Effective June 1, 2020
This website is owned and operated by Natural Path Botanicals LLC, located at 1625 Mid Valley Dr. Unit 1 PMB 143, Steamboat Springs, CO, 80487, USA, or its affiliates. O.T.I.S. is a trademark and brand of Natural Path Botanicals LLC.
O.T.I.S. abides by any and all rules and regulations set forth by the FDA to ensure that regulated products are safe and effective. If person(s) are unsure of any reactions, please consult with your veterinarian with any questions or concerns prior to giving any O.T.I.S. product(s) to your pet(s).
What information do we collect?
Information collected directly from you:
We collect personal information that you provide to us, including your name, shipping and billing address, telephone number, mobile phone number, email address, login and password, and information related to your purchase, such as your credit or debit card information, and purchase history.
Information collected automatically:
When you visit the site, we may automatically collect information related to how you got to the site, such as browser type and version, service-provider identification, IP address, the site from which you came, and the site to which you navigate after leaving this site. This information is largely anonymous, as it does not contain your name, address, phone number, email address or other information that directly identifies you. However, we may associate this information with your personal information if you provide it.
When do we collect your information?
We collect information from you when you visit our site, place an order, subscribe to a newsletter or enter information on our site.
How do we use your information?
We may use the information we collect from you when you register, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, surf the website, or use certain other site features in the following ways:
- To quickly process your transactions.
- To allow us to better service you in responding to your customer service requests.
- To personalize your experience and to allow us to deliver the type of content and product offerings in which you are most interested.
- To improve our website in order to better serve you.
- To send periodic emails regarding your order or other products and services.
Who do we share your information with?
We may provide your information to third parties who provide services to us or on our behalf.
Third Party Service Providers:
We use third-party vendors to help handle parts of our business because of their expertise, resources, or scale. We may use third parties to help us provide support to the internal operations of the site (i.e, hosting and designing our site, sending out email updates about the site, or removing repetitive information from our user lists). They help us do things like monitor site activity and provide analysis of website use, and provide consulting services. These service providers may have access to personal information in order to provide these support services such as analyzing site data, but when this occurs, we implement reasonable contractual and technical protections to limit their use of that information to help us provide the service.
We may disclose specific information about our site visitors if we have a good-faith belief that it's necessary or authorized under the law to protect our customers, the public, or our business.
Sale, acquisition, or merger:
In the event we sell or transfer all or a portion of our business assets, including a brand or line of business, or acquire another business entity or are involved in a corporate reorganization or other change of control, consumer information may be shared and may be one of the business assets that is transferred as part of the transaction.
Nothing in this policy restricts our ability to share aggregated or anonymized information that does not directly identify you.
How Do I Withdraw My Consent?
If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at anytime, by contacting us at email@example.com or mailing us at: O.T.I.S. 1625 Mid Valley Dr, Unit 1 PMB 143, Steamboat Springs, CO, 80487, United States.
How do we protect your information?
Your personal information:
Our e-commerce store is hosted on Shopify Inc. Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow the Payment Card Industry Data Security Standard (PCI-DSS) requirements and implement additional generally accepted industry standards.
Your payment card information:
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted in accordance with the PCI Data Security Standards. Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.
For more insight, you may also want to read Shopify’s Terms of Service or Privacy Statement.
Third-Party Services and External Sites
Certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions. For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
You can limit the cookies you accept, or you can choose to not accept any cookies, by using other software or your web browser’s settings. If you disable some or all of the cookies, the sites may not function completely, properly, or to your satisfaction.
Our sites incorporate cookies from the following sources:
- Power reviews
Information may also be collected by third parties and commercially available sources, including social media providers, data aggregators, and public databases.
Please note that your internet browser settings may allow you to automatically transmit a “Do Not Track” signal to websites and online services you visit. Unfortunately, there is no consensus among industry participants as to what “Do Not Track” means in this context. Like many websites and online services, O.T.I.S. does not currently respond to “do not track” signals, and does not authorize the collection of personal information by third parties except as provided in this policy. For more information about “Do Not Track” technology, please visit http://www.allaboutdnt.com.
This site does not authorize the collection of personal information by third parties except as provided in this Policy.
The California Consumer Privacy Act (“CCPA”) provides California residents with the additional rights listed below, subject to certain exceptions. This section applies only to those California residents to whom the CCPA applies (“California Resident” or “You”) and does not apply to any Personal Information, as defined in the CCPA (“PI”), that is excepted from the CCPA. All capitalized words in this section only have the definitions given to them in the CCPA unless noted.
California Residents have the right to:
Request disclosure of our data collection and sales practices in connection with the you, including the categories of PI we have collected, the source of that PI, our use of that PI and, if the disclosed or sold to third parties, the categories of PI disclosed or sold to third parties and the categories of third parties to whom such PI was disclosed or sold; request a copy of the specific PI collected about you during the 12 months before your request made under the previous paragraph; have such PI deleted (with exceptions); request that your PI not be sold to third parties, if applicable (Right to Opt Out); and not be discriminated against because you exercised any of these rights.
These rights are further addressed as follows:
Right to Opt Out. We do not sell PI. If we do engage in an activity determined to be a Sale of your PI, you have the right to direct us to not sell your PI. You can do so by emailing us at firstname.lastname@example.org.
Right to Request and Right to Know. You have the right to know and what PI we have Collected about you over the past 12 months, and the right to request that PI, including:
- The categories of PI we have collected about you; the categories of sources from which the PI is collected; the Business purpose or -Commercial purpose for Collection of your PI; the categories of Third parties with whom we have shared your PI; andThe specific PI we have Collected about you.
- You may exercise the Right to Request no more than twice a year.
We specifically collect the following either from you directly or through the use of software or third party databases: your name; email address, phone number, IP address, device and related technical information and identifiers; and in the case of a purchase, your address and payment information.
The following indicates the categories of PI we collect, the sources of the PI, and the purpose of collecting the PI:
- Identifiers (such as contact information, government IDs, cookies, etc.)
A, B, C
- Information protected against security breaches (such as your name and financial account, driver’s license, social security number, username and password, health/medical information)
- Protected classification information (like race, gender, ethnicity, etc.)
- Commercial information
- Internet/electronic activity
- Audio/video data
- Professional or employment related information
- Education information
- Inferences from the foregoing
A, B, C
Key to Sources:
- Individual submitting the information
- Third party from whom the business receives the information
- Observing activities and recording the information (i.e., through cookies)
We collect personal information for one or more of the following commercial and business purposes:
- Providing you with our products and services; auditing related to a current interaction with the consumer and concurrent transactions, including, but not limited to, counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with laws and other standards; detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity; performing services on behalf of the business, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing advertising or marketing services, providing analytic services, or providing similar services on behalf of the business; debugging to identify and repair errors that impair existing intended functionality; short-term, transient use, provided the personal information is not disclosed to another third party and is not used to build a profile about a consumer or otherwise alter an individual consumer’s experience outside the current interaction, including, but not limited to, the contextual customization of ads shown as part of the same interaction; undertaking internal research for technological development and demonstration; and undertaking activities to verify or maintain the quality or safety of a service or device that is owned, manufactured, manufactured for, or controlled by the company, and to improve, upgrade, or enhance the service or device that is owned, manufactured, manufactured for, or controlled by the business.
If we collect any additional PI for any other purpose, we will notify you of that purpose at the time we collect the PI for that purpose.
If we disclose PI for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that PI confidential and not use it for any purpose except performing the contract. We share PI with the following categories of Third parties: payment processors and shipment vendors, business consultants, and other service providers. We do not sell PI.
Right to Delete. You have the right to request that we delete the PI we have collected from you (and direct our service providers to do the same). There are a number of exceptions, however, that include, but are not limited to, when the PI is necessary for us or a third party to do any of the following:
- Complete your transaction; provide you a good or service; perform a contract between us and you; protect your security and prosecute those responsible for breaching it; fix our system in the case of a bug; protect the free speech rights of you or other users; comply with the California Electronic Communications Privacy Act; engage in public or peer-reviewed scientific, historical, or statistical research in the public interests that adheres to all other applicable ethics and privacy laws; comply with a legal obligation; or make other internal and lawful uses of the information that are compatible with the context in which you provided it.
Other Rights. You can request certain information about our disclosure of PI to third parties for their own direct marketing purposes during the preceding calendar year. This request is free and may be made once a year. You also have the right not to be discriminated against for exercising any of the rights listed above.
If you are a California Resident, California Civil Code Section 1798.83 permits you to request information regarding the disclosure of your PI to third parties for the third parties’ direct marketing purposes. To make such a request, please send an email to email@example.com. Pursuant to California Civil Code Section 1798.83(c)(2), we do not share your PI with third parties’ direct marketing use without your consent.
Exercising Your California Privacy Rights. To request access to or deletion of your PI, or to exercise any other data rights under California law, please contact us using one of the following methods:
Email: You may email us at firstname.lastname@example.org to exercise your California rights. Please include your full name, email address, and other identifying information such that we will be able to verify your identity, along with why you are writing, so that we can properly process your request. We are only able to handle your request if you provide the requested information needed to verify your identity.
Before we take any action on any request exercising a CCPA right, we must reasonably verify your identity. If we attempt to, but cannot do so, we will not be obligated to you under the CCPA. We will reach out to you by the method of communication through which you reached out to us, and let know that we are unable to verify your identity.
Any subsequent interaction with the Site after a request for deletion, or deletion, of PI will require new requests for action on your data.
Response Timing and Format. We aim to respond to a consumer request for access or deletion within 45 days of receiving that request. If we require more time, we will inform you of the reason and extension period in writing.
Age of Consent and Children Online Privacy Protection Act
By using this site, you represent that you are at least the age of majority in your jurisdiction. When it comes to the collection of personal information from children under the age of 13 years old, the Children's Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States' consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children's privacy and safety online.
If you are a parent or guardian that becomes aware that his or her child has provided us with Personal Information without your consent, you should contact us via the contact details listed below so that we may remove any personal information obtained by that child. If we become aware that a child under 13 has provided us with Personal Information, we will delete such information from our files.
We do not knowingly market to children under the age of 13 years old.
Can SPAM Act
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out penalties for violations.
We collect your email address in order to:
- Send information, respond to inquiries, and/or other requests or questions
- Process orders and to send information and updates pertaining to orders.
- Send you additional information related to your product and/or service.
- Market to our mailing list or continue to send emails to our clients after the original transaction has occurred.
We agree to the following:
- Not use false or misleading subjects or email addresses.
- Identify the message as an advertisement in some reasonable way.
- Include the physical address of our business or site headquarters.
- Monitor third-party email marketing services for compliance, if one is used.
- Honor opt-out/unsubscribe requests quickly.
- Allow users to unsubscribe by using the link at the bottom of each email.
If at any time you would like to unsubscribe from receiving future emails, you can email us at email@example.com or follow the instructions at the bottom of each email and we will promptly remove you from our mailing lists.
QUESTIONS AND CONTACT INFORMATION
If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information please contact us at firstname.lastname@example.org or by mail at: O.T.I.S. 1625 Mid Valley Dr, Unit 1 PMB 143, Steamboat Springs, CO, 80487, United States.