Transparency, every step of the way.
Last Updated May 2, 2023
Introduction and Overview
We believe in transparent and secure data practices.
At Protalus USA, LLC (“Protalus” or “us,” “we,” etc.), we understand everyone's journey to comfort is unique, so we have built our products and services with that flexibility in mind. This Privacy Notice is intended to help our users in the United States and Canada understand our personal data handling practices; we currently do not sell our products or intend to collect information from individuals in the European Union or United Kingdom.
When you visit our website, contact our customer service team, or provide information about your use of our products, we will receive information about you. This Privacy Notice provides more detail about how we gather information, how we use it, and how we support your rights to your data.
This Privacy Notice applies to https://www.protalus.com/, the Protalus mobile device application ( iOS and Android), and any Protalus websites that display these terms (collectively, the “Website”). It does not apply to any website, service or product that does not display or link to this Privacy Notice or that contains its own privacy statement. This Privacy Notice applies to our treatment of personal information collected through our Website and through third parties like social media channels that share information with us through our advertising partners – there is more information on how we collect information in the next section. This Privacy Notice also applies to personal information collected through offline interactions with us, such as phone calls with our customer service team.
Here at Protalus it’s all about you and how we value, respect, and serve our long-term relationship with you. This Privacy Notice follows those same themes: we value your trust, respect our obligations around collection and use of your personal information, and aim to serve your comfort needs to build a long-term relationship.
Collecting Personal Information
We collect data in different ways.
- Personal Data
Personal Data means data about a living individual who can be identified from those data (or from those and other information either in our possession or likely to come into our possession).
- Usage Data
Usage Data is data collected automatically either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).
Cookies are small files stored on your device (computer or mobile device).
- Data Controller
Data Controller means the natural or legal person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal information are, or are to be, processed.
We are a "data controller" in terms under European Union and United Kingdom data protection law (including the EU General Data Protection Regulation 2016 and the Data Protection Act 2018).
- Data Processors (or Service Providers)
Data Processor (or Service Provider) means any natural or legal person who processes the data on behalf of the Data Controller.
We may use the services of various Service Providers in order to process your data more effectively.
- Data Subject (or User)
Data Subject is any living individual who is using our Service and is the subject of Personal Data.
We may collect information from you directly or indirectly. First, we collect information you provide to us directly through things like email or support chat. Second, we use technologies that collect certain data (including personal information) automatically as you use the Website through technologies such as “cookies.” This section addresses each of these types of collection.
We collect personal information when you provide it.
Personal information we may collect:
- Email address
- First name and last name
- Phone number
- Address, State, Province, ZIP/Postal code, City
- Cookies and Usage Data
You may provide us with certain personal information when registering for an account, making a purchase through the Website, signing up to receive our marketing emails, participating in a survey, or otherwise interacting online and offline with Protalus (via social media, chat, web form, email, phone, and yes, even postal mail).
When you register for an account without linking to an existing social-media platform, you will be prompted to provide us with information like your name, email, and password for account security. Creating an account allows you to earn credit toward future purchases and track previous orders.
If you elect to purchase products from the Website, you will be prompted to provide us with information like your mailing address, phone number, and billing information so we can complete your transaction.
You can learn more about how we use, disclose, and secure personal information in the remainder of our Privacy Notice below.
We collect information from some third-party sources.
We may collect information about you from other third parties, like if you were referred by a friend, or public sources, such as social networks when you click “Share This” via Facebook, Instagram, Connect, Twitter, Linked In, Google+, or other social media “like” buttons or plug-ins.
Where you choose to, you can link your Protalus account with a social network profile to share information or you can create a Protalus account from scratch. Please note that any data collected by a third party, such as a social networking site, is handled based on their privacy practices rather than this notice.
There may be instances where our internal customer services team is not available. In such cases, we use an external customer service team to address customer inquiries. When you provide information to our third-party, external customer service team, they will share that information with us.
We also use third party services to collect testimonials from customers. Customers may elect to provide testimonial information through multiple sources, and the information these third-party’s collect is subject to their privacy practices. Once we receive the information from such third parties, we will use it and store it in accordance with these practices.
We collect personal information through automated technologies.
We use automated technologies to collect information from visitors to our website or users of our mobile application, which sometimes includes personal information. Automated collection technologies such as cookies, beacons, tags, and scripts are used by us in analyzing trends, administering the Website, and tracking users’ movements around the Website. We, and our third-party vendors, also use these technologies to gather demographic information about our user base as individuals and in the aggregate.
To learn more about the cookies we use, including learning how to opt-out of optional cookies, please review our full Cookie Notice here .
We may collect limited health-related information.
Given the nature of our products is to provide support and comfort through insole technology, you may choose to provide us with certain health-related information like your foot or arch type. Our “Find Your Perfect Insole” tool will collect this information when you provide it to us and your use of this tool is deemed your consent for us to use this information; we will use this information for the purpose of providing you with product recommendations and in accordance with the terms of this Privacy Notice. Health-related information such as gender may also be inferred from your selection of male-size or female-size insoles related to your purchase, which will be logged and stored for our internal records.
We may still collect information if you use Do-not-track requests.
Some browsers offer a “Do Not Track” privacy preference. Generally, when a user turns on the Do Not Track Signal, their browser sends a message to websites requesting that the user not be tracked. Our website and services currently do not respond to “Do Not Track” signals. However, you do have other options for opting out of tracking for interest-based advertising purposes as described below.
We will not collect information from individuals under 16.
We will never knowingly request personal information from anyone under the age of 16 without prior verifiable parental consent. All products we sell are for purchase by individuals over age 16. In accordance with the Children's Online Privacy Protection Act, if we become aware that personal information of an individual under the age of 16 has been provided to Protalus, for any purpose, without prior verifiable parental consent, we will delete the information from our files.
Using Personal Information
Being transparent about how we use data is important to us because we know it’s important to you. Here are the ways we use personal information at Protalus:
To fulfill your order, including order confirmation, processing, and to maintain your purchase history.
To provide access to the Website, including maintaining the security and integrity of the Website.
To share questions, feedback, or other content you have elected to provide.
To provide marketing information regarding Website and product updates, special promotions, etc.
To comply with legal and regulatory requirements applicable to our business and internal policies for maintaining records.
To conduct reviews of our Website and to help us better understand your use of our Website to tailor the Website, our product offerings, and marketing promotions to make your shopping experience more enjoyable and convenient.
For any other legal, business, or marketing purposes that complies with the practices described in this Privacy Notice.
Sharing Personal Information
We understand that you may want to know more about how and when we share your personal information. This section provides detail on how we share information collected through the mechanisms detailed in the prior sections of this Privacy Notice. Please note that we require any third party with which we share your personal information to protect that information consistent with this policy and limit their use of that information to performing the service they provide to us.
We do not and will not sell your personal data.
The personal information we collect is not and will not be sold, rented, or traded to third parties for their own marketing purposes.
We do use some vendors to help us out.
In order to facilitate our business needs, we may share your personal information with our third-party service providers who help us with business operations such as operating and supporting the Website (including the mobile application), performing Website analytics, marketing or consulting services, and assisting us with the preparation and mailing of our business and marketing communications.
We also use third party payment processing services for transactions you elect to complete through our Website; Protalus does not process payment card information directly. The personal data those payment processors receive includes name, email address, mailing address, billing address, phone number, and payment card information and your purchase of our products is deemed your consent to share this information.
We use targeted advertising.
We, or with third party vendors, may use your personal information to provide you with tailored advertising on third party sites, including social sites. These advertisements are either: (i) “contextual" (meaning they are presented due to the webpage that you are viewing); or (ii) “behavioral advertising" or “interest-based advertising" (i.e. where advertisements are shown to you based upon your interests which we have inferred from your information including demographic, geographic and interest-based data). We may use tailored advertising to specifically include or exclude individuals who have registered for our products to ensure that you are provided with information about those products that are most relevant to you. To do this, we may track your browsing activity across different websites, different devices and/or different applications. We may match your browsing activity on one device, such as your mobile phone, with your browsing activity on another device, such as your tablet, to ensure our advertising is tailored to you. To learn more about the cookies we use, including learning how to opt-out of optional cookies, please review our full Cookie Notice here .
In addition, some third party sites allow you to stop seeing advertisements from specific advertisers on that site, so you should also check your preferences on those websites.
Our vendors help with Website analytics too.
If you make a public post, other users may see it.
If you make a post on a third-party social media site (for example, on our Facebook page at https://www.facebook.com/Protalus/) or by identifying us in your social media feed by tagging us using a hashtag (#) or “at” (@) indicators on your social media platform, your personal information may be publicly available and is subject to the privacy policies of those third-party social media sites. This Privacy Notice describes how we will treat your data once it is in our possession.
We strongly recommend you review the privacy policies of any third-party sites you visit to understand the data collection and use practices of that third party.
We may share feedback you provide to us.
We aim to provide products that change lives by improving alignment, support, and comfort. If you have experienced a new level of comfort from using our insoles, we would love to hear your feedback. However, please note any feedback relating to our products on our Website or on social media channels may be publicly shared.
Eventual successors may access information.
We have taken steps to evaluate how data will be treated, accessed, or shared in the event our business structure or ownership needs to change. This paragraph describes what may happen to your data in such an instance. In the event of a merger, acquisition, reorganization, bankruptcy or other sale of all or a portion of our assets, any user information owned or controlled by us may be among the assets transferred to third parties as successors in interest. As part of this type of transaction, we reserve the right to transfer or assign your personal information to third parties. Other than to the extent ordered by a bankruptcy or other court, or as otherwise agreed to by you, the use and disclosure of all transferred user information will be subject to this Privacy Notice.
We need to comply with legal requirements.
We may disclose your information to government authorities or other third parties if any lawful circumstance arises, including where:
You have given us permission to share your information;
We are required to do so by law, or in response to a subpoena or court order;
We believe in our sole discretion that disclosure is reasonably necessary to protect against fraud, or to protect our property or other rights or those of other users of the Website, third parties or the public at large; or
Securing Personal Information
We understand the importance of securing your personal information. We have implemented industry accepted administrative, physical, and technology-based security measures to protect against loss, misuse and alteration of data in our systems. We also ensure that any employee, contractor, or vendor who has access to personal information in our systems is subject to contractual and professional obligations to safeguard that data.
We use a third-party payment processor, which is PCI DSS compliant and uses SSL/TLS (Secure Sockets Layer) technology to encrypt your order information, such as your name, address, and credit card number, during data transmission.
Our customer service department and Website also operate over a private, secure network. We follow generally accepted industry standards, including implementing encryption, to protect the personal information submitted to us, both during transmission and once we receive it. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.
Your Rights to Your Personal Information
We understand that many of our customers would like to have control of their data. With this in mind, we have worked with our vendors to build our Website in a way that gives you the ability to review, update, or delete your information. This section details how.
Viewing or Updating your personal information.
If you have created an account with us, you may access your information by clicking on the User Account icon at the top of the Website or directly using this URL: https://www.protalus.com/account . You may make changes to personal contact information, including contact details such as mailing address and email address on this page. Be sure to click the "Update" button to save your changes.
You can also contact customer service to access or make changes to your information by calling 1.844.402.5446 or sending an email to firstname.lastname@example.org.
Deactivating your account.
You may elect to deactivate your account at any time after you create it. In order to deactivate your account, please contact our customer service administrators by calling 1.844.402.5446 or sending an email to email@example.com. Upon receiving your request, Protalus will deactivate your account and delete personal information where allowed or required by applicable law. Please note we may retain some information allowed by law, for instance – transactional information, related to our business.
Please note, our systems may retain some personal information, like email address, associated with transactional history on our Website, which we may be required to store for other compliance purposes.
For email communications: If you do not wish to receive promotional emails from us, including our e-newsletters, you may follow the unsubscribe process at the bottom of the promotional email you received or by emailing us at firstname.lastname@example.org. Please keep in mind that you may still receive transactional emails from us (e.g., e-mails related to the completion of your registration, correction of user data, password reset requests, reminder emails that you have requested, and any other similar communications essential to your transactions on the Website) which may be necessary for us to process orders, make the Website available to you, or respond to your enquiries.
Your Data Protection Rights under the General Data Protection Regulation (GDPR)
- If you are a resident of the EEA, you have certain data protection rights. We aim to take reasonable steps to allow you to correct, amend, delete or limit the use of your Personal Data.
- If you wish to be informed about what Personal Data we hold about you and if you want it to be removed from our systems, please contact us by using the email address noted at the end of this policy.
California Consumer Rights.
Beginning January 1, 2020, our Website visitors and product customers who reside in the state of California have additional rights reserved under the California Consumer Privacy Act and the California Shine the Light law. To be clear, if you are a California-based consumer, as that term is defined under California law, this section shall apply in addition to all other applicable rights and information contained in this privacy statement:
You have the right to request that we provide you with the categories of personal information and the specific pieces of personal information we have collected and stored about you.
You have the right to request that we delete personal information we, or our service providers, store about you.
We will not discriminate or retaliate against you if you elect to exercise any rights under this section of our Privacy Notice.
You may request that we not sell your personal information; as noted previously, Protalus does not sell your personal information.
- You have the right to designate an authorized agent to make a request on your behalf.
- Please see the “Identity Verification Requirement” section below for more information on our process for verifying we have received a legally valid request.
If you are a California consumer and have additional questions based on this section of our Privacy Statement, please email us at email@example.com, or call us toll-free at 1.844.402.5446. Also, be sure to check this policy for updates as we will review it at least every 12 months and make updates as necessary.
Identity Verification Requirement.
We are required by law to verify that any request submitted was made by someone with the legal right to access the information. Therefore, prior to accessing or divulging any information pursuant to a data subject access request, we may request that you provide us with additional information so we can verify your identity and legal authority, or require that you take an additional step such as logging into your account to validate your identity or to validate your identity through email verification.
To make a request, please contact us at firstname.lastname@example.org with “Personal Information Request” in the subject line and provide us with full details in relation to your request, including your contact information and any other detail you feel is relevant. We will provide a response to an access request within 30 days of receiving such request. If we cannot substantively respond in a timely manner, we will notify and provide you with the reason for the delay.
Under certain circumstances we may not be able to fulfill your request, such as where doing so would interfere with our regulatory or legal obligations, where we cannot verify your identity, or if your request involves disproportionate cost or effort; in any event, we will respond to your request within a reasonable time frame and as required by law, and provide you an explanation.
We may employ third party companies and individuals to facilitate our Service ("Service Providers"), provide the Service on our behalf, perform Service-related services or assist us in analyzing how our Service is used.
These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
Such carefully selected third parties that we contract with, may send personal data to countries outside the European Economic Area (‘EEA'). If and when this occurs, there will be protections in place to ensure the recipient protects the data to the same standard as the EEA. The protections include:
- transferring to a non-EEA country with privacy laws that give the same protection as the EEA;
- putting in place a contract with the recipient that means they must protect personal data to the same standards as the EEA;
Suspected Breach of Privacy Notice
If you have received unwanted, unsolicited email from us or purporting to be sent by us, please forward a copy of that email with your comments to email@example.com for our review. If you feel that any of our privacy practices detailed in this Privacy Notice have been violated, you may contact us here:
Protalus USA, LLC
20750 SW 115th Ave
Tualatin, OR 97062
Toll Free: 1-844-402-5446
Updates to this Privacy Notice
As we continue to grow our business and offer new products or services, this Privacy Notice will be updated to reflect our data handling practices. We reserve the right to amend this Privacy Notice at any time, for any reason, without additional notice to you, other than through posting the updated Privacy Notice at this Website. We invite you to periodically return to this page to ensure you are informed of any updates we make here about how we collect, use, and protect customer information. You can see when this Privacy Notice was last updated by checking the “last updated” date displayed at the beginning of this Privacy Notice.