Buy your weekday smoothies and get your weekend ones for free. (7 for the price of 5!)
WELLNESSWEEK
CCPA Business Contact Privacy Policy
EFFECTIVE DATE: April 29, 2026
The California Consumer Privacy Act, as amended by the California Privacy Rights Act, and its implementing regulations (collectively, the “CCPA”), gives California residents certain rights and requires businesses to make certain disclosures regarding their collection, use, and disclosure of Personal Information. This CCPA Business Contact Privacy Policy (the “Business Contact Policy”) provides such notice to So Good Brand, Inc. and its affiliates (collectively, “So Good So You," "we," "us," or "our") California business contacts, vendors, and other individuals who interact with So Good So You in a business capacity (collectively, “Business Contacts”).
Please note that this Business Contact Policy only addresses So Good So You’s collection, use, and disclosure of Business Contact-related Personal Information and only applies to residents of California. This Business Contact Policy does not apply to individuals who are residents of other U.S. states or other countries and/or who do not interact with So Good So You as a Business Contact. For further details about our privacy practices pertaining to non-Business Contact Personal Information, please see our Privacy Policy.
I. DEFINITIONS
· “Personal Information” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular Business Contact or household. Personal Information includes the sensitive personal information described in this Business Contact Policy. It does not include deidentified or aggregate information, public information lawfully available from governmental records, or other information that falls outside of the scope of the CCPA.
· “Vendor” means a service provider, vendor, contractor, or processor which collects, stores, or otherwise handles personal information for us and is bound by certain contractual obligations consistent with applicable laws.
· “Third Party” means a person or organization which is not a Business Contact, Vendor, or an entity owned or controlled by us.
II. BUSINESS CONTACT PERSONAL INFORMATION WE COLLECT
We collect and have collected in the past 12 months the following categories of Personal Information about Business Contacts:
(1) Identifiers, such as name, alias, postal address, unique personal identifier, online identifiers, Internet Protocol address, email address, account name, signatures, physical characteristics or description, photographs, telephone number, or other similar identifiers.
(2) Financial Information, including bank account number, credit card number, debit card number, or any other financial information that does not allow access or withdrawal of funds.
(3) Characteristics of Protected Classifications under state or federal law, such as age, gender, and marital status.
(4) Commercial Information, such as records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
(5) Internet or Other Network Information, such as browsing history, search history, information regarding your interactions with our websites or advertisements.
(6) Geolocation Data, such as device location that is more granular than a city or town.
(7) Audio, Electronic, Visual and Similar Information, such as call and video recordings.
(8) Professional or Employment-Related Information, such as work history and prior employer.
(9) Education Information, as defined in the federal Family Educational Rights and Privacy Act, such as student records and directory information.
(10) Inferences drawn from any of the Personal Information listed above to create a profile or summary about, for example, an individual’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
(11)Sensitive Personal Information, including:
a. Personal Information that reveals:
i. Social security, driver’s license, state identification card, or passport number;
III. PURPOSES FOR COLLECTING, PROCESSING, & DISCLOSING BUSINESS CONTACT PERSONAL INFORMATION
We collect, process, and disclose, and we have collected, processed, and disclosed in the past 12 months, the categories of Personal Information listed in Section II of this Business Contact Policy for the following purposes:
· Manage your Business Contact relationship with us;
· Respond to your inquiries about our products, services, or other related inquiries;
· Communicate other information that we think may be of interest to you through our websites and via e-mail, mail, and other channels, including promotional communications about our products and services;
· Provide you with customer service, account maintenance, or servicing;
· Process or fulfill your orders and transactions;
· Process payments and provide financing;
· Assess our interactions with you and personalize your website experience and other interactions with us;
- Manage due diligence, contract signing, regulatory compliance, or other related activities;
- Comply with laws and regulations, including (without limitation) applicable tax, health and safety, anti-discrimination, immigration, labor and employment, and social welfare laws;
- Monitor, investigate, and enforce compliance with and potential breaches of So Good So You policies and procedures and legal and regulatory requirements;
- Comply with civil, criminal, judicial, or regulatory inquiries, investigations, subpoenas, or summons; and
- Exercise or defend the legal rights of So Good So You and its employees, affiliates, customers, contractors, and agents.
Purposes for Processing and Disclosing Business Contact Sensitive Personal Information
We, and our Vendors, collect, process, and disclose the categories of Sensitive Personal Information described in this Business Contact Policy only as reasonably necessary for:
· Performing the services or providing the goods reasonably expected by an average Business Contact who requests those goods or services;
· Preventing, detecting, and investigating security incidents that compromise the availability, authenticity, integrity, or confidentiality of stored or transmitted Personal Information;
· Resisting malicious, deceptive, fraudulent, or illegal actions directed at us and prosecuting those responsible for those actions;
· Ensuring the physical safety of natural persons;
· Short-term, transient use, including, but not limited to, non-personalized advertising shown as part of a Business Contact’s current interaction with us, provided that we will not disclose the Business Contact’s Personal Information to a third party and/or not build a profile about the Business Contact or otherwise alter the Business Contact’s experience outside the current interaction with us;
· Performing services on our behalf, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing analytic services, providing storage, or providing similar services on our behalf;
· Verifying or maintaining the quality or safety of a product, service, or device that is owned, manufactured, manufactured for, or controlled by us, and to improve, upgrade, or enhance the service or device that is owned, manufactured by, manufactured for, or controlled by us; and
· Collecting or processing Sensitive Personal Information where such collection or processing is not for the purpose of inferring characteristics about a Business Contact.
We may also deidentify any Personal Information we collect about you. When we do so, we take reasonable measures to ensure that the information cannot be associated with a Business Contact or household, and we maintain and use the information in deidentified form. We will not attempt to reidentify the information, except that we may attempt to reidentify the information solely for the purpose of determining whether our deidentification processes satisfy applicable legal requirements. After it has been deidentified, the information is no longer Personal Information and is not subject to this Business Contact Policy.
We may also process Personal Information via use of automated technologies, including artificial intelligence, for the purposes listed above. To the extent permitted by applicable law, we may also use Personal Information we collect to train automated technologies we use for the above purposes. However, we do not process Personal Information using automated decision making technologies to make significant decisions concerning Business Contacts.
IV. RETENTION OF BUSINESS CONTACT PERSONAL INFORMATION
We retain each of the above-listed categories of your Personal Information for the duration of your Business Contact relationship with us. We may also retain your Personal Information for longer if it is necessary for legitimate business purposes, including to satisfy legal or reporting obligations, resolve disputes, improve our services or maintain security, comply with regulatory requirements, or as permitted or required by applicable law. When we no longer need to retain Personal Information for the above purposes, we will either delete the Personal Information or deidentify it so that it no longer constitutes Personal Information.
V. SALE & SHARING OF PERSONAL INFORMATION
We generally do not Sell or Share Personal Information that we collect about Business Contacts. Subject to some exceptions, a “Sale” is the disclosure of Personal Information to a third party for monetary or other valuable consideration, and a “Share” is the disclosure of Personal Information to a third party for cross-context behavioral advertising, whether or not for monetary or other valuable consideration.
However, we do Sell and Share, and we have Sold and Shared in the past 12 months, Personal Information we collect from consumers in other contexts. This includes Personal Information collected via cookies and other tracking technologies, including identifiers, such as IP addresses and other device identifiers, internet or other electronic network activity information, and inferences to Third Party marketing and analytics providers for advertising and marketing, including interest-based marketing, and analytics purposes. We Sell and Share these categories of Personal Information to improve the content, functionality and usability of our websites and other online services; to advertise and market our products and services; to improve our website and other online services and our marketing and promotional efforts; and to better understand your needs and interests, and for analytics purposes. We do not otherwise “Sell” or “Share” other types of Personal Information we may collect about Business Contacts outside the cookie and online tracking technology context.
California Business Contacts have the right to opt-out of the Sale and Sharing of their Personal Information and can submit a request to opt out by clicking the “Your Privacy Choices” link in the footer of our website and clicking “Reject All” to opt out of non-strictly necessary Cookies.
Additionally, we do not have actual knowledge that we Sell or Share Personal Information of consumers who are under 16 years of age.
VI. HOW WE DISCLOSE BUSINESS CONTACT PERSONAL INFORMATION
We disclose, and have disclosed in the past 12 months, the categories of Personal Information listed in Section II of this Business Contact Policy in the following contexts:
· To our Affiliates. We may disclose Personal Information we collect to our affiliates for the purposes listed in Section III of this Business Contact Policy.
· To our Vendors. So Good So You discloses the Personal Information we collect to our Vendors who act on our behalf. For example, we use Vendors to provide us with customer relationship management services, tax, financial advice, and legal and services, auditing services, data hosting, information technology support, email hosting, and other similar services. These Vendors may need Personal Information about you to perform their obligations. We contractually require our Vendors to keep the Personal Information they process on our behalf confidential and to use it only to provide services on our behalf.
· To Marketing and Analytics Providers. We may disclose Personal Information we collect via our website and other online services to Third Parties for marketing and analytics purposes. This primarily includes disclosure of IP address and related web browsing information via cookies and similar tracking technologies.
· As Described in a Privacy Notice or With Your Consent. We may disclose Personal Information as described in any privacy notice we provide to you, or with your consent if we obtain it from you in a particular context.
· In Aggregate or Deidentified Form. We may aggregate or deidentify the Personal Information we collect, and we may disclose aggregated and/or deidentified information to our Vendors, and to Third Parties for our business operational purposes and for any other purposes permitted by applicable law.
We may also disclose Personal Information in the following contexts:
· As Part of a Business Transfer. We may disclose Personal Information to a successor organization if, for example, we transfer the ownership or operation of all or a portion of So Good So You to another organization, we merge with or are acquired by another organization, or if we liquidate our assets. If such a transfer occurs, we will seek assurances that the successor organization will treat the Personal Information we disclose to it in accordance with this Business Contact Policy.
· To Comply with Laws and Protect Our Rights and the Rights of Others. We may disclose Personal Information when we, in good faith, believe disclosure is appropriate to comply with the law, a court order, or a subpoena. We may also disclose Personal Information to prevent or investigate a possible crime, such as fraud or identity theft; to protect the security of our So Good So You; to enforce or apply our other agreements; or to protect our own rights or property or the rights, property, or safety of our users or others.
VII. SOURCES OF BUSINESS CONTACT PERSONAL INFORMATION
We collect Personal Information directly from all Business Contacts when you voluntarily provide it to us, such as when you contact us about our products and services and passively via cookies and other tracking technologies when you use our websites and other online services. We also collect Personal Information from public databases, publications, professional organizations, social media platforms, and Vendors and Third Parties when they otherwise disclose information to us.
VIII. HOW WE PROTECT YOUR PERSONAL INFORMATION
The security of your Personal Information is important to us, and we use technical, contractual, administrative, and physical security measures to protect the Personal Information we collect. We instruct our employees to comply with privacy laws and with this Business Contact Policy. We strive to regularly improve the security of Personal Information that you may provide to us, but please note that there is no method of transmitting or storing data that is 100% secure. We therefore cannot ensure that your Personal Information will not be disclosed, misused, or lost by accident or by the unauthorized acts of others.
IX. YOUR PRIVACY RIGHTS
As a California Business Contact, you have the following rights regarding our collection and use of your Personal Information, subject to certain exceptions.
Rights that Require Verification
California Business Contacts may submit a request to exercise their rights to know, delete, correct, and access specific pieces of Personal Information by calling (612) 259-7245, or by clicking here, selecting “General Questions/Comments” from the drop down list, and filling out the contact form. You may also authorize an agent to make data subject requests on your behalf. In such instances, authorized agents may use the same methods as you to submit the requests on your behalf. To verify your identity and protect your Personal Information, we may ask the requestor to provide information that will enable us to verify your identity in order to comply with your data subject request, such as asking your agent to provide proof of signed permission from you, or we may ask you to confirm with us directly that you provided the agent with permission to submit the request. In some instances, we may decline to honor your request if an exception applies under applicable law. We will respond to your request consistent with applicable law.
· Right to Know: You may request that we provide you with the following information about how we have handled your Personal Information:
o The categories of Personal Information we have collected about you;
o The categories of sources from which such Personal Information was collected;
o The business or commercial purpose for collecting, Selling or Sharing Personal Information about you;
o The categories of Personal Information about you that we disclosed and the categories of Third Parties to whom we disclosed such Personal Information; and
o The categories of Personal Information about you that we Sold or Shared, and the categories of Third Parties to whom we Sold or Shared such Personal Information.
· Right to Delete: You may request that we delete any Personal Information about you we that we collected from you.
· Right to Correct: You may request that we correct any inaccurate Personal Information we maintain about you.
· Right to Access Specific Pieces of Personal Information: You may ask to obtain the specific pieces of Personal Information we have collected about you. You may not exercise this right more than two times in a calendar year.
Rights that Do Not Require Verification.
You may exercise these rights through the “Your Privacy Choices” link below or at the footer of every page on our website. The “Your Privacy Choices” link will open our Cookie Preference Center, and you can then click “Reject All” to opt out of Sale and Sharing of Personal Information.
- Right to Opt-Out of Sale and Sales: You have the right to opt out of the Sale and Sharing for cross context behavioral advertising purposes of your Personal Information.
- Right to Limit the Use of Your Sensitive Personal Information: We do not use Sensitive Personal Information that we collect about Business Contacts for purposes other than those that are permitted by the CCPA regulations. But if we did, you would have the right to limit the use of your Sensitive Personal Information to the purposes permitted by the CCPA.
- Opt-Out Preference Signals. Some web browsers or devices offer settings where you may pre-set a signal to websites that you do not want to have your online activity and behavior tracked, Sold, Shared, or otherwise used for targeted advertising purposes. We recognize the opt-out preference signals that we are required to recognize for compliance with applicable law. Where required by the CCPA, we treat the opt-out preference signals we are required to comply with as a valid request to opt-out of Sale and Sharing for the browser or device through which the signal is sent and any consumer profile we have associated with that browser or device, including pseudonymous profiles. Further, if we know the identity of the consumer from the opt-out preference signal, we will also treat the opt-out preference signal as a valid request to opt out of Sale and Sharing for such consumer. Consumers may use opt-out preference signals by downloading or otherwise activating them for use on supported browsers and setting them to send opt-out preference signals to websites they visit. Please note, however, that our sites are not currently configured to recognize the “Do Not Track” signal, which is separate from the opt-out preference signals described above.
- Non-Retaliation. We will not retaliate against you for exercising your data subject rights. For example, we will not make hiring, firing, promotional, or disciplinary decisions, or otherwise retaliate against you, as a result of you exercising your data subject rights.
X. OTHER DISCLOSURES
Financial Incentives. We do not provide financial incentives to California Business Contacts who allow us to collect, retain, Sell, or Share their Personal Information. We will describe such programs to you if and when we offer them to you.
XI. CHANGES TO THIS BUSINESS CONTACT POLICY
So Good Brand, Inc. reviews its privacy practices from time to time, which are subject to change, and we may periodically update this Business Contact Policy. We ask that you periodically review this page to remain familiar with the most current version of our Business Contact Policy. Information collected after the posted effective date will be treated in accordance with the then most current Business Contact Policy. When this Business Contact Policy changes, we will update the “Effective Date” at the top of the Business Contact Policy. If required by applicable law, we will provide you with additional notice if we make a material change to the Business Contact Policy, for example, by sending you an email or posting a banner on this page.
XII. CONTACT US
More information about our general privacy practices can be found in our Privacy Policy. If you have any questions about this Business Contact Policy or our privacy practices, please contact us at privacy@sogoodsoyou.com or by using the information provided below:
So Good Brand, Inc
500 Kasota Ave SE
Minneapolis, MN 55414-2811
Attn: Privacy Policy
