Privacy policy
- General Information
As the operator of https://therootbrands.com (hereinafter referred to as “ROOT.) take the protection of personal data very seriously. We treat personal data confidentially and in accordance with the statutory data protection regulations and on the basis of this privacy policy. The legal basis can be found in the General Data Protection Regulation (GDPR). When you use this website, various personal data is processed depending on the type and scope of use. Personal data is information that is given to an identified or identifiable natural person (hereinafter referred to as “data subject”). An identifiable natural person is one who can be identified, directly or indirectly (e.g. by means of assignment to an online identifier). This includes information such as name, address, telephone number and date of birth. This privacy policy informs you in accordance with Art. 12 et seq. DS-GVO about the handling of your personal data when you use our website. It explains what data we collect and what we use it for. It also informs you how and for what purpose this is done.
- Responsible Party
The controller is the natural or legal person who alone or jointly with others the purposes and means of the processing of personal data (e.g. names, e-mail addresses, etc.). The controller within the meaning of the GDPR and the applicable national data protection laws and other data protection regulations provisions is:
ROOT Wellness LLC, 393 Nichol Mill Ln Ste. 250B, TN 37067, [email protected]
The data protection representative for the european union is:
Root Wellness Holdings BV, Vlotlaan 507, 2681 TW Monster, Netherlands
- Accessing and Visiting our Website – Server Log Files
For the purpose of the technical provision of the website, it is necessary that we process certain information automatically transmitted by your browser so that our website can be displayed in your browser, and you can use the website. This information is
automatically collected each time you visit our website and automatically stored in so-called server log files. These are:
– Browser type and browser version
– Operating system used
– Website from which the access is made (referrer URL)
– Host name of the accessing computer
– Date and time of access
– IP address of the requesting computer
The storage of the aforementioned access data is necessary for technical reasons in order to provide a functional website and to ensure system security for technical reasons. This also applies to the storage of your IP address, which is necessary and, under further conditions, can at least theoretically enable an assignment to your person. In addition to the above-mentioned purposes, we use server log files exclusively for the needs-based design and optimization of our of our website purely statistically and without drawing any conclusions about your person. A This data is not merged with other data sources, nor is it analyzed for marketing purposes.
The access data collected in the context of the use of our website will only be stored for the period for which this data is required to achieve the aforementioned purposes. Your IP address is stored on our web server for the purposes of IT security for a maximum of 7 days.
If you visit our website to find out about our range of products and services or to use them, the basis for the temporary storage and processing of the access data is processing of the access data is Art. 6 para. 1 sentence 1 lit. b GDPR (legal basis), which permits the processing of data for the fulfillment of a contract or for the implementation of pre-contractual measures is permitted. In addition, Art. 6 para. 1 sentence 1 lit. f GDPR serves as the legal basis for the temporary storage of technical access data. Our legitimate interest here is to provide you with a technically functioning and user-friendly website and to ensure the security of our systems.
- Use of Cookies and Associated Functions/Technologies
We sometimes use so-called cookies on our website. Cookies do not harm your damage your computer and do not contain viruses. Cookies serve to make our website more user-friendly, effective and secure and to enable the provision of certain functions. Cookies are small text files that are stored on your stored on your computer and saved by your browser. A cookie contains a character string that enables your browser to be uniquely identified when you return to the website. when you visit the website again.
Most of the cookies we use are so-called “session cookies”. They are automatically deleted at the end of your visit or your browser session (so-called transient cookies). Other cookies remain stored on your end device for a predetermined duration or until you delete them (so-called persistent cookies). These cookies enable us to recognize your browser on your next visit. Upon written request, we are happy to provide further information on the functional cookies used. Please use the contact details above.
You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or generally exclude cookies and activate the automatic deletion of cookies when closing the browser. The procedure for deactivating cookies can be obtained regularly via the “Help” function of your Internet browser. When deactivation of cookies may limit the functionality and/or full availability of this website may be restricted. For further cookie-specific setting and deactivation options, please also see the individual explanations below on the specific cookies and associated functions/technologies used when you visit our website.
Some of the cookies we use on our website are from third parties that help us to help us analyze the impact of our website content and the interests of our visitors measure the power and performance of our website or to place targeted advertising and other content on our or other websites. In the context of our website, we use both first party cookies (only visible from the domain you are currently domain you are currently visiting) and third-party cookies (visible across domains and regularly set by third parties).
If cookies are not used exclusively for the proper operation of the website, we will ask for your consent before activating these cookies. If you do not give us your consent, this will not affect the functionality of the website.
The cookie-based data processing is carried out on the basis of your consent granted in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR (legal basis) or on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR (legal basis) to safeguard our legitimate interests. Our legitimate interests lie in particular in providing you with a technically optimized, user–friendly and needs-based website and to ensure the security of our systems, and to ensure the security of our systems. Consents, that you have given us can be revoked at any time, e.g. by deactivating the deactivation of the cookie-based tools/plugins listed in detail in the following overview. tools/plugins listed in the following overview. By making the appropriate settings, you can also object to processing based on processing based on legitimate interests.
Use of Google Analytics
On our website, we use the web analysis service Google Analytics 4 from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; “Google”). The data processing serves the purpose of analyzing this website and its visitors as well as for marketing and advertising purposes. For this purpose, Google, on behalf of the operator of this website, will use the information obtained to analyze your use of the website, to compile reports on website activity and to provide other services associated with the use of the website and the Internet for the website operator. The following information may be collected: IP address, date and time of the page view, click path, information
about the browser you are using and the device you are using, pages visited, referrer pages visited, referrer URL (website from which you accessed our website), Location data, purchase activities. The IP address transmitted by your browser as part of Google Analytics transmitted by your browser will not be merged with other Google data.
Google Analytics 4 uses technologies such as cookies, web storage in the browser and tracking pixels that enable your use of the website to be analyzed. The information generated about your use of this website is usually transmitted to a Google server in the USA and stored there.
The Trans-Atlantic Data Privacy Framework (TADPF) has been in place since July 10, 2023. The TADPF is an agreement between the USA and the EU in which the USA has made data protection assurances and the EU Commission has decided in return that there is an adequate level of data protection for US companies. In order to benefit from the TADPF, US companies must be certified under the TADPF. Google LLC has undergone certification under the TADPF.
Your data may be combined by Google with other data, such as your search history, your personal accounts, your usage data from other devices and any other data other data that Google has about you.
IP anonymization is activated on this website. This means that your IP address will be Google within member states of the European Union or in other contracting States party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the USA and shortened there.
The use of cookies or comparable technologies takes place with your consent on the basis of § 25 para. 1 sentence 1 TTDSG in conjunction with Art. 6 para. 1 lit. a GDPR. The processing of your personal data is carried out with your consent on the basis of Art. 6 para. 1 lit. a GDPR. lit. a GDPR. You can withdraw your consent at any time without affecting the legality of the processing carried out on the basis of the consent until the revocation is affected.
Further information on terms of use and data protection can be found
at https://www.google.com/analytics/terms/de.html or
at https://www.google.de/intl/de/policies/ and
at https://policies.google.com/technologies/cookies?hl=de.
Use of Google Fonts
To improve the visual appearance of the font, we use so-called web fonts (“Google Fonts”) from the provider Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. These are provided by Google (https://fonts.google.com/). For this
purpose, your browser loads the required web font into your browser cache when you visit our site. If your browser does not support this function, the text will be displayed in a standard font.
You can set your browser so that the fonts are not loaded from the Google servers, for example be loaded, for example by installing add-ons such as NoScript or Ghostery for Firefox. If your browser does not support Google Fonts or you prevent access to the Google servers, the text will be displayed in the system’s default font. Further information on Google Web Fonts can be found at https://policies.google.com/terms?hl=en.
The Trans-Atlantic Data Privacy Framework (TADPF) has been in place since July 10, 2023. The TADPF is an agreement between the USA and the EU in which the USA has made data protection assurances and the EU Commission has decided in return that there is an adequate level of data protection for US companies. In order to benefit from the TADPF, US companies must be certified under the TADPF. Google LLC has undergone certification under the TADPF.
General information on data protection at Google can be found at
https://policies.google.com/privacy?hl=de-DE, information on the subject of Google Fonts and data protection can be found at https://developers.google.com/fonts/faq#Privacy.
This data processing is based on Art. 6 para. 1 sentence 1 lit. f GDPR to protect our safeguarding our legitimate interests, namely the optimization of our offer.
- Making Contact
If you contact us via one of the contact options provided in this privacy policy or in the imprint contact option or via our contact form, your details and the contact data you your details and the contact data you provide (e.g. name, e-mail address) for the purpose of processing the e-mail address) for the purpose of processing the request and in the event of follow-up questions stored by us. We do not pass this data on to third parties.
We will delete your request(s) and your contact details if your request has been finally answered. Your data will generally be stored for 6 months and deleted at the end of this period, unless you send us follow-up inquiries, or we need to process the data for other
purposes.
This data processing is carried out on the basis of Art. 6 para. 1 sentence 1 lit. a GDPR in conjunction with the consent you have given.
- Fulfillment of the contract
If you register on our website and/or conclude a contract with us, ROOT processes the data required for the conclusion, performance or termination of the contract with you. This includes:
– First name, last name
– Billing and delivery address
– e-mail address
– Billing and payment data
– Date of birth
– Telephone number
– Information about orders placed
The legal basis for this is Article 6(1)(b) GDPR
The respective data is processed solely for the above-mentioned purposes of contract fulfillment.
- Further Processing Purposes
Compliance with legal regulations: We also process your personal data to fulfill other legal obligations that may apply to us in connection with our business activities. These include commercial, trade or tax retention periods under tax law. We process your personal data in accordance with Art. 6 para. 1 sentence 1 lit. c GDPR (legal basis) for the fulfillment of a legal obligation to which we are subject.
Enforcement: We also process your personal data in order to assert our rights and enforce our legal claims. Likewise, we process your personal data in order to defend ourselves against legal claims. Finally, we process your personal data insofar as this is necessary for the prevention or prosecution of criminal offenses. We process your personal data to protect our legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR (legal basis), insofar as we assert legal claims or defend ourselves in legal disputes. or defend ourselves in legal disputes or we prevent or investigate criminal offenses or investigate (legitimate interest).
Consent: If you have given us your consent to process personal data for certain purposes data for certain purposes (e.g. sending information material and offers), the legality of this the lawfulness of this processing is based on your consent. given.
Any consent given can be revoked at any time. This also applies to the revocation of declarations of consent given to us before the GDPR came into force, i.e.
before 25.5.2018. Please note that the revocation is only effective for future and that processing up to that point is not affected.
- Recipients of Data
Within the ROOT company, access to your data is granted to those departments that need it to fulfill our contractual and legal obligations. Also, from us service providers and vicarious agents used by us (e.g. partners, technical service providers shipping companies, waste disposal companies) may also receive data for these purposes. receive. We limit the disclosure of your personal data to the following necessary, taking into account data protection regulations. In some cases the recipients receive your personal data as processors and are then strictly are then strictly bound by our instructions when handling your personal data. In some cases, the recipients act independently under their own data protection responsibility under data protection law and are also obliged to comply with the requirements of the GDPR and other data protection regulations.
Finally, in individual cases, we transfer personal data to our advisors in legal or tax matters, whereby these recipients are obliged to maintain professional status, these recipients are obliged to maintain special confidentiality and secrecy.
If our service providers are not based in the EU, they are certified in accordance with the Trans-Atlantic Data Privacy Framework (TADPF) to ensure an adequate level of data protection for US companies.
- Duration of data storage
We initially process and store your personal data for the period of time for which the respective purpose of use requires corresponding storage (see above for the individual the individual processing purposes). This may also include the periods for the initiation of a contract (pre-contractual legal relationship) and the execution of a contract. contract. On this basis, personal data is regularly deleted in the context of the fulfillment contractual and/or legal obligations are regularly deleted, unless their temporary further processing is necessary for the following purposes:
– Fulfillment of statutory retention obligations
– Preservation of evidence in compliance with the statute of limitations
- Data security
Personal data is protected by us by means of suitable technical and organizational measures to ensure an appropriate level of protection and to safeguard the personal rights of the persons concerned. The measures taken serve, among other things, to prevent unauthorized access to the technical equipment used by us and to protect
personal data from unauthorized access by third parties. In particular this website for security reasons and to protect the transmission of confidential content, such as your contact requests that you send to us as the site operator, SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data you send to us the data you transmit to us cannot be read by third parties. Nevertheless however, we would like to point out that data transmission over the Internet (e.g. when communicating by e-mail) can have security gaps. Complete protection of data from access by third parties by third parties is not possible.
VII. Your rights as a data subject
You have the following rights as a data subject under the legal requirements person concerned:
Right to information: You are entitled at any time, within the framework of Art. 15 GDPR, to request a confirmation as to whether we are processing personal data concerning you; if this is the case, you are also entitled under Art. 15 GDPR to obtain information about this personal data as well as certain other information (including processing purposes, categories of personal data, categories of recipients, planned storage period, the origin of the data, the use of automated decision-making and, in the case of a transfer to a third country, the appropriate safeguards) and a receive a copy of your data.
Right to rectification: You are entitled to demand from us in accordance with Art. 16 GDPR that we rectify the personal data stored about you if this data is inaccurate or incorrect.
Right to erasure: You are entitled, under the conditions of Art. 17 GDPR to demand that we erase personal data concerning you without undue delay. The right to erasure does not exist, for example, if the processing of personal data is necessary, e.g. for the fulfillment of a legal obligation (e.g. statutory retention obligations) or to assert, exercise or defend legal claims. defense of legal claims.
Right to restriction of processing: You are entitled, under the conditions set out in Art. 18 GDPR to demand that we restrict the processing of your personal data. restrict the processing of your personal data.
Right to data portability: You are entitled, under the conditions of Art. 20 GDPR, you have the right to obtain from us the personal data concerning you data that you have provided to us in a structured, commonly used and machine-readable format.
Right of withdrawal: You can withdraw your consent to the processing of personal data at any time. This also applies to the revocation of declarations of consent given to us before the GDPR came into force, i.e. before 25.5.2018. Please note that the revocation is only effective for the future. Processing that took place before the withdrawal is not affected. To declare revocation, an informal notification, e.g. by e-mail to us, is sufficient.
Right to object: You are entitled under the conditions of Art. 21 GDPR to object to the processing of your personal data, with the result that we must stop processing your personal data. The right to object exists only within the limits provided for in Art. 21 GDPR. In addition, our interests may conflict with the termination of the processing, so that we are entitled to process your personal data despite your objection. We will process an objection to any direct marketing measures immediately and without further consideration of the existing interests.
Information about your right to object in accordance with Art. 21 GDPR
You have the right to object at any time to the processing of your data, which is based on Art. 6 para. 1 sentence 1 lit. f GDPR (data processing on the basis of a balancing of interests) or Art. 6 para. 1 sentence 1 lit. e GDPR (data processing in the public interest), objection if there are reasons for this which arise from your particular situation. If you object, we will no longer process your personal data unless we can demonstrate compelling unless we can demonstrate compelling legitimate grounds for the processing which outweigh your interests, rights and freedoms, or the processing serves the establishment serves the assertion, exercise or defense of legal claims.
The objection can be made informally and should preferably be addressed to:
ROOT Wellness, LLC 393 Nichol Mill Ln Ste. 250B, TN 37067, [email protected]
Right to lodge a complaint with a supervisory authority: Under the conditions of Art. 77 GDPR, you have the right to lodge a complaint with a competent supervisory authority.
A list of the German data protection supervisory authorities and their contact details can be taken from the following link:
https://www.bfdi.bund.de/DE/Infothek/Anschriften Links/anschriften links – node.html
Other concerns: For further data protection questions and concerns, please contact our data protection officer at your disposal. Corresponding inquiries and the exercise of your rights should, if possible, be sent in writing to our address given above or by e-mail to [email protected].
VIII. Obligation to Provide Data
In principle, you are not obliged to provide us with your personal data. However, if you do not do so, we will not be able to make our website available to you without or be able to answer your inquiries to us. Personal data that we do not necessarily require for the above-mentioned purposes are marked accordingly as voluntary information.
- IX. Automated Decision Making/Profiling
We do not use automated decision-making or profiling (an automated analysis of your personal analysis of your personal circumstances).
- Up-to-Datedness and Amendment of this Privacy Policy
- This privacy policy is currently valid and has the status March 2024.
- Due to the further development of our website and offers on it or due to changes in legal or official requirements, it may become necessary to amend this privacy policy.