Privacy Policy

Effective Date:  January 1, 2023

Emerging Industry Technologies, Inc., d/b/a Spence Labs (“Spence Labs”, “we”, “us” or “our”)  knows that you care about the privacy of your information, and Spence Labs takes your privacy seriously.  This Privacy Policy explains how we collect, use and disclose personal information of users of our Services. “Services” means any products, services, websites, and mobile applications offered to you by Spence Labs.  The terms “we” and “us” are used throughout this Privacy Policy to refer to Spence Labs.  

This Privacy Policy is incorporated into our Terms of Use.  We understand that privacy disclosures are an ongoing responsibility, and so we will from time to time update this Privacy Policy as we change our practices related to personal information (as described below).  By accessing the Services or submitting your personal information in connection with the Services, you agree to the collection and processing of your personal information as described in this Privacy Policy.  If you do not agree with any part of this Privacy Policy, do not use the Services.  

 

Collecting Personal Information

We use the term “personal information” throughout this Privacy Policy to refer to information that identifies you, that is related to you, that describes you, that is linked with you, or that is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with you or your household.  We do not consider “personal information” to include information that has been deidentified or aggregated (meaning the information no longer identifies and is no longer linked with a particular individual).

We collect personal information from you when you actively share it with us (such as during account creation) and when you provide it to us passively through use of our Services.  We collect personal information from our service provider when you choose to connect your bank account to transfer money.  We also collect certain categories of personal information listed below from you when you choose to sync a non-Spence Labs account/service with your Spence Labs account (through the services of our third party provider, Yodlee, discussed below in more detail).  We use this information for a variety of business reasons as indicated in the chart below. Please note that the type of Personal Information collected may vary depending on the nature of your interactions with us.

 

Category of Personal Information and Specific Pieces Collected Categories of Sources from which Personal Information Collected Purposes for Collection / Use  Categories of Third Parties to Which Disclosed
Identifiers

Personal Information that includes real name, alias, postal address, unique personal identifier, online identifier, IP address, cookies that identify, email address, account name, search terms, what kinds of products you view, type of browser, time zone, or other similar identifiers.
  • Directly from you if you create an account, when you communicate with us, and other activities where you submit Personal Information to us
  • Cookies we collect from you through browsing the website or using the Service
  • To register or maintain an account or subscribing to marketing emails from us
  • To perform a transaction and provide you Services
  • To provide customer support
  • To improve our Services in order to better serve you
  • To allow us to better service you in responding to your customer service requests
  • To ask for ratings, surveys, and reviews of services
  • To follow up with you after correspondence (live chat, email, or phone inquiries)
  • For marketing purposes to personalize your experience and to allow us to deliver the type of content and product offerings in which you are most interested
  • When in line with the preferences you have shared with us, provide you with information or advertising relating to our products or services
  • To send you security codes for “multi-factor authentication” and help protect the security of your account;
  • Dispute resolution, audits and security, detection, prevention and mitigation of fraudulent or illegal activities
  • To enforce our Terms of Use or other applicable policies
  • Service Providers who provide website hosting services for our Services
  • Service providers who provide money transfer services (e.g., Yodlee) 
  • Service providers who provide marketing services to us 
  • Social media platforms used for advertising (e.g. Facebook, Instagram)
Commercial Information

Personal Information that reveals a consumer’s account log in, financial account, payment information, billing address, debit card, or credit card number in combination with any required security or access code, password or credentials allowing access to an account used to submit orders and perform transactions on or through the Services 
  • Directly from you
  • To process payment information
  • To access information as it relates to your financial account (note that we do not store your usernames or passwords for financial institutions on our servers)
  • To create a connection between your Spence Labs account and a third-party bank account through use of the third party’s API
  • Dispute resolution, audits and security, detection, prevention and mitigation of fraudulent or illegal activities
  • To enforce our Terms of Use or other applicable policies
  • Service Providers who provide website hosting services for our Services
  • Service providers who provide money transfer services (e.g., Yodlee) 
  • Payment processors 
  • Dispensaries who fill product orders
Internet or other electronic network activity information

This includes browsing history, search history, and information regarding a consumer’s interaction with an internet website, application or advertisement
  • Directly from you
  • Cookies we collect from you through browsing the Services
  • To provide you with appropriate products, recommendations, and updates
  • To show you relevant ads while you are browsing the internet or using social media
  • To improve the Services, set default options, and provide you with a better shopping experience
  • To enforce our Terms of Use or other applicable policies
  • Service providers who provide marketing services to us 
Inferences drawn from any of the information identified in this subdivision to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
  • Directly from you
  • Cookies we collect from you through browsing the Services
  • To provide you with appropriate products, recommendations, and updates
  • To show you relevant ads while you are browsing the internet or using social media
  • To improve the Services, set default options, and provide you with a better payment experience
  • Service providers who provide marketing services to us 
Sensitive Personal Information

We collect Sensitive Personal Information that includes your account log-in, bank account information, debit card, or credit card number 
  • Directly from you
  • To perform a transaction or facilitate a service
  • To provide authentications necessary to perform transactions and other services
  • Service Providers who provide website hosting services for our Services
  • Service providers who provide money transfer services (e.g., Yodlee) 
  • Payment processors 
Geolocation Data
  • Directly from you with your consent
  • To display custom content to you based on your location
  • Service providers who facilitate website hosting services

Please note that if you do not consent to the collection of geolocation information, certain Services will not function properly and you will not be able to use those Services.  

In addition, you may decide to provide us with the name and email address of another if you utilize our “Invite a Friend” feature.  You provide this information so that we can communicate with that person about our Services and we will use that information in accordance with the terms of this Privacy Policy.

 

Third Party Accounts

Our service is connected by Envestnet | Yodlee. When you provide your login credentials to connect a third party account (“Data Source”) to your Spence Labs account, Yodlee collects the financial information discussed above from the Data Source and provides it to us. Yodlee acts on our behalf in this process, which means we share the login credentials that you provide with Yodlee as one of our service providers. For more information on how Yodlee collects, uses, stores, and handles your data, please see Envestnet | Yodlee’s Commitment to its Clients and their Users (www.yodlee.com/company/clients-consumers). If there is any inconsistency between Yodlee’s Commitment and this Privacy Policy regarding Yodlee’s activities, then Yodlee’s Commitment is correct.

 

Deidentified or Aggregated Data

We may use deidentified or aggregated data that does not identify a particular individual for any purpose, and the use and disclosure of such information is not subject to this Privacy Policy.  

 

Sharing Personal Information

We share your Personal Information with service providers to help us provide our services and fulfill our contracts with You, as described above in our Collecting Personal Information chart. We have entered agreements with these service providers to use your Personal Information only for the purposes described in this Privacy Policy, and we commit to you that we will follow all relevant privacy laws when collecting and disclosing your Personal Information. We may share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect our rights. We also may share Personal Information in connection with or during negotiations of any reorganization, acquisition, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets, or stock. Except as stated in this Privacy Policy, Spence Labs does not sell, share, distribute or release your personal information with third parties without notice to You. 

 

Notice Regarding “Do Not Track” Signals

At this time, the Services are not able to respond to Do Not Track (DNT) signals. 

 

Third Party Services

This Privacy Policy does not address, and we are not responsible for, the privacy, information or other practices of any third parties, including any third party operating any site or service to which the Services links. The inclusion of a link on the Services does not imply endorsement of the linked site or service by us or by our affiliates.

 

Security

We use certain safeguards that are designed to maintain the integrity and security of personal information that we collect.  Despite our efforts, please be aware that no security measures are perfect or impenetrable and thus we cannot and do not guarantee the security of your data. 

 

How You Can Access or Change Your Personal Information or Deactivate Your Account

You can review and update your personal information or deactivate your account in your user profile at any time by logging into your account. For users of the Spence Labs website without a user account, You may exercise any of your data rights afforded to you under applicable privacy laws by contacting us at [email protected] or by using the contact information below. You may opt-out of receiving promotional email communications from us by following the unsubscribe options on such communications. Your personal information may persist in historical or archived copies if needed for legal or other legitimate business reasons. 

 

Behavioral Advertising

Like many websites, we also use analytics software to collect information about your use of our Services. We collect analytics internally from our Services’ content management system to track your IP address and the various pages of our Services that you visit and the information about your visit.

This software sets cookies and may also read preexisting cookies to collect data from your web browser, such as the domain from which you access the Internet, the web address of the website from which you linked to our Services, the time and date of your visit the web pages that you view and click through and your IP address.  This information is stored on servers and uses this information to provide Spence Labs with reports about traffic to our Services and your visit to our Services.  

We will use this analytics data to improve our Services structure and content, and provide you with personalized content to improve your experience.

 

Cookies

A cookie is a small amount of information that’s downloaded to your computer or device when you visit our Services. We use a number of different cookies, including functional, performance, advertising, and or content cookies. Cookies improve your browsing experience by allowing the Website to remember your actions and preferences (such as login and region selection). This means you don’t have to re-enter this information each time you return to the Website or browse from one page to another. Cookies also provide information on how people use the Website, for instance, whether it’s their first time visiting or if they are a frequent visitor. Some cookies also personally identify the user, providing Personal Information such as an IP address, whereas other cookies are necessary for our Services to function properly. We use both of these types of cookies to optimize your experience on our Services and to provide our services.

You can control and manage cookies in various ways. Please keep in mind that removing or blocking cookies can negatively impact your user experience and parts of our Services may no longer be fully accessible.

Most browsers automatically accept cookies, but you can choose whether or not to accept cookies through your browser controls, often found in your browser’s “Tools” or “Preferences” menu. For more information on how to modify your browser settings or how to block, manage or filter cookies can be found in your browser’s help file or through such sites as www.allaboutcookies.org.

 

Email Communications 

The CAN-SPAM Act gives recipients of commercial email the right to have emails stopped from being sent to them. You may unsubscribe from our marketing communications by clicking the “unsubscribe” link found in every commercial email we send, or (if you have an account with us) by sending us a request to unsubscribe at the following email address [email protected] . If you opt-out of receiving our marketing email communications, we may still send you email messages related to your account or specific transactions with us. Unsubscribing yourself from our marketing emails will not affect our service to you.

 

Retention Period

In general, we will retain all information collected through the Services for, at a minimum, the length of time permitted by law, and in accordance with our internal retention policy. However, we will delete any personally identifiable information in our database upon your request or as otherwise required by law.

We maintain backup files as a protection against natural disasters, equipment failures, or other disruptions. Backup files protect you and us because they lower the risk of losing valuable data. Backup files may contain records with your Personal Information. Removing a record from our active files and databases does not remove that record from any backup systems. Such backup data will eventually be passively deleted as backup records are erased through the normal recycling of backup files. In the meantime, as long as backup records exist, they receive the same security protections as our other records.

 

Your California Privacy Rights

California residents may exercise certain privacy rights pursuant to the California Consumer Privacy Act of 2018.  Your right to submit certain requests to us as a California resident are described below. You may designate an authorized agent to make the requests below on your behalf.  An authorized agent must submit proof to us that he or she has been authorized by you to act on your behalf, and you will need to verify your identity directly with us.

 

1. Verification of Requests

Please note that when submitting a request to exercise your data rights, You will be asked to provide information to verify your identity or authority to make the request before action is taken.  

We will generally try to avoid requesting additional information from You for the purpose of verification, but we may need to do so if we cannot verify your identity based on the information already maintained by us. If we request additional information to verify your identity, it will be for that purpose only, and will be deleted as soon as practical after processing the request, except as otherwise provided by law. Verification is required in order to confirm that the person submitting the request to know or request to delete is the person to whom the information relates, and to prevent unauthorized access or deletion of information. The specific steps taken to verify the identity of the requesting person may vary based on the nature of the request, including the type, sensitivity and value of the information requested, the risk of harm posed by unauthorized access or deletion, the likelihood that fraudulent or malicious actors may seek the information, the robustness of personal information provided to verify your identity, the nature of our business relationship with you, and available technology for verification. 

You may designate an authorized agent to make the requests below on your behalf. An authorized agent must submit proof to us that he or she has been authorized by you to act on your behalf, and you will need to verify your identity directly with us through the process described below. 

The following generally describes the verification processes we use:

  • Password Protected Accounts. If you have a password-protected account with us, we may use existing authentication practices to verify your identity, but will require re-authentication before disclosing or deleting data. If we suspect fraudulent or malicious activity relating to your account, we will require further verification (as described below) before complying with a request to know or delete.
  • Verification for Non-Accountholders. If you do not have, or cannot access, a password-protected account with us, we will generally verify your identity as follows:
    • For requests to know categories of personal information, we will verify your identity to a reasonable degree of certainty by matching at least two data points provided by you with reliable data points maintained by us.
    • For requests to know specific pieces of personal information, we will verify your identity to a reasonably high degree of certainty by matching at least three data points provided by you with reliable data points maintained by us. We will also require a declaration, signed under penalty of perjury, that the person requesting the information is the person whose information is the subject of the request or that person’s authorized representative. We will maintain all signed declarations as part of our records.
    • For requests to delete personal information, we will verify your identity to a reasonable degree or a reasonably high degree of certainty depending on the sensitivity of the personal information and the risk of harm posed by unauthorized deletion. We will act in good faith when determining the appropriate standard to apply. 

If there is no reasonable method by which we can verify your identity, we will state so in response to a request to know or delete personal information, including an explanation of why we have no reasonable method to verify your identity.

2. Right To Request More Information

We generally describe in this privacy policy how we collect, use, and share your personal information.  In addition to what is described above, if you are a California resident, you also have the right to request more information regarding the following, to the extent applicable in the past 12 months:

  • The categories of personal information we have collected about you.
  • The categories of sources from which we have collected your personal information.
  • The business or commercial purpose why we collected or, if applicable, sold your personal information.
  • The categories of third parties with whom we shared your personal information.
  • The specific pieces of personal information we have collected about you.
  • The categories of personal information that we have shared with third parties about you for a business purpose.
  • A list of all third parties to whom we have disclosed personal information, as defined under California Civil Code Section 1798.83(e) (a/k/a the “Shine the Light Law”), during the preceding year for third-party direct marketing purposes.

You may submit a request for the information above by calling us at (855) 773-6232, emailing us at [email protected], submitting a completed form available here.

Please note that due to the different requirements of the applicable laws, our response times may vary depending on the specific type(s) of information sought. We respond to all verifiable requests for information as soon as we reasonably can, and no later than legally required

In connection with submission of your request, we will take steps to verify your identity as outlined below, and you will need to verify your identity before action is taken.

 

3. Right To Request Deletion Of Your Personal Information

You have the right to request that we delete your personal information collected or maintained by us, subject to certain exceptions.  Once we receive and verify your request, we will let you know what, if any, personal information we can delete from our records, and we will direct any service providers with whom we shared your personal information to also delete your personal information from their records.  There may be circumstances where we cannot delete your personal information or direct service providers to delete your personal information from their records.  For example, if we need to:  (1) retain your personal information to complete a transaction or provide a good or service; (2) detect security incidents; (3) protect against unlawful activities; (4) identify, debug or repair errors; or (5) comply with a legal obligation.  You may submit a request to delete your personal information by calling us at (855) 773-6232, emailing us at [email protected], or submitting a completed form available here. If your request is submitted online, we will contact you to confirm that you want your personal information deleted. Effective January 1, 2023 under the CPRA, we will also notify our service providers and contractors, and any third parties to whom we have transferred your information about your request to delete. If we cannot delete all of your Personal Information, we will let you know why.

4. Right to Opt-Out of Our Selling of Personal Information

California residents may opt-out of the sale of their Personal Information or the sharing of their Personal Information for cross-context behavioral advertising by submitting a request to [email protected] or through the “Do Not Sell My Personal Information” link on Spence Labs’ website. If you have any questions, feel free to contact us at (855) 773-6232 or [email protected].

 

5. Right to Non-Discrimination for the Exercise of California Resident’s Privacy Rights

If you choose to exercise any of your California rights, you have the right not to receive discriminatory treatment by us.  This means that, consistent with California law, we will not deny providing goods or services to you, charge you different prices or provide a different level or quality of goods and services to you unless those differences are related to the value of your information.

6. Right to Limit the Use of Your Sensitive Personal Information.

Effective January 1, 2023 under the CPRA, if you are a California consumer, you may direct us to limit the use of your sensitive Personal Information to uses that are reasonably necessary to provide our goods and services, or as needed: to ensure security and integrity; for short-term, transient use, including for non-personalized advertising; to maintain or service accounts, provide customer service, process or fulfill orders and transactions, verify customer information, process payments, provide financing, provide analytic services, provide storage, or other similar services; and to verify or maintain the quality or safety of a service or device owned, manufactured, manufactured for, or controlled by us, and to improve, upgrade, or enhance such services or devices.  

We do not use your Sensitive Personal Information beyond the purposes necessary to perform functions of our business. As such, this right is not applicable.

 

7. Right to Correct Inaccurate Information

Effective January 1, 2023 under the CPRA, if you believe that any of the Personal Information we maintain about you is inaccurate, you may submit a request for us to correct that information. Upon receipt of a verifiable request to correct inaccurate Personal Information, we will use commercially reasonable efforts to correct the information as you direct.

Your Nevada Privacy Rights

If you reside in Nevada, you have the right to direct us to not sell your covered information, as defined in Chapter 603A of the Nevada Revised Statutes.  We do not and will not sell your personal information to third parties.  As such, there is no need to submit a request for us not to sell your personal information.  If you have any questions, please contact us at our designated request address at [email protected].

Children’s Information

Spence Labs does not intend for children under the age of 16 to use the Services or submit information.  No Personal Information is knowingly collected from any person under the age of 16.    

 

Updates to This Privacy Policy

We may make changes to this Privacy Policy. The “Effective Date” or “Last Updated” date at the top of this page indicates when this Privacy Policy was last revised. If we make material changes, we may notify you by doing one of the following: (i) posting an updated version, and the new effective date on the Services, (ii) notifying you in a banner pop-up or, or (iii) by sending you an email or other communication. We encourage you to read this Privacy Policy periodically to stay up to date about our privacy practices. Your use of the Services following these changes means that you accept the revised Privacy Policy.

 

Additional Information

If you have any questions regarding our privacy practices or this policy, please contact us at:

By mail at: 910 W. VanBuren St., Suite 100-317, Chicago, IL 60607

By email at: [email protected]

By online submission at: https://gospence.com/pages/contact-us/

===========================================================