MitoQ privacy policy

Last Updated: October 27 2021

MitoQ Limited (“MitoQ”) is committed to protecting and respecting your privacy and ensuring that your personal information is processed fairly and lawfully in line with all relevant privacy legislation. The purpose of this Privacy Policy is to set out the principles governing our use of personal information that we may obtain about you through this website (the “Site”) and in connection with the sale and supply of our products and the provision of related services (the “Products”). By using this Site, purchasing our products, submitting any application or similar in relation to the supply of our products, or otherwise providing us with your personal information on request, you agree to our use of the personal information that we obtain about you.

Please read this Privacy Policy carefully. We may change our Privacy Policy from time to time. We therefore ask you to check it occasionally to ensure that you are aware of the most recent version that will apply each time you access this Site or acquire our products. If a revision meaningfully reduces your rights, we will notify you. BY USING THIS SITE, YOU AGREE TO THIS PRIVACY POLICY. IF YOU DO NOT AGREE TO THIS PRIVACY POLICY, DO NOT USE THIS SITE.

For your convenience, this Site may contain links to a number of other websites. The privacy policies and procedures described here do not apply to those sites; we suggest contacting those sites directly for information on their data collection and distribution policies. Any reference to a linked site or any specific third party product or service by name does not constitute or imply its endorsement by us, and you assume all risk with respect to its use.


Your Data

We may collect, use, store and transfer the following information to provide, improve and protect our Site and our Products.

The data we collect and process. You may give us personal information by visiting or interacting with the Site, filling in forms and applications, interacting with our Products, or by corresponding with us by phone, e-mail, or otherwise. This personal information includes the following data which are referred to in this Privacy Policy as ‘your data’, ‘your personal data’ or ‘your personal information’:

  • personal information you provide when you interact with the Site or may be collected by form, application, phone, letter or mail. The personal information you give us may include such as your first and last name, health profession, mailing address, telephone number, email address, health and medical information, and any other information you choose to provide to us;

  • technical data such as your internet protocol (IP) address, your login data, the web page you visited before visiting our Site, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our Site;

  • usage data which tells us how you use our Site, including pages used, time on site and how users interact with the page and cookies; and

  • marketing and communication data which tells us your preference in receiving marketing from us and our third parties and your communication preferences. You may use the various options on your Internet browser to warn you each time a cookie is being sent. You can also turn cookies off at any time. However, in doing so you will restrict the access you might have to some of the features available on our website.


Purposes for which we will use your data

We will only use and disclose your personal information for the purposes for which it was collected (or otherwise as required or authorized by law). This may include the use of your personal information for the following purposes: (A) to offer you products or services and to personalize your experience when shopping on the website or enquiring about our products and services; (B) conducting customer service activities, such as responding to any questions, comments or complaints you may have; (C) the administration of the services of our website, including the processing of orders and searches or requests for information about our products or services; (D) maintain and develop our business systems, including testing and modernization; (E) to enable us to monitor, review and improve our products and services and to communicate with you about them; (F) for the administrative and maintenance purposes of internal records; (G) to comply with relevant laws and regulations, and (H) for any other specific purpose we notify you when collecting your personal information. We may also capture internet protocol details when you purchase products for the purposes of advertising to you.


Sharing your data

For the purposes described above, we may disclose your personal information to: (A) any company within the MitoQ group of companies (including our related companies); (B) our suppliers (including service and content providers), contractors, distributors, agents and business partners who assist us in administering the website and / or providing services and / or products to you; (C) our professional advisers; (D) any person hosting or maintaining data centers, service platforms and other infrastructure works and systems, on behalf of ourselves or the companies of the MitoQ group, where your personal information is processed and / or stored; (E) to any person to whom our assets or business (or part thereof) is transferred; (F) in which you have otherwise given your consent, or (G) as required or authorized by law.


Protecting your data

We only process personal data where we have a legal basis for doing so. We review the personal data we hold on a regular basis to ensure it is being lawfully processed.

Before transferring personal data to any third party (e.g. suppliers, partners and back office support), we establish that there is a legal reason for making the transfer, which may include your consent.

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements (or as otherwise required by law). To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

We take reasonable steps to ensure the security of your personal information held by us from risks such as loss, misuse, unauthorized access, disclosure, alteration and destruction. We remind you, however, that if information is sent to our website, the Internet is not a secure environment and, although all reasonable precautions are taken, we cannot guarantee or endorse the security of the information you provide to us through electronic media.


Your rights – individuals in the European Union

If you are an individual in the European Union, you have certain rights with respect to the access, correction, restriction, and erasure of your personal information stored on our platform at any time. You can exercise any of these rights at any time by contacting us at customerservice@mitoq.com. Your rights include the following:

  • Accessing your data. Upon request, we shall provide any information relating to your data and our processing of your data in a concise, transparent, intelligible, and easily accessible form using clear and plain language. The information shall be provided in writing or by other means, including, where appropriate, by electronic means within 30 days of a written request.

  • Correcting your data. You have the right to ask us to rectify any inaccurate or incomplete personal data on our platform. If we have given your personal data to any third parties, we will notify those third parties that MitoQ has received a request to rectify your personal data, unless doing so proves impossible or involves disproportionate effort. Those third parties should also rectify the personal data they hold - however, we are not in a position to audit those third parties to ensure that the rectification has occurred.

  • Erasing your data. You can ask us to erase your personal data stored on our platform. If we receive a request to erase your data, we will ask you if you want your personal data to be removed entirely or if you want to be kept on a list of individuals who do not want to be contacted in the future (for a specified period or otherwise). We cannot keep a record of individuals whose data we have erased so you may be contacted again by us, should we come into possession of your personal data at a later date.

If we have given your personal data to any third parties, we will tell those third parties that MitoQ has received a request to erase your personal data, unless this proves impossible or involves a disproportionate effort. Those third parties should also rectify the personal data they hold - however, MitoQ will not be in a position to audit those third parties to ensure that the rectification has occurred.

Restricting the use of your data. We only process your personal data where we have the legal basis for doing so. You have the right to ask us to suspend or otherwise restrict the processing of your personal data where:

  • You challenge the accuracy of the personal data;
  • The processing is unlawful but you do not want us to erase it;
  • We no longer need the personal data for the purposes of the processing, but you want us to hold it as you need it to establish, exercise, or defend legal claims; or
  • You have objected to our use of your data, but we need to verify whether we have legitimate grounds to use it.

If we have given the personal data to any third parties, we will tell those third parties that we have received a request to restrict the use of your personal data, unless this proves impossible or involves a disproportionate effort. Those third parties should also rectify the personal data they hold - however, we will not be in a position to audit those third parties to ensure that the rectification has occurred.

Withdrawing your consent. Where we are relying on consent to process your personal data (for example consent to receive marketing) you have the right to withdraw your consent at any time. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you.


Your rights – individuals outside the European Union

Accessing Account Information. We will provide you with the means to ensure that personally identifiable information in your web account file is correct and current. You may review this information by contacting us by sending an email to customerservice@mitoq.com.

California Online Privacy Protection Act. As required by the California Online Privacy Protection Act (“California Act”) and the California Business and Professions Code, this Privacy Policy identifies the categories of personally identifiable information (as that term is defined above and in the California Act) that we collect through our Site about individual consumers who use or visit our Site and the categories of third-party persons or entities with whom such personally identifiable information may be shared. See more about the California Act at http://consumercal.org/california-online-privacy-protection-act-caloppa/#sthash.0FdRbT51.dpuf

California Consumer Privacy Act of 2018 (CCPA). You have the right to request, twice a year and free of charge, certain information about parties to whom we have disclosed or sold your personal information in the prior calendar year and a description of the categories of personal information shared. Additionally, upon request, twice a year and free of charge, we shall provide to you any information relating to your personal information and our processing of your personal information in a concise, transparent, intelligible, and easily accessible form using clear and plain language. To make such a request, please send an email to customerservice@mitoq.com and please include the phrase "Personal Information Privacy Request" in the subject line, the domain name of the website you are inquiring about, along with your name, address and email address. You also may contact us via phone at (657) 256-4203. You can also ask us to delete your personal data stored on our platform. If we receive a request to delete your data, we will ask you if you want your personal information to be removed entirely or if you want to be kept on a list of individuals who do not want to be contacted in the future (for a specified period or otherwise). We cannot keep a record of individuals whose personal information we have deleted so you may be contacted again by us, should we come into possession of your personal information at a later date. MitoQ has collected, will collect and has disclosed the personal information described in the categories below during the last year for business purposes; however, MitoQ does not sell your personal information. If you exercise your rights under the CCPA, MitoQ will not discriminate against you. Requests to know and requests to delete will be honored within 45 days; if more time is needed to respond, MitoQ Customer Service will notify you. MitoQ Customer Service will respond to your request to opt-out within 15 days. You may use an authorized agent to make a request on your behalf. If you have a disability, you may access this notice in an alternative format by sending a mailing to:

PO Box 1671, Shortland Street, Auckland 1140, New Zealand

Category

Examples

Collected

A. Identifiers.

A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver's license number, passport number, or other similar identifiers.

B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).

A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories.

C. Protected classification characteristics under California or federal law.

Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).

D. Commercial information.

Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.

E. Biometric information.

Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.

F. Internet or other similar network activity.

Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement.

G. Geolocation data.

Physical location or movements.

H. Sensory data.

Audio, electronic, visual, thermal, olfactory, or similar information.

I. Professional or employment-related information.

Current or past job history or performance evaluations.

J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).

Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.

K. Inferences drawn from other personal information.

Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.


Your rights – New Zealand privacy laws

MitoQ carries out business in New Zealand. The New Zealand Privacy Act 2020 and (in some instances) the Health Information Privacy Code may apply to certain collection, use and storage of your personal information. MitoQ will fulfil its obligations under the New Zealand Privacy Act 2020 and the Health Information Privacy Code (where applicable), which are generally consistent with what is otherwise set out in this Privacy Policy, but which also include:

  • Compliance with the 13 information privacy principles;
  • Taking reasonable steps to ensure that any third party agencies which we engage to store or destroy your personal information also comply with the New Zealand Privacy Act 2020;
  • Reporting data breaches as required; and
  • Compliance with the complaints process and timeframes set out in the New Zealand Privacy Act 2020.

You are welcome to contact us at customerservice@mitoq.com if you have any complaints or concerns about anything covered in this privacy statement. Alternatively, a compliant can be made directly to the New Zealand Privacy Commissioner by completing the online complaint form which can be found at www.privacy.org.nz.

You also have the right under the New Zealand Privacy Act 2020 to request access to your personal information, or that your personal information be corrected, erased or otherwise destroyed. You can exercise any of these rights at any time by contacting us at customerservice@mitoq.com.


Where we store and transfer your data

The Site is controlled by MitoQ from its offices in New Zealand. MitoQ may store and use information in the United States, New Zealand and other jurisdictions; any personal data provided to MitoQ will be transmitted to or within those jurisdictions. MitoQ also may transfer information and personal data to other jurisdictions to facilitate MitoQ’s third party processors’ access to and/or processing of information and/or personal data.

Individuals in the EU. Whenever we transfer your personal data outside the European Economic Area (“EEA”), we ensure a similar degree of protection is afforded to it as in the EEA by using specific contractual clauses approved by the European Commission which give personal data the same protection it has in Europe.

MitoQ makes no representation that materials on this Site are appropriate or available for use in other locations, and access to them from territories where their contents are illegal is prohibited. Those who choose to access this Site from other locations do so on their own initiative and are responsible for compliance with applicable local laws.

Contact

Have questions or concerns about our Site, Products or Privacy Policy? Contact us at customerservice@mitoq.com.  Alternatively, you can lay a complaint directly with the New Zealand Privacy Commissioner.