Privacy Policy

Cook Smarts, LLC Privacy Policy

Last modified October 7, 2024

Your privacy and security are important to us. We want you to feel comfortable using Cook Smarts, LLC’s website, mobile application (“app”) and services, so below is a description of how we collect, use, and protect your personal information.

We may amend this Privacy Policy from time to time, and will post any updates or changes to our Privacy Policy here so that you will always know what information we collect, how we might use that information, and whether we will disclose that information to anyone else. Please review this Privacy Policy periodically so you can stay up to date on any changes. By using our website, app or services, you agree to the terms of this Privacy Policy.

This Privacy Policy only applies to information collected by our website or app, when you subscribe to one of our meal planning services, or when you purchase our 6-week Nourish By Cook Smarts course. We are not responsible for the privacy of any information you reveal or post in any public forum (a message board or blog, for example) or through the “Public Profile” feature available on our website, or for the privacy practices of websites that are operated or owned by third parties.  We encourage you to review all privacy policies of any third-party websites you visit as a result of your use of our website and services.

INFORMATION WE COLLECT UPON SIGN-UP

We collect and store information that you have explicitly provided to us through forms on our website or app when you sign up. For example, when you purchase our products and create a membership, we collect various personal information such as name, email and payment information. We do not record or store any payment information. Your credit card and banking information is securely stored by our payment processors, Stripe, PayPal and Simplify Commerce. You can read more about their privacy policies by clicking on these links: Stripe, PayPal.  All payments via the app will be processed and handled by Apple.

We only use your personal and payment information to charge you for the services you choose to receive and provide you with those services.  We store your email and password only via our web hosting service until you ask us to delete your information or until it is automatically deleted by our web hosting service.  We do not store your personally-identifiable data (“Personal Information”) on our servers.

INFORMATION WE COLLECT UPON LOG-IN

When you log into our service, your computer automatically provides your Internet Protocol (IP) address (this is not your email address and cannot be used directly to contact you), information about the request, and certain information about the capabilities of your computer.

We may use this automatically provided information for analytical purposes, to help diagnose errors, and to identify abuse of our systems.

USE OF EMAIL ADDRESSES

When you create an account you will receive a one-time email message with your account information. We will send you a weekly notification email when plans are posted. We will also send you receipts for payments via email. We may contact you by email from time to time to notify you of updates to the services or other related matters which may be of interest to you.  All automated email communications  include an “unsubscribe” link.  You may also email hello@cooksmarts.com to permanently delete all account-related information Otherwise, you will receive email from us only in response to a message or request from you.

USE OF COOKIES

Our website software uses cookies to maintain your session information. It may be necessary to accept cookies from our website in order to access our services. This allows you to choose to remain logged in so you can access your information quickly when you come to the site. To deactivate cookies, simply update your cookie settings when on our website.

SOCIAL MEDIA FEATURES AND WIDGETS

Our website and app include social media features, buttons and widgets provided by third party social media platforms such as Facebook and Google Analytics (“features”). A feature may collect your IP address and which page you are visiting on our website, and may set a cookie to enable the feature to function properly. This cookie may allow the social media platform to link the foregoing data with your user profile. The features are either hosted by the third party platform or directly on our website. Your interactions with these features are governed by the Privacy Policy of the relevant platform (i.e. the Privacy Policy of the social media platform you’re using, like Facebook, Twitter, or Pinterest). To deactivate cookies, simply update your cookie settings when on our website.

THIRD PARTY

We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information.  We may release your information when we reasonably believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others’ rights, property, or safety. However, non-personally identifiable visitor information may be provided to third parties through a tracking pixel and for analytics purposes.

INFORMATION FROM CHILDREN UNDER 13 YEARS OF AGE

Our website, app, meal planning subscriptions, and our Nourish By Cook Smarts course are not designed for or directed to children under the age of 13. We do not collect personally identifiable information from any person we actually know is under the age of 13.

CONSENT

Use of this website and app and subscriptions constitutes agreement with this Privacy Policy. We reserve the right to update the Privacy Policy as required by any future law. We will always send you a notification should any of the terms change.  You may revoke your consent to this Privacy Policy by ___________________.  If you wish to delete your account with us, you may ______________.  If you delete your account, we will remove all of your personally-identifiable data from our servers and systems.

NOTICE TO CALIFORNIA RESIDENTS

If you are a California resident, you are permitted by California Civil Code §1798.83 to request information regarding the disclosure of your Personal Information by us to third parties for the third parties’ direct marketing purposes. With respect to these entities, this policy applies only to their activities within the State of California.

CALIFORNIA CONSUMER PRIVACY ACT (“CCPA”)

This privacy notice for California residents supplements the information contained in this policy and it applies solely to all visitor(s), user(s), and others who reside in the State of California.

YOUR RIGHTS UNDER THE CCPA 

The CCPA provides California residents with specific rights regarding their Personal Information. If you are a resident of California, you have the following rights:

THE RIGHT TO NOTICE

You have the right to be notified which categories of your Personal Information are being collected and the purposes for which your Personal Information is being used.

THE RIGHT TO REQUEST 

Under CCPA, you have the right to request that we disclose information to you about our collection, use, sale, disclosure for business purposes, and sharing of your Personal Information. Once we receive and confirm your request, we will disclose to you: (1) The categories of Personal Information we collected about you; (2) The categories or sources of the Personal Information we collected about you; (3) Our business or commercial purpose for collecting or selling that Personal Information; (4) The categories of third parties with whom we share that Personal Information; (5) The specific pieces of Personal Information we collected about you; and (6) If we sold your Personal Information or disclosed your Personal Information for a business purpose, we will disclose to you the categories of Personal Information sold and the categories of Personal Information disclosed.

THE RIGHT TO SAY NO TO THE SALE OF PERSONAL INFORMATION (OPT-OUT)

You have the right to direct us not to sell your Personal Information. To submit an opt-out request, please contact us. Once we receive and confirm a verifiable consumer request from you, we will stop selling your Personal Information.

THE RIGHT TO DELETE PERSONAL INFORMATION

You have the right to request the deletion of your Personal Information, subject to certain exceptions. Once we receive and confirm your request, we will delete (and direct our service providers to delete) your Personal Information from our records, unless an exception applies. We may deny your deletion request if retaining the Information is necessary for us or our service providers to: (1) Complete the transaction for which we collected the Personal Information, to provide a product or service that you requested, to take actions reasonably anticipated within the context of our ongoing business relationship with you, or to otherwise perform our contract with you; (2) Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or to prosecute those responsible for such activities; (3) Debug products to identify and repair errors that impair existing intended functionality; (4) Exercise free speech, ensure the right of another user or consumer to exercise their free speech rights, or exercise another right provided for by law; (5) Comply with the California Electronic Communications Privacy Act (Cal. Penal Code S 1546 et. seq.); (6) Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the Information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent; (7) Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us; (8) Comply with a legal obligation; and (9) Make other internal and lawful uses of that Information that are compatible with the context in which you provided it

THE RIGHT NOT TO BE DISCRIMINATED AGAINST

You have the right not to be discriminated against for exercising any of your consumer’s rights, including by: (1) Denying goods or services to you; (2) Charging different prices or rates for goods or services, including the use of discounts or other benefits, or imposing penalties; (3) Providing a different level or quality of goods or services to you; and (4) Suggesting that you will receive a different price or rate for goods or services, or a different level of qualify of goods or services

EXERCISING YOUR CCPA DATA PROTECTION RIGHTS

In order to exercise any of your rights under the CCPA, and if you are a California resident, you can contact us by email at hello@cooksmarts.com. Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable request related to your Personal Information.

Your request to us must: (1) Provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Information or are an authorized representative of that person; and (2) Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your requests or provide you with the required information if we cannot: (1) Verify your identity or authority to make the request; and (2) Confirm that the Personal Information relates to you.

We will disclose and deliver the required information free of charge within forty-five (45) days of receiving your verifiable request. The time period to provide the required information may be extended once by an additional forty-five (45) days when reasonably necessary and with prior notice. Any disclosures we provide will only cover the 12-month period preceding the verifiable request’s receipt.

For data portability requests, we will select a format to provide your Personal Information that is readily usable and should allow you to transmit the Information from one entity to another without hindrance.

CATEGORIES OF PERSONAL INFORMATION COLLECTED UNDER CCPA

Under CCPA, we obtain the categories of Personal Information listed above from the following categories of sources. Please note that the examples provided below are illustrative and limited to CCPA, and are not intended to be exhaustive:

DIRECTLY FROM YOU. For example, from the forms you complete on our services, preferences you express or provide through the services, or from your purchases on our services.

INDIRECTLY FROM YOU. For example, from observing your activity on our services.

AUTOMATICALLY FROM YOU. For example, through cookies we or our service providers set on your device(s) as you navigate through our Services.

FROM SERVICE PROVIDERS. For example, when third-party vendors monitor and analyze your use of our services, when third-party vendors deliver targeted advertising to you, when third-party vendors contemplate payment processing, or when third-party vendors that we use provide services to you.

We collect Information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular user, visitor, or device. The following is a list of categories of Personal Information which we may collect or which we may have collected from California residents within the last twelve (12) months. Please note that the categories and examples provided in the list below are those defined in CCPA. This does not mean that all examples of that category of Personal Information were in fact collected by us, but reflects our good faith belief to the best of our knowledge that some of that Information from the applicable category may be and may have been collected. For example, certain categories of Personal Information would only be collected if you provided such Personal Information directly to us.

Please note that the examples below provided are illustrative and limited to CCPA, and are not intended to be exhaustive.

• Category A: Identifiers

1. Examples: a real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol (IP) address, email address, account name, driver’s license number, passport number, or other similar identifiers
2. Collected: Yes

1. Category B: Personal Information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).

1. Examples: a name, signature, Social Security Number, physical characteristics or description, address, telephone number, insurance policy number, education, employment, employment history, bank account number, credit card number debit card number, or any other financial information, medical information, or health insurance information. Some Personal Information included in this category may overlap with other categories
2. Collected: Yes

• Category C: Protected classification characteristics under California or federal law

1. Examples: Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth, and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information)
2. Collected: Yes

• Category D: Commercial information

1. Examples: Records and history of products or services purchased or considered
2. Collected: Yes

• Category E: Biometric information

1. Examples: Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data
2. Collected: No

• Category F: Internet or other similar network activity

1. Examples: Interaction(s) with our Services or advertisements
2. Collected: Yes

• Category G: Geolocation data

1. Examples: Approximate physical location
2. Collected: Yes

• Category H: Sensory data

1. Examples: Audio, electronic, visual, thermal, olfactory, or similar information
2. Collected: No

• Category I: Professional or employment-related information

1. Examples: Current or past job history, or performance evaluations
2. Collected: No

1. Category J: Non-public education information (per the Family Education Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99))

1. Examples: Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records
2. Collected: No

• Category K: Inferences drawn from other personal information

1. Examples: Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes
2. Collected: No

Under CCPA, Personal Information does not include: (1) Publicly available information from government records; (2) Deidentified or aggregated user information; and (3) Information excluded from CCPA’s scope, such as Health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data, and Personal Information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA), the California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.

USE OF PERSONAL INFORMATION FOR BUSINESS PURPOSES OR COMMERCIAL PURPOSES UNDER CCPA

As defined under CCPA, we may use or disclose Personal Information we collect for “Business Purposes” or “Commercial Purposes” which may include the following non-exhaustive examples: (1) To operate our services and to provide you with our services; (2) To provide you with support and to respond to your inquiries, including to investigate and to address your concerns and to monitor and to improve the services; (3) To fulfill or meet the reason for which you provided the information. For example, if you share your contact information to ask a question about our services, we will use that Personal Information to respond to your inquiry. If you provide your Personal Information to purchase a product or service, we will use that information to process your payment and to facilitate delivery of that product and/or service; (4) To respond to law enforcement requests and as required by applicable law(s), court order(s), or governmental regulation(s) (5) As described to you when collecting your Personal Information or as otherwise set forth in CCPA; (6) For internal administrative and auditing purposes; and (7) To detect security incidents and to protect against malicious, deceptive, fraudulent, or illegal activity, including, when necessary, to prosecute those responsible for such activities.

Please note that the examples provided above are illustrative and limited to CCPA, and are not intended to be exhaustive. If we decide to collect additional categories of Personal Information, or use the Personal Information we collected for materially different, unrelated, or incompatible purposes, we will update this Privacy Policy.

DISCLOSURE OF PERSONAL INFORMATION FOR BUSINESS PURPOSES OR COMMERCIAL PURPOSES UNDER CCPA

We may use or disclose and may have used or disclosed in the last twelve (12) months the following categories of Personal Information for business purposes or for commercial purposes:

1. Category A: Identifiers
2. Category B: Personal Information categories listed in the California Customer Records statute (Cal. Civ. Code S 1798.80(e))
3. Category D: Commercial Information
4. Category F: Internet or other similar network activity

Please note that the categories listed above are those defined in CCPA. This does not mean that all examples of that category of Personal Information were in fact disclosed, but reflects our good faith belief to the best of our knowledge that some of that Information from the applicable category may be and may have been disclosed.

When we disclose Personal Information for a business purpose or for a commercial purpose, we enter into a contract that describes the purpose and requires the recipient to both keep that Personal Information confidential and not to use it for any purpose except performing the contract.

SALE OF PERSONAL INFORMATION

As defined in CCPA, “sell” and “sale” mean selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a user(s)’ Personal Information by us to a third-party for valuable consideration. This means that we may have received some kind of benefit in return for sharing Personal Information, but not necessarily a monetary benefit.

Please note that the categories listed below are those defined in CCPA. This does not mean that all examples of that category of Personal Information were in fact sold, but reflects our good faith belief to the best of our knowledge that some of that Information from the applicable category may be and may have been shared for value in return.

We may sell and may have sold in the last twelve (12) months the following categories of Personal Information:

1. Category A: Identifiers
2. Category B: Personal Information categories listed in the California Customer Records statute (Ca. Civ. Code § 1798.80(e))
3. Category D: Commercial Information
4. Category F: Internet or other similar network activity

SHARING OF PERSONAL INFORMATION.

We may share your Personal Information identified in the above categories with the following categories of third parties: (1) service providers; (2) payment processors; (3) affiliates; (4) business partners; and (5) Third-party vendors to whom you or your agents authorize us to disclose your Personal Information in connection with products and/or Services we provide to you.

SALE OF PERSONAL INFORMATION OF MINORS UNDER 18 YEARS OF AGE

We do not knowingly collect Personal Information from minors under the age of eighteen (18) through our Services, although certain third-party websites and/or services that we link to may do so. These third-party websites have their own terms of use and privacy policies, and we encourage parents and legal guardians to monitor their children’s internet usage and instruct their children to never provide Information on other websites without permission of their parent(s) or legal guardian(s). 

We do not sell the Personal Information of user(s) and visitor(s) we actually know are less than eighteen (18) years of age unless we receive affirmative authorization (the “right to opt-in”) from the parent(s) or legal guardian(s) of a user or visitor who is less than eighteen (18) years of age. Those who opt-in to this sale of Personal Information may opt-out of future sales at any time. To recognize the right to opt-out, you, your parent(s), your legal guardian(s), or your authorized representative may submit a request to us by contacting us. If you have reason to believe that a child under the age of eighteen (18) has provided us with Personal Information, please contact us with sufficient detail to enable us to delete that Information.

THE RIGHT TO SAY NO TO THE SALE OF PERSONAL INFORMATION (OPT-OUT)

The service providers we partner with (for example, our analytics or advertising partners) may use technology on the Services that sells Personal Information as defined by CCPA. If you wish to opt-out of the use of your Personal Information for interest-based advertising purposes, and these potential sales are defined under CCPA, you may do so by following the instructions below. Please note that any opt-out is specific to the browser you use, and that you may need to opt-out on every browser that you use. 

You can opt-out of receiving advertisements that are personalized and served by our service providers by following the instructions presented on our services. The opt-out will place a cookie on your computer that is unique to the browser you use to opt-out. If you change browsers or delete the cookies saved by your browser, you will need to opt-out again.

You may access our Services through a mobile application downloadable on both iOS and Android Devices. This policy governs your use of our mobile application and any services you access and use through it. Your mobile device may give you the ability to opt out of the use of Information about the applications you use in order to serve you advertisements that are targeted to your interests through: (1) “Opt out of Interest-Based Ads” or “Opt out of Ads Personalization” on Android Device(s); or (2) “Limit Ad Tracking” on iOS Devices. You can also stop the collection of location Information from your mobile device by changing the preferences on your mobile device

YOUR CALIFORNIA PRIVACY RIGHTS UNDER CALIFORNIA’S SHINE THE LIGHT ACT

Under California Civil Code Section 1798, California residents with an established business relationship with us can request information once a year about sharing their Personal Information with third parties for the third parties’ direct marketing purposes. If you would like to request more information under the California Shine the Light Act, and if you are a California resident, you can contact us using the contact information provided below.

“DO NOT TRACK” AND PROTECTION ACT (CALOPPA)

There is no accepted standard on how to respond to Do Not Track (“DNT”) signals, and we do not respond to such signals. Our Services do not respond to DNT signals. However, some third-party websites do keep track of your browsing activities. If you are visiting such websites, you can set your preferences in your browser to inform websites that you do not want to be tracked. You can enable or disable DNT by visiting the preferences or settings page of your browser.

NOTICE TO EUROPEAN UNION USERS

Our operations are located primarily in the United States. If you provide Information to us, it will be transferred out of the European Union (EU) and sent to the United States. The adequacy decision between the EU-US became operational on August 1, 2016. This framework protects the fundamental rights of anyone in the EU whose Personal Information is transferred to the United States for commercial purposes. It allows the free transfer of data to companies that are certified in the United States under the Privacy Shield, which provides a mechanism to comply with data protection requirements when transferring Personal Information from the EU and Switzerland to the United States. By providing Personal Information to us, you are consenting to its storage and usage as described in this Policy.

DATA TRANSFERS, STORAGE, AND PROCESSING GLOBALLY

We may transfer your Personal Information to third parties in locations around the world for the purposes described in this Policy. We may use third-party service providers to process and store your Information in the United States, Canada, Japan, the European Union, and in other jurisdictions.

Information may be transferred to and maintained on computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction. Whenever your Personal Information is transferred, stored, or processed by us or by third parties carrying out services on our behalf, we will take reasonable steps to safeguard the privacy of your Personal Information.

We will make sure we, as a minimum, use the standards of data privacy and security that follow from the European General Data Protection Regulation (“GDPR”) anywhere in the world where we collect, store, use, or share your Personal Information. Where your local rules require more from us than the GDPR, we will adjust our practices to make sure your Information is safe with us no matter what. The rules set by European data authorities across the European Union set some of the highest standards in the world on Information collection, storage, use, and sharing.

GDPR PRIVACY

LEGAL BASIS FOR PROCESSING PERSONAL INFORMATION UNDER GDPR. We may process Personal Information under GDPR.

CONSENT. You have given your consent for processing Personal Information for one or more specific purposes.

PERFORMANCE OF CONTRACT. Provision of Personal Information is necessary for the performance of an agreement with you and/or for any pre-contractual obligations thereof.

LEGAL OBLIGATIONS. Processing Personal Information is necessary for compliance with a legal obligation to which we are subject.

VITAL INTERESTS. Processing Personal Information is necessary in order to protect your vital interests or those of another natural person.

PUBLIC INTERESTS. Processing Personal Information is related to a task that is carried out in the public interest or in the exercise of official authority vested in us.

LEGITIMATE INTERESTS. Processing Personal Information is necessary for the purposes of the legitimate interests pursued by us.

YOUR RIGHTS UNDER GDPR

We undertake to respect the confidentiality of your Personal Information and to guarantee you can exercise your rights. You have the right under this Policy, and by law if you are within the EU, to:

REQUEST ACCESS TO YOUR PERSONAL INFORMATION. The right to access, update, or delete the Information we have about you. Whenever made possible, you can access, update, or request deletion of your Personal Information directly within your account, by contacting us, by email or by phone, or by completing an application or registration form through our services. If you are unable to perform these actions yourself, please contact us to assist you. This also enables you to receive a copy of the Personal Information we hold about you.

REQUEST CORRECTION OF THE PERSONAL INFORMATION THAT WE HOLD ABOUT YOU. You have the right to have any incomplete or inaccurate Information we hold about you corrected.

OBJECT TO PROCESSING OF YOUR PERSONAL INFORMATION. This right exists whenever we are relying on a legitimate interest as the legal basis for our processing of your Personal Information, and there is something about your particular situation which makes you want to object to our processing of your Personal Information on this ground. You also have the right to object when we are processing your Personal Information for direct marketing purposes.

REQUEST ERASURE OF YOUR PERSONAL INFORMATION. You have the right to ask us to delete or remove any Personal Information we have about you when there is no good reason for us to continue processing it.

REQUEST THE TRANSFER OF YOUR PERSONAL INFORMATION. We will provide to you, or to a third-party you have chosen, your Personal Information in a structured, commonly used, and machine-readable format. Please note that this right only applies to automated Information which you initially provided consent for us to use, or where we used the Information to perform a contract with you.

WITHDRAW YOUR CONSENT. You have the right to withdraw your consent on using your Personal Information. If you withdraw your consent, we may not be able to provide you with access to certain specific functionalities of the Services.

EXERCISING OF YOUR GDPR DATA PROTECTION RIGHTS

You may exercise your rights of access, rectification, cancellation, and opposition by contacting us. Please note that we may ask you to verify your identity before responding to such requests. If you make a request, we will try our best to respond to you as soon as possible.

You have the right to complain to a Data Protection Authority about our collection and use of your Personal Information. For more information if you are in the European Economic Area (EEA), please contact your local data protection authority in the EEA. 

CONTACTING US

For questions or concerns about this Privacy Policy, please reach out to us via e-mail at hello [at] cooksmarts [dot] com.