Privacy Policy

Updated August 2020

INTRODUCTION

Duda Farm Fresh Foods, Inc. (“DUDA”, “We”, “Us”, “Our”) respects your privacy and is committed to protecting it through our compliance with this Privacy Policy.

This Privacy Policy describes the types of information We may collect from you or that you may provide to Us when you give Us information over the phone, in person, when you visit the website www.dudafresh.com (“the “Website”), when communicating with us via email, from Our third party affiliates and business partners that work with Us to provide goods and services to you, and any other means as you communicate with Us (our “Sources”).

This Privacy Policy applies solely to all Sources of information, and outlines our practices for collecting, using, maintaining, protecting, and disclosing that information

Please read this Privacy Policy carefully understand Our policies and practices regarding your information and how We will treat it. If You do not agree with our policies and practices, your choice is not to use Our Website or interact with our Sources. By accessing or using this Website or interacting with our Sources, you agree to this Privacy Policy. This Privacy Policy may change from time to time. See Changes to Our Privacy Policy. Your continued use of this Website and/or our Sources after we make changes is deemed to be acceptance of those changes, so please check the Privacy Policy periodically for updates. Your continued use of Our Website constitutes your agreement to the terms and conditions set forth in this Privacy Policy.

DUDA is committed to ensuring the privacy of users is protected. All information provided to DUDA by users will only be used in accordance with this Privacy Policy.

INFORMATION WE COLLECT ABOUT YOU AND HOW WE COLLECT IT

We collect several types of information from and about users, including:

Information you provide by filling in forms on our Website and/or information you provide to us over the phone, in person or in email. This includes information provided at the time of registering to use our Website, subscribing to our service, mailing list, for communications, etc., posting material, or requesting further services. We may also ask you for information when you order goods and/or services from us, enter a contest or promotion sponsored by Us, and when you report a problem with our Website or services. This information may include your name; company; contact information, including mailing address, e-mail address, and telephone number; demographic information such as postcode, year of birth, and gender; other information relevant to customer service information, including subject matter and product information; and other information that may be used to identify you (“personal information”).

  • Records and copies of your correspondence (including email addresses), if you contactUs.
  • Information about your internet connection, including your IP address; the equipment you use to access our Website, such as operating system and browser type); MAC address; usage details such as, traffic data, location data, logs, and other communication data and the resources that you access and use on the Website.
  • GPS location.
  • Generic non-personal information that Our web servers may automatically recognize a user's domain name (by way of example, .com, .edu), the web page from which a user enters DUDA's website, which pages a user visits on DUDA's website, and how much time a user spends on each page.
  • Your user preferences, such as recent searches you have performed in a cookie.
  • Your responses to surveys that we might ask you to complete for research purposes.
  • Pages you visited before and/or after you visited Our Website;
  • Your search queries on the Website.

    We collect this information:
  • Directly from you when you provide it to us.
Automatically as you navigate through the Website, which may include via third-party sources, see below for more  details about third party use of cookies and other automatic data collection / tracking technologies. For more information see below Third-Party Use of Cookies and Other Automatic Data Collection / Tracking Technologies.

THIRD-PARTY USE OF COOKIES AND OTHER AUTOMATIC DATA COLLECTION / TRACKING TECHNOLOGIES

As you navigate through and interact with our Website, some content or applications, including advertisements, on the Website are served by third-parties, including advertisers, ad networks and servers, third parties, service providers, content providers, and application providers. These third parties may use cookies alone or in conjunction with web beacons or other tracking technologies to collect information about you when you use our website. The information they collect may be associated with your personal information or they may collect information, including personal information, about your online activities over time and across different websites and other online services. They may use this information to provide you with interest-based (behavioral) advertising or other targeted content across third-party websites or other online services (behavioral tracking). See below information on how you can opt out of behavioral tracking on this Website and how We respond to web browser signals and other mechanisms that enable consumers to exercise choice about behavioral tracking.

The information We collect automatically includes statistical data and personal information, and We may maintain it or associate it with personal information We collect in other ways or receive from third parties. It helps Us to improve our Website and to deliver a better and more personalized service, including by enabling Us to:
  • Estimate our audience size and usage patterns.
  • Store information about your preferences, allowing us to customize our Website to your individual interests.
  • Speed up your searches.
  • Recognize you when you return to our Website.

The technologies we use for this automatic data collection may include:

• Cookies (or browser cookies). A cookie is a small file placed on the hard drive of your computer. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting you may be unable to access certain parts of our Website. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to Our Website.

 Flash Cookies. Certain features of Our Website may use local stored objects (or Flash cookies) to collect and store information about your preferences and navigation to, from, and on Our Website. Flash cookies are not managed by the same browser settings as are used for browser cookies. For information about managing your privacy and security settings for Flash cookies, see Choices About How We Use and Disclose Your Information.

• Web Beacons. Pages of our the Website and our e-mails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).


What Third-Party Cookies do we use?

 

You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. If you disable or refuse cookies, please note that some parts of the Website may then be inaccessible or not function properly. This type of technology includes, but is not limited to, the following:

 

Google Analytics

 

We use Google Analytics’ which Google uses the information shared by websites and apps to deliver our services, maintain and improve them, develop new services, measure the effectiveness of advertising, protect against fraud and abuse, and personalize content and ads you see on Google and on our partners’ websites and apps. To learn more about the Company’s use of Google Analytics and what Google Analytics does, please see How Google uses information from sites or apps that use or services.

 

Google collects your year of birth, gender, preferences, and other demographic information about you. If you do not want your data collected with Google Analytics, you can install the Google Analytics opt-out browser add-on. This add-on instructs the Google Analytics JavaScript (ga.js, analytics.js, and dc.ja) running on websites to prohibit sending information to Google Analytics.

 

To opt-out of Analytics for the web, visit the Google Analytics opt-out page and install the add-on for your browser. For more details on installing and uninstalling the add-on, please see the relevant help resources for your specific browser.

 

Updates to your browser or operating system may affect functionality of the opt-out add-on. Learn about managing add-ons for Chrome here. If you are not using Chrome, check directly with the manufacturer of your browser to determine whether add-ons will function properly on the browser version that you are using.

 

The latest versions of Internet Explorer sometimes load the Google Analytics opt-out add-on after sending data to Google Analytics. Therefore, if you are using Internet Explorer, the add-on will set cookies on your computer. These cookies ensure that any collected data is immediately deleted from the collection server. Please make sure that third party cookies aren’t disabled for your Internet Explorer browser. If you delete your cookies, the add-on will, within a short timeframe, reset these cookies to ensure that your Google Analytics browser add-on remains fully functional.

 

The Google Analytics opt-out browser add-on does not prevent data from being sent to the website itself or in other ways to web analytics services.

 

Hubspot

 

We also use Hubspot, which captures information through the electronic chat features that function through the Websites and Apps and through our electronic management system including page interactions and behavioral information. We use that information for targeted marketing and messaging. Here is more information about Hubspot’s Privacy Policy.

 

We do not control these third parties’ tracking technologies or how they may be used. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly. For information about how you can opt out of receiving targeted advertising from many providers, see Choices About How We Use and Disclose Your Information.

HOW WE USE YOUR INFORMATION

We use user information to understand user needs and to provide users with better service, and in particular, for the following reasons:

Internal record-keeping.

  • To improve Our products and services.
    To present our Website and its contents to you.
  • To present and provide our goods and services to you.
  • To provide you with information, products, or services that you   request from Us.
  • To fulfill any other purpose for which you provide it.
  • To personalize your experience in using Our Website.
  • To establish a primary channel of communication with you.
  • To provide you with notices about your account or subscription.
  • To carry out Our obligations and enforce our rights arising from any contracts entered into between you and Us, including for  billing and collection.
  • To notify you about changes to Our Website or any products or services We offer or provide though it.
  • To allow you to participate in interactive features, including        social media features, on our Website.
  • In any other way We may describe when you provide the    information.
  • To determine your level of engagement with email or promotional marketing materials that are sent to you, including whether you opened an email or promotional marketing materials and/or otherwise engaged with it.
  • To improve our services, for example by reviewing information associated with stalled or crashed pages experienced by users allowing Us to identify and fix problems and give you a better experience.
  • For security purposes. To prevent, detect, mitigate, and investigate fraud, security breaches or other potentially prohibited or illegal activities and/or attempts to harm Our users
  • To monitor and improve the information security of Our Website and services.
  • To comply with governmental regulations or to respond to a subpoena or other governmental, court, administrative order/requirement.
  • To hire, train, and manage our staff.
  • To support the functions of our human resource management, including the coordination of third-party vendors that provide    insurance and personal financial services such as retirement planning and savings and investment accounts.
  • To carry on our business and serve Our customers as described above.
  • For other purposes with your consent.
  • We may combine information received from other Sources with information you give to Us and information we collect about you. We may use this information and the combined information for the purposes set out above.
  • To enforce our Terms of Use, this Privacy Policy, or other policies, and to monitor for violations of Our policies or applicable laws
  • We also use your information as otherwise described in this Privacy Policy, permitted by law, or as We may notify you
  • For any other purpose with your consent.

    We may periodically send promotional emails about new products, special offers or other information of interest to you using an email address that you have provided Us. You will be able to opt-out of marketing emails via an “unsubscribe” or similar link affixed to the email itself.

From time-to-time, We may also utilize user information for market research purposes and contact you by email, phone call (but not via text or SMS), or regular mail to do so. We may use the information received to customize the Website according to users' interests.

We may also use your information to contact you about our own and third-parties’ goods and services that may be of interest to you. If you do not want us to use your information in this way, please see Choices About How We Use and Disclose Your Information.

We may use the information we have collected from you to enable us to display advertisements to our advertisers’ target audiences. Even though we do not disclose your personal information for these purposes without your consent, if you click on or otherwise interact with an advertisement, the advertiser may assume that you meet its target criteria.

What is Do Not Track?

Do Not Track is a privacy preference that users can set in their web browsers. Some Internet browsers - like Internet Explorer, Firefox, and Safari - include the ability to transmit “Do Not Track” or “DNT” signals. When a user turns on the Do Not Track signal, the browser sends a message to websites requesting them not to track the user. Since uniform standards for “DNT” signals have not been adopted, we do not currently process or respond to “DNT” signals. We deploy cookies and other technologies on our Service to collect information about you and your browsing activity, even if you have turned on the Do Not Track signal.

DISCLOSURE OF YOUR INFORMATION

We may disclose aggregated information about Our users, and information that does not identify any individual, without restriction, to our subsidiaries, affiliates, business partners, contractors, service providers and third parties.


We may disclose personal information that We collect or you provide as described in this Privacy Policy:

  • To Our subsidiaries and affiliates.
  • To contractors, service providers, and other third parties We use to support our business.
  • To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all DUDA’s assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by DUDA about the Website users is among the assets transferred.
  • For internal training purposes.
  • To fulfill the purpose for which you provide it.
  • For any other purpose disclosed by us when you provide the information.
  • With your consent.

    We may also disclose your personal information:
  • To comply with any court order, law, or legal process, or to respond to any government or regulatory request.
  • To enforce or apply our policies and other agreements, including for billing and collection purposes.
  • If We believe disclosure is necessary or appropriate to protect the rights, property, or safety of DUDA, Our customers, or others.
  • As set forth in this Privacy Policy and more specifically below.

Internally With our Employees/Agents       

We will share your information with Our employees/agents who are responsible for providing you the services in line with the scope of their employment/agency with Us.

Externally with Business Partners

We will share your Information with analytic companies, such as Google and HubSpot that will help Us gain a better understanding of who uses our Website and/or services, the buying patterns, understanding their preferences, their demographics so We can better market and find service offerings for those people and perform similar analytic functions. These third parties are contractually prohibited from sharing your information with any other enterprises and are contractually barred to only use the Information We provide them for the reasons We are disclosing to you in this Privacy Policy. For more information about our business partners’ data sharing and use practices, please review their privacy policies and disclosures, which are all available via their websites.

Business Transfers

We may choose to buy or sell assets. In these types of transactions, customer Information is typically one of the business assets that would be transferred. Also, if We (or Our assets) are acquired or merged, or if we go out of business, enter bankruptcy, or go through some other change of control, Information would be one of the assets transferred to or acquired by a third party.

Our Protection and the Protection Others

We reserve the right to access, read, preserve, and disclose any Information that We reasonably believe is necessary to comply with law or court order; enforce or apply our conditions of use and other agreements; or protect the rights, property, interests, or Our safety, Our employees, Our users, or others. This includes exchanging information with other companies and organizations for fraud protection and credit risk reduction.

Legal Obligations

If We are under a duty to disclose or share your information to comply with any legal obligation, or in order to enforce or apply our terms of use and other agreements; or to protect the rights, property, or safety of Us, Our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.

Compliance

Where We are requested to provide information by authorized third parties or regulatory or governmental agencies investigating illegal activities;

Emergency

Where We believe that an emergency, illegal activity or some other reasonable basis exists for notifying the relevant authority.

Aggregated and Anonymized Information

We also may share (within our affiliated entities or with third parties) aggregated or anonymized information that does not explicitly identify you or any individual user of our services. From time to time, We may provide demographic and statistical information to prospective partners for the purposes of securing advertising and/or for general promotion of the services. This disclosure will not share any personal information of individual users but is intended to give a broad overview of the services.


We will not sell or disclose your personal information in any manner unless described in the foregoing list.

CHOICES ABOUT HOW WE USE AND DISCLOSE YOUR INFORMATION


We strive to provide you with choices regarding the personal information you provide to us. We have created mechanisms to provide you with the following control over your information:

Tracking Technologies and Advertising. You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. To learn how you can manage your Flash cookie settings, visit the Flash player settings page on Adobe’s website. If you disable or refuse cookies, please note that some parts of this site may then be inaccessible or not function properly.

Google Analytics

We use Google Analytics’ third-party audience data such as age, gender and interests to better understand the behavior of Our uses and work with companies that collect information about your online activities and to provide advertising targeted to suit your interests and preferences. For example, you may see certain ads on this Website because We contract with Google and other similar companies to target our ads based on information We or they have collected, including information that was collected through automated means (such as cookies and web beacons). These companies also use automated technologies to collect information when you click on our ads, which helps track and manage the effectiveness of our marketing efforts.

If you do not want your data collected with Google Analytics, you can install the Google Analytics opt-out browser add-on. This add-on instructs the Google Analytics JavaScript (ga.js, analytics.js, and dc.ja) running on websites to prohibit sending information to Google Analytics.

To opt-out of Analytics for the web, visit the Google Analytics opt-out page and install the add-on for your browser. For more details on installing and uninstalling the add-on, please see the relevant help resources for your specific browser.

Updates to your browner or operating system may affect functionality of the opt-out add-on. Learn about managing add-ons for Chrome here. If you are not using Chrome, check directly with the manufacturer of your browser to determine whether add-ons will function properly on the browser version that you are using.

The latest versions of Internet Explorer sometimes load the Google Analytics opt-out add-on after sending data to Google Analytics. Therefore, if you are using Internet Explorer, the add-on will set cookies on your computer. These cookies ensure that any collected data is immediately deleted from the collection server. Please make sure that third party cookies aren’t disabled for your Internet Explorer browser. If you delete your cookies, the add-on will, within a short timeframe, reset these cookies to ensure that your Google Analytics browser add-on remains fully functional.

The Google Analytics opt-out browser add-on does not prevent data from being sent to the website itself or in other ways to web analytics services.

Learn about how Google Analytics collects, uses, and processes data here.

Learn about the cookies Google Analytics uses here.

HubSpot

We use Hubspot, which is an inbound marketing and sales software that assist Us in attracting visitors and attracting customers. Hubspot’s tracking code sets the following cookies on our Website when you visit:

• Functional cookies
• Consent banner cookies

Functional cookies are:

__hs_opt_out
This cookie is used by the opt-in privacy policy to remember not to ask the user to accept cookies again. This cookie is set when you give users the choice to opt out of cookies.
(Expires: 2 years)

__hs_do_not_track
This cookie can be set to prevent the tracking code from sending any information to HubSpot. Setting this cookie is different from opting out of cookies, which still allows anonymized information to be sent to HubSpot.
(Expires: 2 years)

__hs_testcookie
This cookie is used to test whether the visitor has support for cookies enabled.
(Expires: Session cookie)

hs_ab_test
This cookie is used to consistently serve visitors the same version of an A/B test page that they’ve seen before.
(Expires: Session cookie)

hs_lang_switcher_choice
This cookie is used to consistently redirect visitors to the language version of a page in the language they’ve selected on this top-level private domain in the past (if such a language version exists).

<id>_key
When visiting a password-protected page, this cookie is set so future visits to the page from the same browser do not require login. The cookie name is unique for each password-protected page.

hs-messages-is-open (TTL 30 minutes)
This cookie is used on the visitor UI side so HubSpot can determine/save whether the chat widget is open for future visits. It resets after 30 minutes to re-close the widget after 30 minutes of inactivity

hs-messages-hide-welcome-message (TTL 1 day)

When you dismiss the welcome message in your messages tool, a cookie is set to prevent it from appearing again for one day.

Consent banner cookies are:

__hstc
The main cookie for tracking visitors. It contains the domain, utk (see below), initial timestamp (first visit), last timestamp (last visit), current timestamp (this visit), and session number (increments for each subsequent session).
(Expires: 2 years)

hubspotutk
This cookie is used for to keep track of a visitor's identity. This cookie is passed to HubSpot on form submission and used when de-duplicating contacts.
(Expires: 10 years)

__hssc
This cookie keeps track of sessions. This is used to determine if we should increment the session number and timestamps in the __hstc cookie. It contains the domain, viewCount (increments each pageView in a session), and session start timestamp.
(Expires: 30 min)

__hssrc
Whenever HubSpot changes the session cookie, this cookie is also set. We set it to 1 and use it to determine if the user has restarted their browser. If this cookie does not exist when we manage cookies, we assume it is a new session.
(Expires: None. Session cookie)

messagesUtk
This cookie is used to recognize visitors who chat with you via the messages tool. If the visitor leaves your site before they're added as a contact, they will have this cookie associated with their browser. If you have a history of chatting with a visitor and they return to your site later in the same cookied browser, the messages tool will load your conversation history with that visitor.

If you are logged in to HubSpot, HubSpot will set additional authentication cookies. You can see a complete list of cookies set by HubSpot's app here.

Learn more about how Hubspot collects, uses, and processes data here.

We do not control third parties’ collection or use of your information to serve interest-based advertising. However, these third parties may provide you with ways to choose not to have your information collected or used in this way. You can opt out of receiving targeted ads from members of the Network Advertising Initiative (“NAI”) here.

CALIFORNIA RESIDENT PRIVACY RIGHTS

Shine the Light Law

Under California Civil Code Sections 1798.83-1798.84, California residents are entitled to ask us for a notice identifying the categories of personal Information that we share with our affiliates and/or third parties for marketing purposes, and providing contact information for such affiliates and/or third parties. If you are a California resident and would like a copy of this notice, please submit a written request to the following address: marketing@DUDA.com will respond to one request per California customer each year, and we do not respond to requests made by means other than as set forth above.

California Do Not Track Disclosure

Do Not Track is a privacy preference that users can set in their web browsers. When a user turns on the Do Not Track signal, the browser sends a message to websites requesting them not to track the user. At this time, we do not respond to Web browser “do not track” settings or signals. We deploy cookies and other technologies on our Service to collect information about you and your browsing activity, even if you have turned on the Do Not Track signal.

California Consumer Privacy Act (“CCPA”) Notice

We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (“personal information”). We may have collected the following categories of personal information of California residents in the past 12 months:

  • Identifiers such as a name, postal address, Internet Protocol address, MAC address, email address, or other similar identifiers.
  • Categories of personal information described in subdivision (e) of California Civil Code Section 1798.80.
  • Characteristics of protected classifications under California or federal law.
  • Commercial information, including records of products or services purchased or considered.
  • Internet or other electronic network activity information.
  • Geolocation data.
  • Audio and visual information, such as customer service call recordings and photographs.
  • Inferences drawn from any of the information identified above.

This information is collected and used for the purposes disclosed in this Notice. We may have disclosed your identifiers to Our third-party business partners, which are those analytic entities we discussed above, within the 12 months immediately preceding the posting of this updated Privacy Policy. We may have disclosed any of the above categories of personal information pursuant to your consent or under a written contract with a service provider for a business purpose in 12 months immediately preceding the posting of this updated Notice.

Your Rights and Choices

Under California Laws, California residents can exercise three privacy rights (Disclosure and Access; Deletion; and “Do Not Sell My Personal Information”) (collectively, “Rights”); however, based on the information We gather, and the fact that We do not “sell” personal information as that term is defined in the CCPA, your rights are somewhat limited as these Rights are not absolute and are subject to certain exceptions. For instance, we are not required to respond to requests concerning employment/application data, B2B data, and cannot disclose or permit access to specific pieces of personal information if the disclosure or access would present a certain level of risk to the security of the personal information, your account with Us, or the security of the business’s systems of networks.

Specifically, employment/application data is not subject to this Notice if it is personal information that is collected by Us in the course of your acting as a job applicant, employee, owner, director, officer, medical staff member, or contractor to us to the extent your personal information is collected and used by Us solely within the context of your role or former role as a job applicant to, employee of, owner of, director of, officer of, medical staff member of, US or a contractor of Ours. This also extends to any emergency contact information or benefits administration information you may have provided us in this context.

B2B data is similarly not subject to this Notice if the data reflects a written or verbal communication or transactions between you and Us if you are acting as an employee, owner, director, officer, or contractor of a company, partnership, sole proprietorship, nonprofit, or government agency and whose communications or transaction with Us occurs solely in the context of Us conducting due diligence regarding, or providing or receiving a product or service to or from such company, partnership, sole proprietorship, nonprofit or government agency. If you are a California consumer, We will process your request to exercise your Rights in accordance with California Laws.

A record concerning the requests may be maintained pursuant to Our legal obligations. Further, We may charge a reasonable fee or refuse to act on a request if such request is excessive, repetitive, or manifestly unfounded.

Disclosure and Access Requests

You have the right to request that We collect about you for the 12-month period immediately preceding the date of your request to know the following:

Categories of Personal Information Request

  • The categories of personal information We collected about you.
  • The categories of sources for the personal information We collected about you.
  • Our business or commercial purpose for collecting or selling that personal information.
  • The categories of third parties with whom We share that personal information.
  • If We sold or disclosed your personal information for a business purpose, two separate lists disclosing:
    • sales, identifying the personal information categories that each category of recipient purchased; and
    • disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.

      Specific Pieces of Information Request
  • The specific pieces of personal information We collected about you (also called a data portability request).

When a request for disclosure is made, We will first take steps to verify your identity to protect your privacy and security. For requests to disclose categories of personal information collected, We will have the requestor provide at least two pieces of information so that We may verify the requestor’s identity to a reasonable degree of certainty.

For requests to disclose specific pieces of personal information collected, We will have the requestor provider at least three pieces of information so that We may verify the requestor’s identity to a reasonably high degree of certainty and additionally provide a signed declaration under penalty of perjury that the requestor is the consumer whose personal information is the subject of the request. We are required to retain the signed declarations as part of our record-keeping obligations for 24 months.

Please note that We will never disclose a consumer’s social security number, driver’s license number, or other government-issued identification number, financial account number, any health information or medical identification number, an account password, or security questions and answers in response to a disclosure request.

Please note additionally that We are only required to fulfil a Disclosure request from a consumer twice per every 12-month period. If you submit a request in excess, it may be denied or you may be charged for fulfilling your request.

Deletion Request Rights

You have the right to request that We delete any of your personal information that we collected from you and retained, subject to certain exceptions. Given the type of personal information We collect, for requests to delete personal information collected, We will have the requestor provide at least two pieces of information so that We may verify the requestor’s identity to a reasonable degree of certainty. We are required to retain the requests to delete for a period of 12 months as part of our record-keeping obligations.

If We are unable to verify a request, to the extent possible, that request will be treated as a request to opt-out and afforded rights associated with that request right as described in more detail below.

Once We receive and confirm your verifiable consumer request, We will delete (and direct our service providers to delete) your personal information from Our records, unless an exception applies. A deletion request may be denied, in full or in part, if retaining the information is necessary for Us or Our service providers to:

  1. Complete the transaction for which We collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of Our ongoing business relationship with you, or otherwise perform Our contract with you.
  2. Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
  3. Debug products to identify and repair errors that impair existing intended functionality.
  4. Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
  5. Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 ).
  6. Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information's deletion may likely render impossible or seriously impair the research's achievement, if you previously provided informed consent.
  7. Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with Us.
  8. Comply with a legal obligation.
  9. Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

Exercising Disclosure and Deletion Rights

To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us by either:

Only you or your agent (with proper authorization and proof of identity) may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child.

If you choose to utilize an authorized agent, they must complete and submit the Authorized Agent Designation form or email marketing@DUDA.com with “Deletion Request” or “Disclosure Request” in the subject line and include all the information on the Authorized Agent Designation form.

You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:

  • Provide sufficient information that allows Us to reasonably verify you are the person about whom We collected personal information or an authorized representative.
  • Describe your request with sufficient detail that allows Us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with personal information if We cannot verify your identity or authority to make the request and confirm the personal information relates to you.  Making a verifiable consumer request does not require you to create an account with Us.  We will only use personal information provided in a verifiable consumer request to verify the requestor's identity or authority to make the request and, to the extent necessary, to identify the browser/device that is the subject of the request.

We endeavor to respond to a verifiable consumer request within 45 days of its receipt.  If We require more time (up to 90 days), We will inform you of the reason and extension period in writing.  If you have an account with Us, We will deliver Our written response to that account.  If you do not have an account with Us, We will deliver Our written response electronically.  Any disclosures We provide will only cover the 12-month period preceding the verifiable consumer request's receipt.  The response We provide will also explain the reasons We cannot comply with a request, if applicable.  For data disclosure requests, We will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded.  If We determine that the request warrants a fee, We will tell you why We made that decision and provide you with a cost estimate before completing your request.

Household Requests

We currently do not collect household data. If all the members of a household makes a Right to Know or Right to Delete request, We will respond as if the requests are individual requests.

Request Made Through Agents

You may designate, in writing or through a power of attorney, an authorized agent to make requests on your behalf to exercise your rights. Before accepting such a request from an agent, We will require the agent to provide proof you have authorized it to act on your behalf, verify the agents identity, and We may need you to verify your identity directly with us. (The verification requirement does not apply if the consumer has provided the authorized agent with legal power of attorney under California Probate Code Sections 400 to 4465.)

If you choose to utilize an authorized agent, they must complete and submit the Authorized Agent Designation form or email marketing@DUDA.com with “Deletion Request” or “Disclosure Request” in the subject line and include all the information on the Authorized Agent Designation form.

Requests to Opt-In for Minors

If you are 16 years of age or older, you have the right to direct Us not to sell your personal information at any time. We do not and will not sell personal information of consumers We actually know are less than 16 years of age unless We received affirmative authorization from the consumer who is between 13 and 16 years of age, or the parent or guardian of a consumer less than 13 years of age, to opt-in to the sale of their personal information. Upon the receipt of this request to opt-in, We will inform the minor of the right to opt-out later and of the process for doing so.

Sale and Disclosure of Personal Information

Under the CCPA, a “sale” means providing to a third party personal information for valuable consideration. It does not necessarily mean money was exchanged for the transfer of personal information. We have taken substantial steps to identify whether any of our data sharing arrangements would constitute a “sale” under the CCPA. Due to the complexities and ambiguities in the CCPA, We will continue to evaluate some of our third party relationships as We wait for final implementing regulations and guidance. For example, it is currently unclear whether the use of certain types of advertising partners would be considered a sale under CCPA. Based on our understanding of the CCPA at this time, in the preceding 12 months We have not sold any personal information to any third parties. In the preceding 12 months, We have disclosed personal information to third parties for business purposes including to customer service, technical support, payment processors, information technology, and sales, recruiting and marketing partners. We will continue to update Our business practices as regulatory guidance becomes available and provides clarity on what constitutes a sale transaction, particularly in the advertising ecosystem.

Non-Discrimination

We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, We will not:

  • Deny you goods or services.
  • Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
  • Provide you a different level or quality of goods or services.
  • Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.


DATA SECURITY

We have implemented technical, physical and organizational measures to secure your personal information from accidental loss and from unauthorized access, use, alteration, disclosure or access against all other unlawful forms of processing.

The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Website, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. We urge you to be careful about giving out information via linked sites, such as Facebook, YouTube, Twitter, Instagram, etc. The information you share in public areas may be viewed by any user of the Website.

Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our Website. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Website.

CHILDREN UNDER THE AGE OF 13

Our Website is not intended for children under 13 years of age. No one under age 13 may provide any personal information to or on the Website. We do not knowingly collect personal information from children under 13. If you are under 13, do not use or provide any information on this Website or on or through any of its features, register on the Website, make any purchases through the Website, use any of the interactive or public comment features of this Website or provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or user name you may use. If we learn we have collected or received personal information from a child under 13 without verification of parental consent, We will delete that information. If you believe We might have any information from or about a child under 13, please contact Us at - 407.365.2111

EU USER DATA SUBJECT RIGHTS

The EU General Data Protection Regulation (“GDPR”) became effective in the European Union as of May 25, 2018. In preparation for the GDPR, we reviewed our internal processes and put policies and procedures in place to attempt to meet the requirements and standards of the GDPR and any relevant data protection laws.

We are not established in the EEA; however, the following apply to individuals whose personal information processed in the EEA to allow those individuals to understand and enforce their data protection rights.

The processing of your data is either based on your consent or due to Our overriding legitimate interests.

EU Users have the following rights:

• You can request access, correction, updates or deletion of your personal information.
• You can object to the processing of your personal information, ask us to restrict processing of your personal information or request portability of your personal information.
• If We have collected and processed your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.
• You have the right to complain to a data protection authority about our collection and use of your personal information. Contact details for data protection authorities in the EEA, Switzerland and certain non-European countries (including the US and Canada) are available here.)

When the processing of your personal data is directly for marketing purposes, you have the right to object to subject processing.

To exercise any of your data subject rights, please contact us at marketing@duda.com. We will respond to your request without undue delay, and, in any event, within one month of receipt of the request. That period may be extended by two further months where necessary, taking into account the complexity and number of the requests We receive. If We take an extension, We shall inform you within one month of Our receipt of the original request, together with the reasons for delay.

In the event your personal data of which we collected was subject to a Personal Data Breach (defined below), We will notify you and competent Supervisory Authority(ies) within 72 hours by e-mail with information about the extent of the breach, affected data, any impact, Our plan for measures to secure the data and limit any possible detrimental effect on You.

“Personal Data Breach” means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed in connection with the provision of the Service.

WHERE WE STORE YOUR PERSONAL DATA

Information We collect is transferred to HubSpot, Inc. in the United States. HubSpot has certified to the EU-U.S. Privacy Shield Frameworks as administered by the U.S. Department of Commerce, in order to implement appropriate safeguards for such transfers pursuant to Article 46 of the GDPR. We have a Data Processing Agreement in place with HubSpot, available here, that applies to personal data that is transferred outside the European Economic Area (“EEA”), either directly or via onward transfer, to any country not recognized by the European Commission as providing an adequate level of protection for personal data (as described in the Data Protection Law). It may also be processed by staff operating outside the EEA who work for Us or for one of Our processors. Such staff maybe engaged in, among other things, hosting or maintaining Our Website, the processing of your payment details and the provision of support Services. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy.

CHANGES TO OUR PRIVACY POLICY

If We decide to change our Privacy Policy, We will post those changes on this page, and/or update the Privacy Policy modification below. To ensure you are up to date on all the latest changes to this Privacy Policy, review this Privacy Policy every time you visit the Website.

Duda Farm Fresh Foods, Inc. (“DUDA”, “We”, “Us”, “Our”) respects your privacy and is committed to protecting it through our compliance with this Privacy Policy.

This Privacy Policy describes the types of information We may collect from you or that you may provide to Us when you give Us information over the phone, in person, when you visit the website www.dudafresh.com (“the “Website”), when communicating with us via email, from Our third party affiliates and business partners that work with Us to provide goods and services to you, and any other means as you communicate with Us (our “Sources”).

This Privacy Policy applies solely to all Sources of information, and outlines our practices for collecting, using, maintaining, protecting, and disclosing that information

Please read this Privacy Policy carefully understand Our policies and practices regarding your information and how We will treat it. If You do not agree with our policies and practices, your choice is not to use Our Website or interact with our Sources. By accessing or using this Website or interacting with our Sources, you agree to this Privacy Policy. This Privacy Policy may change from time to time. See Changes to Our Privacy Policy. Your continued use of this Website and/or our Sources after we make changes is deemed to be acceptance of those changes, so please check the Privacy Policy periodically for updates. Your continued use of Our Website constitutes your agreement to the terms and conditions set forth in this Privacy Policy.

DUDA is committed to ensuring the privacy of users is protected. All information provided to DUDA by users will only be used in accordance with this Privacy Policy.