Privacy Policy

PRIVACY POLICY

Effective Date: March 11, 2020

Introduction

Welcome! You have arrived at a website that is provided by Dharma Studio, LLC (“Dharma” or “we,” “our” or “us”). This “Privacy Policy” governs your use of www.dharmaworldwide.com (including, without limitation, both mobile and online versions of our site), and also applies to your use of all features, applications, content, downloads and other products or services that we make available through the site and/or that post a link to this Privacy Policy (collectively, referred to herein as the “Site”), regardless of how you access or use the Site, whether via personal computers, mobile devices or otherwise.

Our Privacy Policy explains our data collection practices when collecting, storing and or using your data. To the extent we provide you notice on our Site of different or additional privacy policies or practices (e.g., at the point of our collection), those additional terms shall govern such data collection and use.

In addition, please review the Site’s Terms of Service, which governs your use of the Site. By using our Site, you consent to our Privacy Policy and Terms of Service and our collection, use and sharing of your information and data, and other activities, as described below. If you do not agree to the terms of this Privacy Policy, please do not provide us with any Personal Information (defined below) and do not use this Site.


If you are located or a resident of the EU, please review Section 14 of this Privacy Policy, which contains our supplemental privacy notice that applies to you. If you are located or a resident of Canada, please review Section 15 of this Privacy Policy, which contains our supplemental privacy notice that applies to you.


Table of Contents

It is important that you read and understand the entire Privacy Policy before using the Site. However, this table of contents highlights the topics covered.

1. What Information Does the Site Collect?

(a) Information You Provide to Us

(b) Information We Collect and Store As You Access and Use the Site

(b) Information Third Parties Provide About You

(c) Interactions with Third-Party Services

(d) Information You Provide About a Third Party

(e) California / Delaware Do Not Track Disclosures


2. How Do We Use the Information Collected?

3. How and When Do We Disclose Information to Third Parties?

(a) When You Request Information From or Provide Information to Third Parties
(b) Third Parties Providing Services on our Behalf
(c) Administrative and Legal Reasons
(d) Affiliates and Business Transfer
(e) Sweepstakes, Contests and Promotions

4. Your California Privacy Rights

(a) Categories of Personal Information We Collect
(b) Sources of Collected Personal Information and Purposes of Collection and Disclosure
(c) Categories of Personal Information We May Share and Who We May Share It With
(d) Your Privacy Rights
(e) Exercising Your Rights
(f) Non-Discrimination

5. Your Nevada Privacy Rights

6. Ads and Information About You

7. What About Information I Disclose Publicly?

(a) User Content and Public Information
(b) Name and Likeness
(c) User Testimonials

8. Do Third-Party Content, Links to Third-Party Sites and/or Third-Party Apps Appear on the Site?
How Do I Change My Information and Communications Preferences?

9. What About Transfer of Information to the United States?

10. What Should Parents Know About Children?

11. What About Security?

12. What About Changes to the Privacy Policy?

13. Supplemental Privacy Notice For Residents of the EU and EEA

14. Supplemental Privacy Notice For Residents of Canada


The Full Detailed Privacy Policy

1. What Information Does the Site Collect?

(a) Information You Provide to Us

On the Site, we or our service providers may ask you to provide certain types of information such as: (1) personally identifiable information, which is information that identifies you personally, such as your first and last name, email address, home address, credit card number and phone number (“Personal Information”); and (2) demographic information, such as information about your gender and age (“Demographic Information”). We may collect this information through various forms and in various places on the Site, including through “contact us” forms, when you purchase products or services from us or if you request to receive our electronic newsletter or when you otherwise interact with the Site. In addition, Personal Information once “De-identified” (i.e., the removal or modification of the personally identifiable elements, or the extraction non-personally identifiable elements including through anonymization, pseudonymization and/or hashing) is not considered Personal Information and may be used and shared by us or other third parties without obligation to you, except as prohibited by applicable law.

(b) Information We Collect and Store As You Access and Use the Site

In addition to any Personal Information or other information that you choose to submit to us via our Site, we and our third-party service providers may use a variety of technologies that automatically (or passively) collect and store certain information whenever you visit or interact with the Site (“Usage Information”). This Usage Information may be stored or accessed using a variety of technologies that may be downloaded to your personal computer, browser, laptop, tablet, mobile phone or other device (a “Device”) whenever you visit or interact with our Site. Usage Information may be non‑identifying or may be associated with you. Whenever we associate Usage Information with your Personal Information, we will treat it as Personal Information. This Usage Information may include:

  • your IP address, UDID or other unique identifier (“Device Identifier”). A Device Identifier is a number that is automatically assigned to your Device used to access the Site, and our computers identify your Device by its Device Identifier;
  • your Device functionality (including browser, operating system, hardware, mobile network information);
  • the URL that referred you to our Site;
  • the areas within our Site that you visit and your activities there, including remembering you and your preferences;
  • your Device location;
  • your Device characteristics; and
  • certain other Device data, including the date and time of day of your visit, among other information.


We may use various methods and technologies to collect and store Usage Information (“Tracking Technologies”). Tracking Technologies may set, change, alter or modify settings or configurations on your Device. A few of the Tracking Technologies include, without limitation, the following (and subsequent technology and methods later developed):

  • Cookies. A cookie is a data file placed on a Device when it is used to visit the Site. We may use both session cookies (which expire once you close your web browser) and persistent cookies (which stay on your computer until you delete them) to provide you with a more personal and interactive experience on our Site.
  • Web Beacons. Small graphic images or other web programming code called web beacons (also known as “1x1 GIFs” or “clear GIFs”) may be included in our Site’s pages and messages. Web beacons may be invisible to you, but any electronic image or other web programming code inserted into a page or e-mail can act as a web beacon. Web beacons or similar technologies may be used for a number of purposes, including, without limitation, to count visitors to the Site, to monitor how users navigate the Site, to count how many e-mails that were sent were actually opened or to count how many particular articles or links were actually viewed.
  • Embedded Scripts. An embedded script is programming code that is designed to collect information about your interactions with the Site, such as the links you click on. The code is temporarily downloaded onto your Device from our web server or a third party service provider, is active only while you are connected to the Site, and is deactivated or deleted thereafter.
  • Browser Fingerprinting. Collection and analysis of information from your Device, such as, without limitation, your operating system, plug-ins, system fonts and other data, for purposes of identification.
  • ETag, or entity tag. A feature of the cache in browsers. It is an opaque identifier assigned by a web server to a specific version of a resource found at a URL. If the resource content at that URL ever changes, a new and different ETag is assigned. Used in this manner ETags are a form of Device Identifier. ETag tracking may generate unique tracking values even where the consumer blocks cookies.
  • Recognition Technologies. Technologies, including application of statistical probability to data sets, which attempt to recognize or make assumptions about users and devices (e.g., that a user of multiple devices is the same user).
  • Location-identifying Technologies. GPS (global positioning systems) software, geo-filtering and other location-aware technologies locate (sometimes precisely) you, or make assumptions about your location, for purposes such as verifying your location and delivering or restricting content based on your location. If you have enabled GPS or use other location-based features on the Site, your device location may be tracked.


We may use Tracking Technologies for a variety of purposes, including:

  • Strictly Necessary. We may use cookies or other Tracking Technologies that we consider are strictly necessary to allow you to use and access our Site, including cookies required to prevent fraudulent activity, improve security or allow you to make use of Site functionality.
  • Performance‑Related. We may use cookies or other Tracking Technologies that are useful in order to assess the performance of the Site, including as part of our analytic practices or otherwise to improve the content, products or services offered through the Site.
  • Functionality‑Related. We may use cookies or other Tracking Technologies that are required to offer you enhanced functionality when accessing the Site, including identifying you when you visit our Site or keeping track of our specified preferences, including in terms of the presentation of content on our Site.
  • Targeting‑Related. We may use Tracking Technologies to deliver content relevant to your interests on our Site and third‑party sites based on how you interact with our content. This includes using Tracking Technologies to understand the usefulness to you of the content that have been delivered to you.


There may be other Tracking Technologies now and later devised and used by us in connection with the Site. Further, third parties may use Tracking Technologies in connection with our Site, which may include the collection of information about your online activities over time and across third-party websites or online services. We may not control those Tracking Technologies and we are not responsible for them. However, you consent to potentially encountering third-party Tracking Technologies in connection with use of our Site and accept that our statements under this Privacy Policy do not apply to the Tracking Technologies or practices of such third parties.


(c) Information Third Parties Provide About You

We may receive information about you from your friends and others that use the Site, such as when they submit your information to us about you, if for example, they buy you a gift on the Site. Additionally, we may, from time to time, supplement the information we collect directly from you on our Site with outside records from third parties for various purposes, including to enhance our ability to serve you, to tailor our content and ads to you and to offer you opportunities that may be of interest to you. To the extent we combine information we receive from those sources with your Personal Information we collect on the Site, it will be treated as Personal Information and we will apply this Privacy Policy to such combined information, unless we have disclosed otherwise. In no other circumstances do our statements under this Privacy Policy apply to information we receive about you from third parties.

(d) Interactions with Third-Party Services

The Site may include functionality that allows certain kinds of interactions between the Site and your account on a third-party web site, application or other service. The use of this functionality may involve the third-party operator providing certain information, including Personal Information, to us. For example, we may provide third-party sites’ interfaces or links on the Site to facilitate your sending a communication from the Site. For example, we may use third parties to facilitate emails, Tweets or Facebook postings. These third parties may retain any information used or provided in any such communications or other activities and these third parties’ practices are not subject to our Privacy Policy. Dharma may not control or have access to your communications through these third parties. Further, when you use third-party sites or services, you are using their services and not our services and they, not we, are responsible for their practices. You should review the applicable third-party privacy policies before using such third-party tools on our Site.

(e) Information You Provide About a Third Party

You may send someone else a communication from the Site, such as sending an invitation to a friend. If so, the information you provide (names, email addresses, mobile number, etc.) is used to facilitate the communication and is not used by us for any other marketing purpose unless we obtain consent from that person or we explicitly say otherwise. Please be aware that when you use any send-to-a-friend functionality on our Site, your email address, mobile number, name or user name and message may be included in the communication sent to your addressee(s).

(f) California / Delaware Do Not Track Disclosures

Various third parties are developing or have developed signals or other mechanisms for the expression of consumer choice regarding the collection of information about an individual consumer’s online activities over time and across third-party web sites or online services (e.g., browser do not track signals). Currently, we do not monitor or take any action with respect to these signals or other mechanisms.

2. How Do We Use the Information Collected?

We may use your Personal Information, Demographic Information or Usage Information for various purposes, including the following business purposes:

  • to process, track and complete purchase, return and similar transactions;
  • to provide you with information such as to send you electronic newsletters or to provide you with special offers or promotional and marketing materials on behalf of us or third parties, including to let you know about upcoming events;
  • to enable you to participate in a variety of the Site’s features such as to enable you to participate in online surveys, entry sweepstakes, contests or other promotions;
  • to improve the Site, marketing endeavors or our product and service offerings;
  • to customize your experience on the Site or to serve you specific content that we believe is relevant to you;
  • to process Site account registration;
  • to offer location-based services;
  • to provide customer service and support, including responding to your inquiries regarding our merchandise or services;
  • to notify you of any product recalls or providing other information concerning products or services you have purchased;
  • to send you information about orders you have placed on the Site;
  • to identify you as a customer and to identify your product and service preferences, including providing personalized content and ads and informing you of new or additional products, services or promotions that may be of interest to you;
  • to contact you with regard to your use of the Site and, in our discretion, changes to the Site and/or Site’s policies;
  • to measure and analyze audience traffic and to improve the overall experience at the Site and our merchandise and services;
  • to understand whether you read our communications and clicked on links within those messages;
  • to develop aggregated data and statistics;
  • for internal business purposes; and
  • for purposes disclosed at the time you provide your information or as otherwise set forth in this Privacy Policy.


3. How and When Do We Disclose Information to Third Parties?


We may share non-Personal Information, such as aggregated user statistics, with third parties. Further, we may share your Device Identifiers with third parties along with data related to you and your activities. Also, we may share your Personal Information with third parties with whom we have marketing or other relationships for the third parties’ direct marketing purposes. If you are a California resident, you have the right to request additional information about this sharing, so please see Section 4 below. In addition, we may share the information we have collected about you, including Personal Information, as disclosed at the time you provide your information and as described below or otherwise in this Privacy Policy. We may disclose your information as follows:

(a) When You Request Information From or Provide Information to Third Parties.  You may be presented with an option on our Site to receive certain information and/or marketing offers directly from third parties or to have us send certain information to third parties or give them access to it. If you choose to do so, your Personal Information and other information may be disclosed to such third parties and all information you disclose will be subject to the third-party privacy policies and practices of such third parties. In addition, third parties may store, collect or otherwise have access to your information when you interact with their Tracking Technologies, content, tools apps or ads on our Site or link to them from our Site. This may include using third party tools such as Facebook, Twitter, Pinterest or other third-party posting or content sharing tools and by so interacting you consent to such third party practices. It may also include ordering or purchasing products from third parties through us where we indicate that the third party rather than us is the seller. We are not responsible for the privacy policies and practices of such third parties and, therefore, you should review such third party privacy policies and practices of such third parties prior to requesting information from or otherwise interacting with them.

(b) Third Parties Providing Services on our Behalf. We may use third-party vendors to perform certain services on behalf of us or the Site, such as: (i) to assist us in Site operations; (ii) to manage a database of customer information; (iii) hosting the Site; (iv) designing and/or operating the Site’s features; (v) tracking the Site’s activities and analytics; (vi) enabling us to send you special offers or perform other administrative services; and (vii) other services designed to assist us in maximizing our business potential. We may provide these vendors with access to user information, including Device Identifiers and Personal Information, to carry out the services they are performing for you or for us. Third-party analytics and other service providers may set and access their own Tracking Technologies on your Device and they may otherwise collect or have access to information about you, potentially including Personal Information, about you. We are not responsible for those third party technologies or activities arising out of them. However, some may offer you certain choices regarding their practices, and information we have been informed of regarding such choices is available in Section 6 below. We are not responsible for the effectiveness of or compliance with any third parties’ opt-out options.

(c) Administrative and Legal Reasons. We may access, use, preserve, transfer and disclose your information (including Device Identifiers and Personal Information) to third parties: (i) to satisfy any applicable law, regulation, subpoenas, governmental requests or legal process if in our good faith opinion such is required or permitted by law; (ii) to protect and/or defend the Site’s Terms of Service or other policies applicable to the Site, including investigation of potential violations thereof; (iii) to protect the safety, rights, property or security of the Site or any third party; and/or (iv) to detect, prevent or otherwise address fraud, security or technical issues. Further, we may use IP address or other Device Identifiers, to identify users, and may do so in cooperation with third parties such as copyright owners, internet service providers, wireless service providers and/or law enforcement agencies, including disclosing such information to third parties, all in our discretion, subject to applicable law. Such disclosures may be carried out without notice to you.

(d) Affiliates and Business Transfer. We may share your information, including your Device Identifiers and Personal Information, Demographic Information and Usage Information with our parent, subsidiaries and affiliates. We also reserve the right to disclose and transfer all such information: (i) to a subsequent owner, co-owner or operator of the Site or applicable database; or (ii) in connection with a merger, consolidation, restructuring, the sale of substantially all of our interests and/or assets or other corporate change, including, during the course of any due diligence process.

(e) Sweepstakes, Contests and Promotions. We may offer sweepstakes, contests, and other promotions (any, a “Promotion”) through the Site that may require registration. By participating in a Promotion, you are agreeing to official rules that govern that Promotion, which may contain specific requirements of you, including, allowing the sponsor of the Promotion to use your name, voice and/or likeness in advertising or marketing associated with the Promotion. If you choose to enter a Promotion, Personal Information may be disclosed to third parties or the public in connection with the administration of such Promotion, including, in connection with winner selection, prize fulfillment, and as required by law or permitted by the Promotion’s official rules, such as on a winners list.


4. Your California Privacy Rights

This Section applies to any California residents about whom we have collected personal information from any source, including through your use of our Site or by communicating with us electronically, in paper correspondence, or in person. Any terms defined in the CCPA have the same meaning when used in this Section 4. This Section only applies to non-California residents as may be required by applicable state law in your state of residence.


(a) Categories of Personal Information We Collect. We have collected the following categories of personal information from consumers within the last twelve (12) months:


Category

Examples

Collected

A. Identifiers.

A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, telephone number, account number, name and password, driver’s license number, passport number, state or other government-issued identification card number and/or other similar identifiers.

YES

B. Personal information categories listed in the California Customer Records statute

(Cal. Civ. Code § 1798.80(e)).

A name, signature, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories.

YES

C. Protected classification characteristics

under California or federal law.

Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).

YES

D. Commercial information.

Records of personal property; products or services purchased, obtained, or considered; vehicle identification number (VIN); account balances, payment history, or account activity; bank account information and other information relating to your financial institution; credit application, credit checks, and information from credit reporting agencies; and/or other purchasing or consumer histories or tendencies.

NO

E. Biometric information.

Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, facial scans, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.

NO

F. Internet or other similar network activity.

Cookie identifiers, clear gifs (a.k.a. web beacons/web bugs), browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, clickstream data, device platform, device version, and/or other device characteristics including your choice of settings such as Wi-Fi, Bluetooth, and Global Positioning System (“GPS”).

YES

G. Geolocation data.

GPS data; locational information based upon your IP address; cell network data; and/or other similar locational data; and which may be collected from various devices including your mobile device(s).

YES

H. Sensory data.

Audio, electronic, visual, thermal, olfactory, or similar information, including records of calls to or from our customer service centers; and/or video surveillance information.

YES

I. Professional or employment-related information.

Current or past job history or performance evaluations.

NO

J. Non-public education information

(per the Family Educational Rights & Privacy Act) (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)

Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.

NO

K. Inferences drawn from other personal information.

Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

NO


Personal information does not include:

  • Publicly available information from government records.
  • De-identified or aggregated personal information.
  • Information excluded from the CCPA’s scope, such as:
    • health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data; or
    • personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.


(b) Sources of Collected Personal Information and Purposes of Collection and Disclosure. This section describes the sources we collect personal information from and why we collect and, if applicable, share personal information.


Sources of Personal Information

Categories of Personal Information We Collect

Purposes of Collecting and Sharing Personal Information




You, including via our websites, mobile applications, telephone, text message, postal mail, social media, forums, message boards, chatbot, or other means;

  • Identifiers
  • Financial information
  • Protected Class Information
  • Internet Activity
  • Geolocation Data
  • Professional or employment-related information
  • Inferences


For all of the purposes identified in Section 2 above, including, without limitation:

  • Process transactions and perform services;
  • Market, advertise, and promote products and services;
  • Provide customer service;
  • Research and development;
  • Protect against unauthorized access, security incidents, fraud, and other malicious or illegal activity; and
  • Comply with legal and regulatory obligations.

Service Providers, which includes customer relationship management providers, analytics providers, hosting providers, systems administrators, and communications delivery services

 

  • Identifiers
  • Financial information
  • Protected Class Information
  • Internet Activity
  • Geolocation Data
  • Professional or employment-related information
  • Inferences

For all of the purposes identified in Section 2 above, including, without limitation:

  • Process transactions and perform services;
  • Market, advertise, and promote products and services;
  • Provide customer service;
  • Research and development;
  • Protect against unauthorized access, security incidents, fraud, and other malicious or illegal activity; and
  • Comply with legal and regulatory obligations.

Nonaffiliated companies, with which we have a business relationship, which includes promotional and joint marketing partners

  • Identifiers
  • Financial information
  • Protected Class Information
  • Internet Activity
  • Geolocation Data
  • Professional or employment-related information
  • Inferences


For all of the purposes identified in Section 2 above, including, without limitation:

  • Process transactions and perform services;
  • Market, advertise, and promote products and services;
  • Provide customer service;
  • Research and development;
  • Protect against unauthorized access, security incidents, fraud, and other malicious or illegal activity; and
  • Comply with legal and regulatory obligations.

Other third parties, which includes analytics service providers and other websites and mobile applications, online advertising partners, and other data suppliers;

 

  • Identifiers
  • Financial information
  • Protected Class Information
  • Internet Activity
  • Geolocation Data
  • Professional or employment-related information
  • Inferences


For all of the purposes identified in Section 2 above, including, without limitation:

  • Process transactions and perform services;
  • Market, advertise, and promote products and services;
  • Provide customer service;
  • Research and development;
  • Protect against unauthorized access, security incidents, fraud, and other malicious or illegal activity; and
  • Comply with legal and regulatory obligations.


(c) Categories of Personal Information We May Share and Who We May Share it With. This section describes the categories of personal information we may share, including personal information we have shared in the past twelve (12) months, and the parties we may share it with. We may share your personal information for the purposes described in this Privacy Policy or as otherwise permitted or required by law. We do not sell personal information and have not sold personal information in the past twelve (12) months.

 

Categories of Third Parties with Whom We Share Personal Information

Categories of Personal Information We Share

Service Providers


  • Identifiers
  • Financial information
  • Protected Class Information
  • Internet Activity
  • Geolocation Data
  • Professional or employment-related information
  • Inferences

Advertising and Marketing Companies


  • Identifiers
  • Financial information
  • Protected Class Information
  • Internet Activity
  • Geolocation Data
  • Inferences

Technology Companies

  • Identifiers
  • Financial information
  • Protected Class Information
  • Internet Activity
  • Geolocation Data
  • Professional or employment-related information
  • Inferences

Social Media Companies

  • Identifiers
  • Financial information
  • Protected Class Information
  • Internet Activity
  • Geolocation Data
  • Professional or employment-related information
  • Inferences

Business Partners

  • Identifiers
  • Financial information
  • Protected Class Information
  • Internet Activity
  • Geolocation Data
  • Professional or employment-related information
  • Inferences

Non-Affiliated Companies, with which we have a business relationship such as in connection with the proposed or actual financing, insuring, sale, securitization, assignment, or other disposal of all or part of our business or assets (including accounts) for the purposes of evaluating and performing the proposed transaction

 

  • Identifiers
  • Financial information
  • Protected Class Information
  • Internet Activity
  • Geolocation Data
  • Professional or employment-related information
  • Inferences


(d) Your Privacy Rights. If you are a California resident, subject to certain exceptions set forth under applicable law, you have the following rights under California law with respect to your personal information:

  • Right to Access. You may have the right to request what personal information we collect, use, disclose, and/or sell, as applicable, and request the information be provided to you in a portable format.
  • Right to Delete. You have the right to request the deletion of your personal information that is collected or maintained by us.
  • Right to Opt-Out of Sale. You have the right to request to be opted out from any sales of your personal information by us. This opt-out will not change your preferences with respect to the receipt of marketing and other communications from Dharma. Information about modifying your communication preferences is set forth in Section 9 below.
  • Right to Non-Discrimination. You have the right not to be denied goods or services, charged different prices or rates for goods or services, or receive a differing level of quality of goods or services as a result of exercising the above rights.
  • Right to request information regarding third party direct marketing. We may elect to share information about you with third parties for those third parties’ direct marketing purposes. California Civil Code § 1798.83 permits California residents who have supplied personal information (as defined in the law) to us to, under certain circumstances, request and obtain certain information regarding our disclosure, if any, of personal information to third parties for their direct marketing purposes. If this law applies to you, you may obtain the categories of personal information shared by us and the names and addresses of all third parties that received personal information for their direct marketing purposes from us during the immediately prior calendar year (e.g., requests made in 2020 will receive information about 2019 sharing activities). To make such a request, please provide sufficient information for us to determine if this applies to you, attest to the fact that you are a California resident and provide a current California address for our response. To make such a request (limit one request per year), please send an email to: [email protected] with “California Privacy Rights” as the subject line or mail us a letter to: Dharma Studio LLC, 1321 Sunset Blvd. Los Angeles, CA (Attn: Privacy). You must include your full name, email address, and postal address in your request.


The rights described above do not apply to certain categories of personal information. The personal information excluded from coverage under the CCPA includes, among other things:

  • Personal information we collect from or about you when you apply for or obtain a product or service for personal, family or household purposes;
  • Personal information about communications or transactions with you when you are acting on behalf of a Dharma or government agency to do business with us; and
  • Personal information sold or bought from a consumer reporting agency for use in a consumer report in compliance with applicable law.


(e) Exercising Your Rights. If you are a California resident and wish to seek to exercise any of the rights in above, please reach us in one (1) of the following ways:

Email: [email protected]

You may also authorize someone to exercise the above rights on your behalf provided we can verify that individual is authorized to act on your behalf. If we have collected information on your minor child, you may exercise the above rights on behalf of your minor child. The above rights are subject to our being able to reasonably verify your identity and authority to make these requests. These rights are also subject to various exclusions and exceptions under applicable laws. You may only make a verifiable consumer request for access or data portability twice within a twelve (12)-month period. The verifiable consumer request must:

  • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.


We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. Making a verifiable consumer request does not require you to create an account with us. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request. If you are a customer, you may verify your identity through account login. If you are not a customer, you may verify your identity by submitting certain non-sensitive identifiers. To help protect the security of your personal information, we may use a third-party service provider to verify your information, which may include receiving a one-time password via text message. By submitting your mobile phone number for identity verification, you consent to receiving text messages for this purpose. If you are an authorized agent, you may verify your own identity by submitting certain non-sensitive identifiers. To help protect the security of your personal information and the personal information you are requesting, we may use a third-party service provider to verify your information, which may include receiving a one-time password via text message. By submitting your mobile phone number for identity verification, you consent to receiving text messages for this purpose. As an authorized agent, you also may be required to submit a legally sufficient Power of Attorney appointing you to act on behalf of the owner of the personal information you are requesting. Once we receive and confirm your verifiable consumer request, we will disclose to you:

  • The categories of personal information we collected about you.
  • The categories of sources for the personal information we collected about you.
  • Our business or commercial purpose for collecting or selling that personal information.
  • The categories of third parties with whom we share that personal information.
  • The specific pieces of personal information we collected about you (also called a data portability request).
  • If we sold or disclosed your personal information for a business purpose, two separate lists disclosing:
    • sales, identifying the personal information categories that each category of recipient purchased; and
    • disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.


We will not provide financial account numbers, account passwords or security questions and answers, or other specific pieces of personal information if the disclosure presents an unreasonable risk to the security of personal information, customer accounts or our systems and network security.

We may deny your deletion request if retaining the personal information is necessary for us or our service providers to:

  • Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
  • Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
  • Debug products to identify and repair errors that impair existing intended functionality.
  • Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
  • Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.).
  • Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
  • Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
  • Comply with a legal obligation.
  • Make other internal and lawful uses of that information that are compatible with the context in which you provided it.


We endeavor to respond to a verifiable consumer request within forty-five (45) days of receipt. If we require more time (up to ninety (90) days), we will inform you of the reason and extension period in writing. If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option. Any disclosures we provide will only cover the twelve (12)-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

(f) Non-Discrimination. We will not discriminate against you for exercising any of your rights. Unless permitted under applicable law, we will not:

  • Deny you goods or services.
  • Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
  • Provide you a different level or quality of goods or services.
  • Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.


5. Your Nevada Privacy Rights

While we don’t sell your personal information now as defined by Nevada law, Dharma reserves the right to sell personal information to third parties in the future. Nevada S.B.220 allows Nevada residents to opt-out of the sale of their personal information now in the event if we change our policy in the future. If you are a Nevada resident we want you to know that you have choices and can opt-out of Dharma selling your personal information by contacting us at [email protected]om. This may prevent or restrict your use of the Site in the future.

6. Ads and Information About You

Data about your activities online is being collected on our Site for use in providing advertising tailored to your individual interests. We may use third parties such as network advertisers and ad exchanges to serve advertisements across the Internet and may use third party analytics service providers to evaluate and provide us and/or third parties with information about the use of these ads on third party websites and viewing of ads and of our content. Third parties may offer you a choice as to whether or not to have your information collected for that purpose. This section of the privacy policy provides details and explains how to exercise that choice.

You may see certain ads on our Site as well as on other third-party websites across the Internet because we participate in advertising networks administered by third parties. These networks track your online activities over time and across third party websites by collecting information through automated means, including through the use of the tracking technologies described elsewhere in this Privacy Policy, and they use this information to show you advertisements (including our ads) that are tailored to your individual interests. The information they collect includes information about your visits to our Site, such as the pages you have viewed. These third-party tracking technologies may be set to, among other things: (a) help deliver advertisements to you that you might be interested in; (b) prevent you from seeing the same advertisements too many times; and (c) understand the usefulness to you of the advertisements that have been delivered to you. You acknowledge and agree that associated technology may access and use your device and may set or change settings on your device in connection with the associated operations. Note that any images (or any other parts of content) served by third parties in association with third-party ads or other content may act as web beacons, which enable third parties to carry out the previously described activities.

This collection and ad targeting takes place both on our Site and on third-party websites that participate in the ad network, such as websites that feature advertisements delivered by the ad network. This process also helps us track the effectiveness of our marketing efforts. We and third-party vendors, including Google, use first-party cookies (such as the Google Analytics cookie) and third-party cookies (such as a Google Ads cookie) together to report how your ad impressions, other uses of ad services, and interactions with these ad impressions and ad services are related to visits to our Site. To learn more about how to opt out of Google’s use of cookies, visit the Google’s Ads Settings, at https://adssettings.google.com. To learn more about how to opt out of use of the Google Analytics cookies, visit the opt-out page at: https://tools.google.com/dlpage/gaoptout 

Third-party tracking technologies are not controlled by us, even if they use our technology to help store or collect data. Statements regarding our practices do not apply to the methods for collecting information used by these third-party advertisers and others or the use of the information that such third parties collect. We do however work with third parties to make efforts to provide you with information on their practices and any available opportunity to exercise choice. The relevant third party’s terms of service, privacy policy, permissions, notices and choices should be reviewed regarding their collection, storage and sharing practices. We make no representations regarding the policies or practices of third-party advertisers or advertising networks or exchanges or related third parties. Further, while we may use a variety of companies to serve advertisements on the website, you may wish to visit http://www.networkadvertising.org/choices, which provides information regarding this practice by Network Advertising Initiative (“NAI”) members, and your choices regarding having this information used by these companies, including the “opt-out” procedures of NAI members. Opting out of one or more NAI members only means that those NAI members no longer will be allowed under their own rules to deliver targeted content and/or ads to you, which will affect this and other sites, but does not mean you will no longer receive any targeted content and/or ads. Also, if your browsers are configured to reject cookies when you visit this opt-out page, or you subsequently erase your cookies, use a different device or change web browsers, your NAI opt-out may not, or may no longer, be effective. Additional information is available on the NAI’s website accessible by the above link. You may also be able to opt-out of receiving third-party behavioral ads by visiting the Digital Advertising Alliance (“DAA”) website at http://www.aboutads.info/choices. Similar limitations may apply to the DAA opt-out. We are not responsible for effectiveness of or compliance with any third-parties’ opt-out options.

7. What About Information I Disclose Publicly?

(a) User Content and Public Information. The Site may permit you to share or otherwise submit ideas, photographs, user profiles, writings, music, video, audio recordings, computer graphics, pictures, data, information about your location, questions, comments, suggestions or other content including Personal Information (collectively, “User Content”). We or others may store, display, reproduce, publish, distribute or otherwise use User Content online or offline in any media or format (currently existing or hereafter developed) and may or may not attribute it to you. Others may have access to this User Content and may have the ability to share it with third parties. Please think carefully before deciding what information you share, including Personal Information, in connection with your User Content. Please note that Dharma does not control who will have access to the information that you choose to make public, and cannot ensure that parties who have access to such publicly available information will respect your privacy or keep it secure. We are not responsible for the privacy or security of any information that you make publicly available on the Site or what others do with information you share with them on the Site. We are not responsible for the accuracy, use or misuse of any User Content that you disclose or receive from third parties through the Site.

(b) Name and Likeness. We may also publish your name, voice, likeness and other Personal Information that is part of your User Content, and we may use the content, or any portion of the content, for advertising, marketing, publicity and promotional activities. For full terms and conditions regarding User Content you submit to the Site, please review our Site’s Terms of Service.

(c) User Testimonials. We often receive testimonials and comments from users who have had positive experiences with our products and services. We occasionally publish such content. When we publish this content, we may identify our users by their social media account usernames and publish their social media account profile pictures.

8. Do Third-Party Content, Links to Third-Party Sites and/or Third-Party Apps Appear on the Site?

The Site may contain content, links or apps that are supplied by a third party, and those third parties may collect Usage Information and your Device Identifier when pages from the Site are served to you for their own commercial purposes. In addition, when you are on the Site you may be directed to other sites and apps that are operated and controlled by third parties that we do not control. We are not responsible for the data collection and privacy practices employed by any of these third parties or their sites or apps and they may be tracking you across multiple online services and may be sharing the results of that tracking with us and/or others. These third parties may have their own terms of service, privacy policies or other policies and ask you to agree to the same. For example, if you “click” on a link, the “click” may take you off the Site onto a different location. These other online services may associate their Tracking Technologies with you, independently collect information about you, including Personal Information, and may or may not have their own published privacy policies. We are not responsible for these third-party privacy policies or the practices of Third-Party Owners. Be sure to review any available policies before submitting any personally identifiable information to a third-party application or otherwise interacting with it and exercise caution in connection with these applications. We also encourage you to note when you leave our Site and to review the third-party privacy policies of all third-party locations and exercise caution in connection with them.

9. How Do I Change My Information and Communications Preferences?

You are responsible for maintaining the accuracy of the information you submit to us, such as your contact information provided as part of registration. The Site may allow you to review, correct or update Personal Information you have provided through the Site’s account functionality, and you may provide updates and changes by contacting us via email at [email protected]. If so, we will make good faith efforts to make requested changes in our then active databases as soon as reasonably practicable (but we may retain prior information as business records). Please note that it is not always possible to completely remove or delete all of your information from our databases and that residual data may remain on backup media or for other reasons.

You may cancel or modify our email marketing communications you receive from us by following the instructions contained within our promotional emails or in some cases by logging into your Site account and changing your communication preferences. This will not affect subsequent subscriptions and if your opt-out is limited to certain types of emails the opt-out will be so limited. Subsequent or different subscriptions will be unaffected. Please note that we reserve the right to send you certain communications relating to your account or use of our Site, such as administrative and Site announcements and these transactional account messages may be unaffected if you choose to opt-out from receiving our marketing communications.

If you have any questions or concerns about our Privacy Policy or our data collection or processing practices, or if you want to report any suspected security violations to us, please contact us via email at [email protected]

10. What About Transfer of Information to the United States?

Our Site is operated in the United States and intended for users located in the United States. If you are located outside of the United States, please be aware that information we collect, including Personal Information, will be transferred to, and processed, stored and used in the United States. The data protection laws in the United States may differ from those of the country in which you are located, and your Personal Information may be subject to access requests from governments, courts, or law enforcement in the United States according to laws of the United States. By using the Site or providing us with any information, you consent to the transfer to, and processing, usage, sharing and storage of your information, including Personal Information, in the United States as set forth in this Privacy Policy; provided, however, if you are located or a resident of the EU, please review Section 14 below as we process your data consistent with the requirements of the GDPR (defined below) or if you are a resident of Canada please review Section 15 below as we process your data consistent with the requirements of the Personal Information Protection and Electronic Documents Act (“PIPEDA”).

11. What Should Parents Know About Children?

The Site is a general audience web site and we do not knowingly collect any personal information from children younger than the age of thirteen (13) as required by U.S. law. We will delete any personal information collected that we later determine to be from a user younger than the age of thirteen (13). If you are a parent or guardian of a child under the age of thirteen (13) and believe he or she has disclosed personal information to us, please contact us via email at [email protected].

12. What About Security?

We endeavor to incorporate commercially reasonable safeguards to help protect and secure your Personal Information. However, no data transmission over the Internet, mobile networks, wireless transmission or electronic storage of information can be guaranteed to be 100% secure. Please note that we cannot ensure the security of any information you transmit to us, and you use our Site and provide us with your information at your own risk.

13. What About Changes to the Privacy Policy?

We reserve the right to change this Privacy Policy at any time without notice to you. Any changes will be effective immediately upon the posting of the revised Privacy Policy and your use of our Site indicates your consent to the privacy policy posted at the time of use. However, we will not use your previously collected Personal Information in a manner materially different than indicated at the time it was collected without your consent. To the extent any provision of this Privacy Policy is found by a competent tribunal to be invalid or unenforceable, such provision shall be severed to the extent necessary for the remainder to be valid and enforceable.

14. Supplemental Privacy Notice for Residents of the EU and EEA

This Supplemental Privacy Notice provides additional information on how we process personal data (as such term is defined by the GDPR) that we collect or receive from residents of the EU and EEA and provides information as relates to EU users’ rights, and Dharma’ responsibilities, under the EU General Data Protection Regulation (“GDPR”).

(a) Data Controller and Local Representative. Dharma is the data controller of your personal data and we are based in the United States and located at Dharma Studio, LLC, 1321 Sunset Blvd, Los Angeles CA 90026 (Attn: Privacy). If you are located or a resident of the EU and believe that your data protection rights under the GDPR have been infringed, please contact our Data Protection Officer who can be reached at [email protected]. If you feel that your request or concern has not been satisfactorily resolved by us, you may also contact your local data protection authority, see: https://ec.europa.eu/info/law/law-topic/data-protection/reform/what-are-data-protection-authorities-dpas_en.

(b) Legal Basis for Processing EU personal data. Dharma may processes the personal data of EU users based on one (1) or more of the legal bases below:

  • Legitimate Interest. We may process your personal data as required to pursue our legitimate business interests, provided our legitimate interests are not overridden by your rights and interests. For example, we may process your personal data, to manage, develop and improve our products and services; support our customers and sales operations; protect our staff and assets; communicate information that supplements our products and services and ensure compliance with laws and regulations.
  • Performance of an agreement. We may process your personal data to enter into agreements with you or to fulfill our obligations under agreements with you or your organization. This may include delivering and managing our products and services or allowing customers to use our products, services and supporting tools.
  • Legal obligation. We may process your personal data to comply with applicable laws and regulations, establish or exercise our legal rights. For example, in connection with legal claims, compliance, regulatory and investigative purposes.
  • Consent. In some instances, we may process your personal data based on your consent. This is most common where we cannot rely on an alternative legal basis or we are required by law to ask for your consent in the context of some of our sales and marketing activities, online data collection tools, or surveys. Where the processing of your personal data by us, is based on consent, you have the right to withdraw that consent without detriment at any time by contacting us at [email protected].


(c) Data Retention Period. We retain transaction data and other personal data for a period of time that is necessary to fulfill a legitimate business purpose and deleting or de-identifying the information thereafter, except where longer retention periods are required by law. We retain unsubscribe requests permanently to comply with our obligation to refrain from sending marketing emails after receipt of an opt-out request.


(e) Your Rights under the GDPR. You have the following rights under certain circumstances:

  • Request access or copies of the personal data Dharma processes about you;
  • Correct or rectify your personal data, if inaccurate or incomplete;
  • Delete your personal data, unless an exception applies. For example, we may need to keep your personal data to comply with our legal obligations;
  • Restrict the processing of your personal data, in certain circumstances. For example, if you contest the accuracy of your personal data, you may request that we restrict the processing of your personal data for the time it takes us to verify the accuracy of the data;
  • Data portability, in certain circumstances. In order to deliver our products and services, however, we cannot transmit your personal data to another organization; and
  • Object to processing of your personal data, in certain circumstances. For example, you may object to direct marketing including the use of your personal data for direct marketing profiling or where we process your personal data because we have legitimate interest in doing so.


These rights may be limited in some situations where we can demonstrate that Dharma has a legal obligation or legitimate interest to process your personal data.

To exercise your rights explained above, please contact us by email with the details of your request..

15. Supplemental Privacy Notice For Residents of Canada

This Supplemental Privacy Notice provides additional or modifying information on how we manage personal data (as such term defined by PIEPDA) that we receive from residents of Canada. These rights may be limited in some circumstances by local law requirements.

(a) Data Retention Period. We will keep your personal data only as long as is reasonably necessary for the purposes described in this Privacy Policy or such longer period as may be required by applicable law. Personal data may be accessed by persons within our organization, or our third party service providers, and other third parties described in this privacy policy, who require such access to carry out the purposes described in this privacy policy, and such other purposes as permitted or required by applicable law. We will keep your personal data only as long as is reasonably necessary for the purposes described in this Privacy Policy or such longer period as may be required by applicable law. Personal data may be accessed by persons within our organization, or our third party service providers, and other third parties described in this privacy policy, who require such access to carry out the purposes described in this privacy policy, and such other purposes as permitted or required by applicable law.

(b) Right to Withdraw Consent. We would like your consent to collect, use and share your personal data for the purposes and in the manner described herein, including in order to contact you and provide you with promotional communications. Nonetheless, we want you to know that you have choices and can refuse or withdraw your consent. In the event that you have already consented to the collection, use and/or disclosure of your personal data, you may subsequently “opt out” at any time, subject to legal or contractual restrictions and reasonable notice, by contacting our Privacy Officer at [email protected] Our Privacy Officer will also be able to provide you with more information regarding the implications of withdrawing consent. You may also choose to limit how we use your personal data by not allowing us to share such information with third parties by e-mailing us at [email protected]. This may prevent or restrict your use of the Service.

(c) Access to or Change Personal Data. You have a right to request access to your personal data and to request a correction to it if you believe it is inaccurate. If you have submitted personal data to us and would like to have access to it, or if you would like to have it removed or corrected, please contact us using the contact information provided below. We may require you to verify your identity before we allow you to access your personal data. Please note that, in some cases we may not be able to allow you to access certain personal data in certain circumstances, for example if it contains personal data of other persons, or for legal reasons. In such cases, we will provide you with a reasonable explanation of why it is not possible to grant access to your personal data. We reserve the right not to change personal data if we disagree that it is incorrect, but we will append your requested alternative information. You are entitled to request access to, and, if necessary, correct your personal data collected by us. In order to make such a request, please contact our Privacy Officer in writing at [email protected]. You can also contact our Privacy Officer for any questions about or to make any complaint in relation to the Privacy Policy, as well as to Dharma’ privacy practices in general.


(d) Additional Information. For residents of Canada, you may only use send-to-a-friend functionality to send an invitation to people with whom you have had direct voluntary two way communications, and with whom it is reasonable to conclude you have a personal relationship considering shared interests, experiences, opinions and other relevant factors, or who are family members to whom you are related by marriage, a common-law partnership, or parent-child relationship.


(e) Contact Us. We have appointed the Label Manager as our Privacy Officer. The Privacy Officer is accountable for our compliance with the principles of applicable legislation and this Privacy Policy. All requests to exercise your rights, or inquiries about your personal data should be made to the Privacy Team at [email protected].