Last updated
April, 2022

Privacy Policy

This privacy policy applies to the information that we collect from you when you use our website https://getdonut.com, and our mobile applications named collectively and herein after called “Platform”.

Our privacy policy tells you what personal data and non-personal data we may collect from you, how we collect them, how we protect them, how we share them, how you can access and change them, and how you can limit our sharing of them. Our privacy policy also explains certain legal rights that you have with respect to your personal data. Any capitalized terms not defined herein will have the same meaning as where they are defined elsewhere on our Platform.

Definitions ‘NONPERSONAL DATA’ (NPD) is information that is in no way personally identifiable.

‘PERSONAL DATA’ (PD) means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified directly or indirectly by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person. PD is in many ways the same as Personally Identifiable Information (PII). However, PD is broader in scope and covers more data. (GDPR) means General Data Protection Regulation.

Your rights

If you want to exercise any of your rights included in this privacy policy, contact us by using the information at the top of this privacy policy.

When using our Platform and submitting PD to us, you may have certain rights under the GDPR if you reside or are in any of the countries of the European Union. Depending on the legal basis for processing your PD you may have some or all of the following rights:

The Right to Be Informed – You have the right to be informed about the PD that we collect from you and how we process them.
The Right of Access – You have the right to get confirmation that your PD are being processed and you have the ability to access your PD.
The Right to Rectification – You have the right to have your PD corrected if they are inaccurate or incomplete.
The Right to Erasure (Right to Be Forgotten) – You have the right to request the removal or deletion of your PD if there is no compelling reason for us to continue processing them.
The Right to Restrict Processing – You have the right to ‘block’ or restrict the processing of your PD. When your PD are restricted, we are permitted to store your data, but not to process them further.
The Right to Data Portability – You have the right to request your PD that you provided to us and use them for your own purposes. We will provide your data to you within 30 days of your request. Contact us using the information at the top of this privacy policy to request your PD.
The Right to Object – You have the right to object to us processing your PD for the following reasons:
1. Processing was based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling)
2. Direct marketing (including profiling)
3. Processing for purposes of scientific/historical research and statistics
4. Rights in relation to automated decision-making and profiling.
5. Automated Individual Decision-Making and Profiling – You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects regarding you or similarly significantly affects you.
6. Filing a Complaint with Authorities – You have the right to file a complaint with supervisory authorities if your information has not been processed in compliance with the General Data Protection
7. Regulation. If the supervisory authorities fail to address your complaint properly, you may have the right to a judicial remedy.

Your California Privacy Rights

As a Californian consumer you have certain rights under the California Consumer Privacy Act (CaCPA) AB 375, some of these rights are:

The right of Californians to know what personal information is being collected about them
The right of Californians to know whether their personal information is sold or disclosed and to whom
The right of Californians to say no to the sale of their personal information
The right of Californians to access their personal information
The right to data portability. You have the right to request your personal information that you provided to us and use them for your own purposes. We will provide your data to you within 30 days of your request. Contact us using the information at the top of this privacy policy to request your personal information.
The right of Californians of the deletion of their personal information
The right of Californians of equal service, price, and not being discriminated against even if they exercise their privacy rights
One or more designated means for Californian consumers to submit requests under the CACPA including (at minimum) a toll-free number, and if the business maintains an Internet website, a website address.
These rights include the right to request what personal information we collect and disclose about consumers Personal information includes:

Categories of personal information that a business collected about the consumer
Categories of sources from which the personal information was collected
Specific pieces of personal information that the business has collected about consumers
Categories of third parties with whom the business shares personal information
The business or commercial purpose of collecting or selling personal information

Information we collect and how we collect it

Generally, you control the amount and type of information that you provide to us when using our Platform. Our mobile apps do not include third-party analytics or third-party advertising. Also, our mobile apps do not send personally identifiable information or device information to third parties.

Our Legal Basis for Collecting and Processing PD

Our legal basis for collecting and processing your PD when you purchase our products or services is based on and the necessity for the performance of a contract or to take steps to enter into a contract. Our legal basis for collecting and processing your PD when you sign up for our newsletter and free mobile apps, is based on consent.

Automatic Information

We automatically receive information from your web browser or mobile device. This information may include the name of the website from which you entered our Platform, if any, as well as the name of the website you’ll visit when you leave our Platform. This information may also include the IP address of your computer/the proxy server you use to access the Internet, your Internet service provider’s name, your web browser type, the type of mobile device, your computer operating system, and data about your browsing activity when using our Platform. We use all this information to analyze trends among our users to help improve our Platform.

When Entering and Using Our Platform

When you enter and use our Platform and agree to accept cookies, some of these cookies may contain your PD.

Our Use of Cookies

Our Platform uses cookies. A cookie is a small piece of data or a text file that is downloaded to your computer or mobile device when you access certain websites. Cookies may contain text that can be read by the web server that delivered the cookie to you. The text contained in the cookie generally consists of a sequence of letters and numbers that uniquely identifies your computer or mobile device; it may contain other information as well.

By agreeing to accept our use of cookies you are giving us and the third parties with which we partner permission to place, store, and access some or all the cookies described below on your computer.

Strictly Necessary Cookies – These cookies are necessary for proper functioning of the Platform, such as displaying content, logging in, validating your session, responding to your request for services, and other functions. Most web browsers can be set to disable the use of cookies. If you disable these cookies, you may not be able to access features on our Platform correctly or at all.
Performance Cookies – These cookies collect information about the use of the Platform, such as pages visited, traffic sources, users’ interests, content management, and other measurements.
Functional Cookies – These cookies enable the Platform to remember users’ choices, such as their language, usernames, and other choices while using the Platform. They can also be used to deliver services, such as letting a user create a blog post, listen to audios, or watch videos on the Platform.
Session Cookies – These cookies allow a Platform to link the actions of a user during a browser session. They may be used for a variety of purposes, such as remembering what a user has put in their shopping cart as they browse a Platform. Session cookies also permit users to be recognized as they navigate a Platform so that any item or page changes they make are remembered from page to page. Session cookies expire after a browser session; they are not stored long term.
Persistent Cookies – These cookies are stored on a user’s device between browser sessions, which allows the user’s preferences or actions across a website or across different websites to be remembered. Persistent cookies may be used for several purposes, including remembering users’ choices and preferences when using a Platform or to target advertising to them

We may also use cookies for:

Identifying the areas of our Platform that you have visited
Personalizing content that you see on our Platform
Our Platform analytics
Remarketing our products or services to you
Remembering your preferences, settings, and login details
Targeted advertising and serving ads relevant to your interests
Allowing you to share content with social networks.
Most web browsers can be set to disable the use of cookies. However, if you disable cookies, you may not be able to access features on our Platform correctly or at all.

Web Beacons

We may also use a technology called web beacons to collect general information about your use of our Platform and your use of special promotions or newsletters. The information we collect by web beacons allows us to statistically monitor the number of people who open our emails. Web beacons also help us to understand the behavior of our customers and users.

At User and Member Registration or When Buying Products or Services

When you register as a user, member, or when buying our products or services, we may collect some or all of the following information: your first and last name, password hash, email address, physical address, phone number, username, and other information listed.

Analytics

Our Platform uses uses analytics and crash reporting services from several companies to collect information about the use of our website. Analytics collects information such as how often users visit our Platform, what pages they visit, when they do so, what other websites they used before coming to our website, and their IP addresses. We use the information we get from analytics to improve our services.

What Happens If You Don’t Give Us Your PD

If you do not provide us with enough PD, we may not be able to provide you all our products and services. However, you can access and use some parts of our Platform without giving us your PD.

How your information is used and shared

We use the information we receive from you to:

Provide our products and services you have requested or purchased from us
Personalize and customize our content
Make improvements to our Platform
Contact you with updates to our Platform, products, and services
Resolve problems and disputes
Contact you with marketing and advertising that we believe may be of interest to you.

Communications and Emails

When we communicate with you, we will use the email address you provided when you registered as a user or customer.

We do not sell or rent your PD to third parties for marketing purposes. We may give your PD to third-party service providers whom we hire to provide services to us. These third-party service providers may include but are not limited to payment processors, web analytics companies, advertising networks, call centers, data management services, help desk providers, accountants, law firms, auditors, shopping cart and email service providers, and shipping companies.

Legally Required Releases of Information

We may be legally required to disclose your PD if such disclosure is (a) required by subpoena, law, or other legal process; (b) necessary to assist law enforcement officials or governmental enforcement agencies; (c) necessary to investigate violations of or otherwise enforce our terms and conditions; (d) necessary to protect us from legal action or claims from third parties, including you and/or other users; or (e) necessary to protect the legal rights, personal/real property, or personal safety of our company, users, employees, and affiliates.

Retaining and destroying your PD

We retain information that we collect from you (including your PD) only for as long as we need it for legal, business, or tax purposes. Your information may be retained in electronic, paper, or a combination of both forms. When your information is no longer needed, we will destroy, delete, or erase it.

Updating your PD

You can update your PD using services found on our Platform. If no such services exist, you can contact us using the contact information found at the top of this privacy policy and we will help you. However, we may keep your PD as needed to enforce our agreements and to comply with any legal obligations.

You have the right to revoke your consent for us to use your PD at any time. Such optout will not affect disclosures otherwise permitted by law including but not limited to: (i) disclosures to affiliates and business partners, (ii) disclosures to third-party service providers that provide certain services for our business, such as payment processors, web analytics companies, advertising networks, call centers, data management services, help desk providers, accountants, law firms, auditors, shopping cart and email service providers, and shipping companies, (iii) disclosures to third parties as necessary to fulfill your requests, (iv) disclosures to governmental agencies or law enforcement departments, or as otherwise required to be made under applicable law, (v) previously completed disclosures to third parties, or (vi) disclosures to third parties in connection with subsequent contests or promotions you may choose to enter, or third-party offers you may choose to accept. If you want to revoke your consent for us to use your PD, please contact us through the contact information at the top of this privacy policy.

Protecting the privacy rights of third parties

If any postings you make on our Platform contain information about third parties, you agree to make sure that you have permission to include that information. While we are not legally liable for the actions of our users, we will remove any postings about which we are notified, if such postings violate the privacy rights of others.

Do not track settings

Some web browsers have settings that enable you to request that we do not track your movement within our Platform. Our Platform does not obey such settings when transmitted to and detected by our Platform. You can turn off tracking features and other security settings in your browser by referring to your browser’s user manual.

Links to other websites

Our Platform may contain links to other websites. These websites are not under our control and are not subject to our privacy policy. These websites will likely have their own privacy policys. We have no responsibility for these websites and we provide links to these websites solely for your convenience. You acknowledge that your use of and access to these websites are solely at your risk. It is your responsibility to check the privacy policys of these websites to see how they treat your PD.

Protecting children’s privacy

Parts of our Platform are designed for use by children, we realize that a child may try to access our Platform without parental consent. We do not knowingly collect PD from children under the age that requires parental consent. If you are a parent or guardian and believe that your child is using our Platform without your consent, please contact us. Before we remove any information we may ask for proof of identification to prevent malicious removal of account information. If we discover that a child is accessing our Platform without parental consent, we will delete his or her information within a reasonable period of time. You accept that we cannot always verify the age of our users nor have any liability to do so. Click Here to see our children’s privacy policy.

Our email policy

You can always opt out of receiving email correspondence from us or our affiliates. We will not sell, rent, or trade your email address to any unaffiliated third party without your permission except in the sale or transfer of our business, or if our company files for bankruptcy.

Our security policy

We have built our Platform using industry-standard security measures and authentication tools to protect the security of your PD. We and the third parties who provide services to us also maintain technical and physical safeguards to protect your PD. Unfortunately we cannot guarantee prevention of loss or misuse of your PD or secure data transmission over the Internet because of its nature. We strongly urge you to protect any password you may have for our Platform and not share it with anyone.

Transferring PD from the European Union

PD that we collect from you may be stored, processed, and transferred among any countries in which we operate. The European Union has not found the United States and some other countries to have an adequate level of protection of PD under Article 45 of the GDPR. Our company relies on derogations for specific situations as defined in Article 49 of the GDPR. If you are a European Union customer or user, with your consent your PD may be transferred to the United States or other countries outside the European Union when you request information from us. When you buy goods or services from us, we will use your PD for the performance of a contract or to take steps to enter into a contract. Wherever we transfer, process, or store your PD, we will take reasonable steps to protect it. We will use the information we collect from you in accordance with our privacy policy. By using our Platform, services, or products you agree to the transfers of your PD described within this section.

Children’s Online Privacy Policy

The Children’s Online Privacy Protection Act (COPPA) requires us to inform parents or legal guardians about how we collect, use, and disclose personal information from children under the age of 13. COPPA also requires that we get consent from parents or legal guardians before we allow children under the age of 13 to use and interact with some sections, applications, and activities on our Platform. We offer users a number of activities, some of which are directed at children under the age of 13, and other activities that are targeted for older users.

The General Data Protection Regulation (GDPR) requires us to inform parents or legal guardians about how we collect, use, and disclose personal information from children under the age of 16 in some member countries of the European Union. The GDPR also requires that we get consent from parents or legal guardians before we allow children to use and interact with some sections, applications, and activities on our Platform.

Should we want to collect personal information from a child, COPPA and the GDPR requires that we first obtain a parent or legal guardian’s consent. In an email (or other approved method) sent to the parent or legal guardian we will describe what information we would like to collect, how we propose to use it, how the parent can offer and cancel consent. If we do not obtain consent from the parent within a reasonable timeframe, we will remove the child and parent information collected with the request.

For school-based activities, school administrators and teachers are allowed under COPPA to act on behalf of the parents to give consent when collecting personal information from children. Teachers and school administrators should always inform parents when collecting personal information from children on their behalf.

Information We Collect From Children, How We Use It, and Parental Rights

Registration Our platform does not ask for, or collect personal data belonging to children.

Automatic Information Collected and Persistent Identifiers

When children interact with our Platform and services, specific information may automatically be collected. We collect this information to make our Platform and services useful to children and other users. We also use this information for internal business purposes, including improving our Platform. Some examples of this type of information include the child’s IP address, mobile device identifier, type of web browser, type of operating system, online service provider used, and the regularity with which the child visits different parts of our Platform.

This data and information are collected using online technologies such as cookies, web beacons, and other unique identifiers that are explained in the “Information We Collect and How We Collect It” section. This information and data may be collected by our Platform or by a third party.

How We Use Collected Information

This information and data are primarily used for our own purposes in order to:

Improve the features and usability of our Platform
Let us analyze data to see how our Platform is performing

We will not share personal information with other individuals or companies except in limited situations, including the following:

When other companies perform services for us, like customer support, email services, data management services, help desk providers, law firms, payment processors, accountants and shopping cart providers; however, these companies are prohibited from using a child’s personal information for purposes other than those requested by us or required by law.
Disclosing a child’s personal information if required or permitted by law, for example, in response to a subpoena, law enforcement, court order, or public agency’s request.

To protect the safety of a child.

To safeguard the security of our Platform and companies that provide services for us.

Parental Rights

As a parent or legal guardian you have the following rights regarding your child’s use of our Platform:

To review the personal information we collected from your child.
To revoke the consent to use or further collect your child’s personal information.
To request that your child’s personal information be changed or deleted.
To allow the collection and use of your child’s information, but not allow disclosure to third parties unless it is part of our service.
To send you a new notice and get your consent if we make changes to the collection, use, or disclosure practices to which you previously agreed.
Parents can exercise their rights shown directly above by contacting us using the contact information at the top of this page.

Changes to our privacy policy

We reserve the right to change this privacy policy at any time. If our company decides to change this privacy policy, we will post those changes on our Platform so that our users and customers are always aware of what information we collect, use, and disclose. If at any time we decide to disclose or use your PD in a method different from that specified at the time it was collected, we will provide advance notice by email sent to the email address on file in your account. Otherwise we will use and disclose our users’ and customers’ PD in agreement with the privacy policy in effect when the information was collected. In all cases your continued use of our Platform, services, and products after any change to this privacy policy will constitute your acceptance of such change. If you have questions about our privacy policy, please contact us through the information at the top of this privacy policy.