Privacy policy

Last Updated: May 12, 2026

GoodGrove is operated by Arven Brands LLC ("GoodGrove," "we," "us," "our"), a New York limited liability company with a mailing address at 418 Broadway, Ste N, Albany, NY 12207. This Privacy Policy describes how we collect, use, disclose, and protect personal information from individuals who visit our website at trygoodgrove.com (the "Site"), purchase our products, subscribe to our marketing communications, or otherwise interact with us. References in this Policy to "you" mean any such individual.

This Policy applies only to personal information collected through the Site and related services. It does not apply to job applicants, to third-party websites linked from the Site, or to information you provide to merchants other than GoodGrove. Our Site and products are intended for individuals located in the United States. We do not actively market or solicit users outside the United States. If you access the Site from outside the United States, please review the "International Transfers" section below.

This Privacy Policy should be read together with our other customer-facing policies, including our Terms of Service, Refund Policy, Shipping Policy, Subscription & Cancellation Policy, and Mobile Messaging Terms. To exercise the privacy rights described below or to make any privacy-related request, please email privacy@trygoodgrove.com or use the request form at /pages/your-privacy-choices.

SECTION 1 - INFORMATION WE COLLECT

We collect personal information from three sources: information you provide to us directly, information collected automatically when you use the Site, and information we receive from third parties. We collect only what we need to operate our business, fulfill your orders, send marketing you have agreed to receive, run our advertising and analytics, prevent fraud, and comply with our legal obligations.

Information You Provide Directly

When you create an account, place an order, sign up for our email or SMS list, contact customer service, submit a product review, or otherwise interact with us, you may provide information such as your name, email address, mobile phone number, billing and shipping address, the contents of your order, your account login credentials, your marketing and subscription preferences, and the contents of any messages you send to us. When you check out, our payment processors collect your payment information; we receive only the last four digits, expiration date, and brand of the payment method, plus a tokenized reference. We do not store full payment card numbers on our systems.

Information Collected Automatically

When you visit the Site, we and our service providers automatically collect technical information about your device and your interaction with the Site. This includes your Internet Protocol (IP) address, the type of browser and operating system you are using, the device type, the referring website or marketing campaign that brought you to the Site, the pages and products you view, the time you spend on each page, the items you add to or remove from your cart, search terms you enter, conversion events, and similar usage data. We also infer coarse geolocation (such as city or region) from your IP address. This information is collected through cookies, pixels, web beacons, server logs, and other similar technologies. The "Cookies and Similar Technologies" section below explains these mechanisms in more detail.

Information From Third-Party Sources

We may receive personal information about you from third parties, including: our e-commerce platform (Shopify) and our payment and express-checkout providers (Shop Pay and Shop.app), which provide order, transaction, and account information; our email and SMS marketing platform (Klaviyo), which provides engagement information such as which messages you opened or clicked; our advertising attribution provider (WeTracked), which provides conversion and attribution information; and fraud-prevention services that help us evaluate the risk of a transaction. We may also receive information from advertising platforms when you click on or convert from one of our advertisements, and from publicly available sources where appropriate.

SECTION 2 - HOW WE USE YOUR INFORMATION

We use the personal information we collect for the purposes described below, and only for those purposes. Where required by law, we rely on your consent, on the necessity of performing a contract with you, on our legitimate business interests, or on our legal obligations as the basis for our processing.

Order fulfillment and customer accounts. We use your contact, address, payment, and order information to process and fulfill your orders, communicate with you about your orders, manage shipping and tracking, handle returns and refunds, maintain your customer account, and provide customer support. Your account is hosted on Shopify, and Shopify issues the customer-account login token used to keep you signed in.

Subscription management. If you enroll in our subscription program, we use your account, billing, and order history information to schedule recurring shipments, charge your payment method on each renewal, send transactional notifications about your subscription, manage cancellations and pauses, and respond to support requests. Card-issuer "account updater" services (Visa Account Updater and Mastercard Automatic Billing Updater) may automatically refresh your stored card credentials when your card is reissued so that your subscription does not interrupt; you can opt out of this by canceling your subscription or removing the card on file.

Customer service. When you contact us by email, through our contact form, or by replying to our messages, we use the information you provide to respond to your inquiry, troubleshoot issues, process refunds and returns, and improve our service.

Marketing communications. If you have signed up for our email or SMS marketing list (or, where lawfully permitted, where you are an existing customer with whom we have an established relationship and you have not opted out), we use your contact information and engagement data to send marketing messages, product announcements, promotions, and tailored content. You can opt out at any time using the unsubscribe link in any marketing email or by replying STOP to any marketing SMS message. See the "SMS / Mobile Messaging" section below for more on text messages.

Advertising and attribution. We use information about your visits to the Site, your interactions with our advertisements, and your conversion events to measure the performance of our advertising, to improve targeting, to suppress audiences (for example, to stop showing ads to people who have already purchased), and to build modeled audiences with similar interests. Our attribution provider may share aggregated and conversion-level information with advertising platforms (including Meta and Google) so that we can measure the effectiveness of our campaigns. The "Sale or Sharing of Personal Information" section below describes how this data flow may be characterized under U.S. state privacy laws.

Personalization and Site operation. We use your information to remember your preferences (such as the items in your cart), to personalize the content you see, to operate, maintain, and improve the Site, to perform analytics, and to develop new features.

Fraud prevention and security. We use your information to detect, investigate, and prevent fraudulent transactions, abuse of promotions or first-order discounts, account takeovers, and other security incidents, and to enforce our Terms of Service and other policies.

Legal compliance. We use and retain your information as needed to comply with applicable laws, tax and accounting obligations, regulatory requests, and lawful court or government orders, and to establish, exercise, or defend legal claims.

SECTION 3 - COOKIES AND SIMILAR TECHNOLOGIES

The Site uses cookies and similar technologies to operate the Site, remember your preferences, run analytics, and support advertising. A "cookie" is a small text file stored on your device by your browser; "pixels" or "web beacons" are small pieces of code embedded in pages or emails that record certain interactions; "local storage" and "session storage" are built-in browser storage areas used by the Site for similar purposes. Many of these technologies use pseudonymous identifiers tied to a device or browser rather than directly to your name, but they may still constitute personal information under state privacy laws.

The cookies and similar technologies on the Site fall into the following categories:

  • Strictly necessary. Required to operate the Site, sign you in to your account, keep your shopping cart, process checkout, and prevent fraud. These cannot be disabled without breaking the Site.
  • Functional. Remember your preferences (such as your region, language, or saved items) and help us deliver a consistent experience across visits.
  • Analytics. Help us measure how visitors use the Site so that we can improve performance, troubleshoot errors, and understand which content is useful. Our attribution provider, WeTracked, falls into this category.
  • Advertising. Help us measure the performance of our advertising campaigns, attribute conversions to the campaigns that drove them, suppress audiences, and build modeled lookalike audiences. Our attribution provider, WeTracked, also supports this purpose, and the conversion data it collects may be shared with advertising platforms (including Meta and Google) for measurement and attribution.

You can manage cookies through your browser settings (including blocking or deleting them), through your device's advertising-identifier controls, and through the opt-out methods described in the "Sale or Sharing of Personal Information" and "Your Privacy Rights" sections below. Disabling cookies may affect Site functionality, and disabling strictly necessary cookies will prevent core features from working. The Site also recognizes the Global Privacy Control browser signal as described under "Global Privacy Control" below.

SECTION 4 - PIXEL AND VENDOR DISCLOSURE

To run the Site, deliver our products, communicate with customers, and run our marketing, we work with the following service providers. Each is bound by a written contract that limits the provider's use of personal information to the services we have engaged it to perform.

Shopify. Shopify is our e-commerce platform. Shopify hosts the Site, processes payments, manages customer accounts, issues the customer-account login token, runs the checkout, and provides built-in analytics. Personal information collected through the Site is stored on Shopify's infrastructure.

Shop.app and Shop Pay. Shop Pay is Shopify's accelerated checkout, and the Shop app is the consumer-facing companion application offered by Shopify. If you choose Shop Pay at checkout or interact with the Shop app, your contact, payment, and order information is shared with Shop.app/Shop Pay so that the express-checkout and order-tracking features can work.

Klaviyo. Klaviyo is our email and SMS marketing service provider. When you sign up for our email or SMS list, fill out a form on the Site, or place an order, your contact information and engagement data (such as which emails you opened or which links you clicked) are shared with Klaviyo so that we can send marketing and transactional messages, segment our audience, and measure performance.

WeTracked. WeTracked is our advertising attribution and conversion-tracking provider. It collects information about Site visits and conversion events and helps us measure the performance of our advertising. WeTracked may share aggregated and conversion-level information with advertising platforms, including Meta (Facebook) and Google, for measurement, attribution, and audience-modeling purposes.

Google advertising tools. We use Google’s advertising and measurement tools (which may include Google Ads conversion tracking, Google Tag Manager, or Google Analytics) to measure advertising performance, optimize campaigns, and reach interested audiences. Information collected through these tools may include device identifiers, IP address, browser type, page-view data, and conversion events. Google may use this information for its own purposes consistent with its Privacy Policy. To opt out of Google’s personalized advertising, visit adssettings.google.com; to opt out of Google Analytics specifically, install Google’s opt-out browser add-on at tools.google.com/dlpage/gaoptout.

Meta (Facebook) advertising tools. Conversion and attribution data may be forwarded to Meta — either directly through a Meta Pixel or indirectly through WeTracked’s server-side integration — to measure ad performance and to support audience modeling. Meta may use this information for its own purposes consistent with its Privacy Policy. To opt out of Meta’s personalized advertising, adjust your ad preferences at facebook.com/adpreferences.

From time to time we may add, remove, or replace service providers. Material changes will be reflected in this Policy in accordance with the "Changes to This Policy" section below. Oregon, Delaware, Minnesota, and Maryland residents may request a list of the specific third parties to which we have disclosed their personal information by contacting us at privacy@trygoodgrove.com; see "State-Specific Notes" below.

SECTION 5 - SMS AND MOBILE MESSAGING

If you have provided your mobile phone number and consented to receive text messages from us, we may send you transactional messages (such as order confirmations, shipping updates, and customer-service replies) and, if you have separately opted in, marketing messages (such as promotions, restock alerts, and product announcements). Klaviyo is our SMS service provider.

Marketing SMS is governed by the Telephone Consumer Protection Act (TCPA) and related federal and state rules, including the Federal Communications Commission's 2024 1:1 consent requirements. Consent to receive marketing SMS is not a condition of any purchase. You can opt out of marketing SMS at any time by replying STOP, END, CANCEL, UNSUBSCRIBE, or QUIT to any marketing message; for help, reply HELP. Message frequency varies, and message and data rates may apply.

The full terms governing our text-message program, including consent recitals, frequency disclosures, opt-out keywords, and the Florida-residency presumption, are set out in our Mobile Messaging Terms, which are incorporated into this Policy by reference.

SECTION 6 - SALE OR SHARING OF PERSONAL INFORMATION

Some U.S. state privacy laws (including those of California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Tennessee, Texas, Utah, and Virginia) define "sale" and "sharing" of personal information broadly. These definitions can include the disclosure of personal information to third parties for cross-context behavioral advertising or for analytics that supports advertising, even where no money changes hands.

While we do not sell your personal information for money in the traditional sense, we do share information with third parties for advertising and analytics purposes that may be interpreted as a "sale" or "sharing" under certain laws. In the preceding twelve months, the categories of personal information we have shared in ways that may qualify as a "sale" or "sharing" include: identifiers (such as hashed email, hashed phone number, cookie IDs, and advertising IDs); commercial information (such as order history and aggregated purchase data); Internet and network activity (such as page views and conversion events); coarse geolocation derived from IP address; and inferences drawn from this information (such as predicted purchase intent and audience segments). The categories of recipients of this information include our advertising-attribution provider (WeTracked), the advertising platforms to which it forwards measurement and attribution information (including Meta and Google), and our email and SMS marketing platform (Klaviyo) where engagement data is used to support marketing.

If you reside in a state that grants you the right to opt out of "sale" or "sharing," you may exercise that right by any of the following methods:

  • Submit a request through the form at /pages/your-privacy-choices.
  • Email privacy@trygoodgrove.com with the subject line "Opt Out of Sale or Sharing."
  • Send a Global Privacy Control signal from your browser. We treat a valid Global Privacy Control signal as a request to opt out of sale and sharing for the device and browser sending the signal. See "Global Privacy Control" below.

We do not sell or share sensitive personal information. We do not knowingly sell or share the personal information of consumers under sixteen years of age. We are an 18+ Site and do not knowingly collect personal information from anyone under 18.

SECTION 7 - CATEGORIES OF RECIPIENTS

We disclose personal information to a limited set of recipient categories. These include: our service providers (such as Shopify, Klaviyo, WeTracked, Shop.app/Shop Pay, fraud-prevention vendors, customer-service platforms, and IT and infrastructure vendors), each of which is bound by a written contract that limits its use of personal information to the services we have engaged it to perform; our advertising and analytics partners (as described in the "Sale or Sharing" section above); our professional advisors (such as lawyers, accountants, and auditors), where reasonably necessary; government authorities, regulators, and law-enforcement agencies, where we are legally required to disclose information or where we believe in good faith that disclosure is necessary to protect rights, safety, or property; and counterparties to a corporate transaction (such as a merger, acquisition, financing, reorganization, or sale of assets), in which case personal information may be transferred as part of the transaction subject to confidentiality protections.

Most of the recipients above are service providers under California law and equivalent processors under the laws of other states; they process personal information on our behalf and only as our contracts permit. A subset of recipients, however, may be third parties in a way that triggers the "sale" or "sharing" definitions described above; those flows are addressed in the "Sale or Sharing of Personal Information" section.

SECTION 8 - RETENTION

We keep your personal information only for as long as we need it to: (a) provide the products and services you ordered, (b) comply with our legal and tax obligations, (c) resolve disputes and enforce our agreements, and (d) maintain reasonable business records. When we no longer need your information for these purposes, we delete or anonymize it.

Some specific retention periods to be aware of:

  • Order records: seven (7) years from the order date, to match IRS and state tax recordkeeping obligations.
  • Marketing data: retained until you opt out of marketing, then deleted within thirty (30) days, except where we are required to retain a suppression record (an internal record of your opt-out itself, kept so that we do not contact you again).

Where personal information is retained for legal or tax reasons, we restrict the use of that information to those legal or tax purposes only.

SECTION 9 - DATA SECURITY

We maintain reasonable and appropriate administrative, physical, and technical safeguards designed to protect personal information against unauthorized access, use, disclosure, alteration, or loss. These safeguards include encryption-in-transit (HTTPS/TLS) for data transmitted between you and the Site, encryption-at-rest where appropriate, role-based access controls for our personnel, vendor diligence before integrating new service providers, multi-factor authentication for administrative access, and periodic review of our security practices. No method of transmission over the Internet or method of electronic storage is 100% secure, and we cannot guarantee absolute security. In the event of a security incident affecting your personal information, we will notify you and applicable authorities as required by law.

SECTION 10 - INTERNATIONAL TRANSFERS

The Site is operated from the United States and is hosted on infrastructure located primarily in the United States. Shopify Inc., our e-commerce platform provider, is headquartered in Canada, and certain processing may occur on Shopify's Canadian infrastructure. When you access the Site from outside the United States, your personal information may be transferred to, stored in, and processed in the United States and Canada, where data-protection laws may differ from those of your home country.

We do not actively market or solicit users in the European Economic Area, the United Kingdom, or Switzerland. If you nonetheless interact with the Site from those jurisdictions, we will rely on the European Commission's Standard Contractual Clauses (or equivalent UK or Swiss mechanisms) for any transfer of your personal information to the United States. By using the Site from these jurisdictions, you acknowledge the cross-border transfer.

SECTION 11 - NOTICE AT COLLECTION

California law requires that we provide a "notice at collection" to California consumers at or before the point at which we collect personal information. This Privacy Policy serves as our notice at collection. The categories of personal information we collect are described in the "Information We Collect" section; the purposes for which we use that information are described in the "How We Use Your Information" section; whether we sell or share that information is addressed in the "Sale or Sharing of Personal Information" section; and our retention practices are described in the "Retention" section. We do not collect or use personal information for any purpose materially different from those disclosed in this Policy without first updating the Policy and, where required, obtaining your consent.

SECTION 12 - SENSITIVE PERSONAL INFORMATION

"Sensitive personal information" is defined under California law and similar state laws to include certain narrow categories of information, such as government identifiers, financial-account credentials, precise geolocation, racial or ethnic origin, religious beliefs, biometric data, health data, sexual orientation, and the contents of certain communications.

The only categories of sensitive personal information we typically collect are: (a) your account login credentials, when you create an account on the Site, and (b) the last four digits and expiration date of the payment method you use at checkout (your full payment-card data is handled by our PCI-compliant payment processors and is not retained by us). We may also collect precise geolocation, but only if you affirmatively grant permission to your browser or device.

We do not sell or share sensitive personal information. We do not use sensitive personal information to infer characteristics about you. California residents have the right to limit our use of sensitive personal information to those purposes that are necessary to provide the products or services you have requested or are otherwise permitted by law; see "Your Privacy Rights" below.

Unless we specifically request it, we ask that you not send us, and not disclose, any other sensitive personal information (including health or medical information, social security numbers or other government identifiers, racial or ethnic origin, political opinions, religious or philosophical beliefs, sexual orientation, biometric data, or criminal history) on or through the Site, in product reviews, in customer-service inquiries, or otherwise to us.

SECTION 13 - YOUR PRIVACY RIGHTS

If you are a U.S. resident, you may have the following rights, depending on your state of residence:

  • Know what personal information we have about you
  • Access a copy of it
  • Correct inaccurate information
  • Delete your information
  • Receive a portable copy
  • Opt out of "sale" or "sharing" for advertising
  • Opt out of targeted advertising
  • Limit our use of sensitive personal information
  • Withdraw consent for marketing
  • Appeal if we deny your request
  • Not be discriminated against for exercising your rights

To exercise any of these rights, email privacy@trygoodgrove.com or use the form at /pages/your-privacy-choices. We will respond within 45 days. We will verify your identity by matching information you provide against our records before fulfilling a request involving access to, correction of, or deletion of your personal information. If we deny your request and you live in a state that provides a right to appeal, you may appeal by replying to our denial within thirty (30) days; we will respond to your appeal within sixty (60) days. Exercising any of these rights will not result in discriminatory treatment of you, and we will not deny you goods or services, charge you a different price, or provide you a different level of quality because you exercised a privacy right (except where the difference is reasonably related to the value the personal information provides, as in our Financial Incentive Program described below).

SECTION 14 - STATE-SPECIFIC NOTES

Several U.S. states have enacted comprehensive consumer privacy laws that provide rights similar to those described above, with state-specific differences. The unified rights framework in "Your Privacy Rights" applies to residents of: California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Tennessee, Texas, Utah, and Virginia. Specific points worth noting:

  • California residents have additional rights described in the dedicated "California Shine the Light" and "Financial Incentive Program" sections below.
  • Utah does not provide a right to correct personal information and does not provide an appeal mechanism.
  • Oregon, Delaware, Minnesota, and Maryland residents may request a list of the specific third parties (or, in Delaware and Maryland, the categories of specific third parties) to whom we have disclosed their personal information. To make such a request, contact us at privacy@trygoodgrove.com.
  • Maryland residents are protected by the Maryland Online Data Privacy Act, which prohibits the sale of sensitive personal information; consistent with that statute, we do not sell sensitive personal information of Maryland residents under any circumstances.
  • New Jersey, Colorado, Connecticut, and certain other states require that we honor the Global Privacy Control browser signal as a valid opt-out of sale, sharing, and targeted advertising. We do so as described in the "Global Privacy Control" section below.

If a future state enacts a comprehensive privacy law that provides rights to its residents, we will extend the rights and procedures described in this Policy to residents of that state to the extent required by law. We do not collect Washington consumer health data within the meaning of the Washington My Health My Data Act and accordingly do not include a separate Washington-specific section.

SECTION 15 - CALIFORNIA SHINE THE LIGHT

California Civil Code Section 1798.83 permits California residents to request a list of the categories of personal information disclosed to third parties for those third parties' direct marketing purposes during the preceding calendar year. We do not share your personal information with third parties for those third parties' own direct marketing purposes (which is distinct from our sharing for our own advertising and analytics, addressed in the "Sale or Sharing of Personal Information" section). If our practices change, we will update this Policy. To make a Shine the Light request, contact us at privacy@trygoodgrove.com.

SECTION 16 - FINANCIAL INCENTIVE PROGRAM

From time to time we offer a financial incentive (such as a discount on your first order or free shipping) in exchange for joining our email or SMS marketing program (a "Financial Incentive"). By signing up, you consent to receive marketing communications from us and to our use of your contact information for that purpose. The Financial Incentive is voluntary; you may decline to participate at any time, and your choice will not affect your eligibility for our other promotions, your access to the Site, or the price you pay for our products outside the Financial Incentive itself.

Material terms of our Financial Incentive Program:

  • You may opt out at any time by replying STOP to any marketing SMS message we send (per our Mobile Messaging Terms) or by clicking the "unsubscribe" link in any marketing email.
  • The discount or other incentive is offered on the terms stated in the popup or signup form at the time of the offer (for example, a one-time discount on a first order; restrictions or exclusions, if any, are stated in the offer itself).
  • Our good-faith estimate of the value of the personal information used in the Financial Incentive Program is approximately $20 per email or SMS subscriber. This estimate is based on the average revenue contribution of an email or SMS subscriber to our marketing channel and is calculated using our internal revenue and engagement data. The estimate may change over time as our business and marketing channels evolve.
  • Participation does not entitle you to any discount, gift, or financial benefit not explicitly described in the offer.

California residents have the right not to receive discriminatory treatment for exercising their privacy rights. The Financial Incentive Program does not constitute discrimination because the price difference is reasonably related to the value the personal information provides to us.

SECTION 17 - AUTHORIZED AGENTS

You may designate an authorized agent to submit a privacy request on your behalf. The authorized agent must provide either (a) a signed power of attorney granting the agent authority to act on your behalf for privacy matters, or (b) a signed written permission from you authorizing the agent to submit the specific request. We may also require that you (i) verify your own identity directly with us, and (ii) confirm directly with us that you have authorized the agent to submit the request on your behalf. We will respond to an authorized agent's request within the same time period applicable to the underlying right.

SECTION 18 - GLOBAL PRIVACY CONTROL

The Site recognizes the Global Privacy Control ("GPC") browser signal. If your browser sends a valid GPC signal and you reside in a state where GPC must be honored as an opt-out of sale, sharing, or targeted advertising (currently including California, Colorado, Connecticut, New Jersey, and certain other states), we will treat that signal as a request to opt out of sale and sharing for the browser and device sending the signal, and you do not need to submit a separate form to be opted out on that browser/device. Because GPC operates at the browser/device level, you will need to send GPC from each browser and device on which you want the opt-out to apply.

Other than GPC, we do not currently respond to "Do Not Track" or other tracking-preference signals that are not legally recognized in the United States. We use the Shopify Customer Privacy API to record and apply consent and opt-out preferences server-side, and we provide the request form at /pages/your-privacy-choices as an additional method to exercise opt-out and other rights.

SECTION 19 - CHILDREN'S PRIVACY

The Site and our products are intended for individuals who are at least 18 years old. We do not knowingly collect personal information from anyone under the age of 18. If we learn that we have collected personal information from anyone under 18, we will promptly delete it. If you are a parent or guardian and you believe that we may have collected information about a minor, please contact us at privacy@trygoodgrove.com so that we can investigate and, where appropriate, delete the information.

SECTION 20 - CHANGES TO THIS POLICY

We may update this Privacy Policy from time to time. The "Last Updated" date at the top of this Policy reflects the date of the most recent change. For material changes that affect your rights or the way we collect, use, or share your personal information, we will provide at least thirty (30) days' advance notice by posting an on-site banner and, where we have your email address, by sending an email notification before the change takes effect. Non-material updates (such as clarifications, formatting changes, or updates to vendor names that do not change how we collect or use information) will take effect when the updated Policy is posted, and the "Last Updated" date will reflect the change. Changes will not apply retroactively to personal information we have already collected, except where required by law.

SECTION 21 - CONTACT US

For privacy-related questions, requests, or complaints, please contact us:

Email: privacy@trygoodgrove.com
Mail: Arven Brands LLC, 418 Broadway, Ste N, Albany, NY 12207
Online request form: /pages/your-privacy-choices

California Civil Code Section 1789.3 disclosure. Under California Civil Code Section 1789.3, California consumers are entitled to the following specific consumer-rights notice. The Complaint Assistance Unit of the Division of Consumer Services of the California Department of Consumer Affairs may be contacted in writing at 1625 North Market Blvd., Suite N 112, Sacramento, CA 95834, or by telephone at (800) 952-5210.

If you have a privacy complaint that we have been unable to resolve to your satisfaction, you may also have the right to file a complaint with your state attorney general or, in California, with the California Privacy Protection Agency. We encourage you to contact us first so that we can try to resolve the issue directly.