Effective Date: March 20, 2023

1. Introduction

The purpose of this Privacy Policy is to allow you (the “User”) to understand how we, FabFitFun. Inc. (“FabFitFun”) collect and use the personal information you provide to us, including through the websites (such as summerandrose.com) and mobile apps that we own and operate (in each case, the “Sites”), and other channels, both offline and online, that reference or link to this Privacy Policy.

This Privacy Policy applies to information collected by FabFitFun and does not apply to information collected by any third-party sites.

By using the Sites, you agree to the collection, use, and disclosure of your information as described in this Privacy Policy. If you do not agree, please do not access or use the Sites.

UK Residents: FabFitFun is the data controller under the General Data Protection Regulations (“GDPR”).

California Notice of Collection of Personal Information: FabFitFun collects and uses the personal information described in Section 2, Information We Collect and How We Use It, for the purposes described in Section 2. California residents: to learn more about FabFitFun’s collection and use of personal information, including how to opt out of sales or sharing of personal information, please scroll down to Section 14, Your California Privacy Rights.

2. Information We Collect and How We Use It

Information You Share: FabFitFun collects information from you when you choose to share it with us, called “Information You Share.” This may include when you use our Sites to sign-up for our subscription box program, make a purchase, request customer support, engage in other transactions or activities (for example surveys or sweepstakes entries, among other things), or sign up for other services. The information we collect may include your name, your username, your e-mail address, your mailing address, your telephone number, your date of birth, and your credit card or other payment information. You may also choose to provide some information about your product preferences, tastes or individual characteristics, which we may use to customize the goods or services you have requested and to help FabFitFun understand membership needs and forecast demand. If you contact our customer support team (by email, chat, or telephone) then we will also collect the content of your communications with us. We will use this information to resolve your inquiries and to ensure the quality of our customer support team.

You may choose to upload or add photos, videos, comments, ratings & reviews, or other content to the Sites when you use our Sites including our community forums. Any information you disclose publicly on our Sites may be seen, copied, and recorded by others and may be seen in public search engine results. Please exercise caution when disclosing this information in public areas.

We use Information you Share for business purposes, including to enter into a transaction agreement with you, to provide the goods or services requested, to process payments and prevent transactional fraud, to respond to inquiries, and to validate prior membership activity. We may also use Information You Share for commercial purposes, including to contact you or send you notifications about products and services that you have ordered, to send you notifications about products and services that we otherwise think may be of interest to you, or to send you promotional items, gifts, or account credits from time to time, in our sole discretion. On occasion, we may have other reasons for processing your personal information, but these purposes are compatible with the purposes for which you provided your information to us and our legitimate business interests.

Preference Survey: As part of a preference survey, you may choose to provide information about your racial/ethnic origin so that FabFitFun can understand membership demographics, ensure its product offerings meet the needs of all demographics, and measure its progress toward its corporate social responsibility goal of offering an inclusive membership experience. If you consent to our collection and use of this personal information by providing it to us, you may withdraw your consent at any time by contacting privacy@fabfitfun.com.

Information We Collect Automatically: When a User visits the Sites, our servers and third party analytics providers automatically record information regarding the User’s browser type, browser language, platform type, IP address, geolocation web request, unique identifier, device identifier, app usage data, number of clicks, domain names, the amount of time spent on particular pages, the date and time of use of Sites and interactions with the Sites, clickstream data (e.g., about the pages you view, links you click and date and time stamps for your activities on our Sites), phone model, phone operating system, and mobile carrier information, collectively called “Information We Collect Automatically.” We store Information We Collect Automatically through the use of cookies, pixels, or other similar technologies.

FabFitFun uses Information We Collect Automatically for the following business and commercial purposes:

(a) to diagnose and prevent service or technology problems;

(b) to help us provide you with customized content and promotions;

(c) to prepare geographical or other statistical data to help us better serve our Users;

(d) to create new features, promotions, and services in connection with the Sites;

(e) to measure the effectiveness of our advertising campaigns;

(f) to monitor the use of the Sites;

(g) to confirm that Users have visited previously;

(h) to keep track of the status of your shopping cart; and

(i) to perform other functions on the Sites.

You can set your browser to accept all cookies, reject all cookies, or notify you when a cookie is set. However, if you set your browser to disable all cookies, some features of the Sites may not function properly. Please see our Cookies & Tracking Technologies Policy for more information on your choices regarding cookies.

We use Google Analytics. Click here to learn more about how it collects and processes your personal information. If you wish to prevent your data from being used by Google Analytics, Google has developed an opt-out browser add on available here.

Session Replay Script: FabFitFun may utilize session replay software to monitor your interaction with the Sites which may capture and/or record your interaction(s) with the Sites, including without limitation keystrokes, mouse movements, and form field entries. We utilize this information for our compliance verification purposes and to improve our Sites and services, and User experience.

Referral Information: We often invite eligible Users to tell a friend about our products or services. Where permitted, you may provide us with your friend’s name, email address and/or other contact information (“Referral Information”). We may use this information to automatically send your friend emails or other messages inviting them to subscribe to FabFitFun’s subscription box program or other product or service. Your friend may opt-out of future marketing emails by clicking the “unsubscribe” link or otherwise following the opt out instructions provided within the invitation and may contact us at privacy@fabfitfun.com to request that we remove their information from our database.

Information from Other Sources: We may obtain information about you from other sources and combine or link that with the information we have collected about you. To the extent we combine such third-party sourced information with Information You Share, Information We Collect Automatically, or Referral Information, we will treat the combined information in accordance with this Privacy Policy. We may use the combined information to fulfill orders, help us manage your subscription, provide customer support services, support advertising and marketing activities, analyze our services or marketing activities, or for other business or commercial purposes described in this Privacy Policy. We may also contract with third party vendors to pool browsing information about your visits to our website with other sources of information for purposes of determining whether you might be interested in receiving advertising, including direct mail or a catalog.

UK Residents: FabFitFun will process your personal data in accordance with applicable data protection law and this Privacy Policy. We will have a lawful basis to process your data if:

(a) We are legally obligated to process it;

(b) We need to process your personal data to provide you with products or services you have requested;

(c) You have consented to such processing; and/or

(d) We have a legitimate interest in processing your data, including for fraud prevention, direct marketing, network and information systems security, data analytics, enhancing, modifying or improving our services and Sites, identifying usage trends, determining the effectiveness of promotional campaigns, and personalization of the Sites.

3. Disclosure of your Information

FabFitFun may provide your information to third-party service providers that we engage to assist us with the operation of the Sites and the provision of products and services. Such access is provided with the understanding that these parties will use the information for these limited purposes and in a manner consistent with our Privacy Policy.

Unless otherwise disclosed at the time of collection of information, FabFitFun does not share your information with third parties for their own direct marketing purposes. We may, however, share personal information of our Users with social media platforms, web publishers and/or their advertising intermediaries in order for them to display the relevant FabFitFun ads to our Users and individuals with similar interests and to measure the effectiveness of those ads.

FabFitFun may also provide your information to service-providers who provide marketing insights, such as lookalike models or other statistical research. FabFitFun may also provide general demographic, aggregated, or deidentified information about Users and their preferences to advertisers and other existing or prospective business partners.

In addition, FabFitFun reserves the right to share information with authorized third parties if:

(a) we believe we are required to do so in accordance with a law or to respond to a subpoena, court order, or other lawful request by a public authority, including to meet national security or law enforcement requirements;

(b) we believe that such disclosure is necessary or appropriate to enforce our Terms of Use and Sale;

(c) we believe that such disclosure is necessary or appropriate to take precautions against liability;

(d) we believe that such disclosure is necessary or appropriate to investigate and defend ourselves against any third-party claims or allegations;

(e) we believe that such disclosure is necessary or appropriate to assist government agencies;

(f) we believe that such disclosure is necessary or appropriate to protect the security or integrity of the Sites or services;

(g) we believe that such disclosure is necessary or appropriate to protect the rights, safety or property of FabFitFun, our Users or others; or

(h) FabFitFun becomes involved in a merger, acquisition, or other transaction resulting in a change of control of FabFitFun or a sale of substantially all of the assets of the business or of a particular product line or division of the business, or negotiations for any such transaction, your information may be transferred in connection with the transaction or potential transaction and may become subject to the privacy policy of another entity.

We may further share your information as otherwise disclosed to you at the time of collection.

4. Advertising Choices

FabFitFun or third parties on our behalf may use cookies or similar technologies to recognize your computer and collect information about your activity over time on our Sites and other online services to facilitate delivery of targeted advertisements that may be relevant to you.

In some instances you can opt-out of receiving personalized ads from third party advertisers and ad networks. Advertisers and ad networks that are members of the Network Advertising Initiative (NAI) or who follow the Digital Advertising Alliance’s Self-Regulatory Principles for Online Behavioral Advertising provide opt-out choices at the following websites:

NAI Website

DAA Website

App Choices Website

Even if you opt out, you may still receive advertising from us that is not customized based on your interests or preferences, or that is from other parties that are not participants in the DAA or NAI.

5. Security

We take measures to help keep information secure and to help prevent it from becoming disclosed. Even though we follow procedures to try to protect the information in our possession, no security system is perfect so we cannot guarantee, and you should not expect, that your information will be secure in all circumstances. When you enter sensitive information (such as payment information) on our forms, the transmission of that information is encrypted using Transport Layer Security technology (TLS). Most browsers will indicate that a site is secure by displaying a lock image in the URL bar. If you ever find that our Sites are not secure when you visit them, please do not input any sensitive personal information into the site and notify us as soon as possible.

6. Data Rights

We will make reasonable efforts to ensure Information You Share is accurate and complete and we will update or correct your information as needed when notified by you. In addition, you can manage your account information through your FabFitFun account. If you would like to request to verify your personal information, identify any inaccuracy in your personal information, or change your personal information in any way or if you have a legal right to and would like to request access to your personal information, please email us at privacy@fabfitfun.com.

UK Residents: If you live in the United Kingdom, you have the additional rights to request erasure of, restrict the processing of, or object to certain processing of your personal information, as well as to data portability. If you wish to request erasure of your personal information please click here. You may also contact us at GDPRDSR@fabfitfun.com or contact our UK representative at dpo@twico.com if you wish to exercise these rights.

California Residents: see Section 14, Your California Privacy Rights below.

7. Retention

We will retain information we collect in active files or systems as long as needed to meet the purposes for which it was collected, to fulfill the other purposes outlined herein, or as necessary to satisfy legal, accounting, or reporting requirements.

8. International Transfers

This website is hosted in, and our Sites and services are provided from, the United States. Accordingly, any personal information we collect may be processed in the United States or other countries in which we or our service providers operate. Those countries may offer less privacy protection than your country of residence, and in certain instances your personal information may be accessible by foreign courts, law enforcement authorities and national security authorities in those countries. To ensure that your data is adequately protected, we only transfer your data subject to suitable safeguards being in place consistent with applicable law.

9. Other Sites

As noted above, this Privacy Policy only applies to our Sites. Our Sites may include links to other sites, but FabFitFun does not control the privacy practices of other sites. FabFitFun is not responsible for the privacy practices of other websites.

10. Changes to this Policy

FabFitFun may change its Privacy Policy from time to time by posting such revisions through the Sites or by emailing a link to the revised Privacy Policy to the email address listed on your account. Revisions will become effective on the effective date indicated at the top of the page. Your continued use of the Sites following the posting of changes to these terms means you accept these changes.

11. How We Communicate with You

If you have any questions about our Privacy Policy, you can contact us by emailing us at privacy@fabfitfun.com. If we need, or are required, to contact you concerning any event that involves your information, you agree that we may do so by email, telephone, or mail.

12. Do Not Track Signals

Some web browsers and devices allow you to broadcast a preference that your activities online not be “tracked”. At this time, our Sites do not take action in response to “do not track” signals.

13. Children

The Service is not intended for use by children under 16 years of age. We do not knowingly collect or solicit information from children under the age of 16.

If you are a parent or guardian of a child under the age of sixteen (16) and believe he or she has disclosed personal information to us, please contact us at privacy@fabfitfun.com.

If we become aware that we have collected personal information of a child under 16 years of age through the Sites or services, we take steps to remove that information and terminate the child’s account.

14. Your California Privacy Rights

14.1 Scope. This section applies only to California residents. California residents who are or are interested in becoming a workforce member can review our California Workforce Member Privacy Policy. It describes how we collect, use, and share Personal Information of California residents in our capacity as a “business” under the California Consumer Privacy Act (“CCPA”) and their rights with respect to that Personal Information. For purposes of this section, “Personal Information” has the meaning given in the CCPA but does not include information exempted from the scope of the CCPA. In some cases we may provide a different privacy notice to certain categories of California residents, such as job applicants, in which case that notice will apply instead of this section.

14.2 Your rights. As a California resident, you have the rights listed below. However, these rights are not absolute, and in certain cases we may decline your request as permitted by law.

(a) Access. You can request, up to two times each year, that we disclose the categories and/or specific pieces of Personal Information that we collect, use, disclose, and may sell.

(b) Deletion. You can ask us to delete the Personal Information that we have collected from you, subject to certain exceptions such as to complete a transaction for you, to exercise our rights, or to comply with a legal obligation.

(c) Correction. You can ask us to correct inaccurate Personal Information that we collect about you.

(d) Opt-out of sales and sharing. If we sell or share your Personal Information, you can opt-out of any sale or sharing of your Personal Information.

(e). Limit the Use of Sensitive Personal Information. Californian’s have the right to limit a business’s use or disclosure of sensitive personal information for non-permissible purposes. However, we do not use or disclose sensitive personal information for non-permissible purposes under the CCPA.

(f) Nondiscrimination. . You are entitled to exercise the rights described above free from retaliation or discriminatory treatment as prohibited by the CCPA.

 

14.3 Right to access, correction and deletion. You may submit a deletion request by clicking here. Or, to exercise your right to access, correction or deletion of your Personal Information, you can email privacy@fabfitfun.com or call 855-313-6267. We will need to verify your identity to process your request and reserve the right to confirm your California residency. To verify your identity, we may require you to verify your email address, to log into your service account if you have one, or to provide government identification or other information. Your authorized agent may make a request on your behalf upon our verification of the agent’s identity and our receipt of a copy of a valid power of attorney given to your authorized agent pursuant to California Probate Code Sections 4000-4465. If you have not provided your agent with such a power of attorney, you must provide your agent with written and signed permission to exercise your CCPA rights on your behalf, provide the information we request to verify your identity, and provide us with written confirmation that you have given the authorized agent permission to submit the request.

14.4 Notice of right to opt-out of the “sale” or “sharing” of your Personal Information. Like many companies, we use online advertising services that employ cookies and similar technologies to collect information about your device and online activity on our sites and other online services. They use this information to try to tailor the ads you see online to your interests. These are called interest-based ads. Our use of some of these services may be classified under California law as a “sale” or “sharing” of your Personal Information to the advertising partners because they collect information from our users to help them serve ads more likely to interest users on behalf of us and their other clients. You can opt-out of the use of this data for interest-based advertising purposes by navigating to the homepage, clicking Do Not Sell or Share My Personal Information in the footer and setting your preferences. We do not have actual knowledge that we sell or share personal information of consumers under 16 years of age.

14.5 Personal information that we collect, use and disclose

The list below summarizes the Personal Information we collect by reference to the categories of Personal Information specified in the CCPA. Information you voluntarily provide to us, such as in free-form webforms, may contain other categories of personal information not described below.

(a) Personal Information Collected: Identifiers/biographical information, characteristics of protected classifications under California or federal law (i.e., age), commercial information, payment card information, internet or other electronic network activity information, geolocation information, visual information, and inferences drawn from the above. The sources of this information are the consumer, analytics providers, advertising partners, social networks, service providers, business partners, and data brokers.

(b) Disclosure of Personal Information: In the last 12 months, we disclosed the following categories of personal information to our service providers for business purposes: Identifiers/biographical information, characteristics of protected classifications under California or federal law (i.e., age), commercial information, payment card information about you, internet or other electronic network activity information, geolocation information, visual information, and inferences drawn from the above. To learn more, please see Section 3, Disclosure of Your Information, above.

(c) “Sale” or “Sharing” of Personal Information: In the last 12 months, we “sold” or “shared” (as defined in the CCPA) the following categories of personal information to advertising partners to facilitate online advertising: Identifiers/biographical information, commercial information, internet or other electronic network activity information, and inferences drawn from the above.

14.6 Retention. To determine the appropriate retention period for personal information, we consider: (i) the amount, nature, and sensitivity of the personal information; (ii) the potential risk of harm from unauthorized use or disclosure of your personal information; (iii) the purposes for which we process your personal information; and (iv) applicable legal requirements.

 

15. Changing and Deleting

You may access Information You Share through your profile on our Sites and delete, change, or modify certain information. For additional assistance with modifying, correcting or deleting information provided to our Sites, contact us at privacy@fabfitfun.com.

16. Direct Mail

To opt-out of receiving our direct mail or catalogs, you may send us an email at privacy@fabfitfun.com or call us at 855-313-6267.

17. Questions or Complaints

Should you have any questions or complaints regarding our Privacy Policy, please feel free to contact us at privacy@fabfitfun.com. UK individuals may also contact our UK representative, The Document Warehouse International Compliance Office, at dpo@tdwico.com or by mail to

The Document Warehouse (UK) Ltd

Document Park, Castle Road

Sittingbourne, Kent, ME10 3JP

If we cannot resolve your question or complaint to your satisfaction, you have the right to file a complaint with the competent data protection Supervisory Authority in your jurisdiction.