FAQsGeneralblu ® Device and Pods Flavorsblu® Disposablesblu PLUS+® DevicesbluNation® REWARDSE-cig ChargersMy AccountOrderingOur PoliciesReturns & RefundsShipping, Autoship & DeliveryTroubleshootingRegulation
Effective Date: January 1, 2021.
Your California Privacy Rights
A. Active Information Collection. blu, and/or its Service Providers (defined below), may collect information you provide directly to blu and/or its Service Providers via the Service. For example, blu collects information when you use or register for the Service, fill out and submit forms, subscribe to notifications, post on the Service, participate in promotional activities (e.g., blu coupons, blu deals, sweepstakes entries, blu loyalty programs– including the bluNation Loyalty Program, etc., or communicate or transact through the Service. In addition, when you interact with Third-Party Services (defined below), you may be able to provide information to those third parties. For more information on Third-Party Services’ data collection and practices see Section 6. For more information on Service Provider data collection and practices see Section 3.
We strive to maintain accurate information on the adult consumers on our Marketing List through consumer surveys, adult consumer-initiated contacts, and responses to our marketing programs (online and offline), as well as through address update services.
B. Passive Information Collection. ITGB, its Service Providers, and/or Third-Party Services may also automatically collect certain information about you when you access or use the Service (“Usage Information”). Usage Information may include IP address (“Unique Identifier”), device identifier, browser type, operating system, information about your use of the Service, data regarding network connected hardware (e.g., computer or mobile device), the domain name of the website that allowed you to navigate to the Service, search engines used, the length of time spent on the Service, the pages you looked at on the Service, the address (or “URL”) of the websites you visited before and after visiting the Service, the frequency of your visits to the Service, and certain other available information. An IP address is a number that is automatically assigned to your computer whenever you access the Internet, which our web servers use to identify where to send the information about your computer requests. When you request pages from the Website, our servers log your IP address as well as information about your activities on those pages. Except to the extent required by applicable law, or to the extent Usage Information is combined by or on behalf of ITGB with ITGB-Collected PII, ITGB does not consider Usage Information (including, without limitation, unique device identifiers) to be Personally Identifiable Information or ITGB-Collected PII. For more information on Third-Party Services’ data collection and practices see Section 6. For more information on Service Provider data collection and practices see Section 3. For information on choices some of these third parties may offer you regarding automated data collection see Section 11.
To collect this Usage Information, the Service and any e-mails sent to you by the Service may utilize the following:
o Log Information. Log information is data about your use of the Service, such as IP address, browser type, Internet service provider, referring/exit pages, operating system, date/time stamps, mobile device and mobile operating system, mobile carrier, cookies that identify your browser, and related data, and may be stored in log files.
o Location Information. The Service may include links in a format that enables us to keep track of the IP addresses from which these links have been followed. You further consent to our collection and use this information to improve the quality of our Services, product(s), coupons, promotional offers, and business operations.
o Information Collected by Cookies and Other Tracking Technologies. Cookies, web beacons (also known as “tracking pixels”), embedded scripts, location-identifying technologies, device recognition technologies, device and activity monitoring, and other tracking technologies now and hereafter devised (“Tracking Technologies”) may be used to collect information about interactions with the Service or e-mails, including information about your browsing and purchasing behavior.
o Cookies. A cookie is a small data file that is placed on a device when it is used to visit the Service, which may include session ID cookies or tracking cookies. Session cookies make it easier for you to navigate the Service and expire when you close your browser. Tracking cookies remain longer and help in understanding how you use the Service and enhance your user experience. Cookies may remain on your hard drive for an extended period of time. If you use your browser’s method of blocking or removing cookies, some but not all types of cookies may be deleted and/or blocked and as a result some features, and functionalities of the Service may not work. A Flash cookie (or locally shared object) is a data file which may be placed on a device via the Adobe Flash plug-in that may be built-in to or downloaded by you to your device. HTML5 cookies can be programmed through HTML5 local storage. Flash cookies and HTML5 cookies are locally stored on your device other than in the browser and browser settings won’t control them. To identify certain types of local shared objects on your device and adjust your settings, please visit here. The Service may associate some or all of these types of cookies with your devices.
o Web Beacons (“Tracking Pixels”). Web beacons are small graphic images or other web programming (also known as “1x1 GIFs” or “clear GIFs,” “Pixel Tags,” or “Web Bugs”) may also be included in our Website’s pages and messages. Web beacons may be used, without limitation, to count the number of visitors to the Service, to monitor how users navigate the Service, and to count content views.
o Embedded Scripts. An embedded script is programming code designed to collect information about your interactions with the Service. It is temporarily downloaded onto your computer from ITGB’s web server, or from a third party with which ITGB works, and is active only while you are connected to the Service and deleted or deactivated thereafter.
o Location-identifying Technologies. Geo-filtering and other location-aware technologies locate you, or make assumptions about your location, for purposes such as verifying your location and delivering or restricting content, including third-party ads, based on your location. Our store finder feature may access and use information about your device location (such as based on IP address or GPS, as applicable), or your account information, to suggest appropriate store locations. Our Service content may be personalized based on various information we may have about you to try to provide you with more location-relevant content.
o Device Recognition Technologies. Technologies, including application of statistical probability to data sets, as well as linking a common unique identifier to different device use, which attempt to recognize or make assumptions about users and devices (e.g., that a user of multiple devices is the same user or household) (“Cross-device Data”).
o Device and Activity Monitoring. Technologies that monitor, and may record, certain of your interactions with the Service, and/or collect and analyze information from your device, such as, without limitation, your operating system, plug-ins, system fonts, and other data, for purposes such as identification, security, fraud prevention, troubleshooting, tracking, and/or improving the Services and customizing or optimizing your experience on the Services.
Some information about your use of the Service and certain third-party services may be collected using Tracking Technologies across time and services and used by ITGB and third parties for purposes such as to associate different devices you use and deliver relevant ads and/or other content to you on the Service and certain third-party services. See Section 11 regarding certain choices regarding these activities.
ITGB is giving you notice of the Tracking Technologies and your choices regarding them explained in Section 11 so that your consent to encountering them is meaningfully informed.
E. EEOC / Affirmative Action Reporting. In conjunction with laws and regulations enforced by the Equal Employment Opportunity Commission (“EEOC”), the Office of Federal Contract Compliance Programs (“OFCCP”) and similar state and local regulatory agencies, we may ask you to provide us with self-identifying information (such as veteran status, gender, and ethnicity). Providing such self-identifying information is voluntary, but if you do provide us with such information, we may submit that information to the EEOC, the OFCCP and similar state and local regulatory agencies or otherwise use or disclose it for business-related purposes, including, without limitation, responding to information requests, fulfilling regulatory reporting requirements and defending against employment related complaints.
F. Youth Access Prevention. We are a general audience service, restricted to adults twenty-one (21) years-of-age or older. Please see Section 9 below for more information regarding Age Restrictions and data collection.
• Allow you to participate in the features we offer on the Service;
• Facilitate, manage, personalize, and improve your online experience;
• Transact with you, provide services or information you request, respond to your comments, questions and requests, serve you content and/or advertising, and send you notices;
• Contact you, whether by email, postal mail, or telephone with information about this Service, our products, or our services, including exclusive blu special offers and information about sales, promotions, coupons, new releases, and other relevant information (e.g., blu coupons, blu deals, sweepstakes entries, blu loyalty programs – including the bluNation Loyalty Program, etc.);
• Auditing, research, and analysis to maintain and improve the Service and for any other internal business purposes;
• Tailor our content, advertisements, and blu offers;
• Develop new products and services;
• Fulfill other purposes disclosed at the time you provide Personally Identifiable Information or otherwise where we are legally permitted or are required to do so;
• Determine your location and manage digital content rights (e.g., territory restrictions); and
• Prevent and address fraud, breach of policies or terms, and threats or harm.
We do not share your Personal Information with third parties for those third parties’ (other than our affiliates) for such third parties’ own direct marketing purposes without your consent. blu may share non-Personally Identifiable Information, and Personally Identifiable Information that is not deemed blu-Collected PII hereunder (provided that blu is aware of no restrictions on blu’s use, if any), with third parties or for any purpose. Without limiting the generality of the foregoing, we and third parties may convert your Personally Identifiable Information, including blu-Collected PII, to non-Personally Identifiable Information, including without limitation through hashing it or substituting a unique identifier for the Personally Identifiable Information and we and third parties may use and share that data as permitted by applicable law, including to match data attributes to and from other sources. Any such third-party activities are subject to their privacy policies and practices. blu’s sharing of blu-Collected PII is, however, subject to the following:
• Marketing: Subject to your communications choices explained in Section 11.D, and the rights of California residents explained here, we may use your Personally Identifiable Information to send you marketing communications. Absent your consent (which may be by means of opt-in, your election not to opt-out, or a third-party interaction described in the next bullet point), however, we will not share your blu-Collected PII with third parties (other than our affiliates) for their own direct marketing purposes, except in connection with Corporate Transactions (defined below).
• Your Disclosure or Consent: As more fully described in Section 5 (Information You Disclose Publicly or to Others) and Section 6 (Third-Party Content, Third-Party Services, Social Features, Advertising, and Analytics), your activities on the Service may, by their nature, result in the sharing of your blu-collected Personally Identifiable Information (as well as your other Personally Identifiable Information and your non-Personally Identifiable Information) with third parties and by engaging in these activities you consent to that and further sharing and disclosure to third parties. Such third-party data receipt and collection is subject to the privacy and business practices of that third party, not blu.
• blu’s agents, vendors, consultants, and other service providers (collectively “Service Providers”) may receive, or be given access to, your information, including, without limitation, Personally Identifiable Information, Demographic Information, and Usage Information, in connection with their work on blu’s behalf, provided however, blu does not authorize its Service Providers to use blu-Collected PII provided by blu to the Service Providers to send you direct marketing messages other than related to blu and blu Affiliates absent your consent. For more information on choices Service Providers may offer you see Section 11.
• To comply with the law, law enforcement or other legal process, and, where permitted, in response to a government request; and
In addition, blu may share your blu-Collected Personally Identifiable Information (as well as your other Personally Identifiable Information and your non-Personally Identifiable Information), in connection with or during negotiations of any proposed or actual financing of our business, or merger, purchase, sale, joint venture, or any other type of acquisition or business combination of all or any portion of blu assets, or transfer of all or a portion of blu’s business to another company, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding (“Corporate Transactions”).
Additionally, the Service may offer you the option to send a communication to a friend or other contact. If so, blu relies on you to only send to people that have given you permission to do so. The recipient’s Personally Identifiable Information you provide (e.g., name, e-mail address) will be used to facilitate the communication, but not used by blu for any other marketing purpose unless blu obtains consent from that person. Your contact information and message may be included in the communication.
The Service may include hyperlinks to, or include on or in connection with, the Service (e.g., plug-ins, application programming interfaces (“API(s)”), and software development kits (“SDK(s)”)), websites, locations, platforms, applications or services operated by third parties (“Third-Party Service(s)”). These Third-Party Services may use their own cookies, web beacons, and other Tracking Technology to independently collect information about you and may solicit Personally Identifiable Information from you.
Certain functionalities on the Service permit interactions that you initiate between the Service and certain Third-Party Services, such as third-party social networks (“Social Features”). Examples of Social Features include: enabling you to send content such as contacts and photos between the Service and a Third-Party Service; “liking” or “sharing” blu’s content; logging in to the Service using your Third-Party Service account (e.g., using Facebook Connect to sign-in to the Service); and to otherwise connect the Service to a Third-Party Service (e.g., to pull or push information to or from the Service). If you use Social Features, and potentially other Third-Party Services, information you post or provide access to may be publicly displayed on the Service (see Section 5) or by the Third-Party Service that you use. Similarly, if you post information on a Third-Party Service that references the Service (e.g., by using a hashtag associated with blu in a tweet or status update), your post may be used on or in connection with the Service or otherwise by blu and blu Parties / Affiliates. Also, both blu and the third party may have access to certain information about you and your use of the Service and any Third-Party Service.
ITGB takes reasonable measures to protect blu-Collected PII (excluding public UGC) from loss, theft, misuse and unauthorized access, disclosure, alteration, and destruction. Nevertheless, transmission via the Internet and online digital storage are not completely secure and blu does not guarantee the security of your information collected through the Service.
The Service is intended for adults not less than 21 years-of-age. If you are under 21 years-of-age, you are not permitted to use the Website and should not send any information about yourself to us through the Website, except to the extent that access to the Website based on age verification. blu does not intend to collect or knowingly collect personal information as defined by the U.S. Children’s Online Privacy Protection Act (“COPPA”) (“COPPA Personal Information”) in a manner that is not permitted by COPPA, and would collect such information, if at all, only in associated with blu’s age-related access restrictions. If we obtain knowledge that we have collected COPPA Personal Information in a manner not permitted by COPPA, we will dispose of that information, or otherwise threat it, in accordance with COPPA and other applicable laws and regulations. If you are a parent or guardian and you believe that your child under the age of thirteen (13) has provided us with personal information, please contact us at Privacy@itgbrands.com.
blu may provide web pages or other mechanisms allowing you to delete, correct, or update some of the blu-Collected PII, and potentially certain other information about you (e.g., profile and account information). blu will make good faith efforts to make requested changes in blu’s then-active databases as soon as practicable, but it is not always possible to completely change, remove or delete all of your information or public postings from blu’s databases (California minors see Section 9) and residual and/or cached data may remain archived thereafter.Further, we reserve the right to retain data (a) as required by applicable law; and (b) for so long as reasonably necessary to fulfill the purposes for which the data is retained except to the extent prohibited by applicable law.
A. Tracking Technologies Generally. Regular cookies may generally be disabled or removed by tools available as part of most commercial browsers, and in some instances blocked in the future by selecting certain settings. Browsers offer different functionalities and options, so you may need to set them separately. Also, tools from commercial browsers may not be effective with regard to Flash cookies (also known as locally shared objects), HTML5 cookies, or other Tracking Technologies. For information on disabling Flash cookies, go to Adobe’s website. On our consumer-facing websites we also offer a cookie preference tool that gives you the ability to make certain choices regarding cookies. Please be aware that if you disable or remove these technologies, some parts of the Service may not work and that when you revisit the Service your ability to limit browser-based Tracking Technologies is subject to your browser settings and limitations.
Your browser settings may allow you to automatically transmit a “Do Not Track” signal to online services you visit. Note, however, there is no consensus among industry participants as to what “Do Not Track” means in this context. Like many online services, blu currently does not alter blu’s practices when blu receives a “Do Not Track” signal from a visitor’s browser. To find out more about “Do Not Track,” you can visit http://www.allaboutdnt.com, but blu is not responsible for the completeness or accuracy of this third-party information. Some third parties, however, may offer you choices regarding their Tracking Technologies. One way to potentially identify cookies on our web site is to add the free Ghostery plug-in to your browser (www.ghostery.com), which according to Ghostery will display for you traditional, browser-based cookies associated with the web sites (but not mobile apps) you visit and privacy and opt-out policies and options of the parties operating those cookies. blu is not responsible for the completeness or accuracy of this tool or third-party choice notices or mechanisms. For specific information on some of the choice options offered by third party analytics and advertising providers, see the next section.
You may choose whether to receive some Interest-based Advertising by submitting opt-outs. Some of the advertisers and Service Providers that perform advertising-related services for us and third parties may participate in the Digital Advertising Alliance’s (“DAA”) Self-Regulatory Program for Online Behavioral Advertising. To learn more about how you can exercise certain choices regarding Interest-based Advertising, including use of Cross-device Data for serving ads, visit http://www.aboutads.info/choices/ and http://www.aboutads.info/appchoices for information on the DAA’s opt-out program specifically for mobile apps (including use of precise location for third party ads). Some of these companies may also be members of the Network Advertising Initiative (“NAI”). To learn more about the NAI and your opt-out options for their members, see http://www.networkadvertising.org/choices/. Please be aware that, even if you are able to opt out of certain kinds of Interest-based Advertising, you may continue to receive other types of ads. Opting out only means that those selected members should no longer deliver certain Interest-based Advertising to you but does not mean you will no longer receive any targeted content and/or ads (e.g., from other ad networks). Also, if your browsers are configured to reject cookies when you visit these opt-out webpages, or you subsequently erase your cookies, use a different device or web browser or use a non-browser-based method of access (e.g., mobile app), your NAI / DAA browser-based opt-out may not, or may no longer, be effective. blu supports the ad industry’s Self-regulatory Principles for Online Behavioral Advertising and expects that ad networks blu directly engages to serve you Interest-based Advertising will do so as well, though blu cannot guarantee their compliance. blu is not responsible for the effectiveness of, or compliance with, any third-parties’ opt-out options or programs or the accuracy of their statements regarding their programs.
C. Communications. You can opt out of receiving certain promotional communications (emails or text messaging) from blu at any time by (i) for promotional e-mails, following the instructions provided in emails to click on the unsubscribe link, or if available by changing your communication preferences by logging onto your account; and (ii) for text messages, following the instructions provided in text messages from blu to text the word, “STOP”. Please note that your opt-out is limited to the e-mail address or phone number used and will not affect subsequent subscriptions. If you opt-out of only certain communications, other subscription communications may continue. Even if you opt out of receiving promotional communications, blu may, subject to applicable law, continue to send you non-promotional communications, such as those about your account, transactions, servicing, or blu’s ongoing business relations.
D. Cross-Device Data. To learn more about how you can exercise certain choices regarding Cross-device data for Interest-based Advertising, see the prior section regarding the DAA’s Interest-based Advertising choices.
F. Connecticut Privacy Notice. Connecticut law requires any person or entity that collects Social Security numbers from Connecticut residents in the course of business to create a privacy protection policy and to publish or display it publicly. It is our policy to protect the confidentiality of any Social Security numbers in our possession from misuse and improper disclosure by maintaining and enforcing policies and physical and electronic safeguards against misuse and improper disclosure. Unlawful disclosure of Social Security numbers is prohibited, and access to them is limited to personnel who need access to such information in order to perform their job functions.
G. Your California Privacy Rights. California residents can learn more about their privacy rights here.
H. Your GDPR Rights. Unless subject to an exemption under the GDPR, if your personal data is subject to the GDPR, you have the following rights with respect to your personal data: The right to request a copy of your personal data which the blu holds about you; The right to request that the blu correct any personal data if it is found to be inaccurate or out of date; The right to request your personal data be erased where it is no longer necessary for blu to retain such data; The right to withdraw your consent to the processing at any time of personal data to which you provided consent for processing; The right to request that blu provide you with a copy of your personal data and where possible, to transmit that data directly to another data controller (known as the right to data portability); The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction be placed on further processing; The right to object to the processing of personal data (where applicable); and The right to lodge a complaint with a data supervisory authority.
I. Transfer of Data Abroad. If your personal data is subject to the GDPR, blu will transfer personal data from the European Economic Area (EEA) to a location outside the EEA only when there has been a documented adequacy determination, or where blu has confirmed adequate privacy protections. If blu transfers personal data to a third party acting as an agent of blu, we will also obligate the third party to have adequate privacy protections in place. blu may transfer personal data to and on behalf of clients and third party’s with whom blu has an existing service agreement or as part of our legal obligations, each of which shall be subject to blu policies, and only to the extent necessary for purposes of legitimate interests pursued by the data controller (or by a third party).
J. Automated Decision Making. Under the GDPR, data subjects have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her, or similarly significantly affects him or her, as long as the decision (1) is not is necessary for entering into, or the performance of, a contract between the data subject and a data controller, or (2) is not authorized by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard the data subject’s rights and freedoms and legitimate interests, or (3) is not based on the data subject’s explicit consent. We may use your personal data to engage in limited automated decision making to provide you with personalized offers and promotions, and you consent to our automated decision making for such limited purposes.
We employ reasonable security precautions to help protect against the loss, misuse, and alteration of personal information provided on or through the Website. When you enter sensitive information (such as credit card number and/or social security number) on our registration or order forms, we encrypt that information using secure socket layer technology (SSL). To learn more about SSL, follow this link: Verisign.
We follow generally accepted industry standards to protect the personal information submitted to us, both during transmission and once we receive it. No method of online transmission or electronic storage is 100% secure, however. Therefore, while we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security As a result, although we strive to protect personal information about you, we cannot guarantee the security of any information you transmit to us through or in connection with the Website. If you have reason to believe that personal information is no longer secure, please notify us immediately by contacting us in accordance with the last section below.
If your personal data is subject to the GDPR, the data controller for the purposes of GDPR or other data protection laws applicable in Member states of the European Union and other provisions related to data protection is:
Fontem US LLC 714 Green Valley Road Greensboro, NC 27408
Any data subject may, at any time, contact us directly with any questions and suggestions concerning data protection. We encourage interested persons to raise any concerns about the collection, use, or processing of personal data using the contact information provided above. In the event of a privacy related issue or complaint, we will investigate and attempt to promptly resolve any complaints and disputes regarding use and disclosure of personal data.
For complaints that cannot be resolved, if your personal data is subject to the GDPR, we commit to cooperating with the panel established by the EU data protection authorities (“DPAs”) or the Swiss Federal Data Protection and Information Commissioner (“FDPIC”), as applicable, and comply with the advice given by the DPAs or FDPIC about personal data transferred from the EU or Switzerland.
In order to facilitate the handling of complaints, individuals in the EU can choose to contact their national DPA or use the form located at this link: http://ec.europa.eu/newsroom/document.cfm?doc_id=42962
Individuals in Switzerland can contact the Swiss FDPIC by visiting: https://www.edoeb.admin.ch/edoeb/de/home.html
This independent dispute resolution process is provided at no cost to the individual.
© ITG Brands, LLC and Fontem US LLC January 1, 2021. All Rights Reserved.