Effective as of December 1, 2021
Categories of collected personal data
We collect the following types of personal data:
- Identity data: name, surname;
- Contact data: phone number, email, state;
- Third party accounts data: Apple ID, social media profile, friends list, birthday
- Technical data: IP address, geo-location information, your browser type, language and identifying information, your operating system and application version, device types, device model and manufacturer, device identifiers, and your device operating system type and version
Information We Collect from You Through Your Use of our services
- We collect your Identity data and Contact data when you are applying for MMJ Card though our Site.
- We collect your Identity data, Contact data and Third party accounts data when you are creating an account with our Mobile App.
- We collect your Contact data when you are subscribing for our newsletters.
- We collect your Third party account data when you are creating an account with our Mobile App through your social media (like Facebook or Tweeter).
- We are collecting Technical data when you are using our Site or Mobile App.
We may collect personal data that you voluntarily provide to us. This includes your comments and other information you share through our Site.
We do not sell personal information we collect from you or about you.
Data Security, Retention and Transfer
Please be aware that your personal data may be processed in our operating offices located in the United States.We take all reasonable steps to protect the information we receive from you from loss, misuse, or unauthorized access, disclosure, alteration, and/or destruction. We have put in place appropriate physical, technical administrative and organizational measures to safeguard and secure your information, and we make use of privacy-enhancing technologies such as encryption. We ensure the ‘confidentiality, integrity and availability’ of our systems and services. However, no company can fully prevent security risks. While we strive to protect your personal information, we cannot guarantee its absolute security.
Generally, we will retain your personal data as long as you are using our Site or you are subscribed to our newsletters. We will retain your personal data not more than 3 years after you contacted us. This does not apply to technical data which is stored during sessions and deleted from time to time.
How WayofLeaf Uses Your Information
WayofLeaf generally uses your information to:
- Provide, personalize, and improve the Services;
- Communicate with you about your use of the Services;
- Develop new products and services,
- Customize the advertising you view and recommend content;
- Fulfill your requests;
- Send newsletters, surveys, offers, and promotional materials related to the Services and for other marketing purposes of WayofLeaf using your contact information;
- To contact you when necessary or appropriate in relation to the Services being provided to you.
- Protect, investigate, and prevent potentially fraudulent, unauthorized, or illegal activities;
- Protect our rights and the rights of other users; and
We may also use your information to verify your geographic location. We may use your geographic location data to personalize our Service, to recommend content, determine whether the information you have requested is available in your location. If Information is aggregated or de-identified so it is no longer reasonably associated with an identified or identifiable natural person, WayofLeaf may use it for any business purpose.
Sharing of your personal data
We may share your information, including personal information, as follows:
As far as the transmitting of personal data to a third party is not explicitly permitted by law, you agree that we may, if necessary, transmit personal data to law enforcement offices when relevant to defending against a governmental and public safety threat or the prosecution of a criminal act. Furthermore, you agree that we may, if necessary and related to legitimate law enforcement or criminal prosecution interests, transmit personal data to a third party. Transmission of data is not necessary and will not occur if a preliminary legal or law enforcement proceeding can be initialized or has already been initialized.
We also disclose information in the following circumstances:
- Business Transfers. If (i) we or our affiliates are or may be acquired by, merged with, or invested in by another company, or (ii) if any of our assets are or may be transferred to another company, whether as part of a bankruptcy or insolvency proceeding or otherwise, we may transfer the information we have collected from you to the other company. As part of the business transfer process, we may share certain of your personal information with lenders, auditors, and third-party advisors, including attorneys and consultants.
- In Response to Legal Process. We disclose your information to comply with the law, a judicial proceeding, court order, or other legal process, such as in response to a court order or a subpoena.
- To Protect Us and Others. We disclose your information when we believe it is appropriate to do so to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the safety of any person, violations of our Terms of Service or this Policy, or as evidence in litigation in which we are involved.
- Aggregate and De-Identified Information. We share aggregate, anonymized, or de-identified information about users with third parties for marketing, advertising, research or similar purposes.
How WayofLeaf Discloses Your Information
We may share your information as follows:
- We may share your personal information with your consent or at your direction.
- We may also share your personal information with others who perform services on our behalf (for example, if you make a call or receive/respond to a text using the Service).
- We may share your information with third-party service providers to fulfill your requests, including product requests.
- We may disclose your information if we believe we are required to do so by law, or to comply with a court order, judicial or other government subpoena, or warrant.
- We also may disclose your information if we believe doing so is appropriate or necessary to prevent any liability, or fraudulent, abusive, or unlawful uses or to protect WayofLeaf and our Services; or any rights, property, or personal safety of WayofLeaf or others.
- In the event that WayofLeaf is or may be acquired by or merged with another company or involved in any other business deal (or negotiation of a business deal) involving sale or transfer of all or part of our business or assets, we may transfer or assign your information as part of or in connection with the transaction. Finally, in the event of insolvency, bankruptcy, or receivership, information may be transferred as a business asset.
We may also share aggregated and anonymized data with our partners, advertisers, and other third parties.
Data Security and Transfer
Your personal data is stored on servers of companies we hire to provide services to us. We take reasonable administrative, technical and physical safeguards to help protect against loss, misuse or unauthorized access, disclosure, alteration or destruction of your Personal Data. However, no company can fully prevent security risks. While we strive to protect your personal information, we cannot guarantee its absolute security. To help protect yourself and your information, choose a unique password for our Services and do not use a password on our Services that you would use on any other website or online service.
Our policy towards children’s information
This Service is not directed to anyone under the age of consent. We do not knowingly collect personally identifiable information from anyone under the age of consent. If a parent or guardian becomes aware that his or her child has provided us with Personal Information without their consent, he or she should contact us. If we become aware that anyone under consent has provided us with Personal Information, we will delete such information from our files.
To the extent that WayofLeaf’s processing of your personal information is subject to the General Data Protection Regulation, WayofLeaf relies on your consent, given through affirmative assent upon visiting the WayofLeaf Site, to process your information data. WayofLeaf may also process information that constitutes your personal information for direct marketing purposes and you have a right to object to WayofLeaf’s use of your personal information for this purpose at any time.
You may opt out of receiving marketing/promotional emails or SMS messages from WayofLeaf by by emailing us at info@WayofLeaf.com. If you opt out of receiving marketing/promotional emails and/or text messages, we may still send you non-promotional emails, such as emails about our ongoing business relations. You may also send requests about your personal information, including changes to your contact preferences, changes to or deletions of your information or content you post, and requests to opt-out of sharing your personal information with third parties by emailing info@WayofLeaf.com. Please note that deletion of your personal information or content does not ensure complete or comprehensive removal of the content or information posted on the Services.
You may decline to share certain data with WayofLeaf, in which case we may not be able to provide you with some of the features and functionality of the Site or Service. You may have the right to know what personal information WayofLeaf has about you and to correct any inaccuracies. Please direct any such requests by email to info@WayofLeaf.com or by one of the other means listed below.
Third Party Links
NOTICE FOR EEA BASED USERS
Legal basis. We process EEA-based User’s Personally identifiable data under the following legal basis:
1. On the basis of consent – to provide you with the possibility to register for MMJ card through our Site or use our Mobile App.
2. For other legitimate interests, unless those interests are overridden by user’s interests or fundamental rights and freedoms that require protection of personal data. For example, we rely on our legitimate interest when it comes to (1) provision of our Site and Mobile App; (2) diagnosting analytics to assess the number of visitors, posts, page views, reviews for further optimization of our Platform; (2) optimization of our visitors’ experience; (3) prevent cyberbullying & fraud; (4) ensure network and information security, (5) analyze customer satisfaction; (6) provide information and ensure good management of and support for our customers, suppliers and partners; and (7) make recommendations or/and suggestions to you about online events or other services available through the Platform that may be of interest to you
If you are data subject (individual) from the European Economic Area or the United Kingdom you have the following rights:
– Right to rectification.
– Right to limitation of processing.
– Right of access.
– Objecting to or restricting the use of personal data.
– The right to data portability.
You can execute your rights by sending a request to firstname.lastname@example.org.
You can exercise your rights by filing a written request containing as a minimum the following information: (1) name, postal address, email address and other data allowing identification of the respective natural person; (2) description of the request; (3) signature, date, correspondence address and mobile number.
Generally, we will provide the information free of charge. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
Upon the filing of a request by an authorized person, the notarised power of attorney must be attached to the request. In case of death of the natural person, his / her heirs exercise his / her rights and the certificate of heirs shall be attached to the request.
We will review and pronounce on the request within 1 month as of its filing. This period may be extended by further two months, if necessary. However, we will inform you about any delay and the cause of such delay. Where data does not exist or law forbids their provision, access to the requesting party to such data is refused.
If you are not satisfied with the response received and/or believe that your rights related to were violated, you are entitled to exercise your right to defense.
California Privacy Rights
Under CCPA you can request information about your personal data processed over the past 12 months. You can make such a request twice within a 12-month period. Your verifiable consumer request must: (1) disclose sufficient information that allows us to identify you as a person about whose data we collected; and (2) contain a description of what rights you want to execute. We will not be able to respond to your request unless we verify your identity or authority to make the request and confirm the relation to data we collected. When we will verify you as a consumer, we may:
- Disclose categories of sources for personal data we collected about you.
- Additionally disclose personal identifiable information we collected about you.
- Delete your personal identifiable data, subject to certain exceptions. Once we receive and confirm verifiable consumer request, we will delete from our records, unless data is necessary for us or our service provider(s) to (1) complete the transaction for which we collected personal data, provide a good or service that consumer requested, take actions reasonably anticipated within the context of our ongoing business relationship with consumer, or otherwise perform our contract with you; (2) protect our service, or prosecute those responsible for illegal activities; (3) exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law; (4) comply with a legal obligation; make other internal and lawful uses of that information in the context in which it was provided.
Please send your verifiable consumer requests to email@example.com. Verifiable consumer request will be responded to within forty-five (45) days of its receipt. If we require more time, we will inform you of the reason and extension period in writing. The responding is free of charge unless it is excessive, repetitive, or manifestly unfounded.
Notice to Nevada users
Although we do not currently conduct sales of personal information, Nevada residents may submit a request directing us to not sell personal information we maintain about them if our practices change in the future. To exercise this right, email us at info@WayofLeaf.com with the subject line: “Nevada: Request to Opt-Out.”
If you believe that WayofLeaf has not adhered to this Policy, please contact WayofLeaf by e-mail at info@WayofLeaf.com We will do our best to address your concerns. If you feel that your complaint has been addressed incompletely, we invite you to let us know for further investigation.
WayofLeaf Contact Information
Please contact WayofLeaf with any questions or comments about this Policy, your information, our third-party disclosure practices, or your consent choices by email at info@WayofLeaf.com.
|_ga||This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site’s analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors.||2 years||Analytics|
|_gid||This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number visitors, the source where they have come from, and the pages visited in an anonymous form.||1 day||Analytics|