Free shipping for orders $50+

Privacy Policy

THIS PRIVACY POLICY DESCRIBES HOW YOUR PERSONAL INFORMATION IS COLLECTED, USED, AND SHARED WHEN YOU VISIT, INTERACT WITH, OR MAKE A PURCHASE FROM WWW.XACTLIFE.COM (THE “SITE”).

Xact LLC (“Xact LLC”, “Xactlife”, “Xact”, “us”, “we” or “our”) is committed to protecting the privacy and confidentiality of Personal Information we may collect. Xact has created this privacy policy (“Privacy Policy”) to advise you about our information practices, such as the types of information we collect and how we may use that information, and to inform you about your privacy rights and how the law protects you. We urge you to read this Privacy Policy carefully to understand our policies and practices regarding your Personal Information and how we will treat it.  By visiting any part of our Websites (as defined below) or otherwise providing Xact with Personal Information by any means, you accept and agree to the practices described in this Privacy Policy and your continued use of the Websites (following the posting of a revised privacy policy) means that you accept and agree to the terms of the revised privacy policy, so please check the policy periodically for updates.

 

  1. IMPORTANT INFORMATION

 

A. APPLICATION OF THIS PRIVACY POLICY

This Privacy Policy applies to www.xactlife.com and all other websites, features, or online services that are owned or controlled by Xact and that post a link to this Privacy Policy (collectively, the “Websites”), whether accessed via computer, mobile device, or otherwise. Note, however, this Privacy Policy does not apply to use of unaffiliated websites that link to our Websites. Once you enter another website (whether through an advertisement, service, or content link), be aware that we are not responsible for the privacy practices of such other websites.

  

  1. PURPOSE OF THIS PRIVACY POLICY

This Privacy Policy aims to give you information on how Xact collects and uses your Personal Information through your use of the Websites, including any information you may provide through the Websites when you sign up for an account, sign up to receive information or communications from us, interact with us on social media, purchase a product or service, or request further services or information from us.

It is important that you read this Privacy Policy together with any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or using Personal Information about you so that you are fully aware of how and why we are using your information. This Privacy Policy supplements the other notices and is not intended to override them.


C. CHILDREN

The Websites are not designed for, or directed to, children under the age of 16 and Xact does not intentionally collect information about anyone under the age of 16 on the Websites. If Xact discovers that it has inadvertently collected Personal Information from anyone younger than the age of 16, we will attempt to delete the information as soon as possible. If you believe that we might have any Personal Information from a child under 16, please contact us atprivacy@xact.com



D. CHANGES TO THE PRIVACY POLICY AND YOUR DUTY TO INFORM US OF CHANGES

This version was last updated on October 17, 2018 and historic versions can be obtained by contacting us.

We reserve the right, at any time and without notice, to add to, change, update or modify this Privacy Policy, simply by posting such change, update or modification on the Websites. Any such change, update or modification will be effective immediately upon posting on the Websites. If we make material changes to this Privacy Policy, we will notify you by email or by posting a notice of such changes at HTTP://WWW.XACTLIFE.COM/PAGES/PRIVACY-POLICY. However, unless you consent, Xact will not use your Personal Information in a manner materially different than what was stated in our posted Privacy Policy at the time your Personal Information was collected. Please check this Privacy Policy regularly to ensure you are aware of any changes in our practices.

It is important that the Personal Information we hold about you is accurate and current. Please keep us informed if your Personal Information changes during your relationship with us. You are responsible for maintaining the accuracy of the information you submit to us, such as your contact information. If you contact us with changes, we will make good faith efforts to make requested changes in our then-active databases as soon as reasonably practicable. Note, however, that information may persist internally for our administrative purposes and that residual data may remain on backup media or for other reasons.


E. THIRD PARTY CONTENT, LINKS TO OTHER WEBSITES, AND XACT CONTENT FOUND OUTSIDE THE WEBSITES

The Websites may include links to third-party websites, plug-ins and applications and certain content on the Websites may be hosted and served by third parties that Xact does not control. When you click on a link to any other website or location, you will leave our Websites and go to another site and another entity may collect Personal Information from you. We have no control over, do not review, and cannot be responsible for, these outside websites or their content. Please be aware that the terms of this Privacy Policy do not apply to these outside websites, their privacy statements or content, or to any collection of your Personal Information after you click on links to such outside websites. We encourage you to read the privacy policies of every website you visit. The links to third party websites or locations are for your convenience and do not signify our endorsement of such third parties or their products, content or websites.

In addition, Xact content may be included on web pages and websites that are not associated with Xact and over which we have no control. These third parties may collect data through the use of their own cookies, pixel tags or other technology, independently collect information or solicit Personal Information, and may have the ability to track your use of their websites and services. Xact is not responsible for the privacy practices or the content of any third party.


  1. THE INFORMATION WE COLLECT ABOUT YOU

Personal Information or personal data means any information about an individual from which that person can be identified. It does not include information where the identity has been removed (anonymous data).

We and our third-party service providers may collect, use, store and transfer different kinds of Personal Information about you that we have grouped together as follows:

 

  • IDENTITY INFORMATION includes name, username or similar identifier, title, date of birth, and gender. 
  • DEMOGRAPHIC INFORMATION includes zip code, age and/or income.
  • CONTACT INFORMATION includes billing address, delivery address, email address and telephone numbers.
  • FINANCIAL INFORMATION includes bank account and payment card details.
  • TRANSACTION INFORMATION includes details about payments to and from you and other details of services you have purchased from us.
  • TECHNICAL INFORMATION includes internet protocol (IP) address, your login data, browser type and version, time zone setting and geographical location, browser plug-in types and versions, operating system and platform and other technology or other unique identifier (a set of numbers or characters that is assigned to your computer, mobile phone, or other device when you are on the Internet) (“Device Identifier”) for any computer, mobile phone, tablet or other device (any of which are referred to herein as a “Device”) used to access the Websites. 
  • PROFILE INFORMATION includes your username and password, purchases or orders made by you, your interests, preferences, product feedback, and survey responses.
  • USAGE DATA includes information about how you use our Websites, products and services, including all of the areas within our Websites that you visit or use and the time of day you visited the Websites, among other information.
  • MARKETING AND COMMUNICATIONS INFORMATION includes your preferences in receiving marketing from us and our third parties and your communication preferences.
  • LOCATION INFORMATION includes information about your location using a variety of technologies, such as GPS, IP address, and connected or nearby Wi-Fi networks.
  • USER CONTENT INFORMATION includes text (including questions, comments, and suggestions), pictures, audio, videos, or other content (collectively, "User Content") you share by participating and posting content publicly in reviews, interactive features, or other communication functionality (“Community Features”).

We also collect, use and share AGGREGATED INFORMATION such as statistical or demographic information for any purpose. Aggregated Information may be derived from your Personal Information but is not considered Personal Information in law as this information does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Information with your Personal Information so that it can directly or indirectly identify you, we treat the combined information as Personal Information that will be used in accordance with this Privacy Policy.

We do not collect any SPECIAL CATEGORIES of Personal Information about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.


III. HOW WE COLLECT YOUR PERSONAL INFORMATION

 

 We use different methods to collect information from and about you including through:

 

  • DIRECT INTERACTIONS. You may give us your Identity, Demographic, Contact, Financial, Profile, or Marketing and Communications Information by filling in forms or by corresponding with us by mail, phone, email, or otherwise. This includes Personal Information you provide when you:
  • purchase our products or services;
  • create an account on our Websites;
  • subscribe to emails or newsletters;
  • request services or other information;
  • enter a competition, promotion or survey; or
  • give us feedback about products, services, or the Websites.

  • AUTOMATED TECHNOLOGIES OR INTERACTIONS. As you navigate through the Websites, we may automatically collect Technical, Usage, and Location Information about your equipment, browsing actions and patterns. We collect this Personal Information by using cookies, pixel tags, embedded scripts and other similar technologies. [We may also receive Technical Information about you if you visit other websites employing our cookies.]

 

  • COOKIES - Cookies are small data files that a website sends to your Device while you are viewing the website that are stored on the Device. Cookies can be used for many purposes, including to monitor use of websites, to customize content specific to your interests, to ensure that you do not see the same advertisement repeatedly, to speed up your searches and purchases and to recognize you when you return to our Websites and/or store your user name and password so you do not have to re-enter it each time you visit the Websites. You may refuse to accept cookies by activating the appropriate setting on your browser. However, if you choose to disable cookies on your Device, some features of the Websites or our content may not function properly.

 

  • PIXEL TAG – Pixel Tags (also referred to as clear GIFs, 1x1 GIFs Web beacons, or Web bugs) are small graphic images or other web programming code that may be included on the Websites and in our e-mail messages. In contrast to Cookies, which are stored on a user’s Device, Pixel Tags are embedded invisibly in web pages. Pixel Tags may be invisible to you, but any electronic image or other web programming code inserted into a web page or e-mail can act as a pixel tag. Pixel Tags or similar technologies may be used for a number of purposes, including, without limitation, to count visitors to the Websites, to monitor how users navigate the Websites, to count how many e-mails that were sent were actually opened or to count how many particular articles or links were actually viewed.

 

  • EMBEDDED SCRIPTS - Embedded scripts are programming code designed to collect information about your interactions with the Websites, such as the links you click. The code is temporarily downloaded onto your Device from our web server or a third party service provider, and is active only while you are connected to the Websites.

 

  • FLASH LSOS – When we post videos, third parties may use local shared objects, known as “flash cookies,” to store your preferences for volume control or to personalize certain video features. Flash Cookies are different from browser Cookies because of the amount and type of data and how the data is stored. Cookie management tools provided by your browser will not remove Flash Cookies. To learn how to manage privacy and storage settings for Flash Cookies, please visit: HTTP://WWW.MACROMEDIA.COM/SUPPORT/DOCUMENTATION/EN/FLASHPLAYER/HELP/SETTINGS_MANAGER07.HTML.

 

  • COMMUNITY FEATURES. The Websites may provide you the opportunity to participate and post User Content publicly through reviews, surveys, interactive features, or other communication functionality (“Community Features”). We may provide functionality for you to submit or post User Content through Community Features, by linking the Websites to a third party service, or otherwise. Please note that certain information, such as your name, may be publicly displayed on the Websites along with your User Content. User Content consisting of uploaded files may contain metadata, which may contain Personal Information or other information about or relating to you. You may wish to remove metadata from your files before transmitting such files to Xact. NOTE THAT ANYTHING YOU POST THROUGH COMMUNITY FEATURES IS PUBLIC – OTHERS WILL HAVE ACCESS TO YOUR USER CONTENT AND MAY USE IT OR SHARE IT WITH THIRD PARTIES. IF YOU CHOOSE TO VOLUNTARILY DISCLOSE PERSONAL INFORMATION, THAT INFORMATION WILL BE CONSIDERED PUBLIC INFORMATION AND THE PROTECTIONS OF THIS PRIVACY POLICY WILL NOT APPLY. IF YOU SUBMIT USER CONTENT, IT MAY BE PUBLISHED ONLINE OR OFFLINE AT ANY TIME. IN ADDITION, WE MAY USE YOUR USER CONTENT AND ANY EXCERPT FROM YOUR USER CONTENT IN CONNECTION WITH OUR ADVERTISING, MARKETING, PUBLICITY AND PROMOTIONAL ACTIVITIES.

 

  • THIRD PARTIES OR PUBLICLY AVAILABLE SOURCES. We may receive Personal Information about you from various third parties. For example, if you are on another website and you opt-in to receive information from us, the other website will forward your Contact Information and other information to us so that we may contact you as requested. We also may supplement the information we collect with outside records from third parties in order to provide you with information, services or goods you have requested, to enhance our ability to serve you, and to tailor our content to you. We may combine the information we receive from those other sources with information we collect through the Websites. In those cases, we will apply this Privacy Policy to the combined information. Examples of third party sources include:

 

  • Technical Information from the following parties:
    • analytics providers;
    • advertising networks; and
    • search information.
  • Contact, Financial and Transaction Information from providers of technical, payment and delivery services.
  • Identity and Contact Information from publicly available sources.

 

  • INFORMATION PROVIDED FROM OTHER USERS. If you decide to invite a third party to create an account and/or purchase our merchandise, we will collect the Identity and Contact Information you provide (e.g., name and e-mail address) for you and the third party in order to send a message to the third party and follow up with the third party. We rely upon you to obtain whatever consents from the third party that may be required by law to allow us to collect such information and contact the third party as described in the foregoing sentence. You or the third party may contact us at privacy@xactlife.com to request the removal of this information from our database.

  1. THIRD PARTY INTERACTIONS

Certain functionality on the Websites may permit interactions that you initiate between the Websites and a third party website or service (“THIRD PARTY INTERACTIONS”). Examples of Third Party Interactions may include technology that enables you to “like” or “share” content from the Websites on or to other websites or services; to transmit content to the Websites from your account on a third party website or service; to otherwise connect the Websites to a third party website or service, such as through an application programming interface (API) made available by Xact or a third party; or for users to register for an account and login through social networking sites such as Facebook and Google (each an “SNS”). By registering or logging in through a SNS, you are allowing the Websites to access your information and you are agreeing to the SNS’s Terms of Use and Privacy Policy in your use of such services. We may receive information from the SNS to make it easier for you to create an account with us. Any information that we collect from your SNS account may depend on the privacy settings you have with that SNS, so please consult the SNS’s privacy and data practices.

If you choose to use Third Party Interactions, information you post or provide access to may be publicly displayed on the Websites or by the provider of the Social Feature that you use. Similarly, if you post information on a third party platform that references the Websites (e.g., by mentioning one of the Websites or using a hashtag associated with one of the Websites in a tweet or status update), your post may be published on our Websites in accordance with the terms of the third party website or service. Also, both Xact and the third party may have access to certain information about you and your use of the Websites and the third party website or service. In addition, we may receive information about you in connection with other users’ use of Third Party Interactions (e.g., we may learn that you are a “friend” or “connection” of the third party or receive other information about you that the other user enables us to receive).

The information we collect in connection with Third Party Interactions is subject to this Privacy Policy. The information collected and stored by the third party remains subject to the third party’s privacy practices, including whether the third party continues to share information with us, the types of information shared, and your choices with regard to what is visible to others on that third party website or service.


  1. THIRD PARTY ANALYTICS PROVIDERS & AD SERVERS; ONLINE TRACKING

Xact works with certain third parties (including network advertisers, ad agencies, and analytics companies) to provide us with information regarding traffic on the Websites, to serve advertisements, including our advertisements elsewhere online, and to provide us with information regarding the use of the Websites and the effectiveness of our advertisements. These third parties may use Device Identifier and Usage Data to compile reports on user activity. For example, if you clicked on one of our advertisements that led you to one of the Websites, our service provider(s) may be able to tell us which advertisement you clicked on and where you were viewing the advertisement. These third parties may set and access their own tracking technologies (including cookies, embedded scripts, and pixel tags) and may otherwise collect or have access to your Device Identifier, Usage Data and related information about you. Cookies and pixel tags, including those set by third party network advertisers, may be used to, among other things, target advertisements, prevent you from seeing the same advertisements too many times, conduct research regarding the usefulness of certain advertisements to you, and assist in providing analytics.

These third parties may also transfer Device Identifier and Usage Data to other third parties where required to do so by law, or where such third parties process analytics information on their behalf. Each of these third party’s ability to use and share Device Identifier and Usage Data is restricted by their respective Terms of Use and Privacy Policy. By using our Websites, you consent to the processing of data about you by these third parties in the manner and for the purposes set out above. For a full list of third party analytics services, please contact us at privacy@xactlylife.com.

We may share Device Identifier and Usage Data about visitors with third party advertising companies, analytics providers and other vendors for similar purposes. While we may use a variety of service providers to perform advertising and analytics services, some of these companies may be members of the Network Advertising Initiative ("NAI”) or the Digital Advertising Alliance ("DAA") Self-Regulatory Program for Online Behavioral Advertising.

For additional information regarding targeted advertising and the “opt-out” procedures of NAI members and DAA Self-Regulatory Program participating companies, you may visit:

  • NAI Opt-Out Tool (for website users): http://www.networkadvertising.org/managing/opt_out.asp
  • DAA Consumer Choice (for website users): http://www.aboutads.info/choices/
  • DAA AppChoices (for mobile app users): http://youradchoices.com/appchoices

Please note that opting out through these mechanisms does not opt you out of being served advertising. You will continue to receive generic ads while visiting the Websites and elsewhere online. Some third parties may collect Personal Information about your online activities over time and across different websites.

Your browser settings may allow you to automatically transmit a “Do Not Track” signal to websites and online services you visit. However, there is no consensus among industry participants as to what “Do Not Track” means in this context. Like many websites and online services, the Websites currently do not respond to or alter their practices when they receive a “Do Not Track” signal from a visitor’s browser. To find out more about “Do Not Track,” you may wish to visit http://www.allaboutdnt.com.

 

  1. HOW WE USE YOUR PERSONAL INFORMATION

We may use the information we collect about you, including Personal Information and Usage Data:

  • to provide you with our products and services and related customer service;
  • to process your registration and account creation with the Websites, including verifying your contact information is active and valid;
  • to identify you as a user in our system;
  • to provide you with information, products or services that you have requested or agreed to receive;
  • to provide improved administration of our Websites and services;
  • to process transactions you initiate, process payments and provide accurate billing and shipping;
  • to send you administrative e-mail notifications, such as order confirmations, order status updates, security, or support and maintenance advisories;
  • to bill you for Xact products or services 
  • respond to your inquiries related to employment opportunities or other requests;
  • send newsletters, surveys, offers, and other promotional materials related to our services and for other marketing purposes of Xact;
  • to market our products/services, including recommending products/services that might be of interest to you;
  • to improve our Websites, product and service offerings;
  • to present our Websites and its contents in a suitable and effective manner for you and for your computer;
  • to customize and tailor your experience on the Websites, for example, by displaying content that we think you might be interested in;
  • to improve the quality of experience when you interact with our Site and Services for internal business purposes;
  • for compliance fraud prevention and safety, including enforcing our terms of service and this Privacy Policy, protecting our rights privacy, safety, or property and/or that of you or others, and protecting against, investigating or deterring fraudulent, harmful, unauthorized, unethical or illegal activity;
  • to carry out our obligations and enforce our rights arising from any contracts entered into between you and us;
  • to notify you about changes to our service;
  • to comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities;
  • to contact you with regard to your use of the Websites and, in our discretion, changes to the Websites policies or functionality; and
  • to perform other functions as described at the time of collection, with your consent, or as further described in this Privacy Policy.

 

In addition to the above, we may use anonymous data to analyze request and usage patterns so that we may enhance the content of our services and improve navigation on the Websites. We reserve the right to use anonymous data for any purpose and disclose anonymous data to third parties in our sole discretion.



  • EMAIL COMMUNICATIONS

  • We may use your Identity, Contact, Technical, Usage and Profile Information to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services, and offers may be relevant for you.

    You will receive newsletters or marketing communications from us if you have requested information from, purchased goods or services from us, or if you provided us with your details when you entered a competition or registered for a promotion and, in each case, you have consented to receive marketing communications at that time.

     

  • COOKIES

  • A cookie is a data file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server. Cookies may be either “persistent” cookies or “session” cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed. Cookies do not typically contain any information that personally identifies a user, but Personal Information that we store about you may be linked to the information stored in and obtained from cookies.

    We may use both session cookies and persistent cookies to provide you with a more personal and interactive experience on our Site.  This type of information is collected to make the Websites more useful to you and to tailor the experience with us to meet your special interests and needs.

    Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. You can, however, obtain information about blocking and deleting cookies for some commonly used browsers via the links below:

    • CHROME: https://support.google.com/chrome/answer/95647?hl=en;
    • EDGE: https://privacy.microsoft.com/en-us/windows-10-microsoft-edge-and-privacy;
    • FIREFOX: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences;
    • INTERNET EXPLORER: https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies;
    • OPERA: http://www.opera.com/help/tutorials/security/cookies/; and
    • SAFARI: https://support.apple.com/kb/PH21411.

    Please note that blocking all cookies will have a negative impact upon the usability of many websites and if you choose to block cookies, you may not be able to use all the features on our Websites.

     

    VII.     DISCLOSURES OF YOUR PERSONAL INFORMATION

     

    We may share non-personally identifiable information, such as aggregated user statistics, in our discretion and without restriction.

    We may disclose the information we have collected about you, including Personal Information, as disclosed at the time you provide your information, with your consent, as described in this Privacy Policy, or in the following circumstances:

  • INTERNAL THIRD PARTIES

  • Xact may, and reserves the right to, share your information with any other company that is not presently, but becomes, an Xact parent, subsidiary, or affiliate.

    You may be presented with an opportunity to receive information and/or marketing offers from Xact and our affiliated businesses, partners and agents. If you agree at that time to receive such communications, your Personal Information will be disclosed to that third party (or parties). For more information, please refer to the Marketing Communications section.

     

  • EXTERNAL THIRD PARTIES

  • Third Party Service Providers

    We may share personal information with third party service providers in connection with the performance of services to, or on behalf of, Xact and the Websites, including to conduct quality assurance testing; to facilitate creation of accounts; to provide technical support; and/or to provide other services to Xact.

    SHOPIFY

    Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you.

    Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.

    Payment: 

    If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.

    All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.

    PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.

    For more insight, you may also want to read Shopify’s Terms of Service (https://www.shopify.com/legal/terms) or Privacy Statement (https://www.shopify.com/legal/privacy). 

     

    THIRD-PARTY SERVICES

    In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.

    However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.

    For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.

    In particular, remember that certain providers may be located in or have facilities that are located a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.

    As an example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.

    Once you leave our store’s website or are redirected to a third-party website or application, you are no longer governed by this Privacy Policy or our website’s Terms of Service.

     

    Links

     

    When you click on links on our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.

    By using our website, you (the visitor) agree to allow third parties to process your IP address, in order to determine your location for the purpose of currency conversion. You also agree to have that currency stored in a session cookie in your browser (a temporary cookie which gets automatically removed when you close your browser). We do this in order for the selected currency to remain selected and consistent when browsing our website so that the prices can convert to your 


    Administrative & Legal Reasons

    We may transfer and disclose information, including Personal Information, to third parties:

    • to comply with a valid legal inquiry, investigation, or process such as a search warrant, subpoena, statute or court order, or if in our opinion such disclosure is required by law;
    • to obtain or maintain insurance coverage, manage risks, obtain professional advice, or establish, exercise or defend legal claims, whether in court proceedings or in an administrative or out-of-court procedure;
    • to protect the safety, interests, rights, property or security of Xact, you, or any third party; this may include exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction;
    • to respond to a breach or attempted breach of the security of our Websites;
    • to defend or assert our legal rights pursuant to any of the Websites’ Terms of Use, any policies applicable to the Websites, or any other agreement you may have with Xact; or 
    • at the request of governmental authorities conducting an investigation.

    We may also use Technical Information to identify users, and may do so in cooperation with copyright owners, Internet service providers, wireless service providers, or law enforcement agencies in our discretion.

    Social Networking Sites

    As set forth in Section IV, our Websites and services enable you to post content to SNSs. If you choose to do this, we will provide information to such SNSs in accordance with your elections. You acknowledge and agree that you are solely responsible for your use of those websites and that it is your responsibility to review the terms of use and privacy policy of the applicable SNS. We will not be responsible or liable for: (i) the availability or accuracy of such SNSs; (ii) the content, products or services on or availability of such SNSs; or (iii) your use of any such SNSs.

    Community Features

    As set forth in Section III, our Websites and services enable you to post User Content through Community Features. If you choose to use these features, you will be identified by your first name and last initial. Please note that any Personal Information you include on a public area of the Site will be publicly viewable. Once displayed publicly, that information can be collected and used by others. We cannot control who reads your postings or what other users may do with the information that you voluntarily post, so it is very important that you do not put data such as private contact information that you do not want to make available to the public in your posts. Once you have posted information publicly, while you will still be able to edit and delete it on the Site, you will not be able to edit or delete such information cached, collected, and stored elsewhere by others (e.g., search engines). 

    We require all third parties to respect the security of your Personal Information and to provide the same level of privacy protection as required by this Privacy Policy.

     

    C. SHARING BETWEEN XACT COMPANIES; BUSINESS TRANSFERS

    Xact may also disclose and transfer your Personal Information: (i) to a subsequent owner, co-owner or operator of the Websites or applicable database, or of our products or services; (ii) if Xact (or any of its affiliated, parent, or subsidiary companies) assigns its rights regarding any of your information to a third party; or (iii) in connection with or during negotiation of a corporate merger, financing consolidation, restructuring, the acquisition or dissolution transaction or proceeding involving sale, transfer, divestiture, or disclosure of all or a portion of our business or assets including, without limitation, during the course of any due diligence process. In the event of an insolvency, bankruptcy, or receivership, Personal Information may also be transferred as a business asset. If another company acquires our company, business, or assets, that company will possess the Personal information collected by us and will assume the rights and obligations regarding your Personal information as described in this Privacy Policy. These transfers and disclosures may be carried out without notice to you.

     

    VIII. YOUR CHOICES

    You have several choices regarding the use of information on our Websites and services:

    A. ACCESSING, UPDATING, CORRECTING OR DELETING INFORMATION

    You can review, request access to, update, correct or delete your Personal Information by contacting us at privacy@xactlife.com.

    You may request deletion of your Personal information by contacting us and we will use commercially reasonable efforts to honor your request, but please note that we may be required to keep such information and not delete it (or to keep this information for a certain time, in which case we will comply with your deletion request only after we have fulfilled such requirements). When we delete any information, it will be deleted from the active database, but may remain in our archives. We may also retain information for fraud prevention or similar purposes. Also, note that we may need to delete your user account in order to delete your Personal Information.

    You are responsible for maintaining the accuracy of the information you submit to us, such as your contact information. If you contact us with changes, we will make good faith efforts to make requested changes in our then-active databases as soon as reasonably practicable. Note, however, that information may persist internally for our administrative purposes and that residual data may remain on backup media or for other reasons.


    B. OPTING OUT

    We will only send you direct marketing emails or other similar communications if you opt-in to receive such emails.  In the future, if you do not wish to have your e-mail address or other contact information used for promotional purposes, you may indicate a preference to stop receiving further communications from us and can “opt-out” by following the unsubscribe instructions provided in the e-mail you receive or by contacting us directly (please see contact information in Section A above). Where you opt out of receiving these marketing messages, this will not apply to Personal Information provided to us as a result of the purchase of any service or other transaction and we may send you service related communications, including notices of any updates to our Terms of Use or Privacy Policy.

    C. CHOOSING NOT TO SHARE PERSONAL INFORMATION

    You may choose not to provide us with any Personal Information. In such an event, you may still be able to access and use some of the Websites; however you may not be able to access and use those portions of the Websites that require your Personal Information. You may opt out of receiving marketing e-mails by following the opt-out instructions above or provided to you in those e-mails. Please note that we reserve the right to send you certain communications relating to your account or use of any of the Websites (for example, administrative and service announcements, shipping notices, and order confirmations) and these transactional account messages may be unaffected if you opt-out from marketing communications.

    Where we need to collect Personal Information by law, or under the terms of a contract we have with you and you fail to provide that information when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.


    D. MARKETING COMMUNICATIONS

    We strive to provide you with choices regarding certain Personal Information uses, particularly around marketing and advertising. You can opt-out of such communications as outlined in Section B, above

    Please note that you may continue to receive service-related and other non-marketing communications.


    E. DE-LINKING THIRD PARTY INTERACTIONS AND SNS

    As set forth in Section IV, our Websites and services enable you to interact with or post content to certain third parties and SNSs. If you would like to discontinue these interactions and connections, please refer to the privacy settings of the third party or SNS to determine how you may adjust our permissions and manage the interactivity between the Services and your social media account.

     

     

    IX. DATA SECURITY

    Xact uses commercially reasonable security measures to safeguard the Personal Information we collect from loss, misuse and unauthorized access, disclosure, alteration and destruction. However, please note that no system can be completely secure and Xact does not ensure or warrant the security of any information we collect. You use our Websites and provide us with your information at your own risk.

    We have put in place procedures to deal with any suspected Personal Information breach and will notify you and any applicable regulator of a breach where we are legally required to do so.



    X. USERS OUTSIDE OF THE UNITED STATES AND INTERNATIONAL TRANSFERS

    The Websites are hosted and operated in the United States and Xact and its third party service providers and partners operate in the United States and other jurisdictions. If you are located outside of the United States, please be aware that any information you provide to us may be transferred to and processed in the United States and other countries. By using the Websites, or providing us with any information, you acknowledge and consent to this transfer, processing and storage of your information in countries where the privacy laws may be less stringent than those in the country where you reside or are a citizen.



    XI. CALIFORNIA RESIDENTS – YOUR CALIFORNIA PRIVACY RIGHTS

    Pursuant to California Civil Code Section 1798.83, residents of the State of California have the right to request from companies conducting business in California certain information regarding Xact’s disclosure within the immediately preceding calendar year of that California resident’s personal information to third parties (and in some cases, affiliates) for their direct marketing purposes.

    If you are a California resident and you have questions about our practices with respect to sharing information with third parties and affiliates for their direct marketing purposes, please send your request to the following email address: privacy@xactlife.com or write to us at the following mailing address: Xact LLC., Attn: Privacy, 99 E. C St Suite 103, Upland, CA 91786. You must put the statement "Your California Privacy Rights" in the subject field of your e-mail or include it in your writing if you choose to write to us at the designated mailing address. You must include your name, street address, city, state, and ZIP code. We are not responsible for notices that are not labelled or sent properly, or do not have complete information.

     

    XII. QUESTIONS

    If you have any questions or concerns regarding our privacy policy or practices, please feel free to contact us via email at privacy@xactlife.com. We can also be contacted by mail at:

    Xact LLC.

    Attn: Privacy

    99 E. C Street, Suite 103

    Upland, CA 91786

     

     

     

    XIII.  ADDITIONAL INFORMATION FOR RESIDENTS OF THE EUROPEAN UNION

    A. PERSONAL INFORMATION

    References to “Personal Information” in this Privacy Policy are equivalent to “Personal Data” governed by European data protection legislation.


    B. LEGAL BASES FOR PROCESSING PERSONAL DATA

    We will only use your personal data when the law allows us to do so. Most commonly, we will use your Personal Information in the following circumstances:

    • Where we need to perform obligations relating to a contract to which you are a party or to take steps at your request before entering into such a contract. 
    • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. Our legitimate interests include those related to conducting and managing our business to enable us to give you the best service/product and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your Personal Information for our legitimate interests. We do not use your Personal Information for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us.
    • Where we need to comply with a legal or regulatory obligation.

    Generally, we do not rely on consent as a legal basis for processing your Personal Information other than in relation to sending marketing communications to you via email. You have the right to withdraw consent to marketing at any time by contacting us using the contact information provided above.

    We have set out below, in a table format, a description of the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate. Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us if you need details about the specific legal ground we are relying on to process your personal data where more than one ground has been set out in the table below.

    PURPOSE/ACTIVITY

     

    TYPE OF INFORMATION

     

    LAWFUL BASIS FOR PROCESSING INCLUDING BASIS OF LEGITIMATE INTEREST

     

    To register you as a new customer or user

     

    (a) Identity

    (b) Contact

    (c) Profile

     

    Performance of a contract with you and/or taking steps, at your request, to enter such a contract

     

    To process and deliver products and services including:

    (a) Manage payments, fees and charges

    (b) Collect and recover money owed to us

     

    (a) Identity

    (b) Contact

    (c) Financial

    (d) Transaction

    (e) Marketing and Communications

     

    (a) Performance of a contract with you and/or taking steps, at your request, to enter such a contract

    (b) Necessary for our legitimate interests (to recover debts due to us)

     

    To manage our relationship with you which will include:

    (a) Notifying you about changes to our terms or Privacy Policy

    (b) Asking you to leave a review or take a survey

     

    (a) Identity

    (b) Contact

    (c) Profile

    (d) Marketing and Communications

     

    (a) Performance of a contract with you and/or taking steps, at your request, to enter such a contract

    (b) Necessary to comply with a legal obligation

    (c) Necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services)

     

    To enable you to participate in sweepstakes, contests and promotional activities or complete a survey

     

    (a) Identity

    (b) Contact

    (c) Profile

    (d) Usage

    (e) Marketing and Communications

     

    (a) Performance of a contract with you and/or taking steps, at your request, to enter such a contract

    (b) Necessary for our legitimate interests (to study how customers use our products/services, to develop them and grow our business)

     

    To administer and protect our business and the Websites (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)

     

    (a) Identity

    (b) Contact

    (c) Technical

    (d) Usage

    (e) Location

    (a) Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganization or group restructuring exercise)

    (b) Necessary to comply with a legal obligation

     

    To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you

     

    (a) Identity

    (b) Contact

    (c) Profile

    (d) Usage

    (e) Marketing and Communications

    (f) Technical

    (g) Location

     

    Necessary for our legitimate interests (to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy)

     

    To use data analytics to improve our website, products/services, marketing, customer relationships and experiences

     

    (a) Technical

    (b) Usage

     

    Necessary for our legitimate interests (to define types of customers for our products and services, to keep our websites updated and relevant, to develop our business and to inform our marketing strategy)

     

    To make suggestions and recommendations to you about goods or services that may be of interest to you

    (a) Identity

    (b) Contact

    (c) Technical

    (d) Usage

    (e) Profile

     

    Necessary for our legitimate interests (to develop our products/services and grow our business)

     

    To allow participation in Community Features

    (a) Identity

    (b) Profile

    (b ) User Content

    (a) Performance of a contract with you and/or taking steps, at your request, to enter such a contract

    (b) Necessary for our legitimate interests (to study how customers use our products/services, to develop them and grow our business, to allow user interaction on the Websites)

     


    C. CONTROLLER

    This Privacy Policy is issued on behalf of Xact LLC.

    If you have any questions about this Privacy Policy, including any requests to exercise your legal rights, please contact us using the details set out below.


    D. DATA RETENTION

    We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

    To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

    In some circumstances, you can ask us to delete your data: see the Request Erasure subsection below for further information.

    In some circumstances we may anonymize your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.


    E. CHANGE OF PURPOSE

    We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.

    If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis that allows us to do so.

    Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.


    F. EU RESIDENT PERSONAL DATA RIGHTS

    Under certain circumstances, EU Residents may have rights under data protection laws in relation to your personal data as outlined below:

    • REQUEST ACCESS to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
    • REQUEST CORRECTION of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
    • REQUEST ERASURE of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons that will be notified to you, if applicable, at the time of your request.
    • OBJECT TO PROCESSING of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation that makes you want to object to processing on this ground as you feel it affects your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information that override your rights and freedoms. 
    • REQUEST RESTRICTION OF PROCESSING of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios: (a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it. 
    • REQUEST THE TRANSFER of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you. 
    • WITHDRAW CONSENT at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.

    If you wish to exercise any of the rights set out above, please contact privacy@xactlife.com.

    No Fee Usually Required

    You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

    What We May Need From You

    We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

    Time Limit To Respond

    We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

    Complaints to Supervisory Authority

    EU Residents may have the right to make a complaint at any time to the supervisory authority for data protection issues. However, we would appreciate the chance to deal with your concerns before you approach the supervisory authority so please first contact us directly to allow us to do so.