- Our Story
You are shopping with Heather Mitchell
A MISSION TO MAKE A DIFFERENCE
LAST MODIFIED: JULY 2020
This policy does not apply to information collected on any third-party site or by any third-party application that may link to or be accessible from the websites.
We collect several types of information from and about users of our websites, including: information you provide to us, information that we collect as you navigate through the websites (i.e., traffic and location data, IP addresses, and usage details through the use of certain technologies, including cookies and web beacons), as well as information we receive from third parties (e.g., our business partners), and which resources you access.
Information that you provide by filling in forms on our websites. This includes, but is not limited to the following the Personally Identifiable Information (PII):
Full name, with all middle names (especially if the name is not common).
Any part of an individual's name that is stored or displayed in conjunction with any of the subsequent listings of data and information deemed PII.
National Identification information, such as passports, social security number (United States), or any other type of unique identifier used on a national level.
Local and/or state, provincial, etc. information, such as driver’s licenses.
Digital Identifiers, such as IP addresses, usernames, passwords, etc.
Date of Birth.
Financial and Accounting records, along with credit and debit cards.
Any other information provided at the time of registering to use our websites, subscribing to our services, posting material or requesting further services or information.
Information that you provide when you enter a contest or promotion sponsored by us.
Information that you provide when you report a problem with our websites.
Records and copies of your correspondence (including email addresses), if you contact us.
Your responses to surveys that we might ask you to complete for research purposes, although you do not have to respond to them.
Details of transactions you carry out through our websites and of the fulfillment of your orders.
Any other information deemed PII, but not listed above.
We use information that we collect about you or that you provide to us, including any personal information, in the following ways:
To present our websites and their contents in a suitable and effective manner for you and for your computer;
To provide you with information, products or services that you request from us;
To carry out our obligations, process and enforce our rights arising from any contracts entered into between you and us;
To notify you about changes to our service;
To allow you to participate in interactive features of our services, when you choose to do so.
For marketing and promotional purposes so as to provide you with information about services we think you might like; and
To collect payments from you.
We may also use your information, or permit carefully selected third parties to use your information, to contact you about goods and services that may be of interest to you where you have consented to be contacted for such purposes. If you do not want us to use your information in this way, or to provide your information to third parties for marketing purposes, please check the relevant box located on the form on which we collect your data and / or adjust your user preferences accordingly in your account profile.
Depending on whether you have provided your consent we may also use your data, or permit selected third parties to use your data, to provide you with information about goods and services that may be of interest to you and we, or they, may contact you about these by post or telephone.
If you are an existing customer, we will only contact you by electronic means (email or SMS) with information about goods and services similar to those, which were the subject of a previous sale to you.
Like the vast majority of website providers, we collect details of your visit(s) to our websites. The information we collect concerns the resources that you access, and information about your computer and Internet connection, including your IP address, operating system and browser type, for system administration, marketing, and to report aggregate information to our advertisers.
Where, according to local law, IP addresses and the like are considered personal information, then we treat it as such.
Web beacons, also known as pixel tags, are electronic images contained on a website that permit us to count users who have visited our websites and to accumulate other statistics (for example, recording the popularity of certain websites content and verifying system and server integrity). Web beacons are not used to access your personal information and are only used to compile aggregated statistics concerning use of the websites.
We strive to provide you with choices regarding the personal information you provide to us. We have created mechanisms to provide you with the following control over your information:
We may disclose personal information that you provide via this websites to the following third parties:
To our group companies (i.e., our holding company and its subsidiaries and affiliates); and
Direct contractors and service providers we use to support our business, such as web hosting providers, web analytics providers, email service providers, and cloud-survey platform providers.
In the event (whether prospective or actual) of a merger, acquisition, or any form of sale of some or all of Norwex’s assets, in which case personal information held by Norwex’s about its customers will be among the assets transferred to the (prospective) buyer.
We may also disclose your personal information to third parties to:
Comply with any court order or other legal obligation; and
Protect the rights, property, or safety of Norwex, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.
When you visit some websites, their web servers generate pieces of information known as cookies. Cookies are commonly used to recognize your computer in the future. Norwex uses session cookies to serve technical purposes, such as providing seamless navigation through our site, allow you to carry information across pages of our site and avoid having to re-enter information. These cookies do not permanently record data and they are not stored on your computer’s hard drive. Norwex’s session cookies are available only during an active browser session. When you close your browser, the session cookie disappears.
Norwex also uses persistent cookies to be able to track the number of unique visitors to the site. More specifically, Persistent Cookies are utilized for helping Norwex recognize you as a unique visitor (using a number, you cannot be identified personally) when you return to Norwex websites. Additionally, persistent cookies enable Norwex to tailor content and related subject matter to match your preferred interests and/or for the purposes of not showing you the same content and related subject matter repeatedly.
Users can choose to disable cookies using their web browsers, which will not affect their ability to search for, review and retrieve data on www.norwex.com
Various elements of data sets may be collected to track the usefulness of certain actions and to ultimately improve the value of Norwex websites. Please note that at no time does Norwex not gather, request, record, require, collect or track any type of Internet users’ personal information (as listed above) through these processes.
If you do not wish to have your email address used for promotional purposes by Norwex, you can opt out by checking the relevant box located on the form on which we collect your data. You can also always opt out of receiving email information from us, other than the email informing you of the completion of user registration, correction of user data, or change of password, by logging into the websites and adjusting your user preferences in your account profile by checking or unchecking the relevant boxes or by sending us an email stating your request to CDNcompliance@norwex.com or UScompliance@norwex.com or EUcompliance@norwex.com. If we have sent you a promotional email, you may send us a return email asking to be omitted from future email distributions. This opt out does not apply to information provided to Norwex as a result of a product downloads or purchase, warranty registration, product service experience or other transactions.
If you do not want us to use your personal information that we gather to allow third parties to personalize advertisements we display to you, you can opt out by checking the relevant box located on the form on which we collect your data. You can also always adjust your user advertising preferences accordingly in your account profile by checking or unchecking the relevant boxes or by sending us an email stating your request to CDNcompliance@norwex.com or UScompliance@norwex.com or EUcompliance@norwex.com.
Please be advised that any comments you provide are categorized as public information. Therefore, such comments may also be made available online to the public with the name of the commenter but without the use of any email addresses, or any type of information defined as personal information.
As the owner of your own personal information, you have choices, specifically, the following: You have several choices available when it comes to information about you:
You have the right to ask us not to process your personal data for marketing purposes. We will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data. You can also exercise the right at any time by contacting us at CDNcompliance@norwex.com or UScompliance@norwex.com or EUcompliance@norwex.com.
Our websites may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
Opt-Out of Electronic Communications:You have the right opt out of receiving promotional messages from Norwex. Please note that even if you opt out of promotional messages, Norwex may still send you additional messages relating to your account and other important information.
In each and every email that we send to you, there is an ‘unsubscribe’ hyperlink, which you may you use if you wish to ‘opt out’ of and stop receiving email communications from us. The hyperlink will direct you to our websites, where upon entering the email address that you no longer wish to receive Norwex emails, one last confirmation email shall then be sent to the email address you designate. Merely confirm that you do indeed wish to stop Norwex email’s being sent to you and that email address shall automatically be unsubscribed.
Alternatively, you may email Norwex at CDNcompliance@norwex.com or UScompliance@norwex.com or EUcompliance@norwex.com with your request, stating ‘Unsubscribe’ in the header and what email addresses you wish not to receive Norwex emails and within ten business days, we shall ensure that such email addresses are unsubscribed and shall no longer receive any communications from us.
All information accessed through Norwex EU Websites is in compliance with current privacy requirements set forth in the GDPR, the Privacy Shield, and any other additional regulations. Please be advised and aware of the following rights you have regarding your personal data for which Norwex is possibly storing, processing, and/or transmitting:
Right of Access: You have the right to obtain confirmation as to whether or not personal data concerning you is being processed, and, where that is the case, access to the personal data.
Right to Rectification: You have the right to obtain without undue delay the rectification of inaccurate personal data concerning you. Taking into account the purposes of the processing, you have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
Right to Erasure (“Right to be Forgotten): You have the right to obtain the erasure of personal data concerning you without undue delay and the Norwex will erase personal data without undue delay when various grounds apply.
Right to Restriction of Processing: You have the right to obtain restriction of processing when various grounds apply.
Right to Data Portability: You have the right to receive the personal data concerning you, which you have provided to Norwex, in a structured, commonly used and machine-readable format and you have the right to transmit those data to another entity without hindrance from Norwex.
Right to Object: You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you. Norwex shall no longer process the personal data unless the there are compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defense of legal claims.
Information Transfer: We may transfer data to Norwex databases in countries other than where it was provided. When we do so, we transfer the information in compliance with the applicable data protection laws. Further our privacy program requires the same high level of security and protection of personal information in all geographies with procedures in place to help us ensure this is so. In addition, personal data, particularly data collected in the EU or the EEA, shall only be transmitted to controllers outside of the European Union if the appropriate level of data privacy has been ensured, such as the EU standard contractual clauses or individual contractual agreements that meet the relevant requirements of European law or the application of a Privacy Shield Certification.
We have implemented measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration and disclosure. All information you provide to us is stored on secure servers behind firewalls. All payment transactions you make via our websites are encrypted using SSL technology.
The safety and security of your information also depends on you. We urge you to be careful about giving out information in public areas of the websites like message boards. The information you share in public areas may be viewed by any user of the websites.
Unfortunately, the transmission of information via the Internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our websites; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorized access.
All information accessed through Norwex Websites is subject to Norwex quality control and related information security best practices.
All information accessed through Norwex EU Websites is in compliance with the required information security mandates of GDPR, Article 32. Specifically, Norwex has implemented appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including inter alia as appropriate:
The pseudonymization and encryption of personal data.
The ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services.
The ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident.
A process for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing.
Disclaimer and Endorsement: Norwex websites that include hypertext links, or pointers, to information created and maintained by other public and/or private organizations. As such, Norwex only provides these links for your information and convenience, thus, when you select a link to an outside website, you are leaving the Norwex websites and therefore subject to the privacy and security policies of these external websites. Additionally, please note the following:
Norwex does not control or guarantee the accuracy, relevance, timeliness, or completeness of information contained on a linked website.
Norwex does not endorse the organizations sponsoring linked websites and we do not endorse the views they express or the products/services they offer.
Norwex therefore cannot authorize the use of copyrighted materials contained in linked websites. Users must request such authorization from the sponsor of the linked website.
Norwex is not responsible for transmissions users receive from linked websites.
Norwex does not guarantee that outside websites comply with Section 508 (accessibility requirements) of the Rehabilitation Act.
For site security purposes and to ensure that this service remains available to all users, the platform for which Norwex websites resides on – commonly known as a “production environment”, utilizes a wide-range of software tools and programs to for the ultimate goal of ensuring its confidentiality, integrity, and availability (CIA) – a concept known as the CIA triad of information security. Tools which are currently in use, or are to be deployed if necessary for the security of Norwex Websites are to include, but are not limited to, the following: start here.
Network Security and Network Monitoring: Tools that assist in securing the network for which www.norwex.com resides on. Such tools include network and perimeter firewalls, web application firewalls, routers, switches, intrusion detection systems, and other related tools.
Network Performance: Tools that assist in monitoring all aspects of norwex.com, such as performance monitoring for website uptime, etc.
Other: Additionally, A variety of physical, electronic and procedural safeguards are implemented for helping ensure the safety and security of www.norwex.com
Except for authorized law enforcement investigations by local, state, and/or federal agencies, no other attempts are made by Norwex to identify individual users and/or their usage habits on www.norwex.com.
California Civil Code Section § 1798.83 permits users of our websites that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to UScompliance@norwex.com.
Our websites are not intended for use by children under 13 years of age. No one under age 13 may provide any personal information to or on the websites. We do not knowingly collect personal information from children under 13. If you are under 13, please do not register on the websites, make any purchases through the websites or send any information about yourself to us. In the event that we learn that we have collected personal information from a child under age 13 without verification of parental consent, we will delete that information. If you believe that we might have any information from or about a child under 13, please contact us at CDNcompliance@norwex.com or UScompliance@norwex.com or EUcompliance@norwex.com.
Norwex.com complies with the Children’s Online Privacy Protection Act of 1998 (COPPA). Specifically, COPPA imposes certain requirements on operators of websites or online services directed to children under 13 years of age, and on operators of other websites or online services that have actual knowledge that they are collecting personal information online from a child under 13 years of age. Therefore, Personal information from children under 13 is not knowingly collected, nor are children under 13 knowingly contacted by norwex.com. To be clear, norwex.com does not intend to solicit information of any kind from children under 13. It is possible that norwex.com may receive emails pertaining to children under 13. If this is the case and norwex.com is notified of this, as soon as the information is verified, parental consent will be immediately obtained or the email will be deleted from any services being offered and/or performed by norwex.com.
Norwex complies with the General Data Protection Regulation (GDPR) gdpr-info.eu/art-8-gdpr/. Specifically, the GDPR states the following, per Article 8:
Where point (a) of Article 6(1) applies, in relation to the offer of information society services directly to a child, the processing of the personal data of a child shall be lawful where the child is at least 16 years old. Where the child is below the age of 16 years, such processing shall be lawful only if and to the extent that consent is given or authorized by the holder of parental responsibility over the child.
Member States may provide by law for a lower age for those purposes provided that such lower age is not below 13 years.
The controller shall make reasonable efforts to verify in such cases that consent is given or authorized by the holder of parental responsibility over the child, taking into consideration available technology.
Paragraph 1 shall not affect the general contract law of Member States such as the rules on the validity, formation or effect of a contract in relation to a child.
If you are resident in USA:
Chief Information Officer
Norwex USA, Inc.
800 W. Bethel Road
Coppell, TX 75019
If you are resident in Canada:
Chief Information Officer
Norwex Canada Inc.
P.O. Box 714
Dauphin, Manitoba R7N 3B3
If you are a resident of the European Economic Area:
Chief Information Officer
Norwex USA, Inc.
800 W. Bethel Road
Coppell, TX 75019
Specifically, Norwex is responsible for ensuring that personal data accessed through norwex.com have required Privacy Impact Assessments available for review.