for any such actions.

EMBEDDED CONTENT FROM OTHER WEBSITES

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

WHERE WE STORE YOUR DATA AND HOW WE PROTECT IT

In addition to data stored by third parties listed under various headings in this Privacy Policy, our Site is hosted by Bluehost and all data from our Site is backed-up every 24 hours to our secure server. For further information, you can read Bluehosts Privacy Policy here: https://www.endurance.com/privacy/privacy.

Our Site is protected by two-factor authentication for additional security.

In addition to the online storage of your Personal Information, we may keep printed copies of your health information you share if you have Nutritional Counseling with one of our Nutritionists. Physical copies of your Personal Information are stored in a secure filing system at our main office.

HOW DO WE USE YOUR PERSONAL INFORMATION?

We use the Order Information that we collect generally to fulfill any orders placed through the Site (including processing your payment information, arranging for shipping (if necessary), and providing you with invoices and/or order confirmations). Additionally, we use this Order Information to: Communicate with you; screen our orders for potential risk or fraud; and when in line with the preferences you have shared with us, provide you with information or advertising relating to our products or services.

We use the Device Information that we collect to help us screen for potential risk and fraud (in particular, your IP address), and more generally to improve and optimize our Site (for example, by generating analytics about how our customers browse and interact with the Site, and to assess the success of our marketing and advertising campaigns).

When users email us through our Contact Form, joining our email list, or signing up to our Facebook Messenger Bot, they may be asked to answer questions about their current needs. This information is used to place each user into a bucket on our email marketing account (ActiveCampaign) so that we can provide more targeted information to our users to better meet their needs.

SHARING YOUR PERSONAL INFORMATION

We share your Personal Information with third parties to help us use your Personal Information, as described above. For example, we use ThriveCart to power our online sales. You can read more about how ThriveCart uses your Personal Information here: https://legal.thrivecart.com/platform/privacy.

Payments for our products and services are collected through Paypal or Stripe. Read how they uses your Personal Information below.

https://www.paypal.com/ca/webapps/mpp/ua/privacy-full?locale.x=en_CA

https://stripe.com/CA/privacy

We use Google Analytics to help us understand how our customers use the Site. You can read more about how Google uses your Personal Information here: https://www.google.com/intl/en/policies/privacy/. You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.

If you choose to have Nutritional Counseling with one of our Nutritionists then the Personal Information you share through the Client Portal will be held by CharmEHR which is HIPPA compliant. You can read more about how CharmEHR stores your Personal Information here: https://www.charmhealth.com/privacy-policy.html.

Finally, we may also share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect our rights.

HOW LONG WE RETAIN YOUR DATA

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our Site (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

If you have an account and you log in to this Site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

When you place an order through the Site, we will maintain your Order Information for our records unless and until you ask us to delete this information.

Physical data from Nutritional Counseling services are stored for up to 10 years.

WHAT RIGHTS YOU HAVE OVER YOUR DATA

If you have an account on this Site or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

If you have had Nutritional Counseling you may request to receive a copy of your session notes and any personal information stored physically in your file at our main office.

If you are a European resident, you have the right to access the personal information we hold about you and to ask that your personal information is corrected, updated, or deleted. If you would like to exercise this right, please contact us through the contact information at the bottom of this page.

Additionally, if you are a European resident we note that we are processing your information in order to fulfill contracts we might have with you (for example if you make an order through the Site), or otherwise to pursue our legitimate business interests listed above. Additionally, please note that your information will be transferred outside of Europe, including to Canada and the United States.

DO NOT TRACK

Please note that we do not alter our Site’s data collection and use practices when we see a Do Not Track signal from your browser.

CHANGES TO OUR PRIVACY POLICY

We may update this Privacy Policy from time to time in order to reflect, for example, changes to our practices or for other operational, legal or regulatory reasons. Please refer to the “Last Updated” date at the top of this page. If we have a major update to make we will give 30 days notice of major changes coming at the top of this page along with the date they will take effect from.

CONTACT US

For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by email at support@replenishhealth.net or by mail using the details provided below:

Nina St John
Replenish Health
P.O. Box 1151
Peachland
British Columbia, V0H 1X0
Canada