>

Privacy Policy of Eat This Much

This Privacy Policy has been compiled to assist you (“you,” “your,” or “User”) to understand how Eat This Much, Inc. (“we”, “our,” “us” or "Eat This Much"), and our affiliates and subsidiaries, collect, use and disclose your personal information.

This Privacy Policy describes our practices in connection with information that we collect through your use of www.eatthismuch.com (the “Site”), any mobile sites, applications, widgets, and other mobile interactive features associated with the Site (collectively, our “Apps”), through other services that we may offer in connection with our Site and Apps, through our official social media pages that we control (our “Social Media Pages”), as well as through email messages that we send to you (collectively, the Social Media Pages, Apps and Site, the “Sites”).

This notice does not apply to information collected or obtained by any third party, including through any application or content (including advertising) that may link to or be accessible from or on the Sites.

By accessing, browsing, or otherwise using the Sites, you acknowledge and consent to our collection and use of information as set forth in this Privacy Policy. PLEASE READ THIS Privacy Policy CAREFULLY. YOUR USE OF THE SITES CONSTITUTES YOUR CONSENT TO THIS Privacy Policy. DO NOT USE THE SITES IF YOU ARE UNWILLING OR UNABLE TO CONSENT TO THIS Privacy Policy.

This Privacy Policy applies only to your use of the Sites, and was last updated as of December 3, 2020. Eat This Much may revise this Privacy Policy at any time and such revision shall be posted on the Sites. Any revision and/or addition to this Privacy Policy shall become effective and binding on you when you continue to use the Sites on or after the effective date of such revision and/or addition.

TL;DR

Eat This Much collects some Personal Data from its Users, as will be explained more fully in this Privacy Policy. We have some analytics packages installed to help us determine usage of our Sites, plus some basic Facebook and Twitter integration. If you use our restaurant meal finder (web only for now), we may also ask for location permissions (or you can enter any location manually). Sometimes we also use remarketing to ask Google and/or Facebook to show you an ad about our service. If you rate foods and recipes on our service, we do some processing to suggest recipes we think you'll like, based on recipes that other people liked. This data is not shared with anyone else. Want to prevent any kind of tracking? Type "disable third party cookies" plus the name of your web browser into any search engine to find out how. Many of the plugins we list here also have "opt out" pages.

Privacy Officer

Eat This Much, Inc.
Louis DeMenthon
Privacy Officer
4722 W 167th St
Lawndale, CA 90260

Email: [email protected]

Types of Data collected

Among the types of Personal Data that this Application collects, by itself or through third parties, there are: Cookies, Usage Data, email address, username, unique device identifiers for advertising (Google Advertiser ID or IDFA, for example), geographic position, first name, body measurements & indexes and food related activity.

Complete details on each type of Personal Data collected are provided in the dedicated sections of this privacy policy or by specific explanation texts displayed prior to the Data collection. However, we may collect, now or in the future, the following types of Personal Data:

  1. Device properties including, but not limited to, unique or other device identifiers;
  2. Device operating system and firmware;
  3. IP address (i.e., a number that is automatically assigned to your device or computer used to access the Site, and allows us to identify your device or computer) and Internet service provider;
  4. Mobile phone carrier;
  5. Geographical data such as country or region;
  6. Other similar data;

Personal Data may be freely provided by the User, or, in case of Usage Data, collected automatically when using this Application.

Unless specified otherwise, all Data requested by this Application is mandatory and failure to provide this Data may make it impossible for this Application to provide its services. In cases where this Application specifically states that some Data is not mandatory, Users are free not to communicate this Data without consequences to the availability or the functioning of the Service.

Users who are uncertain about which Personal Data is mandatory are welcome to contact the us at the information provided below.

Any use of Cookies – or of other tracking tools – by this Application or by the owners of third-party services used by this Application serves the purpose of providing the Service required by the User, in addition to any other purposes described in the present document and in the Cookie Policy, if available.

Users are responsible for any third-party Personal Data obtained, published or shared through this Application and confirm that they have the third party's consent to provide the Data to the Owner.

How We Use Your Personal Data

In general, we do not and will not share your personally identifiable information except as set forth in this Privacy Policy. We do not sell, transfer, and/or share your personally identifiable information with third parties for their own marketing purposes.

We use the information we collect from you when you browse our Sites in the following manner:

Categories of Personal Information Use of Information
Identification information, application usage data (e.g., features/pages accessed by a member), location data (GPS). To operate and improve the Sites and associated services.
Email address To create an account with us.
Name, email address. To respond to your comments, inquiries and questions and provide customer services.
Name, email address. To send administrative information to you, for example, information regarding the Sites and changes to our terms, conditions, and policies. Because this information may be important to your use of the Sites, you may not opt-out of receiving these communications.
User Height and Weight To generate suggested health measures.
Email address and first name By registering on the mailing list or for the newsletter, the User’s email address will be added to the contact list of those who may receive email messages containing information of commercial or promotional nature concerning these Sites. Your email address might also be added to this list as a result of signing up to these Sites or after making a purchase.

You can opt-out of certain use(s) of your personal information, as described below.

How We Use Automatically Collected Information

The information we collect automatically is statistical data and generally does not contain personal information. We may maintain it or associate it with personal information we collect in other ways or receive from third parties. We will use this automatically-collected information to improve our Sites and to deliver a better and more personalized service, including to:

Our Use of Cookies

Our Sites use “cookies” and other web tracking tools. We may store information about you using the cookies on our site. A cookie (also called web cookie, Internet cookie, browser cookie, or simply cookie) is a small piece of data sent from a website and stored on the user’s computer by the user’s web browser while the user is browsing. We use cookies to:

Through our use of cookies and tracking technology, we can tailor our Sites to your personal needs and improve user-friendliness. We use both necessary cookies and analytics or targeting cookies that are optional. The following are the categories of cookies uses on the Sites:

Categories of Cookies

Cookies Used Lifespan
Eat This Much (sessionid) 14 days
Eat This Much (csrftoken) 1 year
Cloudflare (_cflb, _cf_bm, and _cfduid) 1 month
Cookies Used Lifespan
Google Analytics (_gid) 1 day
Google Analytics (_ga) 2 years
Google Analytics (_gat) 1 minute
Facebook (_fbp) 3 months
Amplitude (amplitude_id_#) 10 years

We want to be completely transparent about the cookies we use and to make their control as easy as possible for you. If, after your initial visit to the Site, you want to delete any cookies that are already on your computer, please refer to the file management software to locate the file or directory that stores cookies under the following file names. Other information on deleting or controlling cookies is available at www.allaboutcookies.org.

Please note that by deleting our cookies or disabling future cookies you may not be able to access certain areas or features of our site.

Mode and place of processing of Personal Data

Purpose of processing

We take appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of the Personal Data. The Personal Data concerning the User is collected to allow us to provide our Services, as well as for the following purposes: Analytics, Interaction with external social networks and platforms, Access to third-party accounts, Remarketing and behavioral targeting, Tag Management, Managing support and contact requests, Interaction with support and feedback platforms, Infrastructure monitoring, Traffic optimization and distribution, Handling payments, Managing contacts and sending messages, Contacting the User and Handling activity data.

Methods of processing

The Personal Data processing is carried out using computers and/or IT enabled tools, following organizational procedures and modes strictly related to the purposes indicated. In addition to the Owner, in some cases, the Data may be accessible to certain types of persons in charge, involved with the operation of this Application (administration, sales, marketing, legal, system administration) or external parties (such as third-party technical service providers, mail carriers, hosting providers, IT companies, communications agencies) appointed, if necessary, as Data Processors by the Owner. The updated list of these parties may be requested from the Owner at any time.

Legal basis of processing

We may process Personal Data relating to Users if one of the following applies:

In any case, the Owner will gladly help to clarify the specific legal basis that applies to the processing, and in particular whether the provision of Personal Data is a statutory or contractual requirement, or a requirement necessary to enter into a contract.

Geographic Location of Data Storage and Processing

The Sites collect information and process and store that information in databases located in the United States and Canada. If you are visiting the Sites from a country outside the United States, you should be aware that you may transfer personally identifiable information about yourself to the United States, and that the data protection laws of the United States may not be as comprehensive as those in your own country. To find out more about the place of processing of such transferred Data, Users can check the section containing details about the processing of Personal Data.

By visiting the Sites and submitting any personally identifiable information you consent to the transfer of such personally identifiable information to the United States.

Retention time

Personal Data shall be processed and stored for as long as required by the purpose they have been collected for.

Therefore:

We may retain Personal Data for a longer period whenever the User has given consent to such processing, as long as such consent is not withdrawn. Furthermore, the Owner may be obliged to retain Personal Data for a longer period whenever required to do so for the performance of a legal obligation or upon order of an authority. Once the retention period expires, Personal Data shall be deleted. Therefore, the right to access, the right to erasure, the right to rectification and the right to data portability cannot be enforced after expiration of the retention period.

Access to Personal Data

YOUR PERSONAL DATA WILL NOT BE SOLD. Nor will Your Personal Data be licensed or disclosed to unaffiliated third-parties, except in connection with the sale, transfer, merger, consolidation or other transaction involving all or part of our company or as may be permitted under applicable law.

We may disclose your personal data to our subsidiaries and affiliates to fulfill the purpose for which you provide it, for example, to provide you with a requested communication.

In addition to the above, we may share the personal data collected from you, as described above, with our third party partners to enable us to analyze and use such information to provide you with our products and services, and in the manner set forth in this Privacy Policy. We may share your information with third-parties who assist us with its outreach and engagement communications to make you aware of certain products and services (as detailed below). We also allow our website hosting partners and other parties who assist us in operating our website, conducting our business, or serving our users, to access and process your information so long as those parties agree to keep this information confidential. We do not sell your information to third parties for marketing purposes, and we restrict such third parties’ usage of your information consistent with this Privacy Policy.

In addition to the above, we may be required to disclose your information to (i) comply with laws or to respond to lawful requests and legal process (including to respond to requests from public or government authorities, including public or government authorities outside your country of residence), (ii) to investigate, prevent, or take action regarding illegal or suspected illegal activities, (iii) to protect the rights and property of Eat This Much, and others to enforce our agreements, and this Privacy Policy and the Terms of Use, including to protect the security or integrity of the Site or our information systems, (iv) in an emergency to protect person or property, (v) as may be needed on a confidential basis to support a corporate transaction (including a merger, acquisition, divestiture, financing, or sale of assets or lines of business), or (vi) on an aggregated basis for any purpose in which your specific personal information is blinded, masked or otherwise not identifiable. We may also exchange information with third parties for fraud protection and credit risk reduction.

Facebook permissions provided to our Sites

(This is only if you use Facebook Login, which you can disconnect on your profile page)

The Sites may ask for some Facebook permissions allowing it to perform actions with the User's Facebook account and to retrieve information, including Personal Data, from it. This service allows this Application to connect with the User's account on the Facebook social network, provided by Facebook Inc.

For more information about the following permissions, refer to the Facebook permissions documentation and to the Facebook privacy policy .

The permissions asked are the following:

Basic information

By default, this includes certain User’s Data such as id, name, picture, gender, and their locale. Certain connections of the User, such as the Friends, are also available. If the User has made more of their Data public, more information will be available.

Email

Provides access to the User's primary email address.

Specific Third-Party Processing of Personal Data:

Third-Party Description Processing of Personal Data

Google Analytics (Google, Inc.)

Google Analytics is a web analysis service provided by Google Inc. (“Google”). Google utilizes the Data collected to track and examine the use of these Sites, to prepare reports on its activities and share them with other Google services. Google may use the Data collected to contextualize and personalize the ads of its own advertising network.

Personal Data collected: Cookies and Usage Data.

Place of processing: United States – Privacy PolicyOpt Out. Privacy Shield participant.

Amplitude (Sonalight, Inc.)

Amplitude is an analytics service provided by Sonalight, Inc. This service is designed for mobile apps analytics and can collect various information about your phone, highlighted in the Amplitude privacy policy.

Personal Data collected: Cookies and Usage Data.

Place of processing: United States – Privacy Policy.

Facebook Ads conversion tracking (Facebook, Inc.)

Facebook Ads conversion tracking is an analytics service provided by Facebook, Inc. that connects data from the Facebook advertising network with actions performed on these Sites.

Personal Data collected: Cookies and Usage Data.

Place of processing: United States – Privacy Policy. Privacy Shield participant.

Apple HealthKit (Apple,Inc.)

HealthKit is an activity data handling service provided by Apple Inc. that enables the Owner to access or store activity data.

Personal Data collected: body measurements & indexes and food related activity.

Place of processing: United States – Privacy Policy.

Stripe (Stripe Inc.)

Stripe is a payment service provided by Stripe Inc.

Payment processing services enable these Sites to process payments by credit card, bank transfer or other means. To ensure greater security, we share only the information necessary to execute the transaction with the financial intermediaries handling the transaction. Some of these services may also enable the sending of timed messages to the User, such as emails containing invoices or notifications concerning the payment.

Personal Data collected: various types of Data as specified in the privacy policy of the service.

Place of processing: United States – Privacy Policy. Privacy Shield participant.

Bugsnag (Bugsnag Inc.)

Bugsnag is a monitoring service provided by Bugsnag Inc. This type of service allows this Application to monitor the use and behavior of its components so its performance, operation, maintenance and troubleshooting can be improved.

Personal Data collected: various types of Data as specified in the privacy policy of the service.

Place of processing: United States – Privacy Policy.

Crashlytics (Google Inc.)

Crashlytics is a monitoring service provided by Google Inc. This type of service allows this Application to monitor the use and behavior of its components so its performance, operation, maintenance and troubleshooting can be improved.

Personal Data collected: geographic position, unique device identifiers for advertising (Google Advertiser ID or IDFA, for example) and various types of Data as specified in the privacy policy of the service.

Place of processing: United States – Privacy Policy.

Twitter Tweet button and social widgets (Twitter, Inc.)

The Twitter Tweet button and social widgets are services allowing interaction with the Twitter social network provided by Twitter, Inc.

Personal Data collected: Cookies and Usage Data.

Place of processing: United States – Privacy Policy. Privacy Shield participant.

Facebook Like button and social widgets (Facebook, Inc.)

The Facebook Like button and social widgets are services allowing interaction with the Facebook social network provided by Facebook, Inc.

Personal Data collected: Cookies and Usage Data.

Place of processing: United States – Privacy Policy. Privacy Shield participant.

Groove Widget (Groove Networks, LLC.)

The Groove Widget is a service for interacting with the Groove support and feedback platform provided by Groove Networks, LLC.

Personal Data collected: Cookies and Usage Data, email address and username.

Place of processing: United States – Privacy Policy.

Sendgrid (Sendgrid)

Sendgrid is an email address management and message sending service provided by Sendgrid Inc.

Personal Data collected: email address and username.

Place of processing: United States – Privacy Policy.

AdWords Remarketing (Google Inc.)

AdWords Remarketing is a remarketing and behavioral targeting service provided by Google Inc. that connects the activity of this Application with the Adwords advertising network and the Doubleclick Cookie.

Personal Data collected: Cookies and Usage Data.

Place of processing: United States – Privacy PolicyOpt Out.

Facebook Remarketing (Facebook, Inc.)

Facebook Remarketing is a remarketing and behavioral targeting service provided by Facebook, Inc. that connects the activity of this Application with the Facebook advertising network.

Personal Data collected: Cookies and Usage Data.

Place of processing: United States – Privacy PolicyOpt Out. Privacy Shield participant.

Google Tag Manager (Google LLC)

Google Tag Manager is a tag management service provided by Google LLC. This helps us to manage the tags and scripts needed on these Sites in a centralized fashion.

Personal Data collected: Cookies and Usage Data.

Place of processing: United States – Privacy Policy. Privacy Shield participant.

CloudFlare (Cloudflare)

CloudFlare is a traffic optimization and distribution service provided by CloudFlare Inc. The way CloudFlare is integrated means that it filters all the traffic through these Sites, i.e., communication between these Sites and the User's browser, while also allowing analytical data from these Sites to be collected.

Personal Data collected: Cookies and various types of Data as specified in the privacy policy of the service.

Place of processing: United States – Privacy Policy.

Third-Party Links On the Sites

Occasionally, at our discretion, we may link to third party sites or content on the Sites. We may do this for the convenience of you and other users of the Sites, but we do not have control over the operation of these third-party websites. These third-party sites have separate and independent privacy policies. We, therefore, have no responsibility or liability for the content and activities of these linked sites. We urge you to review the privacy policies posted on these third-party websites at the time you first visit such sites.

Protection of Your Personal Data

We are committed to the protection of your personal and order information. As such, Eat This Much takes reasonable measures to follow industry standard practices to protect, secure and maintain the integrity and availability of your information.

Notwithstanding the foregoing, you acknowledge that no security safeguards or method of transmission over the Internet are completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our Sites.

The rights of Users

Users may exercise certain rights regarding their Data processed by the Owner.

In particular, Users have the right to do the following:

Details about the right to object to processing

Where Personal Data is processed for a public interest, in the exercise of an official authority vested in us or for the purposes of the legitimate interests pursued byus, Users may object to such processing by providing a ground related to their particular situation to justify the objection.

Users must know that, however, should their Personal Data be processed for direct marketing purposes, they can object to that processing at any time without providing any justification.

How to exercise these rights

Any requests to exercise User rights can be directed to the Owner through the contact details provided in this document. These requests can be exercised free of charge and will be addressed by the Owner as early as possible and always within one month.

California Consumers

The California Consumer Privacy Act of 2018 (“CCPA”) and other California privacy laws provides California residents (i.e., consumers) with specific rights regarding personal information.

Access to Specific Information and Data Portability Rights

California residents have the right to request that we disclose certain information to you about our collection and use of your personal information over the past twelve (12) months. Once we receive and confirm a verifiable consumer request from you, we will disclose to you, to the extent permitted by law:

You shall have the right to request that the information described above be provided to you in a portable and readily usable format, to the extent technically feasible (“data portability”).

Deletion Request Rights

You have the right to request that we delete certain of your personal information that we collected from and/or related to you and retained, subject to certain exceptions.

To the extent that we can delete your personal information, once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information, unless an exception applies.

We may deny your deletion request if retaining the information is necessary for us or our service providers to:

Exercising Your Access, Data Portability, and Deletion Rights

To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us by contacting us at [email protected]

Only you or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child.

You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:

We cannot respond to your request or provide you with your personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. Making a verifiable consumer request does not require you to create an account with us. We will only use personal information provided in a verifiable consumer request to verify the requestor's identity or authority to make the request. Any disclosures provided pursuant to the CCPA will only cover the 12-month period preceding the receipt of the verifiable consumer request.

We will respond to a verifiable consumer request within 45 days of its receipt, or notify you that we require more time to respond and the reason for the extended response time. We will deliver the written response by mail or electronically, at your option.

To the extent that your verifiable consumer request is excessive, repetitive, or manifestly unfounded, we may charge a reasonable fee to respond to such a request.

We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:

European Users

The European Union’s General Data Protection Regulation (“GDPR”) and other European data protection laws require that companies processing the Personal Data of EU users do so on the basis of specific legal grounds, as explained above. Further, EU Users have certain data rights with respect to our handling of your Personal Data.

Explanation and copies of your data

You have the right to request an explanation of the personal data that we have about you and how we use that data.

You also have the right to receive a copy of the Personal Data that we collect about you if collected on the basis of consent or because we require the information to provide the services that you request.

Correction

If we have Personal Data about you that you believe is inaccurate, you have the right to request correction of your Personal Data.

Deletion

You may request deletion of your Personal Data at any time. We may retain certain information about you as required by law and for legitimate business purposes permitted by law.

Objections and complaints

Users in the EU have the right to object to our processing of Personal Data, including for marketing purposes based on profiling and/or automated decision making. We may continue to process your information notwithstanding the objection to the extent permitted under GDPR.

Users in the EU also have the right to file a complaint relating to our handling of your Personal Data with the National Supervisory Authorities. Their contact information can be found at https://edpb.europa.eu/about-edpb/board/members_en.

You may also submit questions, comments or complaints to us at the information below.

Exercising Your Data Rights

To exercise the data rights described above, please submit a request to us by contacting us at [email protected]

Only you or a person authorized to act on your behalf, may make a request related to your Personal Data. You may also make a request on behalf of your minor child.

We cannot respond to your request or provide you with your Personal Data if We cannot verify your identity or authority to make the request and confirm the Personal Data relates to you. Making a data rights request does not require you to create an account with us. We will only use Personal Data provided in a data request to verify the requestor's identity or authority to make the request.

We will respond to a request within 30 days of its receipt, or notify you that we require more time to respond and the reason for the extended response time. We will deliver our written response by mail or electronically.

Additional information about Data collection and processing

Additional information about User's Personal Data

In addition to the information contained in this privacy policy, the Sites may provide the User with additional and contextual information concerning particular Services or the collection and processing of Personal Data upon request.

System logs and maintenance

For operation and maintenance purposes, the Sites n and any third-party services may collect files that record interaction with this Application (System logs) use other Personal Data (such as the IP Address) for this purpose.

Information not contained in this policy

More details concerning the collection or processing of Personal Data may be requested from the Owner at any time. Please see the contact information at the beginning of this document.

How “Do Not Track” requests are handled

This Application does not support “Do Not Track” requests.

To determine whether any of the third-party services it uses honor the “Do Not Track” requests, please read their privacy policies.

European Union (or EU)

Unless otherwise specified, all references made within this document to the European Union include all current member states to the European Union and the European Economic Area.

Not Intended for Children Under 13

The Sites are not intended for use by persons under the age of 18 and Eat This Much does not specifically market to children under 13. Eat This Much does not knowingly collect information from persons under the age of 13.

Changes to this Privacy Policy

We reserve the right to amend this Privacy Policy at our discretion and at any time. When we make changes to this Privacy Policy, we will notify you by email or through a notice on our website homepage.

Contacting Us

If there are any questions regarding this Privacy Policy you may contact us using the information below:

Eat This Much, Inc.

Louis DeMenthon

Privacy Officer

4722 W 167th St

Lawndale, CA 90260

Contact email: [email protected]