Privacy Policy

Privacy Policy

This Privacy Policy is effective as of March 1, 2022

Our Commitment to Privacy

We care about your privacy and understand how important it is to care for personal information. We appreciate your trust.

This Privacy Policy applies to information gathered from and in connection with operation of the MILLIMYLK.COM website, which is operated by Milli Mylk, Inc. (the “Company”, “we,” or “us”).

This Privacy Policy describes our privacy practices in relation to the use of our website and any applications, affiliated sites, services, and programs, including attendance at marketing and promotional events and activities, and will help you better understand our privacy practices and the choices you can make about the way your personal data is collected and used.

Through the Company site, you may from time to time be able to link to other sites maintained by unaffiliated third parties, such as our suppliers or service providers. As more fully described below, each of these sites may be governed by different privacy policy or statement. We suggest you check the privacy link typically located in the footer of each web page to access and review the applicable privacy policy or statement. Since privacy policies or statements may change periodically, we also suggest that you occasionally re-visit them.

Please read this Privacy Policy carefully.

The Information We Collect

The information we collect from visitors to the Company site helps us improve our site and provide better service to you. We collect, use, disclose, transfer, and store personal data (such as your name, mailing address, email address, and phone numbers) when needed to provide our services and for our operational and business purposes as described in this Privacy Policy. Occasionally you may also choose to provide us with what may be considered sensitive personal data (collectively, “personal data”) such as financial and bank account numbers. We want to be clear about our privacy practices so that you can make informed choices about the use of your information.

The information we collect falls into two broad categories: (1) information you voluntarily provide to us and (2) information that is automatically collected.

Information You Voluntarily Provide to Us: Generally, you can visit the Company site without providing any personal or sensitive personal data. However, on some pages, we collect personal data in order to provide a service or carry out a transaction requested by you. See below for what personal data is collected and how it is used. We may also ask for feedback relating to our goods or services. Participation is voluntary and you are not required to provide this information. There generally is no negative effect on you if you choose not to provide your personal data. However, since personal data may be needed to process an order, if you choose not to participate, we may not be able to perform a requested service or complete a transaction.

Information Collected Automatically: Our servers, logs and other technologies collect and store certain personal and non-personal data such as your IP address, machine operating system, geolocations, type of system, and selection preferences that is generated automatically as you navigate through our sites. By using our website, you agree to the processing of the data collected about you for the stated purposes below. We use a standard feature found in browser software called a "cookie" used to store and manage user preferences, deliver targeted advertising, enable content, and gather analytic and usage data, for example. The use of cookies and other tracking technologies is standard across websites and apps through which information is collected about your online activities across applications, website, or other services. You can choose to accept or decline cookies and, while most web browsers automatically accept cookies, you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of our sites.

What is a cookie? A cookie is a small text file that is placed on a computer or other device and is used to identify the user or device and to collect information. Cookies help to track user trends and patterns and also relieve users from having to re-enter their preferences on certain areas of the site where they have previously entered preference information. The cookie types we use to collect personal data and non-personal data include the following attributes: session cookies, persistent cookies, third-party cookies.
What is a web beacon? A web beacon is an often-transparent graphic image, usually no larger than 1 pixel x 1 pixel that is placed on a website or in an email that is used to monitor the behavior of the user visiting the website or opening the email. It is often used in combination with cookies. We use web beacons to access cookies and to count users who visit our site or open email messages. We collect this information to improve the delivery of our web pages to you and to measure traffic on our site. We sometimes use the non-identifying and aggregate information that is collected as described above to enhance the design of our site and help us understand the needs of our visitors.
What is a “Share” button? Our website also contains “Share” buttons. Any user who wishes to share content in this manner must have already provided login credentials to the “Share” site. We do not collect any user login information for third-party “Share” sites including those listed below. We have no influence regarding the scope of the data which is collected with the aid of the “Share” buttons, and therefore can only provide you with information for the third-party sites that have been, may be, or are integrated into our website as :
Facebook, operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”). Your rights can be viewed at facebook.com/policy.php.
Twitter, operated by Twitter, Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA. Your rights can be viewed at: https://about.twitter.com/en_us/company/brand-resources.html.

G+button of the social network Google Plus, operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Your rights can be viewed at google.com/intl/policies/policies/privacy/.
Pinterest, Pinterest Trademark Agent, 635 High Street, Palo Alto, CA 94301, USA. Your rights can be viewed at pinterest.com/about/privacy.
LinkedIn, LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. Your rights can be viewed at linkedin.com/legal/privacy-policy.
Gmail, Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Your rights can be viewed at google.com/intl/policies/policies/privacy/.
TikTok, 5800 Bristol Parkway, Suite 100, Culver City, CA 90230, USA. Your rights can be viewed at https://www.tiktok.com/legal/cookie-policy?lang=en.

This website uses Google Analytics, a website analytics service provided by Google, Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). Google Analytics uses cookies and web beacons (defined above) and the information generated by the cookie is usually transmitted to a Google server in the USA and stored there. If IP anonymization is activated on this website, your full IP address will typically be sent to a Google server in the U.S. and then shortened. Google uses this information on our behalf to evaluate the use of our website by you, to compile reports on the website activities and to provide other services related to the website and internet usage to us. We use the code “ga (‘set’, ‘anonymizelp’, true)” to ensure the anonymous collection of IP address (“IP masking”), which processes IP addresses in a shortened form and direct personal reference can be excluded. You can prevent Google’s collection of the data generated by the cookie and related use of the website, including your IP address, as well as the processing of such data by Google by downloading and installing the browser plug-in available under the following link: https://tools.google.com/dlpage/gaoptout.

How We Use Your Information

We will obtain your consent to collect, use or disclose personal data except where we are authorized or required by law to do so without consent.

California consumers may scroll down for a more fulsome review of how the Company uses your personal information.

In general, consent may be express or implied. We process personal data for these services and business-related purposes:

Account creation: We use personal data such as your name, email address, mailing address, and phone number to set up and administer your account and to provide customer support and training, send important account and service information, and to allow us to communicate with you. To verify that you are a customer, we may also ask for your system’s serial number.
Sales orders and service: We use personal data such as your name, email address, mailing address, phone number, and financial and bank information including credit card numbers in order to provide service for a product or for product orders.
Marketing purposes: We use personal data such as your name, email address, mailing address, and phone number to send marketing communications and to respond to inquiries about The Company, its products, services, and promotional activities to you across various platforms, such as email, phone, text messaging, direct mail and online. We may also collect information about the quality and success of our email marketing (e.g., by analyzing the opening or click rates of our emails).
Sweepstakes and contest entries: We use personal data such as name, email address, mailing address, and phone number for entry into sweepstakes and contests.
Surveys and polls: If you choose to participate in a survey or poll, any personal data, such as name, email address, mailing address, and phone number you provide may be used for marketing or market research purposes.
Legal obligations: We may be required to use and retain personal data for legal and compliance reasons, such as the prevention, detection, or investigation of a crime; loss prevention; or to combat fraud. We may also use personal data to meet our internal and external audit requirements, information security purposes, and as we otherwise believe to be necessary or appropriate: (a) under applicable law, which may include laws outside your country of residence; (b) to respond to requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities, which may include such authorities outside your country of residence; (c) to enforce terms and conditions; and (d) to protect our rights, privacy, safety, or property, or those of other persons.

When We Share Personal Data

The Company will not provide personal data to any third party or use the information for an undisclosed purpose except as otherwise noted at the point where the information is collected and where necessary to provide services or conduct our business operations as described below. We share personal data in accordance with data privacy and security requirements, and we occasionally will share non-personal, anonymized, and statistical data with third parties. We make appropriate efforts to ensure that the entities we share personal data with do not further distribute the information such as entering into non-disclosure agreements.

California consumers may scroll down for a more fulsome review of with whom THE COMPANY shares your personal information.

Within the Company: The Company is comprised of a U.S.-based operation with several offices / locations around the United States. We are supported by a variety of teams and functions. Personal data may be shared with the Company, our agents and contractors, and our suppliers and service providers if needed to provide services or fulfill product orders, for account administration, to facilitate sales and marketing, for customer and technical support, and to promote business and product development.
With our business partners: We partner with suppliers, service providers, and other organizations to deliver services and products, or to implement marketing activities. The Company will handle personal data in accordance with this Privacy Policy and we encourage you to review the privacy policies of our business partners to learn more about how they collect, use, and share personal data.
With third-party service providers: We have third-party suppliers and service providers around the world. Personal data will be made available to these parties only when necessary to fulfill the services they provide to us such as software, system, and platform support; direct marketing services; cloud hosting services; advertising; data analytics; and order fulfillment and delivery. Our third-party service providers are not permitted to share or use personal data we make available to them for any purpose other than to fulfill their obligations to the Company.

Links to Third-Party Sites: Our site may contain links to third-party sites that are not under the control of or maintained by the Company. While we try to only link to sites that share our privacy and standards concerns, the Company does not control and we are not responsible for the content, security, privacy policies or the operation of third party sites. Further, if you opt to engage in transactions on third party sites linked to this site, such as purchases or promotions, we are not responsible and you must deal with the third party operators of such sites if any issues arise. As mentioned above, when visiting any site we suggest that you routinely review the applicable privacy policy or statement and other posted terms and conditions to understand your rights and options.

In-site search function: Our in-site search function is provided by Shopify. Its privacy policy can be found at the following link: https://www.shopify.com/legal/privacy/customers

With third parties for legal reasons: We will share personal data when we believe we are legally required to, such as:

Under applicable law or by legal process such as a court order.
To prevent physical harm or property damage, and to protect our rights, users, systems and services.
As part of an investigation of suspected or actual unlawful conduct.
To comply with and respond to requests from government agencies, including law enforcement and other public authorities, which may include such authorities outside your country of residence.
In the event of a merger, sale, restructure, acquisition, joint venture, assignment, transfer, or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings).

Except as otherwise notified in this Privacy Policy, your personal data will not be shared outside of the Company.

How We Store and Process Personal Data

The Company may from time to time have networks, databases, servers, systems, support, help desks, third-party cloud hosting services, suppliers, service providers and technology support in locations throughout the world. In order to service the needs of the business, workforce, and customers of the Company, personal data may be shared among the Company and these third parties, as well as with its agents and contractors. The Company, as data controller of all personal data collected on this website, takes appropriate steps to ensure that the personal data it collects is processed, secured, and transferred in accordance with this Privacy Policy and requirements of applicable laws and regulations. In this regard, please note the following:

All personal data input by you through the use of this site is submitted directly to the Company in the United States. By submitting your personal data through this site, you are hereby consenting to transfer of your personal data to the Company in the United States.
Your personal data submitted through this site will be shared with the specific office of the Company necessary in order to provide you with services, products and support specific to your location. That office will also provide you with any marketing or sales communications.

How We Secure Personal Data

The Company takes the security of personal data it collects and retains seriously. We are committed to safeguarding it and protecting against unauthorized access to, or use of, our information assets and any other anticipated threats or hazards to the security and integrity of such assets. Measures we take to safeguard personal data include appropriate policies and procedures to address risk management, appropriate restrictions on access to personal data; monitoring and physical measures for the secure storage and transfer of personal data; training for employees, agents and contractors with access to personal data; and vendor risk management requiring contractual obligations to protect any personal data with which they are entrusted in accordance with our security policies and procedures.

How Long We Keep Personal Data

The Company has policies and procedures relating to the retention of personal data based upon a classification scheme consisting of business functions and process areas, and the classification and types of data and records. We retain personal data for as long as we reasonably require it for business and legal purposes. In determining data retention periods, the Company considers contractual and legal obligations, and the expectations and requirements of customers, vendors, suppliers and others who share their personal data with us. When we no longer need personal data, we securely delete or destroy it.

California Rights Regarding Personal Information

California consumers may scroll down for information on rights to opt out, access, or delete California consumer personal information.

Opting out: To opt out of marketing email, you can use the unsubscribe link found in the email communication you receive from us. You may also use the “Contact Us” option within the relevant service to opt out and elect not to receive further emails from us. Please provide the email address from which you are receiving electronic communications.

Our Special Commitment to Children’s Privacy

Protecting the privacy of the very young is especially important. For that reason, we do not knowingly collect personal data from children under the age of 13. This website is not intended for anyone under the age of 16. If you are younger than 16, you may not use this website.

Do Not Track

"Do Not Track" is a privacy preference that you can set in most browsers that sends a signal to a website that you do not want the website operator to track certain browsing information about you. However, because our site is not configured to detect Do Not Track signals from a user’s computer, we are unable to respond to Do Not Track requests at this time.

Changes to the Privacy Policy

The Company reserves the right to change, amend, or update this Privacy Policy. If we decide to change our Privacy Policy, we will post the revised Privacy Policy on this site. On return visits to our site, please remember to review the Privacy Policy which may have changed, since continued use of our site after any posted revision indicates your consent to our use of your information in accordance with the changed, amended, or updated Privacy Policy.

How To Contact Us

If you have questions or concerns about this Privacy Policy or our privacy practices, you may wish to contact the data controller.

California residents only – please click here for information on contacting us.

You may contact us via email at support@millimylk.com
For marketing preferences and services support relating to updating your account information or email marketing preferences, or for technical support or other help with services, please use the “Contact Us” option for the relevant service.

European residents’ rights to access, correct, or delete European resident personal data. This section supplements the information above and applies solely to European residents. This section is to comply with the European General Data Protection Regulation (GDPR) that provides European residents the right to access and control their personal data. We will endeavor to respond to requests for information about personal data and, where applicable will correct, amend, or delete European residents’ personal data.

Access to personal data: Requests for European residents’ access to personal data should be submitted via the “Contact Us” option within the relevant service used or by sending us an email at support@millimylk.com. We will comply with requests for access to your personal data, subject to any relevant legal requirements and exemptions. We will make commercially reasonable efforts to provide you reasonable access to any of your personal data we maintain within 30 days of your access request. If we cannot honor your request within the 30-day period, we will inform you when we will be able to provide access. In the event that we cannot provide you access to this information, we will explain why we cannot do so. We will ask for proof of your identity in order to confirm your identity and that you are seeking access to personal data belonging to you, and also sufficient information about your interaction with us so that we can locate any relevant data.
Correction to and deletion of personal data: The GDPR also provides European residents with the right to correct or amend personal data if it is inaccurate or requires updating, and also the right to request deletion of your personal data. Due to legal requirements and other obligations and factors, this is not always possible. Remember that account information may be corrected, deleted, or updated by using the “Contact Us” option within the relevant service. For inquiries of this nature, please contact us at support@millimylk.com.
Choices: Some personal data is necessary in order to provide certain services. However, you may choose to limit the Company use of your personal data by adjusting your browser settings, opting out, or you may contact us at support@millimylk.com for more information regarding your choices. Since personal data may be needed to process an order, if you choose not to participate, we may not be able to perform a requested service or complete a transaction.
Filing a Complaint: EU residents have the right to make a complaint to a data protection regulator in the event of dissatisfaction with how the Company manages their personal data. A list of National Data Protection Authorities can be found here: http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm. Please contact us at support@millimylk.com with any requests related to your personal data.

California Consumer Information

This section supplements the information above and applies solely to California consumers. This section is to comply with the California Consumer Privacy Act (CCPA) that provides California residents the right to access and control their “Personal Information,” which is defined by the CCPA as information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular California consumer.

The Company will endeavor to respond to California consumers’ requests for information about their Personal Information, subject to any relevant legal requirements and exemptions, and, where applicable and subject to compliance and legal obligations, will opt out of the sale, correct, amend, or delete a California consumer’s Personal Information.

For California residents, there are only two instances where California consumer Personal Information is collected directly by the Company: for job applicants and for consumers ordering products or services from the Company. Outside of job applicants, the collection and/or processing of California consumers’ Personal Information regulated by the CCPA is limited to interactions between California consumers and the Company.

California Resident Personal Information collected by the Company. During the last twelve (12) months, the Company collected the following categories of Personal Information from California consumers:

Category	Examples	Collected
Identifiers	A real name, Internet Protocol address, email address, other similar identifiers.	YES
Personal Information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))	A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some Personal Information included in this category may overlap with other categories.	YES
Protected classification characteristics under California or federal law	Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).	YES
Commercial Information	Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.	YES
Biometric Information	Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait or other physical patterns, and sleep, health, or exercise data.	YES
Internet or other similar network activity	Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement	YES
Geolocation data	Physical location or movements.	YES
Sensory data	Audio, electronic, visual, thermal, olfactory, or similar information	YES
Professional or employment-related information	Current or past job history or performance evaluations	NO
Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99))	Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.	NO
Inferences drawn from other personal information	Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitude.	NO

Personal Information as defined by the CCPA does not include:

Publicly available information from government records.
De-identified or aggregated California consumer’s Personal Information.
California consumer Personal Information excluded from the CCPA’s scope such as:

health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIS) or clinical trial data;
personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FCRA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.

The Company obtains the categories of Personal Information listed above from the following categories of sources:

Directly from California consumers. For example, from forms submitted on the Company website for product warranty and registration, photo printing and personalized photo product fulfillment, customer service transactions with the service center, entries into sweepstakes and contests, and job applications.
Directly and indirectly from California consumers. For example, website usage details collected automatically.
From third parties in connection with the services The Company performs for them or for potential employment or engagement services. For example, from employment agencies, background check providers, former employers, credit reference agencies, or other background check agencies.
From third party data resellers through contact lists that the Company purchased or rented for purposes of sending marketing-type communications.
From social media platforms, including Facebook, Twitter, YouTube, Pinterest and Instagram.

The Company Use of California Consumer Personal Information

The Company may use or disclose California consumer Personal Information for one or more of the following business purposes:

To fulfill or meet the reason for which the information is provided. For example, if a name and contact information is provided to ask a question about a Company offered product or service, or to request service for a Company provided product, the Company will use that Personal Information to respond to the inquiry. If the information is provided to purchase a product or service, it will be used to process payment, facilitate delivery, and may be maintained for service inquiries.
To provide information about Company products, services and related support that is requested.
To provide email communications, event registrations and other notices about Company products and services or news that may be of interest.
For entry into a sweepstakes or contest at the California consumer’s request.
To consider California consumers for potential employment or engagement.
To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
As described at the point where Personal Information is collected or as otherwise set forth in the CCPA.

The Company will not collect additional categories of Personal Information or use the Personal Information collected for materially different, unrelated, or incompatible purposes without providing notice to the California consumer, unless required or permitted by applicable laws. Sharing California Consumer Personal Information. The Company may disclose California consumer Personal Information to a third party for a business purpose. When such a disclosure is for a business purpose, the Company enters into a contract that describes the purpose and requires the recipient to both keep the Personal Information confidential and not use it for any purpose except performing the contract. In the preceding twelve (12) months, the Company has disclosed the following categories of California consumer Personal Information for a business purpose:

Identifiers
California Customer Records personal information categories
Professional or employment-related information

The Company disclosed California resident Personal Information for a business purpose to the following categories of third parties:

Company agents and contractors
Suppliers and service providers
Third parties to whom the California consumer or its agents authorize disclosure of Personal Information in connection with products or services we provided to the California consumer.

The Company does not sell Personal Information. California Consumers’ Rights and Choices. The CCPA provides California consumers with specific rights regarding their Personal Information. This section describes California consumers’ rights and explains how to exercise those rights.

Access to Specific Information and Data Portability Rights. California consumers have the right to request certain information be disclosed to them about The Company collection and use of their Personal Information over the last twelve (12) months. Once the request is received and identity is verified, the Company will disclose to the California consumer:

The categories of Personal Information collected about the California consumer.
The categories of sources for the Personal Information collected about the California consumer.
The business or commercial purpose for collecting or selling that Personal Information.
The categories of third parties with whom the Personal Information is shared.
The specific pieces of Personal Information collected about the California consumer (also called a data portability request).
If the California consumer’s Personal Information was sold or disclosed for a business purpose, two separate lists disclosing:

sales, identifying the Personal Information categories that each category of recipient purchased; and
disclosures for a business purpose, identifying the Personal Information categories that each category of recipient obtained.

Note that specific Social Security numbers, driver’s license numbers or California identification card numbers, financial account numbers, health insurance or medical identification numbers or information, account passwords or security questions and answers will not be disclosed to any California consumer.

Deletion Rights Requests. The CCPA provides California consumers the right to request deletion of their Personal Information collected and retained, subject to certain exceptions. Once a request is received from a California consumer and identity is verified, the Personal Information will be deleted, and any service providers who may have the Personal Information will be directed to delete as well, unless an exception applies. Requests to delete require confirmation of deletion instructions. The Company may deny a deletion request if retaining the Personal Information is necessary for the Company or its service providers to:

Complete the transaction for which the Personal Information was collected, provide a good or service that was requested, take actions reasonably anticipated within the context of an ongoing business relationship, or otherwise perform a contract with you.
Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
Debug products to identify and repair errors that impair existing intended functionality.
Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 ).
Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if the California consumer previously provided informed consent.
Enable solely internal uses that are reasonably aligned with consumer expectations based on the California consumer’s relationship with The Company.
Comply with a legal obligation.
Make other internal and lawful uses of that information that are compatible with the context in which the Personal Information was provided by the California consumer.

Exercising Access, Data Portability and Deletion Rights. Only a California consumer or a person registered with the California Secretary of State that is authorized to act on a California consumer’s behalf (“Authorized Agent”) may make a request to exercise the access, data portability and deletion rights described above. Requests may also be made on behalf of a minor child. Requests for access or data portability may only be made twice within a 12-month period. The request must:

provide sufficient information that allows the Company to reasonably verify the requestor is the person about whom the Personal Information is collected or an Authorized Agent and
describe the request with sufficient detail that allows the Company to properly understand, evaluate, and respond to it.

Requests should be made to the entity that collected the California consumer’s Personal Information. If the Company determines that another entity collected the Personal Information and shared it with the Company as a service provider, the requestor will be directed to submit the request to the entity that collected the Personal Information. California consumers or Authorized Agents may submit requests under the CCPA to the Company by:

Completing and electronically submitting the form found here,
OR sending an email to the Company at support@millimylk.com

California consumers may learn more about their rights under the CCPA by visiting https://oag.ca.gov/privacy/ccpa or send inquiries to the Company at support@millimylk.com. The Company cannot respond to requests or provide Personal Information if it is unable to verify a requestor’s identity or authority to make the request and confirm the Personal Information relates to the requestor. Making a request does not require you to create an account with the Company. Personal Information provided for identity verification for such requests will only be used to verify the requestor's identity or authority to make the request.

Response Timing and Format. The Company endeavors to respond to verified requests from California consumers within 45 days of receiving the request. If more time is required to comply with the request, the Company will inform the requestor of the need for an extension (up to an additional 45 days) and the reason in writing. If the requestor has an account with the Company, a response will be delivered to that account. If the requestor does not have an account with the Company, a response will be sent via email or regular mail, at the requestor’s option. Disclosures will only cover the 12-month period preceding the verified request. If the Company is unable to comply with a request, it will explain the reasons why. For verified data portability requests, requestors will be able to select a format to provide the Personal Information in that is readily usable and should allow the requestor to transmit the information from one entity to another without hindrance.

There is no fee or charge for processing or responding to verified requests unless a request is excessive, repetitive, or manifestly unfounded. If the Company determines that a request warrants a fee, it will explain that decision to the requestor and provide a cost estimate prior to complying with the request.

Identity Verification Requirements. The CCPA requires a verification process to confirm the identity of a California consumer who is exercising their rights as described above. Requests for additional information for verification purposes will be sent via email or regular mail, at the California consumer’s preference. If an Authorized Agent is being utilized for a request under the CCPA, The Company will require proof of the Authorized Agent’s authority for the particular California consumer and the identity verification will occur directly with the California consumer about whom the request is being made. If verification is necessary and the California consumer or its Authorized Agent making the request cannot or does not provide the additional requested information, the request may be denied.

Taking into consideration the type, sensitivity, and value of the Personal Information, the risk of harm posed by any unauthorized access or deletion, the likelihood that fraudulent or malicious actors might seek the information, whether the identity verification process is sufficiently robust to protect against fraudulent requests or being spoofed or fabricated, the nature of the transaction between the California consumer and the Company, and available technology for verification:

Verification for Password-Protected Accounts. Verification may include using the existing authentication practices for the account.
Verification for Non-Account Holders:

Requests to know categories of Personal Information: The CCPA requires the identity of the California consumer be verified to a reasonable degree of certainty, and may include matching at least two data points provided by the California consumer with data points maintained by the Company, and which the Company believes to be reliable for verification purposes.
Requests to know specific pieces of Personal Information: The CCPA requires the identity of the California consumer be verified to a reasonably high degree of certainty, and may include matching at least three pieces of Personal Information provided by the California consumer with data points maintained by the Company, and which the Company believes to be reliable for verification purposes. Additionally, the California Consumer must complete and submit a declaration under the penalty of perjury with an original signature that the California consumer making the request is the consumer whose Personal Information is the subject of the request.
Requests to Delete: The verification required for a request to delete depends on the sensitivity of the Personal Information and the risk of harm to the California consumer posed by the unauthorized deletion.

Non-Discrimination. The Company will not discriminate against a California consumer for exercising any rights under the CCPA. Unless permitted by the CCPA, the Company will not:

deny goods or services,
charge different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties,
provide a different level or quality of goods or services, or
suggest that a California consumer may receive a different price or rate for goods or services or a different level or quality of goods or services.

The Company may offer certain financial incentives permitted by the CCPA that may result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive offered will reasonably relate to a California consumer’s Personal Information’s value and contain written terms that describe the program’s material aspects. Participation in a financial incentive program requires a California consumer’s prior opt in consent, which may be revoked at any time.

Thank you for visiting the Company site, which is operated by Milli Mylk, Inc. with an address of 601 W 26^th St. Suite 1285, New York, NY 10001.

Cart