Privacy Policy

THE PLANT DAD. www.theplantdad.com

Effective date: 01 August 2020

Home&Larder LLC (“The Plant Dad”, “we”, “us”, “our”, “company”) respects your privacy and is committed to taking reasonable steps towards protecting your privacy online and managing your information responsibly, to best understand the products and services that are most useful to you. This Privacy Policy is intended to notify you of our online privacy practices, the type and categories of information that may be collected, disclosed and stored, how the information is used, with whom the information may be shared, what choices are available to you regarding the collection, use and distribution of the information, what kind of security procedures are in place to protect the loss, misuse or alteration of the information under our control, your rights regarding your personal information and who to contact with questions or concerns.

This Privacy Policy applies to The Plant Dad website located at www.theplantdad.com (collectively, the “Website”), to any phone, fax, and/or mail operations concerning the processing of orders and questions about products or services, as well as our marketing contacts with you. This Privacy Policy does not apply to other websites to which we may link, or to other companies or persons who might be listed as third-party contacts or suppliers on the Website, or to whom we may refer you if you call or write us. We may post links on the Website as a way of helping you locate related information and products easily. However, when linking to another website, you must review that website’s privacy notice as other websites may not treat information collected online in the same manner as we do.

By using the Website and/or by contacting us and providing any personal information, you consent to the collection and use of information by us following this Privacy Policy, as well as the Website Terms and Conditions. If we decide to change our Privacy Policy, we will post those changes on this page and, at the end of this Privacy Policy, indicate the date that changes were last made.

This Privacy Policy covers our treatment of;

(1) Personally identifiable information (“PII”), as defined by numerous statutes in the United States, including the California Online Privacy Protection Act (such statutes, the “PII Laws”),

(2) Personal information, as defined by the California Consumer Privacy Act (the “CCPA”),

(3) Personal data, as defined by the European Union General Data Protection Regulation (the “GDPR”),

We may gather such information when you are accessing, viewing, completing, or using any of our Services.

PERSONAL INFORMATION WE COLLECT (PII)

Personal information you provide to us.  Personal information you may provide to us through the Service or otherwise includes:

  • Contact data, personal information such as your name, and email address.
  • Registration data, such as information that you provide to register for an account.
  • Profile data, such as your username and password that you may set to establish an online account with us and your interests and preferences.
  • Communications, such as information you provide when you contact us with questions, feedback, survey responses, or otherwise correspond with us,
  • Marketing data, such as the email address or contact details that we use to send marketing communications and your preferences for receiving communications about our activities, events, sweepstakes, and contests.
  • Purchase data, including your order history and information needed to process and fulfill your order, including order details, billing address, and delivery address.
  • Other information that we may collect which is not specifically listed here, but which we will use in accordance with this Privacy Policy or as otherwise disclosed at the time of collection.

Automatic collection of Data (Non-PII)

We may automatically log information about you, your computer or mobile device, and your activity occurring on or through the Sites, such as:

  • Device data, such as your computer or mobile device operating system type and version number, manufacturer and model, browser type, screen resolution, IP address, Zip Code, the website you visited before browsing our site, and general location information such as city, state or geographic area.
  • Online activity data, such as pages or screens you viewed, how long you spent on a page or screen, navigation paths between pages or screens, information about your activity on a page or screen, access times, and duration of access.

Cookies and similar technologies.  A cookie is a small data file which may be stored on your computer. These data files enhance a user’s experience in several ways, such as storing a user’s information so that it need not be re-entered upon each visit, or to store items in the online shopping cart. Some of our automatic data collection is facilitated by these cookies and similar technologies. We may also use cookies from well-known 3rd party website service providers (e.g. ConstantContact, OptinMonster, Google Analytics) which have privacy policies of their own which we deem to be compatible with our corporate values and the spirit of this Privacy Policy. If you would like to find out more about cookies, please visit http://www.allaboutcookies.org/.

If you are not comfortable with cookies being stored on your device, most modern internet browsers contain a setting to reject some or all website cookies, or to alert you whenever a cookie is stored on your computer. It is also possible to view all the cookies stored by your browser and delete them manually. Please note that if you restrict your browser’s use of cookies in these ways and it affects a cookie which is technically necessary, parts of our site may not function properly for you. For more information about configuring your web browser with respect to cookies, please refer to the documentation of that browser.

Do Not Sell My Information

We will not sell your information except as part of a corporate buyout, of which you will be duly informed. We will only share the minimum amount of information necessary to enhance your experience or complete a request initiated by you with our service partners and the parties mentioned in this Privacy Policy.

Annual Reports

At the end of every season, The Plant Dad may collect additional optional information in the form of a grow report (“Annual Report”). Users agree that by completing this optional report it becomes the exclusive Intellectual Property (IP) of Home&Larder LLC and may contain Non-PII such as the zip code location of where the kit was grown, where the seeds were planted, sun exposure, yields, and other information which cannot be used to identify the individual contributing user/member. This aggregate information and the reports themselves are not currently marketed, sold, and shared by The Plant Dad, but may be at a later date and we reserve the right to make this business decision.

COMMUNITY FORUM

The Plant Dad operates a Community Forum on the Site and other social media pages such as Facebook and Instagram, where users can share/post content, data and images. Anything posted, uploaded, or messaged on The Plant Dad social media pages or the Site’s Forum is the ownership of The Plant Dad, with exception of any content which is objectionable material, unlawful, or infringes any rights. The Plant Dad reserves the right to take action against any user or remove any objectionable content. At our discretion we may terminate your use of and access to such resources at any time. The Plant Dad is not responsible for content posted or shared by any user on its Community Forum or social media. If you upload images to the website or associated social media pages, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website, and we take no responsibility in this situation.

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection. An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public community in the context of your comment.

Please refer to Section 10 of our Terms and Conditions for more information on the Community Forum.

HOW WE USE YOUR PERSONAL INFORMATION

We use your personal information for the following purposes and as otherwise described in this Privacy Policy or at the time of collection:

Service delivery.  We may use your personal information to:

  • provide, operate and improve the Service, such as to enable you to make purchases of our products and subscriptions;
  • For shipping products and curating the seed selection that you receive.
  • establish and maintain your account on the Service;
  • communicate with you about the Service, including by sending you announcements, updates, security alerts, and support and administrative messages;
  • provide customer support and maintenance for the Service;
  • enable security features of the Site, such as by sending you security codes via email or SMS, remembering devices from which you have previously logged in, and integrating with 3rd party secure sign on solutions such as Facebook login and Google login oAuth API services.

Direct Marketing.  We may use your personal information to send you The Plant Dad-related marketing communications as permitted by law.  You will have the ability to opt-out of our marketing and promotional communications.

For research and development.  We may use your personal information for research and development purposes, including to analyze and improve the Service and our business. 

To create anonymous data.  We may create aggregated, de-identified, or other anonymous data records from your personal information and other individuals whose personal information we collect.  We make personal information into anonymous data by excluding information (such as your name and full address) that makes the data personally identifiable to you.  We may use this anonymous data and share it with third parties for our own business purposes, including to analyze and improve the Service and to promote our business.

To comply with laws and regulations.  We use your personal information as we believe necessary or appropriate to comply with applicable laws, lawful requests, and legal processes, such as to respond to subpoenas or legitimate requests from government authorities. 

For compliance, fraud prevention, and safety.  We may use your personal information and disclose it to law enforcement, government authorities, and private parties as we believe necessary or appropriate to (a) protect our, your or others’ rights, privacy, safety or property (including by making and defending legal claims); (b) audit our internal processes for compliance with legal and contractual requirements; (c) enforce the terms and conditions that govern the Service; and (d) protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity, including cyber attacks and identity theft.

With your consent.  In some cases, we may specifically ask for your consent to collect, use, or share your personal information, such as when required by law. 

HOW WE SHARE YOUR PERSONAL INFORMATION

We may share your personal information with the following third parties and as otherwise described in this Privacy Policy or at the time of collection:

Service providers.  Companies and individuals that provide services on our behalf or help us operate the Service or our business (such as order fulfillment, shipping, payment processing, customer support, hosting, analytics, email delivery, marketing, database management services, returns processing, and risk and fraud mitigation). 

Professional advisors.  Professional advisors, such as lawyers, bankers, auditors, and insurers, where necessary in the course of the professional services that they render to us.

Authorities and others.  Law enforcement, government authorities, and private parties, as we believe in good faith to be necessary or appropriate to comply with the law or for the compliance, fraud prevention, and safety purposes described above.

Embedded Content From Other Websites:

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

CALIFORNIA CONSUMER PRIVACY ACT (CCPA)

California Residents: Rights under California Law. The Plant Dad complies with the requirements of the California Consumer Privacy Act. To the extent other terms of this Privacy Policy or The Plant Dad Terms and Conditions contradict the terms herein, as applied specifically and solely to our California resident customers, the terms of this section control.

  • You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months, and formally request that we do not sell this information for the next 12 months. Once we receive and verify your request, we will disclose to you:
    • The categories of personal information we collected about you;
    • The categories of sources from which the personal information has been collected;
    • The specific pieces of personal information we collected about you;
    • The categories of personal information about you that was sold or disclosed for a business purpose; and/or
    • The categories of third parties to whom the personal information was sold or disclosed for a business purpose, by category or categories of personal information for each category of third parties to whom the personal information was sold.
  • You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and verify your request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.
    • We may deny your deletion request if retaining the information is necessary for us or our service providers to:
      • Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our agreement with you. For example, we may not delete your personal information insofar as it is needed to honor our returns policy with you.
      • Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
      • Debug products to identify and repair errors that impair existing intended functionality.
      • Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
      • Comply with the California Electronic Communications Privacy Act.
      • Enable internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
      • Comply with a legal obligation.
      • Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

To exercise the rights described above, please submit a verifiable request to us by clicking on the following link: Do not sell my personal information or by emailing us at compliance@theplantdad.com.

Only you or a person whom you authorize to act on your behalf may make a verifiable consumer request related to your personal information. If you wish to authorize another to act on your behalf, please be advised that The Plant Dad may require that you provide the authorized agent with signed written permission to submit a request and verify your own identity and confirm your permission directly with us, unless the authorized agent has a power of attorney. However, you may also make a verifiable consumer request on behalf of your minor child.

Our verification process works as follows:

Password-protected accounts– if you have a password-protected account with us, we will use password authentication to verify you.

Non-password-protected accounts– Before we may process a request, in order to protect your privacy, we will ask for you to confirm a few pieces of information that we have on our records about you, for example:

  • Your email address
  • Your billing address and zip code

If you make a request online to delete your personal information, we may need to confirm your request before we delete your information.

You may make a verifiable consumer request up to two times within a 12-month period, without charge. Unfortunately, we cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm that the personal information relates to you. Making a verifiable consumer request does not require you to create an account with us. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

We try to respond to a verifiable consumer request within 45 days of its receipt. If we require more time, we will inform you of the reason and extension time period (up to 90 days). If you have an account with us, we will deliver our response to the email associated with that account. If you do not have an account with us, we will deliver our response by mail or electronically, at your option. Any disclosures we provide will only cover the 12-month period preceding receipt. The response we provide will also explain any reasons we cannot comply with a request, if applicable.

We will not discriminate against you for exercising any of your CCPA rights, however certain features or areas of the site may no longer work properly without the user information they require to function.

COPPA (Children Online Privacy Protection Act)

We do not knowingly collect personal information from or transact business with children under the age of 13 as defined by the Children’s Online Privacy Protection Act (“COPPA”) (“child” or “children”), except as may be permitted by COPPA and explained in this Children’s Privacy Policy. If you are under the age of 18, you may only use this Site with the permission and supervision of a parent or legal guardian. If you are a parent or guardian and believe that we have collected such personal information other than as permitted by COPPA, this privacy policy, or our Terms and Conditions, please contact us and we will remove it.

Website Security

We have taken many precautions to protect confidential information while you shop and participate on the The Plant Dad Website. We use the industry-standard SSL protocol (Secure Sockets Layer) to secure credit card transactions and all other site content. This SSL system encrypts information that you submit to us via our website when you place an order as a safeguard against third party interception of your information or spoofing of our content by a bad actor for the purposes of interception later. Most modern browsers provide a visual indication that SSL is in place on a given webpage. Credit card information is NOT stored or processed on the site in any way, but is directly tunneled via SSL to a secured 3rd party payments processor (Braintree by Paypal), which handles all purchases, subscription renewals, and payment information retention (where applicable). In addition, all areas of the site are secured using strong password requirements, firewall, anti-spam, and antivirus products which are kept continuously up to date. Users will be notified in the unlikely event that we discover a security breach which places user information at risk.

Changes

We may change this Privacy Policy from time to time. If we believe the changes are material, we will let you know by one or more of the following: (1) posting a conspicuous notice on the Website or (2) sending you an email regarding the changes.

Contact Us

If you have questions about our privacy policies or procedures, or if you would like to make changes to the way your data is being used, please email compliance@theplantdad.com or reach us by mail, phone, or on the web:

The Plant Dad (Home&Larder LLC) – DATA CONTROLLER

Address: 5557 Baltimore Avenue, Suite 500-1019
Hyattsville, MD 20781
Telephone: (410)449-0561 | Website: www.theplantdad.com