Menu
A Message from Robert F. Kennedy Jr. - Chairman on Leave

Privacy Policy for Colorado Residents

Effective Date: July 1, 2023

This Colorado Privacy Notice (“Notice”) supplements the information contained in the Children's Health Defense - Ohio Chapter Privacy Policy (so all defined terms used in that Privacy Policy have the same meaning in this Colorado Privacy Notice), and applies solely to all users who visited our Website located at https://oh.childrenshealthdefense.org, or otherwise provided us personal information, who reside in the State of Colorado or who did so within the immediate past 12 months of accessing our Website or otherwise providing us personal information as defined below (“consumers” or “you”). We adopt this Colorado Privacy Notice to comply with the Colorado Privacy Act (“CPA”) and any terms defined in the CPA have the same meaning when used in this Notice.

1. Information We Collect

Our Website collects information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, household, or device (“personal information”). Personal information does not include:

  • Publicly available information from government records.
  • De-identified or aggregated consumer information.
  • Information that is not capable of identifying you as a natural person.
  • Employment information.
  • Information that is provided on a business-to-business basis.

In particular, our Website has collected the following categories of personal information from consumers within the last twelve (12) months:

 

Category

Examples

Collected

A. Identifiers.

A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.

YES

B. Protected classification characteristics under Colorado or federal law.

Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).

YES

C. Commercial information.

Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.

YES

D. Biometric information.

Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.

NO

E. Internet or other similar network activity.

Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.

NO

F. Geolocation data.

Physical location or movements.

YES

G. Sensory data.

Audio, electronic, visual, thermal, olfactory, or similar information.

NO

H. Professional or employment-related information.

Current or past job history or performance evaluations.

YES

H. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).

Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.

NO

I. Inferences drawn from other personal information.

Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

NO

J. Sensitive Personal Information

Government identification numbers (e.g., Social Security numbers, driver’s license numbers, and passport numbers); debit card and credit card numbers in combination with required security or access codes, passwords, or credentials; a consumer’s precise geolocation, religious beliefs, racial or ethnic origin, biometric information, sex life or sexual orientation information; and contents of a consumer’s mail, email, or text messages unless that business is the intended recipient

NO

Our Website obtains the categories of personal information listed above from the following categories of sources:

  • Directly from you. For example, from forms you complete or products and services you purchase.
  • Indirectly from you. For example, from observing your actions on our Website.

2. Use of Personal Information

We may use the personal information we collect for one or more of the following purposes:

  • To fulfill or meet the reason you provided the information. For example, if you share your name and contact information to request a price quote or ask a question about our products or services, we will use that personal information to respond to your inquiry. If you provide your personal information to purchase a product or service, we will use that information to process your payment and facilitate delivery. We may also save your information to facilitate new product orders or process returns.
  • To provide, support, personalize, and develop our Website, products, and services.
  • To create, maintain, customize, and secure your account with us.
  • To process your requests, purchases, transactions, and payments and prevent transactional fraud.
  • To provide you with support and to respond to your inquiries, including to investigate and address your concerns and monitor and improve our responses.
  • To personalize your Website experience and to deliver content and product and service offerings relevant to your interests, including targeted offers and ads through our Website, third-party sites, and via email or text message (with your consent, where required by law).
  • To help maintain the safety, security, and integrity of our Website, products and services, databases and other technology assets, and business.
  • For testing, research, analysis, and product development, including to develop and improve our Website, products, and services.
  • To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
  • As described to you when collecting your personal information or as otherwise set forth in the CPA.
  • To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us about our Website users is among the assets transferred.

We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.

We also do not collect your personal information for use with automated decision-making technology. In the event we do, we will provide you the ability to opt-out of such automated decision-making.

In the event we collect personal information for any other purpose, we will provide you notice.

3. Sharing Personal Information

We do not sell, rent, lease, release, disclose, disseminate, make available, transfer or otherwise communicate orally or in writing or by electronic or other means your personal information to any other business outside our group of companies, or to any third parties for monetary consideration, including to opt you into a financial incentive program and have not in the last 12 months or at any time after January 1, 2023. In the event we do, we will request your consent prior to doing so.

We do not share your personal data with third parties except with:

  • Internal Third Parties, which are companies in Children’s Health Defense Group, which are based in the United States, Europe, South Africa, Canada, Australia, and Ireland, act as joint controllers or processors and provide IT and system administration services, or external third parties based in Europe or the United States who provide IT and system administration services to us. They also include our professional advisers, including lawyers, bankers, auditors and insurers based in Europe and the United States who provide consultancy, banking, legal, insurance and accounting services.
  • Third parties to whom we may choose to sell, transfer or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this Colorado Privacy Notice and they will also be under confidentiality agreements that provide for contractual protections of your personal data.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our written instructions.

4. Your Rights and Choices

If you are a Colorado resident, you have the following rights under applicable Colorado law in relation to your personal information, subject to certain exceptions:

  • Right of Access. You have the right to confirm whether we collect Personal Information about you and, if so, what Personal Information we collect, use, disclose, and/or sell, as applicable.
  • Right to Delete. You have the right to request the deletion of your personal information that is collected by us.
  • Right to Correct. You have the right to request that we correct inaccuracies in the personal information that we collect about you.
  • Right to Opt-Out of Sale. You have the right to opt-out of the sale of your Personal Information to third parties for the purpose of targeted advertising, profiling in furtherance of decisions that produce legal or similarly significant effects concerning a consumer or for monetary return. However, as noted above, we do not currently sell any personal information.
  • Right to Data Portability. No more than two times per calendar year, you have the right to request a copy of your personal information we have collected and maintained about you that allows you to transfer the data to another entity.

Any request you submit to us to know, to delete or to correct is subject to an identification and residency verification process as permitted by Colorado law. We will not fulfill your request unless you have provided sufficient information that enables us to reasonably verify that you are the consumer about whom we collected the personal information.

This section describes your Colorado data subject rights and explains how to exercise those rights and also describes various exclusions and exceptions under Colorado law.

We will respond to your request within 45 days after receipt of a Verifiable Consumer Request and for no more than twice in a twelve-month period. We reserve the right to extend the response time by an additional 45 days when reasonably necessary and provided consumer notification of the extension is made within the first 45 days.

We will not process personal information in violation of state or federal laws that prohibit unlawful discrimination against consumers.

5. Right to Opt Out

You have the right to opt out of the sale of your personal information for the purposes of targeted advertising, sale to a third party for monetary gain, and/or for profiling in furtherance of decisions that produce legal or similarly significant effects concerning you or any other consumer.

You may authorize another person acting on your behalf to opt out of the processing of your personal data for any of the reasons set forth above, including by submitting our Colorado Consumer Privacy Request form (available July 1, 2023).

6. Right of Access, Right to Correct and Data Portability

You have the right to request that we disclose certain information to you about our collection and use of your personal information. This may include your right to correct the personal information we correct about you in the event the personal information is incorrect. Once we receive your request and confirm your identity, we will disclose to you:

  • The categories of personal information we collected about you.
  • The categories of sources for the personal information we collected about you.
  • Our business or commercial purpose for collecting or selling that personal information.
  • The categories of third parties with whom we share that personal information.
  • If we sold or disclosed your personal information for a business purpose, two separate lists disclosing:
    • sales, identifying the personal information categories that each category of recipient purchased; and
    • disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.
  • The specific pieces of personal information we collected about you (also called a data portability request).

7. Right to Delete

You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions (the “right to delete”). Once we receive your request and confirm your identity (see Exercising Your Rights to Know or Delete below), we will review your request to see if an exception allowing us to retain the information applies. We may deny your deletion request, in full or in part, if retaining the information is necessary for us or our service provider(s) for any of the following reasons:

  1. Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, or otherwise perform our contract with you.
  2. Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
  3. Debug products to identify and repair errors that impair existing intended functionality.
  4. Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
  5. Comply with the law.
  6. Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
  7. Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
  8. Comply with a legal obligation.
  9. Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

We will delete or de-identify personal information not subject to one of these exceptions from our records and will direct our service providers to take similar action.

8. Exercising Your Rights of Access, to Correct or Delete

To exercise your rights to know or delete described above, please submit our Colorado Consumer Privacy Request form (available July 1, 2023). Only you, or someone legally authorized to act on your behalf, may make a request to know or delete related to your personal information. If the form is submitted by someone other than the consumer about whom information is being requested, proof of authorization (such as power of attorney or probate documents) will be required.

Your request to know or delete must:

  • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.

You do not need to create an account with us to submit a request to know or delete. However, we do consider requests made through your password protected account sufficiently verified when the request relates to personal information associated with that specific account.

We will only use personal information provided in the request to verify the requestor’s identity or authority to make it.

9. Format of Response

We will respond to your request within 45 days after receipt of a Verifiable Consumer Request for a period covering 12 months and for no more than twice in a twelve-month period. We reserve the right to extend the response time by an additional 45 days when reasonably necessary and provided consumer notification of the extension is made within the first 45 days.

If you have an account with us, we may deliver our written response to that account or via email at our sole discretion. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.

Any disclosures we provide will only cover the 12-month period preceding our receipt of your request. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily usable and should allow you to transmit the information from one entity to another entity without hindrance.

10. Frequency of Requests and Cost

You may submit data subjects requests to know two times within any 12-month period. We can deny more frequent requests. There are no limits on the number of deletion or correction requests you can make. However, we may deny or charge a fee for manifestly unfounded or excessive deletion requests in line with our administrative costs for the deletion requests.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

11. Non-Discrimination

We will not discriminate against you for exercising any of your CPA rights. Unless permitted by the CPA, we will not:

  • Deny you goods or services.
  • Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
  • Provide you a different level or quality of goods or services.
  • Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

12. Appeal Process

Within 45 days of a valid and verifiable data subject request, if we do not take any action on the request, we will let you know why, which is usually because we cannot verify your identity or we have verified your identity but identified that you are not and have not been a Colorado consumer in the relevant time period and not able to exercise rights under the CPA. We will provide information about how you may appeal this decision / non-action in that communication.

You may contact the Colorado Attorney General if you have concerns about the result of your appeal.

13. Changes to this Colorado Privacy Notice

We reserve the right to amend this Colorado Privacy Notice at our discretion and at any time. When we make changes to this Colorado Privacy Notice, we will post the updated notice on the Website and update the notice’s effective date. We may also email you at your email address on file with us. Your continued use of our Website following the posting or emailing of changes constitutes your acceptance of such changes.

14. Contact Information

If you have any questions or comments about this Colorado Privacy Notice, the ways in which Children's Health Defense - Ohio Chapter collects and uses your information described here and in the Privacy Policy, your choices and rights regarding such use, or wish to exercise your rights under Colorado law, please do not hesitate to contact us at:

Email: privacy@childrenshealthdefense.org
Telephone: 614-500-3932
Postal Address: 491A Colemans Crossing Blvd, Suite 111, Marysville, OH 43040, United States

If you need to access this Colorado Privacy Notice in an alternative format due to having a disability, please contact privacy@childrenshealthdefense.org, 614-500-3932, or 491A Colemans Crossing Blvd, Suite 111, Marysville, OH 43040, United States

Privacy Policy: Link ›
GDPR and UK GDPR Privacy Notice: Link ›