Loading BeingBrigid.com

Company & Website Information

Introduction

This is the privacy policy for www.beingbrigid.com, www.beingfunctionalnutrition.com, www.thebeingcollective.co, and any other properties owned by BeingBrigid Functional Nutrition Consulting, LLC.

The responsible controller for the processing on this site is
BeingBrigid Functional Nutrition | [email protected]

The protection of your personal data is of particular concern to us. We treat the personal data provided by you in the context of the use of our website and services confidentially and in accordance with the applicable data protection laws as well as this privacy policy.

In the following, we inform you in detail about which personal data we collect, for which purposes they are used, with whom we share data and which privacy rights you may be entitled to.

Definitions

Controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

Legal basis means a lawful ground for data processing under the applicable privacy laws.

Personal data means any information relating to an identified or identifiable natural person (data subject); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. The terms personal data and personal information have been used interchangeably in this Privacy Policy.

Privacy Policy refers to the current policy designed to inform you how our Website collects, stores, protects, processes, discloses, and retains your personal data.

Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

Recipient means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, including both processors and controllers.

Sensitive personal data means personal data which reveals racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership, genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.

Service providers are entities to whom data is disclosed and the processing of data takes by the service provider on our behalf as per the provisions of the contract/data processing agreement signed with them.

Scope

Under most privacy laws, a controller is the entity that determines the purposes and means of the processing of personal data. A processor, on the other hand, processes personal data on behalf of the data controller. This Privacy Policy applies when we are the data controller of your personal data i.e. we determine the purposes and means of the processing of your personal data for our own purposes (unless a different privacy policy is displayed when we collect your personal data).

We act as a data controller for the purposes of personal information that you provide in the course of your use of our website. For example, when you visit our website, interact with our representative, register for a webinar or sign up to receive marketing communications. We are a Controller for the activities mentioned in the data processing activities mentioned in this Privacy Policy. It is important to note that this Privacy Policy does not cover how we process personal information on behalf of our customers.

If you are a data subject that uses or has used our product or service on another domain controlled by another organization or have had your personal data collected and processed by an organization that uses our services and you have questions or concerns about the personal data held about you, please direct your request to the relevant organization. This is because we cannot respond directly to your request as your personal data is owned by the relevant organization and we do not control the processing of your personal data in that case. As a data processor, we process this personal data pursuant to our contract with our customer and under relevant privacy laws we are not at liberty to independently take any action related to personal data we collect, process or retain on their behalf without their authorization and instructions. This Privacy Policy does not apply to any third-party websites, services or applications, even if they are accessible through our Services.

Data Processing Activities

We collect certain personal information to provide specific services and functionalities on our website.

The following sections describe the different data processing activities we conduct on our website. The information particularly reflects the processing purposes, what personal data we process for this purpose as well as the legal basis for the processing.

Informational use of our website

a) If you visit our website for informational purposes only, i.e. surfing on our website without specifically providing personal data, we will process the following information about you. The information may include a limited amount of personal data:

IP Address
Referrer URL
Browser Information
Device Information
Date and time of the user request

This information is processed to enable you to use our website (e.g. by adapting our website to the needs of your device or browser).

The legal basis for this data processing is performance of contract, Art. 6 para. 1 sentence 1 lit. b GDPR, as we need the information for the effective provision of our website, and for providing you the services of our website at your request. Without the processing of the above-mentioned personal data, we will not be able to carry out the communication over the network and provide you with the required functionalities of our website.

We retain this personal data for 2 years

Users may create a user account on our sites

a) You have the possibility to register for a user account on our website. During registration we will process the following personal data about you:

First Name
Last Name
Email Address
Address
Payment Info

b) The lawfulness of this data processing is “performance of contract” follows from Art. 6 para. 1 sentence 1 lit. b GDPR. The processing is required for the effective provision and the ad-ministration of your user account. Without providing the data required for regis-tration, it is not possible to create a user account on our website.

We retain your personal data till you have a user account with us.

c) The users can contact you to request deletion.

Users may contact us via the contact form

You can contact us using the contact details provided on the website. If you contact us, we will process the content of your inquiry, your name, your e-mail address or telephone number, if applicable, our answers as well as all information that you voluntarily provide us with in the context of the inquiry in order to be able to adequately handle your request.

You can also contact us via the contact form on our website. In this case, we collect the following personal data:

We will process this data as well as the content of your inquiry, our answers and all information that you voluntarily provide us with in the context of the inquiry in order to be able to adequately handle your request.

The lawfulness of this data processing is “legitimate interests” (results from Art. 6 para. 1 sentence 1 lit. b, f GDPR), as this data processing is necessary to ensure proper contact and the provision of customer service. This provision of adequate customer service is our legitimate interest that requires us to process your personal data.

We will retain your data as long as necessary to adequately process your request. Afterwards, it will be deleted, unless longer storage is required or justified by law.

The retention period for the personal data processed to process your request is:
2 years
Afterwards, it will be deleted, unless longer storage is required or justified by law.

You have a right to object to processing based on our legitimate interests. As a consequence of any valid objection, we will no longer process your data unless we have sufficiently compelling and legitimate grounds for the processing.

Users may sign up for a newsletter

a) You may register for our newsletter on our website. During the registration process we collect the following personal data:

First Name
Last Name
Email Address

We process this data to provide you with the newsletter. The data processing is based on your consent (Art. 6 para. 1 sentence 1 lit. a GDPR). The consent is voluntary. You can revoke your consent at any time without giving reasons with effect for the future. To do so, simply click on the ‘Unsubscribe’ link included in every newsletter or send us an e-mail.

b) We will retain your data as long as necessary you are subscribed to the newsletter. Afterwards, it will be deleted, unless longer storage is required or justified by law. Once you have unsubscribed from the newsletter, we will retain your just strictly necessary information to ensure that we respect your newsletter subscription preferences in the future.

c) The retention period for the personal data is: 2 years

Afterwards, it will be deleted, unless longer storage is required or justified by law.

Our website provide blogs

  1. Our website includes blogs where we regularly publish posts. Some posts allow for public commenting. If you do so, we will process the following personal data on you:
    First Name
    Last Name
    Email Address

    We process this data to enable you to participate on the blog. Thus, the processing is necessary to provide that service. The legal basis of this data processing is performance of contract (Art. 6 para. 1 sentence 1 lit. b GDPR). Without the processing of your data, we cannot enable you to participate in the blog.

  2. When you post a comment, the following information will be visible for other users of our website:
    First Name
    Last Name
    Email Address
  3. You are allowed to post anonymously on our website.
  4. To post comments on the blog, you need to create a user account.
  5. You can delete your posts at any time.
  6. We reserve the right to delete comments that contain insults, vulgar language or personal attacks or violate legal regulations.
  7. The retention period for the personal data is: 2 years

Afterwards, it will be deleted, unless longer storage is required or justified by law.

Users can apply for a job via an application form on our site (if applicable)

a) If you apply for a job in our company, we will process your name, contact details, qualifications and other data that you provide us with your application.

b) You may further use the application form we provide in this regard on our website. In this case we will process the following data categories:

c) We process your data exclusively for the purpose of assessing your application and conducting the application process. If you do not provide the required personal data, unfortunately, we cannot consider your application. You do not have to enter data that is marked as voluntary in order for the application to be considered. The processing is justified under “performance of contract” legal basis Art. 6 para. 1 sentence 1 lit. b GDPR as it is necessary in order to take steps at your request prior to entering into an employment contract.

d) If the application procedure ends without an employment relationship being established, the retention period for your data is: 2 years

Afterwards, it will be deleted, unless longer storage is required or justified by law. If you are also interested in other positions, we will store your data with your consent, until you request deletion of the data. You can opt-in to receive future job notifications from us and you may refuse to stop receiving future job notifications from us at any time.

No processing of personal data of children

We do not knowingly collect or solicit personal data from persons under the age of 16. The website is not directed at children under the age of 16. In the event that we learn that we have collected personal data of a child under the age of 16 without parental consent, we will delete that information as quickly as possible. If you believe that we may have personal data from or about a child under 16, please contact us using the contact details outlined in this policy.

No processing of sensitive personal data

We do not knowingly collect or process sensitive personal data.

No processing of personal data relating to criminal convictions and offences

We do not knowingly collect or process personal data relating to criminal convictions and offences.

No processing for automated individual decision-making including profiling

We do not knowingly collect or process personal data for automated individual decision-making including profiling.

Cookies

Use of Cookies and other Web Technologies

Cookies and similar tracking technologies are small text files placed on your computer or mobile device (terminal equipment) to collect, store, and use information about you when you visit our website. Similar tracking technologies may include local storage objects or flash cookies, software development kits, pixel trackers, or device fingerprinting technologies. This website uses cookies and similar tracking technologies (“cookies”). There are different kinds of cookies:

Cookies may be classified as either first party or third party cookies. A cookie set by our own website, i.e. the host domain, is a first-party cookie. For first-party cookies, we are responsible for the processing of personal data. A third-party cookie is the one set by a different domain i.e. a domain other than the one you can see in the address bar. Such cookies can be related to advertising or to social media plugins enabled for the website.

We place both session cookies and persistent cookies on your device. Session cookies expire upon the end of a browsing session. Persistent cookies persist even after you have ended the browsing session and retain your personal information. The retention periods for persistent cookies are mentioned against them.

This website uses essential as well as non-essential cookies.

Essential Cookies

Essential cookies include technical cookies whose sole purpose is to carry out the transmission of a communication over a network, for example to identify the communication endpoints. Essential cookies include cookies with abilities to route the information over the network, exchange data items in their intended order, and to detect transmission errors or data loss. Essential cookies also include cookies that are strictly necessary to provide the service or functionality explicitly requested by you when you visit our website. Essential cookies are not merely supplementing our website’s functionality but are in fact strictly necessary for us to deliver you the service explicitly requested by you and without essential cookies, the service requested by you cannot be provided to you. Essential cookies will always remain activated.

Non-essential Cookies

For the use of non-essential cookies on this website, we require your consent if you are a protected data subject under an opt-in privacy regulation (privacy regulations requiring us to obtain your consent for the use of non-essential cookies such as if you are from the European Union). You have the right to refuse the use of any of the non-essential cookies as well as withdraw your consent once given at any time by updating your cookie preferences through theManage Cookie Preferences.

For data subjects belonging to opt-out jurisdictions, we assume your consent for the use of non-essential cookies unless you opt-out of the non-essential cookies. You can opt-out at any time.

Data Sharing

Sharing your personal information with service providers

We do not engage with service providers for the processing of personal data in connection with the website and/or functions/services on the website.

Third party recipients of your personal information

There are no data recipients located in countries outside the European Union, and they do not have access to personal data from a country outside the European Union.

International Data Transfer

No data recipients (service providers or third party recipients) are located in countries outside of the European Union and/or do the data recipients access the personal data from a country outside the European Union.

We do not transfer or provide access to your personal data to data recipients located in countries outside the Federated Republic of Brazil.

Data Privacy Framework

This DPF statement supplements and should be read in conjunction with our general privacy notice, which outlines the categories of personal data collected and processed by us, the purposes of such collection and processing, and the third parties with which the personal data is shared along with the purposes.

In compliance with , our organization commits to resolve DPF Principles-related complaints about our collection and use of your personal information. Individuals from concerned region(s) with inquiries or complaints regarding our handling of personal data received in reliance on should first contact us at the following details:

Postal Address:

Contact Number:

Email Address:

Link to Complaint Portal:

Moreover, in compliance with ,

If your complaint cannot be resolved through the above specified channels, in certain circumstances, the DPF provides the right to invoke binding arbitration to resolve complaints not resolved by other means. Please see this DPF webpage for more information: https://www.dataprivacyframework.gov/s/article/G-Arbitration-Procedures-dpf?tabset-35584=2.

Individuals whose personal data is covered under the ambit of this DPF statement have the right to access their personal data processed by us, and to further correct, amend, or delete such information where it is inaccurate, or has been processed in violation of the Principles, except where the burden or expense of providing access would be disproportionate to the risks to the individual’s privacy in the case in question, or where the rights of persons other than the individual would be violated.

Additionally, our organization offers individuals the following specified means to limit the use and disclosure of their personal data.

Please also note that we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Further, to the extent specified under the DPF, our organization may be liable if a third party engaged by us to process personal data on our behalf conducts the processing in a manner which is inconsistent with our obligations under the DPF, unless our organization proves that it is not responsible for the matter giving rise to the damage.

UK DPA

Operating globally, we may transfer personal data from the United Kingdom to the United States and other countries, including personal data we receive from individuals residing in the UK or those who are protected under the UK Data Protection Act 2018 and visit our website and/or who may use our services or otherwise interact with us. When we engage such transfers of personal data, we rely on the following transfer mechanisms:

  • Adequacy decision for the transfer of personal data to the European Economic Area countries, the EFTA states, and any country covered by a European Commission’s adequacy decision as of 31 December 2020.
  • Standard data protection clauses for the transfer of data to non-adequate jurisdictions such as the United States supplemented by additional security measures for the protection of personal data.
  • In the absence of any adequacy decision and standard data protection clauses, we implement appropriate safeguards depending on the circumstances that ensure the protection of rights and freedoms of individuals with respect to their personal data.

We also conduct transfer risk assessments in order to determine the level of protection offered to data subjects protected under the UK Data Protection Act 2018 by the recipient entity and continually monitor the circumstances surrounding such transfers to ensure that these maintain, in practice, a level of protection that is essentially equivalent to the one guaranteed by the UK Data Protection Act 2018.

Data Retention

How long we retain your personal information

Unless otherwise stated in this privacy policy, we retain your personal data only as long as necessary for the respective purpose. Subsequently, we will delete your data, unless we are legally entitled or obliged to further storage.

We ensure that the period for which your personal data is stored with us is limited to a strict minimum which is reasonably necessary and proportionate to achieve the purposes for which the personal information was collected for. The following criteria help us determine the data retention periods for respective data processing purposes:

  • The category of personal data,
  • The relevant purpose of data processing,
  • Whether or not data is necessary longer than for the purposes it was collected or otherwise processed,
  • Whether the personal data is typically deleted based on specific schedules,
  • The terms of the contract entered with you if any,
  • Withdrawal of consent in the case of consent based data processing activities,
  • Whether you have objected to the data processing,
  • Personal data may be continued to be processed if there is a current or legal interest in storing the information, i.e. to establish, assert, or defend a legal claim and not a hypothetical future interest,
  • Personal data may be stored for longer periods if it is processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes. In such instances, appropriate technical and organizational measures will be implemented to protect your personal data and your rights and freedoms,
  • Any statutory requirements to retain your personal data and whether or not there is a direction from law enforcement to not delete the personal data and retaining the data is necessary to produce to law enforcement in response to a court-issued subpoena, order, or warrant or the personal data is necessary for us in order to comply with our legal obligations, and
  • Whether or not the personal data is in a de-identified or aggregated form.

Please refer to the section on Data Processing Activities to find out the exact retention period for different categories of your personal data and/or different processing purposes.

Data Security

How we protect your personal information

We implemented appropriate technical and organizational measures to ensure a level of security appropriate to the risk, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons.

Your Rights

Depending on the circumstances, you may be entitled to exercise some or all of the following rights:

1. Obtain confirmation as to whether or not your personal data is being processed and access to copy of your personal data undergoing processing.

1. require (i) access to and/or duplicates of your personal data retained, (ii) receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and (iii) to transmit those personal data to another controller without hindrance from our side; where technically feasible you shall have the right to have the personal data transmitted directly from us to another controller;

2. request rectification, removal or restriction of your personal data;

3. Where the data processing is based on your consent, refuse to provide and – without impact to data processing activities that have taken place before such withdrawal – withdraw your consent to processing of your personal data at any time;

4. take legal actions in relation to any potential breach of your rights regarding the processing of your personal data, as well as to lodge complaints before the competent data protection regulators;

5. not to be subject to any automated decision making, including profiling (automatic decisions based on data processing by automatic means, for the purpose of assessing several personal aspects) which produce legal effects on you or affects you with similar significance.

Further, you may be entitled to object, out of grounds relating to your particular situation, at any time to processing of personal data concerning you, including object to direct marketing and automated individual decision-making including profiling. In this case, please provide us with information about your particular situation. After the assessment of the facts presented by you we will either stop processing your personal data or present you our compelling legitimate grounds for an ongoing processing.

You also have a right to lodge a complaint with the supervisory authority. The contact details of your supervisory authority are:

Anti Spam Policy

Revised: 18 July 2024

This document informs you about the Anti-Spam Policy (“Policy”) established by BeingBrigid Functional Nutrition Consulting, LLC (the “Company”) for internet marketing, including all entities within the Company (www.beingbrigid.com, www.beingfunctionalnutrition.com, www.thebeingcollective.co ). If we find that you have violated the terms and conditions set forth in this policy, your membership will be revoked and any active account will be closed.

Scope

This policy applies to all individuals who have access to the company email account, including but not limited to users, members, customers, employees, and independent contractors.

Definition

For the purpose of this policy, “spam” refers to any unsolicited electronic commercial messages. This includes any activity where you transmit, either directly or indirectly, email messages to any email address that does not request or consent to such transmission.

Spam Filtering

The company’s messaging system will scan all incoming messages for spam. If you believe that your message was incorrectly marked as spam, please inform the message recipient so they can try other means of communication.

Zero Tolerance

The company strictly and uncompromisingly prohibits spamming. The mass emailing of unsolicited emails, or any other unsolicited emails for marketing our product, services, or programs are not allowed.

Receipt of Unwanted or Unsolicited Messages from Us

We follow the anti-spam policy and promise to never spam you. If you believe you have received an unwanted or unsolicited message from us, please email us immediately at [email protected] so we can investigate. 

Advertisements

Advertisements that are posted in messages boards or chat rooms, which is specifically prohibited by its terms and conditions, shall also be considered as spamming activity. Irrelevant topics that are posted as advertisements in newsgroups in flagrant violation of the terms and conditions of such newsgroups, or if such newsgroup does not specifically allow such postings, shall, for the purpose of this policy, be considered as spamming activity.

Reporting

If you have been spammed or have any suspicion of spamming, please contact us immediately by emailing [email protected] so that we can investigate the situation.

Violation

If you are found to have violated the terms and conditions of this policy, we reserve the right to end your participation in our program, including terminating your account.

Policy Updates

The Company has the right to modify and/or change this Policy as seen fit.

Updates to this notice

We may update this Privacy Policy from time to time. If we modify our Privacy Policy, we will post the revised version here, with an updated revision date. You agree to visit these pages periodically to be aware of and review any such revisions. If we make material changes to our Privacy Policy, we may also notify you by other means prior to the changes taking effect, such as by posting a notice on our websites or sending you a notification. By continuing to use our website after such revisions are in effect, you accept and agree to the revisions and to abide by them.

This privacy policy was last updated on July 18th, 2024