Policies

GDPR Privacy Notice

Last Updated: October 17, 2024

This GDPR Privacy Notice (the “GDPR Notice”) supplements our Privacy Policy. When we use the term “Namawell” or “we,” “us,” or “our”, we mean to refer to Namawell, LLC.

If you are located in the European Union (EU), United Kingdom, Lichtenstein, Norway, or Iceland (“European Individuals”), you may have additional rights with respect to your Personal Data under the General Data Protection Regulation (“EU GDPR”), and/or the EU GDPR as saved into United Kingdom law by the United Kingdom's European Union (Withdrawal) Act 2018 (“UK GDPR”) (collectively with the EU GDPR, the “GDPR”), as set forth in this GDPR Notice.

In this GDPR Notice, we use the terms “Personal Data” and “processing” as they are defined in the GDPR, but “Personal Data” generally means information that can be used to identify a person, and “processing” generally refers to actions that can be performed on data such as its collection, use, storage or disclosure. Namawell will usually be the controller of your Personal Data processed in connection with the Website and Services.

Where applicable, this GDPR Notice is intended to supplement, and not replace, our Privacy Policy. If there are any conflicts between the GDPR Notice and the other parts of the Privacy Policy, and you are located in the EU, United Kingdom, Lichtenstein, Norway, or Iceland, the provision that is more protective of Personal Data shall control to the extent of such conflict. If you have any questions about this GDPR Notice or whether any of the following rights apply to you, please contact us at support with the subject line “GDPR Request.”

Capitalized terms not defined herein have the meanings given to them in our Privacy Policy.

1. Types of Personal Data we Collect

We currently collect and otherwise process the categories of Personal Data listed in the Section of our Privacy Policy titled “The Information We Collect And/Or Receive.”

2. How we Obtain the Personal Data and Why we Have it

We collect and/or receive the Personal Data in the ways and for the purposes listed in the Section titled “The Information We Collect And/Or Receive” and Section titled “What Do We Do With Your Information?” of our Privacy Policy. We will only process your Personal Data if we have a lawful basis for doing so. Under the GDPR, the lawful bases we rely on for processing this information are:


a) Your Consent
In some cases, we process Personal Data based on the consent you expressly grant to us at the time we collect such data. When we process Personal Data based on your consent, it will be expressly indicated to you at the point and time of collection. You can remove your consent at any time. You can do this by contacting us via email at support with the subject line “GDPR Request.”

b) We Have a Contractual Obligation
We process certain categories of Personal Data as a matter of “contractual necessity,” meaning that we need to process the data in order to perform you with the Website and the Services you purchase or request. When we process data due to contractual necessity, failure to provide such Personal Data will result in your inability to use some or all portions of the Website and the Services that require such data. These categories of Personal Data are:

  • Contact Information;
  • Account Information;
  • Order Information;
  • Order Tracking Information;
  • Information Collected and/or Received through the “Support” feature of the Website;
  • Internet or other electronic network activity information;
  • Marketing and communications information; and
  • Information Obtained from Other Sources.

c) We Have a Legitimate Interest
We process the following categories of Personal Data when we believe it furthers the legitimate interest of us or third parties:

  • Contact Information;
  • Account Information;
  • Order Information;
  • Order Tracking Information;
  • Information Collected and/or Received through the “Support” feature of the Website;
  • Internet or other electronic network activity information;
  • Marketing and communications information; and
  • Information Obtained from Other Sources.


Our legitimate interests are:

  • Information Security: We process identifiers and contact information and internet or other electronic network activity information when you use Website and/or the Services in order to maintain an audit log of activities performed. We use this information pursuant to our legitimate interests in tracking usage, combating DDOS or other attacks, and removing or defending against malicious individuals or programs.
  • Operation and Improvement of Website and Services: We process internet or other electronic network activity information pursuant to our legitimate interest in operating and improving our Website and Services.
  • Audience Measurement and Marketing: Pursuant to a user’s consent, we use analytics and targeting cookies, and collect identifiers through such cookies, for purposes of audience measurement, analytics, audience reaction to the Website and/or the Services, and creating relevant user experiences.
  • General Business Development and Management: We process contact information, account information, order information, order tracking information, information collected and/or received through the “Support” feature of the Website, internet or other electronic network activity information, marketing and communications information and information obtained from other sources pursuant to our legitimate interest in creating and managing our business relationships with European Individuals, including without limitation:
    • To respond to inquiries from European Individuals;
    • To provide European Individuals with information about our products and services; and
    • To assist European Individuals with any issues while using the Website and the Services.
  • Direct Marketing: Generally, we send email marketing to European Individuals pursuant to their consent. When you use the Website and/or Services, email marketing may be sent to you pursuant to our legitimate interest in sending marketing communications to you in the context of such engagement.
  • Protection of Rights: We may disclose any categories of Personal Data to respond to claims of violation of third party rights or to enforce and protect our rights.


d) We Have a Legal Obligation
We may be required to disclose Personal Data in response to lawful requests by public authorities, including for the purpose of meeting national security or law enforcement requirements. We may also disclose Personal Data to other third parties when compelled to do so by government authorities or required by law or regulation including, but not limited to, in response to court orders and subpoenas.

3. How we Share Your Personal Data

The Section of our Privacy Policy titled “What Do We Do With Your Information?” explains how we share your Personal Data with third parties.

4. How we Store and Protect Your Personal Data

We use commercially reasonable administrative, technical, and physical safeguards to protect your Personal Data from loss, misuse, and unauthorized access, disclosure, alteration, or destruction, for which we take into account the nature of the Personal Data, its processing, and the threats posed to it. Unfortunately, no data transmission or storage system can be guaranteed to be secure at all times. If you have reason to believe that your interaction with us is no longer secure, please immediately notify us via email at support with the subject line “GDPR Request.”
We retain your Personal Data for as long as needed to fulfill the purposes for which we obtained it, as further described in this Privacy Policy. We will only keep your Personal Data for as long as allowed or required by law.

5. Your Data Protection Rights

You have certain rights with respect to your Personal Data, including those set forth below. For more information about these rights, or to submit a request, please email us at support with the subject line “GDPR Request.” You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you. Please note that in some circumstances, we may not be able to fully comply with your request, such as if it is frivolous or extremely impractical, if it jeopardizes the rights of others, or if it is not required by law, but in those circumstances, we will still respond to notify you of such a decision. In some cases, we may also need you to provide us with additional information, which may include Personal Data, if necessary to verify your identity and the nature of your request.

  • Right of access: You can request more information about the Personal Data we hold about you and request a copy of such Personal Data.
  • Right to rectification: If you believe that any Personal Data we are holding about you is incorrect or incomplete, you can request that we correct or supplement such data.
  • Right to erasure: You can request that we erase some or all of your Personal Data from our systems.
  • Right to restriction of processing: You have the right to ask us to restrict the processing of your Personal Data.
  • Right to object to processing: You have the the right to object to the processing of your Personal Data in certain circumstances.
  • Right to data portability: You can ask for a copy of your Personal Data in a machine-readable format. You can also request that we transmit the data to another controller where technically feasible.
  • Right to withdraw consent: If we are processing your Personal Data based on your consent (as indicated at the time of collection of such data), you have the right to withdraw your consent at any time. Please note, however, that if you exercise this right, you may have to then provide express consent on a case-by-case basis for the use or disclosure of certain of your Personal Data, if such use or disclosure is necessary to enable you to utilize our Website and/or some or all of the Services.
  • Objecting to Legitimate Interest/Direct Marketing: You may object to Personal Data processed pursuant to our legitimate interest. In such case, we will no longer process your Personal Data unless we can demonstrate appropriate, overriding legitimate grounds for the processing or if needed for the establishment, exercise, or defense of legal claims. You may also object at any time to processing of your Personal Data for direct marketing purposes by clicking “Unsubscribe” within an automated marketing email or by submitting your request to support with the subject line “GDPR Request.” In such case, your Personal Data will no longer be used for that purpose.

We will respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws. We reserve the right to keep any information in our archives that we deem necessary to comply with our legal obligations, resolve disputes and enforce our agreements. Please note that all of these rights are subject to applicable exemptions and restrictions, and are not absolute rights. If we need to rely on these exemptions or restrictions, we will provide this information to you in our response.

6. How to Complain

If you have any concerns about our use of your Personal Data, you can make a complaint to us at support with the subject line “GDPR Request.”
You also have the right to lodge a complaint about the processing of your personal data with a supervisory authority of the European state where you work or live or where any alleged infringement of data protection laws occurred. A list of most of the supervisory authorities can be found here: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.

7. Corporate Restructuring

In the event of a merger, reorganization, dissolution, or similar corporate event, or the sale of all or substantially all of our assets, the information that we have collected, including Personal Data, may be transferred to the surviving or acquiring entity. All such transfers shall be subject to our commitments with respect to the privacy and confidentiality of such Personal Data as set forth in this GDPR Notice.

8. Transfers of Personal Data

When we transfer personal data outside of the European Union, United Kingdom, Lichtenstein, Norway, or Iceland, we ensure an adequate level of protection for the rights of data subjects based on the adequacy of the receiving country’s data protection laws and contractual obligations placed on the recipient of the data. To request more information, please contact us at support.

9. Updates to this GDPR Notice

If, in the future, we intend to process your Personal Data for a purpose other than that which it was collected, we will provide you with information on that purpose and any other relevant information at a reasonable time prior to such processing. After such time, the relevant information relating to such processing activity will be revised or added appropriately within this GDPR Notice, and the “Last Updated” at the top of this page will be updated accordingly.

10. Our Contact Information

Please reach out to support for any questions, complaints, or requests regarding this GDPR Notice, and include in the subject line “GDPR Request.”

You may use the following information to contact our UK or European Union

Member Representatives:
EU Representative:
Osano International Compliance Services Limited
ATTN: G8C8
3 Dublin Landings
North Wall Quay
Dublin 1
D01C4E0

UK Representative:
Osano UK Compliance LTD
ATTN: G8C8
42-46 Fountain Street
Belfast
Antrim
BT1 - 5EF

Back