Privacy and Security

At Eartha, we are 100% committed to protecting your privacy and any data you share with us. Please take a moment to read our privacy policy before using this website.

This Privacy Policy describes our policies and procedures on the collection, use, disclosure, and sharing of your personal information when you use this website.

Our collection, use, disclosure, and processing of personal information about individuals will vary depending upon the circumstances. This privacy notice is intended to describe our overall privacy and data protection practices. In some cases, different or additional notices about our data collection and processing practices may be provided and apply to our processing of certain personal information.

SECTION 1 – WHY WE COLLECT YOUR INFORMATION

We use the information we collect in various ways, including:

• To provide, operate, and maintain our website.
• To provide the goods you purchase through us.
• To improve, personalise, and expand our website.
• To understand and analyse how you use our website.
• To develop new products, services, features, and functionality.
• To communicate with you, either directly or through one of our partners, including for user service, to provide you with updates and other information relating to the website, and for marketing and promotional purposes.
• Find and prevent fraud.

SECTION 2 – OUR COLLECTION OF PERSONAL INFORMATION

Personal information that we collect and the process will vary depending upon the circumstances. We collect personal information directly from individuals, automatically related to the use of the Services. We gather this information about you when you engage in the following ways:

• You provide your contact information and send other personal information to us
• You register or subscribe to earthaunderwear.com marketing channels
• You place an order with us
• You complete or submit a form through Eartha, for example, “Contact Us”
• You sign up for a user account
• You interact with us online via social media or any other website where Eartha is represented
• You attend an event hosted or sponsored by Eartha

When you register you personal information with Eartha, you consent to the use of your personal data in line with Eartha’s Privacy Policy. If you are under the age of 16, you must inform a parent or guardian about our privacy policy and obtain their agreement to this privacy policy before using any of our online services, including, but not limited to, registration with Eartha, subscribing to our newsletter or placing an order with us.

Your Data Controller

We are the data controller with respect to processing your data. This means that we decide how your personal data is processed and for what purposes. We know that you care how data about you is used and shared, and we appreciate your trust that we will do so carefully and sensibly. 

This Privacy Policy applies to activities by Eartha and its affiliates and subsidiaries (collectively “Company” “we” or “us”).

Your Consent

If you revoke your consent for the processing of Personal Information, then we may no longer be able to provide you services. In some cases, we may limit or deny your request to revoke consent if the law permits or requires us to do so, or if we are unable to adequately verify your identity.

Your Choices

You may, of course, decline to submit information through our website, in which case we may not be able to provide related services to you.

SECTION 3 – HOW WE USE YOUR PERSONAL INFORMATION

While the purposes for which we may process personal information will vary depending upon the circumstances, in general, we use personal information for the purposes set forth below. Where General Data Protection Regulation (GDPR) or other relevant laws apply, we have set forth the legal bases for such processing in parenthesis.

1. Providing support and services: including, for example, to provide services you request (and send related information), operate Eartha to communicate with you about your access to and use of our services; to respond to your inquiries; to provide troubleshooting, fulfil your requests and provide technical support; and for other user service and support purposes. 

2. Analysing and improving our business: including better understand how users’ access and use Eartha to evaluate and improve our services and business operations, and to develop new features, offerings, and services; to conduct surveys, and other evaluations, such as member satisfaction surveys; and for other research and analytical purposes. 

3. Personalising content and experiences: including to provide or recommend features, content, social connections, and referrals; tailor content we send or display on Eartha to offer customisation and personalised help and instructions, and otherwise personalise your experiences. 

4. Advertising, marketing, and promotional purposes: including to reach you with more relevant ads and to evaluate, measure, and improve the effectiveness of our ad campaigns; to send you newsletters, offers, or other information we think may interest you; to contact you about Eartha or information we think may interest you; 

5. Defending our legal rights: including to manage and respond to actual and potential legal disputes and claims, and to otherwise establish, defend or protect our rights or interests, including in the context of anticipated or actual litigation with third parties. 

6. Complying with legal obligations: including to comply with the law, our legal obligations and legal process, such warrants, subpoenas, court orders, and regulatory or law enforcement requests. 

SECTION 4 – DISCLOSURE OF PERSONAL INFORMATION

We may disclose the personal information that we collect about you as set forth below or as otherwise described at the time of collection or sharing.

1. Service providers: We may disclose personal information with third-party service providers who use this information to perform services for us, such as hosting providers, instructors, advisors, consultants, and user service and support providers.

2. Third Parties:  We may employ other companies and individuals to perform functions on our behalf. Examples include sending postal mail and e-mail, removing repetitive information from user lists, analysing data, providing marketing assistance, processing payments, transmitting content, and providing user service. These third-party service providers have access to personal information needed to perform their functions but may not use it for other purposes.

3. Business transfers: We may disclose or transfer personal information as part of any actual or contemplated merger, sale, and transfer of our assets, acquisition, financing, or restructuring of all or part of our business, bankruptcy, or similar event, including related to due diligence conducted before such event where permitted by law.

4. Legally required: We may disclose personal information if we are required to do so by law (e.g., to law enforcement, courts, or others, e.g., in response to a subpoena or court order).

5. Protect our rights: We may disclose personal information where we believe it necessary to respond to claims asserted against us or, comply with legal process (e.g., warrants), enforce or administer our agreements and terms, for fraud prevention, risk assessment, investigation, and to protect the rights, property, or safety of us, our clients and users or others.

If you would like to know more about the 3rd parties we may share personal data with, or how to find out more on how they will use your data, please contact us. 

SECTION 5 – COOKIES

Cookies are small text files that a website transfers to your hard drive to store and sometimes collect information about your usages of websites, such as time spent on the websites, pages visited, language preferences, and other anonymous traffic data. You can control the way in which cookies are used by altering your browser settings. You may refuse to accept cookies by activating the setting on your browser that allows you to reject cookies. However, if you select such a setting, this may affect the functioning of Eartha unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you access or log on to our Service.

SECTION 6 – LOG FILES

Most browsers collect certain information, such as your IP address, device type, screen resolution, operating system version, and internet browser type and version. This information is gathered automatically and stored in log files.

SECTION 7 – THIRD-PARTY ANALYTICS TOOLS

Our website may use automated devices and applications operated by third parties, such as Google Analytics, which uses cookies and similar technologies to collect and analyse information about the use of the website and report on activities and trends. This service may also collect information regarding the use of other websites, apps, and online resources. 

SECTION 8 – DO-NOT-TRACK SIGNALS

Please note that our website does not recognize or respond to any signal which your browser might transmit through the so-called ‘Do Not Track’ feature your browser might have. If you wish to disable cookies on our website, you should not rely on any ‘Do Not Track’ feature your browser might have.

SECTION 9 – SECURITY

We use technical, administrative, and physical controls in place to help protect Personal Information from unauthorized access, use, and disclosure. Even so, despite our reasonable efforts, no security measure is ever perfect or impenetrable. 

SECTION 10 – DO NOT SELL MY DATA

Except as otherwise stated in this Privacy Policy, we do not sell, trade, rent, or otherwise share for marketing purposes your Personal Information with third parties without your consent. We will retain your personal information for the period necessary to fulfil the purposes outlined in this privacy notice unless a longer retention period is required or permitted by law. We may retain personal information for longer where required by our legal and regulatory obligations, professional indemnity obligations, or where we believe it is necessary to establish, defend or protect our legal rights and interests or those of others. With respect to the data and files we handle as a processor, we retain this personal information in accordance with our client’s instructions.

SECTION 11 – CCPA PRIVACY RIGHTS

Under the CCPA, among other rights, California consumers have the right to:

• Request that a business that collects a consumer’s personal data disclose the categories and specific pieces of personal data that a business has collected about consumers.

• Request that a business deletes any personal data about the consumer that a business has collected.

• Request that a business that sells a consumer’s personal data, not sell the consumer’s personal data.

SECTION 12 – LOCATION OF SITE 

Our website is hosted on Shopify and is operated by Eartha in the United Kingdom. Our website information is stored in Shopify Servers in Montreal, Canada. If you are located in the European Union, please be aware that any information you provide to us will be transferred to and stored on this server. By using our Site, participating in any of our services and/or providing us with your information, you consent to this transfer.

SECTION 13 – GDPR DATA PROTECTION RIGHTS

We would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:

1. Right to access: If you can prove your identity, you have the right to obtain information about the processing of your data. Thus, you have the right to know the purposes of the processing, the categories of data concerned, the categories of recipients to whom the data are transmitted, the criteria used to determine the data retention period, and the rights that you can exercise on your data.

2. Right to rectification of your personal data: Inaccurate or incomplete personal data may be corrected.

3. Right to erasure (or “right to be forgotten”): You also have the right to obtain the erasure of your personal data under the following assumptions:

• Your personal data are no longer necessary for the intended purposes;

• You withdraw your consent to the processing and there is no other legal ground for processing;

• You have validly exercised your right of opposition;

• Your data has been illegally processed;

• Your data must be deleted to comply with a legal obligation. The deletion of data is mainly related to visibility; it is possible that the deleted data are still temporarily stored.

1. Right to limitation of processing: In certain cases, you have the right to request the limitation of the processing of your personal data, especially in case of dispute as to the accuracy of the data, if the data are necessary for the context of legal proceedings or the time required to verify that you can validly exercise your right to erasure.
2. Right to object: You have the right to object at any time to the processing of your personal data for direct marketing purposes. We will stop processing your personal data unless it can demonstrate that there are compelling legitimate reasons for the processing which prevail over your right to object.

1. Right to data portability: You have the right to obtain any personal data which you have provided us in a structured, commonly used, and machine-readable format. You are then free to transfer this data to a similar service provider.

2. Right to withdraw your consent: You may withdraw your consent to the processing of your personal data at any time, for example for personalized marketing communication purposes.

SECTION 14 – THIRD-PARTY WEBSITES