ContentArea

BodyWorkMall Privacy Policy & Privacy Information


WEBSITE PRIVACY STATEMENT

This Privacy Statement (“Privacy Policy” or “Statement”), describes how, we, Scrip Inc. (“we” or “Scrip”), and our affiliates, collect, use, and transfer personally identifiable data from you, a website visitor, through www.scripcompanies.com or https://www.bodyworkmall.com/ (collectively the “Site”) and any other websites we may establish and control from time to time. Your privacy is very important to us.

Article 1. SCOPE

1.1 This Statement covers only data collected through the Site and not any other data collection or processing, including, without limitation, data collection practices of other web pages to which we link to, or data that we or our affiliates collect offline or through websites that do not display a direct link to this Statement.

Article 2. TYPES OF DATA AND COLLECTION METHODS

2.1 Through the Site, we receive data that you actively submit as well as data that we may track:

2.1.1 Actively Submitted Data: When you request information, subscribe for a service, register as a user, respond to an online survey or otherwise actively send us data, we usually collect data such as your name, email address(es), mailing address(es), telephone number(s), and certain information related to the business you conduct. In connection with chargeable services and/or merchandise, we will also collect payment information (e.g., credit card number and related verification information). In each such instance, you will know what data we obtained through the Site, because you provided it.

2.1.2 Passively Tracked Data: When you visit the Site, we may also passively track information on your computer and Internet connection, such as the IP address of your computer and/or Internet service provider, the date and time you access our Site, the Internet address of websites from which you link to our Site, the computer technology you are using and your movements and preferences on our Site. We use technology that many other websites employ, including, without limitation, “cookies” or small data files stored on your computer’s hard drive, to collect information such as the aforementioned. In some instances, we also use cookies to collect information in connection with future visits, to recognize you as a previous visitor and to track your activity at the Site. You do not need to have cookies turned on to visit our Site. You can refuse cookies by turning them off on your browser.

2.1.3 Combinations: Unless you also actively submit personal information such as your name or address, passively tracked data does not typically allow us to identify you personally (even though it can theoretically be done, we do not have the means or an interest to find out who you are, unless you identify yourself voluntarily through an active submission of data). To the extent permitted by applicable law, we reserve the right to combine passively tracked data with personal data that you actively submit.

Article 3. HOW WE COLLECT AND USE DATA

3.1 We collectactively submitted data primarily for two purposes: First, for the purpose for which you originally sent us the data (e.g., to order products or sign you up for a newsletter or direct mailing). Second, for purposes of informing you about our products, sales and offerings.

3.2 We collect passively submitted data primarily for purposes of administering, protecting and improving our Site and our systems, to better understand the preferences of our Site visitors, to identify server problems, to compile aggregated statistics about Site usage, and to help personalize your experience of our Site.

Article 4. COLLECTION OF INFORMATION BY THIRD PARTIES

4.1 Co-Branded Pages: We may enter into relationships with “powered by” partners, business partners, sponsors, and co-branded sites (referred to here as “co-branded pages”). These might include, for example, pages that share our name and that of another entity. You should look for a specific privacy policy on any such co-branded page.

4.1.1 If we do have a relationship with any co-branded pages, any personally identifiable information that you provide when signing up at any co-branded page may be collected by, or shared with, our third-party partner. We have no control over, and are not responsible for, any partners’ use of your personally identifiable information. If applicable, you should check our posted partners’ websites for information regarding their privacy policies.

4.2 Transactions With E-Commerce Partners, Vendors and Advertisers: When you provide personally identifiable information to one of our Site’s e-commerce / payment partners, vendors or advertisers (e.g., PayPal, Groupon, Wayfair), this transaction may occur in connection with the Site of the e-commerce partner, vendor or advertiser, not on the Site, and, as such, the personally identifiable information you provide is collected pursuant to, and controlled by, the privacy policy of such e-commerce partner, vendor or advertiser. We are not responsible for such parties’ privacy policies and we encourage you to familiarize yourself with the applicable privacy policy of the e-commerce site with which you transact business or to contact the operator of such site for more information.

4.3 Third Party Links.The Site may contain links to third-party internet websites, which are not owned or operated by us. We provide such links only as a convenience, and the inclusion of a link on the Site does not imply endorsement of the linked site by us. If you provide any personally identifiable information through any such third-party website, your transaction will occur on such third party’s website (not this Site) and the personally identifiable information you provide will be collected by, and controlled by the privacy policy of, that third party. We are not responsible for the privacy practices or the content of such third-party websites, including such websites’ use of any personally identifiable information that you provide to them. We strongly encourage you to become familiar with the privacy practices of those sites.

ARTICLE 5. SECURITY

We use reasonable physical, technical and administrative measures to protect personal information you provide through our Sites or in connection with our products and services. For example, we store your personal data in systems located inside controlled facilities with limited access and where the transmission of your personal data is encrypted. Unfortunately, no data transmission over the Internet can be guaranteed to be 100% secure, therefore, we cannot warrant the security of any information transmitted to us. Please inform us immediately if you believe that your interaction with us is no longer secure. Furthermore, it is your responsibility to safeguard any password and User ID you may use to access our websites, and to notify us immediately at [email protected] if you suspect that your user credentials may have been compromised. Scrip complies with applicable data protection laws and applicable data breach notification requirements.

ARTICLE 6. DATA STORAGE AND RETENTION

Your personal data is stored on our systems and servers located in the United States. We will retain your Personal Data for the period necessary to fulfill the purposes that have been stated in this Privacy Statement, except if a longer retention period is required or permitted by law. Factors which will determine our retention period, include, but is not limited to the following criteria:
• Length of your ongoing relationship with us, for example how long you’ve been a customer and your purchase history with us;
• If there is a statutory obligation to retain personal data, for example, government regulations may require certain records such as financial transactions to be held for a minimum period of time;
• Whether retention is proper based on issues such as regulatory investigations, dispute resolution or litigation.

ARTICLE 7. DATA TRANSFER FROM THE EUROPEAN UNION (“EU”) TO THE UNITED STATES (“US”)

The United States where Scrip is based, has neither sought nor received an adequacy decision from the EU. An adequacy decision permits the free flow of data, without further safeguard between the EU and a foreign jurisdiction. Notwithstanding this fact, there are derogations set forth under Article 49 of the General Data Protection Regulation (“GDPR” or “regulation”) which allow the transfer of personal data of EU residents. Transfer is permissible if the data subject has explicitly consented to the proposed transfer, after having been informed of the possible risk of such transfers for the data subject, due to the absence of an adequacy decision and appropriate safeguards. In addition, GDPR also permits such transfer of personal data under any one of the following conditions, amongst others:
• The transfer is necessary for the performance of a contract between a data subject, and the data Controller.
• The transfer is necessary for the implementation of pre-contractual measures being taken at the request of the data subject.
• The transfer is necessary for important reasons of public interest.
• The transfer is necessary for the establishment, exercise or defense of legal claims.

ARTICLE 8. DATA SUBJECT RIGHTS WITHIN THE EU

Under the GDPR, residents of the EU are entitled to certain privacy rights. Rights, it should be noted, are not always absolute, and usually subject to exceptions. Nevertheless, the following rights are recognized under the regulation: right to be informed, right of access, right of rectification, right of erasure (“right to be forgotten”), right to restrict processing, right to data portability, right to object to processing and right not to be subject to automated decision making, including profiling. Furthermore, EU residents also have the right to lodge complaint with the appropriate data protection authority. If you have concerns about how Scrip processes your personal data, you may contact the data protection authority for your country, region or where an alleged infringement occurs at http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080.

ARTICLE 9. DISCLOSURE OF PERSONAL INFORMATION

As we noted above, we are not in the business of selling or renting your information to telemarketers and do not share your personally identifiable information with others, except as follows:
• We may share your information with agents and service providers who use the data only on our behalf and for our purposes.
• We may share your information as required by law or in the interest of protecting or exercising our or others’ legal rights, e.g., without limitation, in connection with requests from law enforcement officials and in connection with court proceedings.
• We may share or transfer your information in connection with a prospective or actual sale, merger, transfer or other reorganization of all or parts of our business.
• Also, we reserve the right to fully use and disclose any information collected via the Site that is not in personally identifiable form.

ARTICLE 10. CHILDREN’S PRIVACY

The Site is intended for adults and children under adult supervision. We do not intentionally or knowingly collect, personally-identifiable information from children under the age of eighteen (18) and we request that individuals under the age of eighteen (18) not submit any personal information on the Site. If a parent or guardian becomes aware that his or her child has provided us with personally identifiable information without the parent or guardian’s consent by, for example, misrepresenting his or her age, that parent or guardian should contact us at [email protected]. If we determine that we have collected personal information of children under the age of 18, we will immediately delete such information and any accounts believed to be held by children under 18.

ARTICLE 11. CHANGES TO THIS PRIVACY POLICY

We reserve the right to amend this Privacy Statement at any time and for any reason. If we make material changes, such as a change to the purposes of processing of personal data that is not consistent with the purpose for which it was originally collected, we will notify you either by prominently posting a notice of such changes on our websites before they take effect, or by directly sending you an email notification. Please check the top of this page to see the date it was last revised. Your use of our websites following any changes means that you accept the revised Privacy Statement and you are bound by it. If you would like to review the version of the Privacy Statement that was effective immediately prior to a revision or if you have any questions pertaining to this statement, please contact us at [email protected].

ARTICLE 12. HOW TO CONTACT US

If you have data privacy concerns and wish to review, correct, update, restrict, or delete your personal data, and if you will like us to transmit a copy of your personal data electronically to either yourself or another Data Controller, then send an email to [email protected] or by postal mail to:

BodyWorkMall
360 Veterans Pkwy Suite 115
Bolingbrook, Illinois 60440
United States
1-866-717-6753

The request must include your name, address, email and telephone number, as well as the action you would like us to take. We will need to verify your identity before we can act on the request. You should be aware that there could be instances when we may be unable to fulfill such request for good reasons, in such case, we shall provide you with an explanation.

Close