Updated August 2020
INTRODUCTION
Duda Farm Fresh Foods, Inc. (“DUDA”, “We”, “Us”, “Our”) respects your privacy and is committed to protecting it through our compliance with this Privacy Policy.
This Privacy Policy describes the types of information We may collect from you or that you may provide to Us when you give Us information over the phone, in person, when you visit the website www.dudafresh.com (“the “Website”), when communicating with us via email, from Our third party affiliates and business partners that work with Us to provide goods and services to you, and any other means as you communicate with Us (our “Sources”).
This Privacy Policy applies solely to all Sources of information, and outlines our practices for collecting, using, maintaining, protecting, and disclosing that information
Please read this Privacy Policy carefully understand Our policies and practices regarding your information and how We will treat it. If You do not agree with our policies and practices, your choice is not to use Our Website or interact with our Sources. By accessing or using this Website or interacting with our Sources, you agree to this Privacy Policy. This Privacy Policy may change from time to time. See Changes to Our Privacy Policy. Your continued use of this Website and/or our Sources after we make changes is deemed to be acceptance of those changes, so please check the Privacy Policy periodically for updates. Your continued use of Our Website constitutes your agreement to the terms and conditions set forth in this Privacy Policy.
DUDA is committed to ensuring the privacy of users is protected. All information provided to DUDA by users will only be used in accordance with this Privacy Policy.
INFORMATION WE COLLECT ABOUT YOU AND HOW WE COLLECT IT
We collect several types of information from and about users, including:
Information you provide by filling in forms on our Website and/or information you provide to us over the phone, in person or in email. This includes information provided at the time of registering to use our Website, subscribing to our service, mailing list, for communications, etc., posting material, or requesting further services. We may also ask you for information when you order goods and/or services from us, enter a contest or promotion sponsored by Us, and when you report a problem with our Website or services. This information may include your name; company; contact information, including mailing address, e-mail address, and telephone number; demographic information such as postcode, year of birth, and gender; other information relevant to customer service information, including subject matter and product information; and other information that may be used to identify you (“personal information”).
The technologies we use for this automatic data collection may include:
• Cookies (or browser cookies). A cookie is a small file placed on the hard drive of your computer. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting you may be unable to access certain parts of our Website. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to Our Website.
• Flash Cookies. Certain features of Our Website may use local stored objects (or Flash cookies) to collect and store information about your preferences and navigation to, from, and on Our Website. Flash cookies are not managed by the same browser settings as are used for browser cookies. For information about managing your privacy and security settings for Flash cookies, see Choices About How We Use and Disclose Your Information.
• Web Beacons. Pages of our the Website and our e-mails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).
What Third-Party Cookies do we use?
You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. If you disable or refuse cookies, please note that some parts of the Website may then be inaccessible or not function properly. This type of technology includes, but is not limited to, the following:
Google Analytics
We use Google Analytics’ which Google uses the information shared by websites and apps to deliver our services, maintain and improve them, develop new services, measure the effectiveness of advertising, protect against fraud and abuse, and personalize content and ads you see on Google and on our partners’ websites and apps. To learn more about the Company’s use of Google Analytics and what Google Analytics does, please see How Google uses information from sites or apps that use or services.
Google collects your year of birth, gender, preferences, and other demographic information about you. If you do not want your data collected with Google Analytics, you can install the Google Analytics opt-out browser add-on. This add-on instructs the Google Analytics JavaScript (ga.js, analytics.js, and dc.ja) running on websites to prohibit sending information to Google Analytics.
To opt-out of Analytics for the web, visit the Google Analytics opt-out page and install the add-on for your browser. For more details on installing and uninstalling the add-on, please see the relevant help resources for your specific browser.
Updates to your browser or operating system may affect functionality of the opt-out add-on. Learn about managing add-ons for Chrome here. If you are not using Chrome, check directly with the manufacturer of your browser to determine whether add-ons will function properly on the browser version that you are using.
The latest versions of Internet Explorer sometimes load the Google Analytics opt-out add-on after sending data to Google Analytics. Therefore, if you are using Internet Explorer, the add-on will set cookies on your computer. These cookies ensure that any collected data is immediately deleted from the collection server. Please make sure that third party cookies aren’t disabled for your Internet Explorer browser. If you delete your cookies, the add-on will, within a short timeframe, reset these cookies to ensure that your Google Analytics browser add-on remains fully functional.
The Google Analytics opt-out browser add-on does not prevent data from being sent to the website itself or in other ways to web analytics services.
Hubspot
We also use Hubspot, which captures information through the electronic chat features that function through the Websites and Apps and through our electronic management system including page interactions and behavioral information. We use that information for targeted marketing and messaging. Here is more information about Hubspot’s Privacy Policy.
We do not control these third parties’ tracking technologies or how they may be used. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly. For information about how you can opt out of receiving targeted advertising from many providers, see Choices About How We Use and Disclose Your Information.
HOW WE USE YOUR INFORMATION
We use user information to understand user needs and to provide users with better service, and in particular, for the following reasons:
Internal record-keeping.
From time-to-time, We may also utilize user information for market research purposes and contact you by email, phone call (but not via text or SMS), or regular mail to do so. We may use the information received to customize the Website according to users' interests.
We may also use your information to contact you about our own and third-parties’ goods and services that may be of interest to you. If you do not want us to use your information in this way, please see Choices About How We Use and Disclose Your Information.
We may use the information we have collected from you to enable us to display advertisements to our advertisers’ target audiences. Even though we do not disclose your personal information for these purposes without your consent, if you click on or otherwise interact with an advertisement, the advertiser may assume that you meet its target criteria.
What is Do Not Track?
Do Not Track is a privacy preference that users can set in their web browsers. Some Internet browsers - like Internet Explorer, Firefox, and Safari - include the ability to transmit “Do Not Track” or “DNT” signals. When a user turns on the Do Not Track signal, the browser sends a message to websites requesting them not to track the user. Since uniform standards for “DNT” signals have not been adopted, we do not currently process or respond to “DNT” signals. We deploy cookies and other technologies on our Service to collect information about you and your browsing activity, even if you have turned on the Do Not Track signal.
DISCLOSURE OF YOUR INFORMATION
We may disclose aggregated information about Our users, and information that does not identify any individual, without restriction, to our subsidiaries, affiliates, business partners, contractors, service providers and third parties.
Internally With our Employees/Agents
We will share your information with Our employees/agents who are responsible for providing you the services in line with the scope of their employment/agency with Us.
Externally with Business Partners
We will share your Information with analytic companies, such as Google and HubSpot that will help Us gain a better understanding of who uses our Website and/or services, the buying patterns, understanding their preferences, their demographics so We can better market and find service offerings for those people and perform similar analytic functions. These third parties are contractually prohibited from sharing your information with any other enterprises and are contractually barred to only use the Information We provide them for the reasons We are disclosing to you in this Privacy Policy. For more information about our business partners’ data sharing and use practices, please review their privacy policies and disclosures, which are all available via their websites.
Business Transfers
We may choose to buy or sell assets. In these types of transactions, customer Information is typically one of the business assets that would be transferred. Also, if We (or Our assets) are acquired or merged, or if we go out of business, enter bankruptcy, or go through some other change of control, Information would be one of the assets transferred to or acquired by a third party.
Our Protection and the Protection Others
We reserve the right to access, read, preserve, and disclose any Information that We reasonably believe is necessary to comply with law or court order; enforce or apply our conditions of use and other agreements; or protect the rights, property, interests, or Our safety, Our employees, Our users, or others. This includes exchanging information with other companies and organizations for fraud protection and credit risk reduction.
Legal Obligations
If We are under a duty to disclose or share your information to comply with any legal obligation, or in order to enforce or apply our terms of use and other agreements; or to protect the rights, property, or safety of Us, Our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.
Compliance
Where We are requested to provide information by authorized third parties or regulatory or governmental agencies investigating illegal activities;
Emergency
Where We believe that an emergency, illegal activity or some other reasonable basis exists for notifying the relevant authority.
Aggregated and Anonymized Information
We also may share (within our affiliated entities or with third parties) aggregated or anonymized information that does not explicitly identify you or any individual user of our services. From time to time, We may provide demographic and statistical information to prospective partners for the purposes of securing advertising and/or for general promotion of the services. This disclosure will not share any personal information of individual users but is intended to give a broad overview of the services.
We will not sell or disclose your personal information in any manner unless described in the foregoing list.
CHOICES ABOUT HOW WE USE AND DISCLOSE YOUR INFORMATION
We strive to provide you with choices regarding the personal information you provide to us. We have created mechanisms to provide you with the following control over your information:
Tracking Technologies and Advertising. You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. To learn how you can manage your Flash cookie settings, visit the Flash player settings page on Adobe’s website. If you disable or refuse cookies, please note that some parts of this site may then be inaccessible or not function properly.
Google Analytics
We use Google Analytics’ third-party audience data such as age, gender and interests to better understand the behavior of Our uses and work with companies that collect information about your online activities and to provide advertising targeted to suit your interests and preferences. For example, you may see certain ads on this Website because We contract with Google and other similar companies to target our ads based on information We or they have collected, including information that was collected through automated means (such as cookies and web beacons). These companies also use automated technologies to collect information when you click on our ads, which helps track and manage the effectiveness of our marketing efforts.
If you do not want your data collected with Google Analytics, you can install the Google Analytics opt-out browser add-on. This add-on instructs the Google Analytics JavaScript (ga.js, analytics.js, and dc.ja) running on websites to prohibit sending information to Google Analytics.
To opt-out of Analytics for the web, visit the Google Analytics opt-out page and install the add-on for your browser. For more details on installing and uninstalling the add-on, please see the relevant help resources for your specific browser.
Updates to your browner or operating system may affect functionality of the opt-out add-on. Learn about managing add-ons for Chrome here. If you are not using Chrome, check directly with the manufacturer of your browser to determine whether add-ons will function properly on the browser version that you are using.
The latest versions of Internet Explorer sometimes load the Google Analytics opt-out add-on after sending data to Google Analytics. Therefore, if you are using Internet Explorer, the add-on will set cookies on your computer. These cookies ensure that any collected data is immediately deleted from the collection server. Please make sure that third party cookies aren’t disabled for your Internet Explorer browser. If you delete your cookies, the add-on will, within a short timeframe, reset these cookies to ensure that your Google Analytics browser add-on remains fully functional.
The Google Analytics opt-out browser add-on does not prevent data from being sent to the website itself or in other ways to web analytics services.
Learn about how Google Analytics collects, uses, and processes data here.
Learn about the cookies Google Analytics uses here.
HubSpot
We use Hubspot, which is an inbound marketing and sales software that assist Us in attracting visitors and attracting customers. Hubspot’s tracking code sets the following cookies on our Website when you visit:
• Functional cookies
• Consent banner cookies
Functional cookies are:
__hs_opt_out
This cookie is used by the opt-in privacy policy to remember not to ask the user to accept cookies again. This cookie is set when you give users the choice to opt out of cookies.
(Expires: 2 years)
__hs_do_not_track
This cookie can be set to prevent the tracking code from sending any information to HubSpot. Setting this cookie is different from opting out of cookies, which still allows anonymized information to be sent to HubSpot.
(Expires: 2 years)
__hs_testcookie
This cookie is used to test whether the visitor has support for cookies enabled.
(Expires: Session cookie)
hs_ab_test
This cookie is used to consistently serve visitors the same version of an A/B test page that they’ve seen before.
(Expires: Session cookie)
hs_lang_switcher_choice
This cookie is used to consistently redirect visitors to the language version of a page in the language they’ve selected on this top-level private domain in the past (if such a language version exists).
<id>_key
When visiting a password-protected page, this cookie is set so future visits to the page from the same browser do not require login. The cookie name is unique for each password-protected page.
hs-messages-is-open (TTL 30 minutes)
This cookie is used on the visitor UI side so HubSpot can determine/save whether the chat widget is open for future visits. It resets after 30 minutes to re-close the widget after 30 minutes of inactivity
hs-messages-hide-welcome-message (TTL 1 day)
When you dismiss the welcome message in your messages tool, a cookie is set to prevent it from appearing again for one day.
Consent banner cookies are:
__hstc
The main cookie for tracking visitors. It contains the domain, utk (see below), initial timestamp (first visit), last timestamp (last visit), current timestamp (this visit), and session number (increments for each subsequent session).
(Expires: 2 years)
hubspotutk
This cookie is used for to keep track of a visitor's identity. This cookie is passed to HubSpot on form submission and used when de-duplicating contacts.
(Expires: 10 years)
__hssc
This cookie keeps track of sessions. This is used to determine if we should increment the session number and timestamps in the __hstc cookie. It contains the domain, viewCount (increments each pageView in a session), and session start timestamp.
(Expires: 30 min)
__hssrc
Whenever HubSpot changes the session cookie, this cookie is also set. We set it to 1 and use it to determine if the user has restarted their browser. If this cookie does not exist when we manage cookies, we assume it is a new session.
(Expires: None. Session cookie)
messagesUtk
This cookie is used to recognize visitors who chat with you via the messages tool. If the visitor leaves your site before they're added as a contact, they will have this cookie associated with their browser. If you have a history of chatting with a visitor and they return to your site later in the same cookied browser, the messages tool will load your conversation history with that visitor.
If you are logged in to HubSpot, HubSpot will set additional authentication cookies. You can see a complete list of cookies set by HubSpot's app here.
Learn more about how Hubspot collects, uses, and processes data here.
We do not control third parties’ collection or use of your information to serve interest-based advertising. However, these third parties may provide you with ways to choose not to have your information collected or used in this way. You can opt out of receiving targeted ads from members of the Network Advertising Initiative (“NAI”) here.
CALIFORNIA RESIDENT PRIVACY RIGHTS
Shine the Light Law
Under California Civil Code Sections 1798.83-1798.84, California residents are entitled to ask us for a notice identifying the categories of personal Information that we share with our affiliates and/or third parties for marketing purposes, and providing contact information for such affiliates and/or third parties. If you are a California resident and would like a copy of this notice, please submit a written request to the following address: marketing@DUDA.com will respond to one request per California customer each year, and we do not respond to requests made by means other than as set forth above.
California Do Not Track Disclosure
Do Not Track is a privacy preference that users can set in their web browsers. When a user turns on the Do Not Track signal, the browser sends a message to websites requesting them not to track the user. At this time, we do not respond to Web browser “do not track” settings or signals. We deploy cookies and other technologies on our Service to collect information about you and your browsing activity, even if you have turned on the Do Not Track signal.
California Consumer Privacy Act (“CCPA”) Notice
We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (“personal information”). We may have collected the following categories of personal information of California residents in the past 12 months:
This information is collected and used for the purposes disclosed in this Notice. We may have disclosed your identifiers to Our third-party business partners, which are those analytic entities we discussed above, within the 12 months immediately preceding the posting of this updated Privacy Policy. We may have disclosed any of the above categories of personal information pursuant to your consent or under a written contract with a service provider for a business purpose in 12 months immediately preceding the posting of this updated Notice.
Your Rights and Choices
Under California Laws, California residents can exercise three privacy rights (Disclosure and Access; Deletion; and “Do Not Sell My Personal Information”) (collectively, “Rights”); however, based on the information We gather, and the fact that We do not “sell” personal information as that term is defined in the CCPA, your rights are somewhat limited as these Rights are not absolute and are subject to certain exceptions. For instance, we are not required to respond to requests concerning employment/application data, B2B data, and cannot disclose or permit access to specific pieces of personal information if the disclosure or access would present a certain level of risk to the security of the personal information, your account with Us, or the security of the business’s systems of networks.
Specifically, employment/application data is not subject to this Notice if it is personal information that is collected by Us in the course of your acting as a job applicant, employee, owner, director, officer, medical staff member, or contractor to us to the extent your personal information is collected and used by Us solely within the context of your role or former role as a job applicant to, employee of, owner of, director of, officer of, medical staff member of, US or a contractor of Ours. This also extends to any emergency contact information or benefits administration information you may have provided us in this context.
B2B data is similarly not subject to this Notice if the data reflects a written or verbal communication or transactions between you and Us if you are acting as an employee, owner, director, officer, or contractor of a company, partnership, sole proprietorship, nonprofit, or government agency and whose communications or transaction with Us occurs solely in the context of Us conducting due diligence regarding, or providing or receiving a product or service to or from such company, partnership, sole proprietorship, nonprofit or government agency. If you are a California consumer, We will process your request to exercise your Rights in accordance with California Laws.
A record concerning the requests may be maintained pursuant to Our legal obligations. Further, We may charge a reasonable fee or refuse to act on a request if such request is excessive, repetitive, or manifestly unfounded.
Disclosure and Access Requests
You have the right to request that We collect about you for the 12-month period immediately preceding the date of your request to know the following:
Categories of Personal Information Request
When a request for disclosure is made, We will first take steps to verify your identity to protect your privacy and security. For requests to disclose categories of personal information collected, We will have the requestor provide at least two pieces of information so that We may verify the requestor’s identity to a reasonable degree of certainty.
For requests to disclose specific pieces of personal information collected, We will have the requestor provider at least three pieces of information so that We may verify the requestor’s identity to a reasonably high degree of certainty and additionally provide a signed declaration under penalty of perjury that the requestor is the consumer whose personal information is the subject of the request. We are required to retain the signed declarations as part of our record-keeping obligations for 24 months.
Please note that We will never disclose a consumer’s social security number, driver’s license number, or other government-issued identification number, financial account number, any health information or medical identification number, an account password, or security questions and answers in response to a disclosure request.
Please note additionally that We are only required to fulfil a Disclosure request from a consumer twice per every 12-month period. If you submit a request in excess, it may be denied or you may be charged for fulfilling your request.
Deletion Request Rights
You have the right to request that We delete any of your personal information that we collected from you and retained, subject to certain exceptions. Given the type of personal information We collect, for requests to delete personal information collected, We will have the requestor provide at least two pieces of information so that We may verify the requestor’s identity to a reasonable degree of certainty. We are required to retain the requests to delete for a period of 12 months as part of our record-keeping obligations.
If We are unable to verify a request, to the extent possible, that request will be treated as a request to opt-out and afforded rights associated with that request right as described in more detail below.
Once We receive and confirm your verifiable consumer request, We will delete (and direct our service providers to delete) your personal information from Our records, unless an exception applies. A deletion request may be denied, in full or in part, if retaining the information is necessary for Us or Our service providers to:
Exercising Disclosure and Deletion Rights
To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us by either:
Only you or your agent (with proper authorization and proof of identity) may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child.
If you choose to utilize an authorized agent, they must complete and submit the Authorized Agent Designation form or email marketing@DUDA.com with “Deletion Request” or “Disclosure Request” in the subject line and include all the information on the Authorized Agent Designation form.
You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:
We cannot respond to your request or provide you with personal information if We cannot verify your identity or authority to make the request and confirm the personal information relates to you. Making a verifiable consumer request does not require you to create an account with Us. We will only use personal information provided in a verifiable consumer request to verify the requestor's identity or authority to make the request and, to the extent necessary, to identify the browser/device that is the subject of the request.
We endeavor to respond to a verifiable consumer request within 45 days of its receipt. If We require more time (up to 90 days), We will inform you of the reason and extension period in writing. If you have an account with Us, We will deliver Our written response to that account. If you do not have an account with Us, We will deliver Our written response electronically. Any disclosures We provide will only cover the 12-month period preceding the verifiable consumer request's receipt. The response We provide will also explain the reasons We cannot comply with a request, if applicable. For data disclosure requests, We will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If We determine that the request warrants a fee, We will tell you why We made that decision and provide you with a cost estimate before completing your request.
Household Requests
We currently do not collect household data. If all the members of a household makes a Right to Know or Right to Delete request, We will respond as if the requests are individual requests.
Request Made Through Agents
You may designate, in writing or through a power of attorney, an authorized agent to make requests on your behalf to exercise your rights. Before accepting such a request from an agent, We will require the agent to provide proof you have authorized it to act on your behalf, verify the agents identity, and We may need you to verify your identity directly with us. (The verification requirement does not apply if the consumer has provided the authorized agent with legal power of attorney under California Probate Code Sections 400 to 4465.)
If you choose to utilize an authorized agent, they must complete and submit the Authorized Agent Designation form or email marketing@DUDA.com with “Deletion Request” or “Disclosure Request” in the subject line and include all the information on the Authorized Agent Designation form.
Requests to Opt-In for Minors
If you are 16 years of age or older, you have the right to direct Us not to sell your personal information at any time. We do not and will not sell personal information of consumers We actually know are less than 16 years of age unless We received affirmative authorization from the consumer who is between 13 and 16 years of age, or the parent or guardian of a consumer less than 13 years of age, to opt-in to the sale of their personal information. Upon the receipt of this request to opt-in, We will inform the minor of the right to opt-out later and of the process for doing so.
Sale and Disclosure of Personal Information
Under the CCPA, a “sale” means providing to a third party personal information for valuable consideration. It does not necessarily mean money was exchanged for the transfer of personal information. We have taken substantial steps to identify whether any of our data sharing arrangements would constitute a “sale” under the CCPA. Due to the complexities and ambiguities in the CCPA, We will continue to evaluate some of our third party relationships as We wait for final implementing regulations and guidance. For example, it is currently unclear whether the use of certain types of advertising partners would be considered a sale under CCPA. Based on our understanding of the CCPA at this time, in the preceding 12 months We have not sold any personal information to any third parties. In the preceding 12 months, We have disclosed personal information to third parties for business purposes including to customer service, technical support, payment processors, information technology, and sales, recruiting and marketing partners. We will continue to update Our business practices as regulatory guidance becomes available and provides clarity on what constitutes a sale transaction, particularly in the advertising ecosystem.
Non-Discrimination
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, We will not:
DATA SECURITY
We have implemented technical, physical and organizational measures to secure your personal information from accidental loss and from unauthorized access, use, alteration, disclosure or access against all other unlawful forms of processing.
The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Website, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. We urge you to be careful about giving out information via linked sites, such as Facebook, YouTube, Twitter, Instagram, etc. The information you share in public areas may be viewed by any user of the Website.
Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our Website. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Website.
CHILDREN UNDER THE AGE OF 13
Our Website is not intended for children under 13 years of age. No one under age 13 may provide any personal information to or on the Website. We do not knowingly collect personal information from children under 13. If you are under 13, do not use or provide any information on this Website or on or through any of its features, register on the Website, make any purchases through the Website, use any of the interactive or public comment features of this Website or provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or user name you may use. If we learn we have collected or received personal information from a child under 13 without verification of parental consent, We will delete that information. If you believe We might have any information from or about a child under 13, please contact Us at - 407.365.2111
EU USER DATA SUBJECT RIGHTS
The EU General Data Protection Regulation (“GDPR”) became effective in the European Union as of May 25, 2018. In preparation for the GDPR, we reviewed our internal processes and put policies and procedures in place to attempt to meet the requirements and standards of the GDPR and any relevant data protection laws.
We are not established in the EEA; however, the following apply to individuals whose personal information processed in the EEA to allow those individuals to understand and enforce their data protection rights.
The processing of your data is either based on your consent or due to Our overriding legitimate interests.
EU Users have the following rights:
• You can request access, correction, updates or deletion of your personal information.
• You can object to the processing of your personal information, ask us to restrict processing of your personal information or request portability of your personal information.
• If We have collected and processed your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.
• You have the right to complain to a data protection authority about our collection and use of your personal information. Contact details for data protection authorities in the EEA, Switzerland and certain non-European countries (including the US and Canada) are available here.)
When the processing of your personal data is directly for marketing purposes, you have the right to object to subject processing.
To exercise any of your data subject rights, please contact us at marketing@duda.com. We will respond to your request without undue delay, and, in any event, within one month of receipt of the request. That period may be extended by two further months where necessary, taking into account the complexity and number of the requests We receive. If We take an extension, We shall inform you within one month of Our receipt of the original request, together with the reasons for delay.
In the event your personal data of which we collected was subject to a Personal Data Breach (defined below), We will notify you and competent Supervisory Authority(ies) within 72 hours by e-mail with information about the extent of the breach, affected data, any impact, Our plan for measures to secure the data and limit any possible detrimental effect on You.
“Personal Data Breach” means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed in connection with the provision of the Service.
WHERE WE STORE YOUR PERSONAL DATA
Information We collect is transferred to HubSpot, Inc. in the United States. HubSpot has certified to the EU-U.S. Privacy Shield Frameworks as administered by the U.S. Department of Commerce, in order to implement appropriate safeguards for such transfers pursuant to Article 46 of the GDPR. We have a Data Processing Agreement in place with HubSpot, available here, that applies to personal data that is transferred outside the European Economic Area (“EEA”), either directly or via onward transfer, to any country not recognized by the European Commission as providing an adequate level of protection for personal data (as described in the Data Protection Law). It may also be processed by staff operating outside the EEA who work for Us or for one of Our processors. Such staff maybe engaged in, among other things, hosting or maintaining Our Website, the processing of your payment details and the provision of support Services. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy.
CHANGES TO OUR PRIVACY POLICY
If We decide to change our Privacy Policy, We will post those changes on this page, and/or update the Privacy Policy modification below. To ensure you are up to date on all the latest changes to this Privacy Policy, review this Privacy Policy every time you visit the Website.
Duda Farm Fresh Foods, Inc. (“DUDA”, “We”, “Us”, “Our”) respects your privacy and is committed to protecting it through our compliance with this Privacy Policy.
This Privacy Policy describes the types of information We may collect from you or that you may provide to Us when you give Us information over the phone, in person, when you visit the website www.dudafresh.com (“the “Website”), when communicating with us via email, from Our third party affiliates and business partners that work with Us to provide goods and services to you, and any other means as you communicate with Us (our “Sources”).