PRIVACY POLICY

APIARY LIFE PRIVACY NOTICE

Version 1.8. Last revised: July 1, 2025

1. THE PURPOSE OF THIS DOCUMENT 

Apiary Life LLC (“Apiary Life”, “we,” “us,” or “our”) is committed to protecting the privacy and security of your personal information. This privacy notice describes how we collect and use your personal information during and after your relationship with us, when you engage with:  

  1. Our marketing website at apiary.life (“Marketing Site”)—which may include requesting demos or signing up for communications; and
  1. Our application at app.apiary.life (“Platform”), accessible only with a login, designed to provide life crisis support services.

Apiary Life is a "data controller". This means that we are responsible for deciding how we hold and use personal information about you. We are required under data protection legislation to notify you of the information contained in this privacy notice (sometimes referred to as a “privacy policy”).

Apiary Life is a life crisis support firm that provides a technology platform and associated consulting and administrative services to people dealing with particular life changes, challenges and transitions. The registered office for this organization is ℅ Mathey and Stern, 32 1ST ST. BROOKLYN, NY 11231. 

This notice applies to all clients and employees (including prospective clients and employees) and interested parties. It does not form part of any contract to provide services. We may update this notice at any time. A copy appears on our Marketing Site (https://www.apiary.life) and should be drawn to the attention of any person for whom it may be relevant. It is important that you read this notice, together with any other privacy notice we may provide on specific occasions when we are collecting or processing personal information about you, so that you are aware of how and why we are using such information.

By using our Marketing Site or Platform, you acknowledge that you have read this Privacy Notice.

EU Disclosure

This notice is designed to comply with the EU General Data Protection Regulation (GDPR) [GDPR Articles 12–14].

EU-US Data Privacy Framework (DPF) Adherence

Apiary Life complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce.  Apiary Life has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. DPF Principles and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF and from Switzerland in reliance on the Swiss-U.S DPF.   We have certified that we adhere to the Data Privacy Framework Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity & Purpose Limitation, Access, and Recourse, Enforcement & Liability. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles, the Principles shall govern.  To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit Data privacy framework website at https://www.dataprivacyframework.gov.  

You can find our certification by searching the public Data Privacy Framework List on the U.S. Department of Commerce website at https://www.dataprivacyframework.gov/list. Our DPF commitment is enforceable under U.S. law.  

We also confirm that we cooperate and comply with the advice of the EU DPAs under the EU-US DPF, the UK ICO and the GRA under the UK extension to the EU-US DPF in the investigation and resolution of complaints brought under the DPF Principles in terms of HR data.

California Disclosure

California residents have specific privacy rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), including the right to know what personal information we collect, the right to request its deletion (subject to certain exceptions), the right to opt out of the sale of personal information, and the right to non-discrimination for exercising these rights [California Civil Code §§1798.100–1798.199].  

We do not sell personal information.

2. DATA PROTECTION PRINCIPLES 

We will comply with data protection law. This says that the personal information we hold about you must be:  

  1. used lawfully, fairly and in a transparent way;
  1. collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes;
  1. relevant to the purposes we have told you about and limited only to those purposes;  
  1. accurate and kept up to date (and we will take reasonable steps to correct or delete information that is inaccurate);  
  1. kept only as long as necessary for the purposes we have told you about; and
  1. kept securely to maintain its integrity and confidentiality

3. THE KIND OF INFORMATION WE HOLD ABOUT YOU 

Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data). 

When clients create an account on the Platform, we will always obtain the following information: 

Name, and electronic contact details (such as email address)

When we are advising clients, we will also obtain information relating to the matter in which our advice or administrative support services are sought.  We only collect sensitive personal data when necessary for the purposes described in this notice and with additional safeguards or consent as required by law.

We may collect, store, and use the following categories of personal information about you: Personal contact details such as name, title, addresses, telephone numbers, and personal email addresses, date of birth, gender, marital status and dependents, family information, bank account details, employment, pension and tax information, information from identification documents and any other personal information provided to us by our clients directly. 

Dependent on your circumstances, it may also be necessary for us to collect, store, and use “special categories” of personal data which require a higher level of protection., such as: information about your race or ethnicity, political opinions, religious or philosophical beliefs, sexual orientation, trade union membership, information about your health including any medical conditions, genetic information and biometric data, and information about criminal convictions and offences.

The listing of data and details above is illustrative and not exhaustive. The need for us to obtain additional personal data will be determined by the reason we have been instructed in relation to a particular matter.

4. HOW PERSONALLY IDENTIFYING INFORMATION (“PII”) IS COLLECTED BY APIARY LIFE 

We typically collect personal information about our clients directly from them when taking instructions, as well as through forms on the Marketing Website and email/chat. We also collect information from and about third parties in connection with those instructions. We collect personal information whilst acting on behalf of our clients and managing our business operations. 

In particular, we may collect information from the following sources:  

  1. Publicly accessible sources: e.g., public records or databases, social media or professional profiles (where public), or other information available to the public.
  1. Third parties associated with you (with your consent): e.g., your bank or financial institution; your financial, legal, or tax advisors; consultants or other professionals you engage; your employer, professional or pension administrators; or medical and occupational health professionals, all as necessary in relation to a matter.
  1. Via our Marketing Site and the Platform. (Please see our Cookies Policy on our website for information about data collected via cookies and similar technologies.)
  1. Via our information technology (IT) systems such as: case management, document management and time recording systems; or automated monitoring of technical systems, such as our computer networks and connections, communications systems, email and instant messaging systems. 

5. HOW WE WILL USE INFORMATION ABOUT YOU 

We will only use your personal information when the law allows us to. Most commonly, we will use your personal information in the following circumstances:  

  1. where we need to perform a contract we have entered into with you; or  
  1. where we need to comply with a legal obligation.

We may also use your personal information in the following situations, which are likely to be rare:  

  1. where we need to protect your interests (or someone else's interests) such as in an emergency;  
  1. where it is needed in the public interest or for official purposes; or  
  1. where it is necessary for our legitimate interests (or those of a third party) and your interests, and fundamental rights do not override those interests.

Situations in which we will use your personal information 

Some or all of the categories of information above are required to allow Apiary Life to meet its contractual and legal obligations.  In some cases, we may use your personal information to pursue the legitimate interests of our own or third parties, such as business or commercial interests, provided your interests and fundamental rights do not override those interests.  Some of the above grounds for processing will overlap and there may be several grounds which justify our use of your personal information.

Finally, with your consent, we may use your personal information to send you marketing communications or updates that we believe may interest you (for example, newsletters, bulletins, or information about new services). You have the right to opt out of receiving marketing communications at any time

If you do not provide certain information when requested, we may not be able to meet our contractual and legal obligations we have entered into with you. 

Change of Purpose 

We will only use your personal information for the purposes (or reasonably compatible purposes) for which we collected it. If we need to use your personal information for an unrelated purpose, we will notify you and explain the legal basis which allows us to do so. Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law. 

6. HOW WE USE SPECIAL CATEGORIES OF DATA

“Special Categories” of personal data require higher levels of protection.  We need to have further justification for collecting, storing and using this type of personal information.  We may process special categories of information in the following circumstances:  

(a) in limited circumstances, with your explicit written consent; and  

(b) where we need to carry out our legal obligations/exercise specific legal rights. and where such processing is in line with our data protection policy.

Less commonly, we may process this type of information where it is needed in relation to legal claims or where it is needed to protect your interests (or someone else’s interests) and you are not capable of giving your consent, or where you have already made the information public.

For special categories of data, we will obtain affirmative express consent (opt in) from you if such information is to be (i) disclosed to a third party or (ii) used for a purpose other than those for which it was originally collected or subsequently authorized by you through the exercise of opt-in choice. 

Do we need your consent?

We do not need your consent if we use special categories of your personal data in accordance with our written policy to carry out our legal obligations or exercise specific legal rights.

In other cases, we will seek your explicit consent to process sensitive data, and you have the right to refuse or withdraw that consent as described in Section 12.

7. HOW WE USE INFORMATION ABOUT CRIMINAL CONVICTIONS

We will only use information relating to criminal convictions where the law allows us to do so or where we have obtained your explicit consent to do so. This will usually be where such processing is necessary to carry out our obligations, provided we do so in line with our data protection policy.

Less commonly, we may use information relating to criminal convictions where it is necessary in relation to legal claims, where it is necessary to protect your interests (or someone else’s interests) and you are not capable of giving your consent, or where you have already made the information public.

We will only collect information about criminal convictions if it is appropriate given the circumstances and where we are legally able to do so. We may be notified of such information directly by you or by other people. We will use information about criminal convictions and offences in the following ways:  

  1. to inform the way in which we deliver services;  
  1. to assist us in deciding whether to pursue/maintain a professional relationship; and  
  1. to comply with our professional or statutory obligations.  

8. DATA SHARING 

We may have to share your data with third parties, including third party service providers. We require third parties to respect the security of your data and to treat it in accordance with the law and this policy.

We may transfer your personal information to a country other than your own (including to the United States, if you are located in another country) for the purposes described herein. In particular, PII from individuals in the EEA, UK, or Switzerland may be transferred to the US.  

If we transfer your personal information internationally, we will ensure that appropriate safeguards are in place to protect it. For example, Apiary Life is a certified adherent to the EU-U.S. Data Privacy Framework (DPF), which means that PII transferred from Europe to our U.S. operations is protected under a recognized compliance mechanism. You can expect a similar degree of protection for your personal information wherever it is processed.

Why might you share my personal information with third parties? 

We may share your personal information with third parties:  

  1. In the interest of carrying out your instructions to provide our services,  
  1. When required by law,  
  1. When it is necessary to manage or market our business or where we have another legitimate interest in doing so. 

Which third party service providers process my personal information? 

Our third-party service providers (sometimes called “subprocessors”) change from time-to-time, and we can let you have details of parties who are processing your data at any given time upon request. 

We routinely share personal data with:  

(a) professional advisers who we instruct on your behalf or refer you to (such as lawyers, medical professionals, accountants, tax advisors or other experts);  

(b) other third parties where necessary to carry out instructions (such as government organizations or financial institutions);  

(c) our insurers and brokers or bank, as needed for insurance coverage, risk management, or payment processing; and / or

(d) external service suppliers, representatives and agents that we use to make our business more efficient, (such as marketing agencies or IT support companies). 

The following data sub-processors are utilized by Apiary Life during the course of normal business, and have been thoroughly reviewed to ensure their information security policies, standards, and guidelines meet or exceed Apiary Life's own safeguarding standards

Sub-ProcessorPurposeData DescriptionData Classification
AirtablePortal user data storagePII User dataRestricted
Cal.com"Demo Scheduling from the Marketing Website Client Scheduling in the App."Basic client PII (name and email)Confidential
Calendly"Demo Scheduling from the Marketing Website Client Scheduling in the App."Basic client PII (name and email)Confidential
CloudflareService workers for page security & edge deliveryProxies all inbound and outbound origin traffic; potentially all customer dataRestricted
HubspotCRM and Marketing Communications"Non-transactional marketing communicationsPII customer data"
Justworks"PayrollcomplianceHR
MailerliteClient Email/CommunicationBasic client PII (name and email)Confidential
MakeSystems Integration"Hosting records for apiaryconsulting.com and apiary.lifeno PII"
MemberstackWebsite accounts and loginsBasic client PII (name and email)Confidential
Microsoft"Online and local applications for emailbackofficeremote monitoring
NotionWorkspace/notes/tasks"Organizational planningno PII"
Oyster"PayrollcomplianceHR
Sana"Draftingdiligenceand support"
SquarespaceDomain Name Services (DNS)"Hosting records for apiaryconsulting.com and apiary.lifeno PII"
TimenEyeDescriptive Time Log EntriesPII User dataRestricted
WebflowApp and Marketing Website hosting"Provides execution context for memberstackwhich contains PII (name
WizedApplication MiddlewarePII User dataRestricted

How secure is my information with third party service providers? 

All of our third-party service providers are required to take appropriate security measures to protect your personal information in line with our policies and to provide the same level of protection as the DPF Principles. We do not allow our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions. 

What about other third parties?

We may share your personal information with other third parties, for example in the context of the possible sale or restructuring of the business, or if it is required for legitimate business activities (or similar).  

We may also need to share some personal information with other third parties, such as potential buyers of some or all of our business or during a restructuring or if it is required for legitimate business activities (or similar). Usually, information will be anonymized but this may not always be possible. The recipient of the information will be bound by confidentiality obligations.

Cross-Border Transfers:

We may transfer your personal information to countries outside your jurisdiction, including the United States. We rely on the EU-U.S. Data Privacy Framework (DPF) and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF as the legal basis for such transfers. We also maintain appropriate technical and organizational safeguards and may use Standard Contractual Clauses or other approved measures if necessary.  

Apiary Life remains responsible and liable under the DPF Principles for the processing of personal information it transfers to third-party agents. If something goes wrong, we will take responsibility to remedy the issue as required.

9. DATA SECURITY 

We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions, and they are subject to a duty of confidentiality (non-disclosure). We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so. 

Our security practices are periodically reviewed and updated to ensure we maintain a level of security appropriate commensurate with risk.

10. DATA RETENTION 

How long will retain my information?

Any personal information collected about you from the Marketing Site or Platform will be retained for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. 

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.  

For the purposes of providing client services, we will retain personal data belonging to clients in physical and electronic form for a maximum period of 5 years, unless a deletion request has been issued, or in specific circumstances as agreed in correspondence. We will not hold personal data for any longer than is necessary for the performance of our services.  

In compliance with the CCPA/CPRA, we inform California residents that we retain personal information only for as long as it is needed for the purposes described in this Notice or as required by law. If you require more specific information about retention periods for a particular category of data, you may contact us (see Section 14 and Section 15 for contact information).

11. RIGHTS OF ACCESS, CORRECTION, ERASURE, AND RESTRICTION (“RIGHT TO BE FORGOTTEN”)

Your duty to inform us of changes 

It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during your relationship with us. 

Your rights in connection with personal information

Under certain circumstances, by law you have the following rights: 

  1. Right of Access to your personal information (commonly known as a "data subject access request"). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it. 

  1. Right to Request the Correction/Rectification of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected. 

  1. Right to Erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to stop processing personal information where we are relying on a legitimate interest and there is something about your situation which makes you want to object to processing on this ground.

  1. Right to Restrict the Processing of your personal information. This allows you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it. 

  1. Right to Data Portability, to request the transfer of your personal information to you or another party in a structured, commonly used, machine-readable format.

  1. Right to Object to our processing of your personal data, for any purposes

If you wish to exercise any of these rights, or request that we transfer a copy of your personal information to another party, please contact our Chief Executive Officer in writing at contactus@apiary.life.

No fee usually required 

You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, as permitted by law we may charge a reasonable fee if your request for access is clearly unfounded or excessive. As permitted by law, we may refuse to comply with the request in such circumstances. 

What we may need from you 

For security, we may need to request specific information from you to help us confirm your identity and ensure you have the right to access the information (or to exercise any of your other rights). This is a security measure to ensure that personal information is not disclosed to any person who does not have the right to receive it. We will respond to legitimate requests within the timeframe required by law (for example, under GDPR erasure requests, we will complete deletion within 30 calendar days, and under CCPA we generally have 45 days to complete verifiable consumer requests) unless a lawful exemption exists  

12. RIGHT TO WITHDRAW CONSENT

In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please contact our Chief Executive Officer or any member manager at the company. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose(s) you originally agreed to, unless we have another legitimate basis for doing so in law. 

13. EU-U.S. DATA PRIVACY FRAMEWORK (“DPF”) COMPLIANCE AND DISPUTE RESOLUTION

Apiary Life is committed to subject to the DPF Principles all personal data received from the European Union, the United Kingdom (and Gibraltar), and Switzerland in reliance on the relevant part(s) of the DPF program,  

Apiary Life is committed to resolving any complaints or concerns about our collection or use of your personal data. European Union or UK individuals with inquiries or complaints regarding this privacy notice should first contact us (see Section 15 for contact details). We will investigate and attempt to resolve any complaints or disputes regarding the use or disclosure of your personal information within 45 days of receiving your complaint.

If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, we have designated an independent recourse mechanism to provide an impartial resolution. Apiary Life has chosen JAMS (an alternative dispute resolution provider based in the U.S.) as our independent recourse mechanism for the Data Privacy Framework. You can contact JAMS or submit a complaint free of charge to you. For more information or to file a complaint with JAMS, you can visit the JAMS DPF Dispute Resolution page at https://www.jamsadr.com/DPF-Dispute-Resolution or the online submission page at https://www.jamsadr.com/submit/. You can find relevant contact details for JAMS at https://www.jamsadr.com/DPF-Dispute-Resolution.  JAMS will serve as a neutral party to help resolve the issue in accordance with the DPF Principles.

If your DPF complaint is not resolved through the above channels, under certain conditions you may be entitled to invoke binding arbitration as a final resort to address any residual disputes. This option is available for EU or UK individuals as described in Annex I of the DPF Principles, and can be invoked provided you have pursued the other available remedies and provide proof of such efforts. Apiary Life has committed to the arbitral process and, if required, will participate in binding arbitration and abide by the decisions of the DPF arbitration panel.

Apiary Life’s compliance with the EU-U.S. Data Privacy Framework and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF is subject to the investigatory and enforcement powers of the United States Federal Trade Commission (FTC). We will cooperate with U.S. authorities and any applicable EU Data Protection Authorities in the investigation and resolution of DPF complaints. In the event of a conflict between this privacy policy and the DPF Principles, the DPF Principles shall govern for personal data transferred from the EU, UK, or Switzerland.

14. CALIFORNIA PRIVACY RIGHTS (“CCPA” / “CPRA”)

If you are a resident of California, USA, you have specific rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), in addition to the general rights described in this Privacy Notice. This section provides additional information for California residents, as required by law.

Categories of Personal Information Collected: In the preceding 12 months, Apiary Life has collected the following categories of personal information about consumers, as defined by California law: identifiers (such as name, contact details, online identifiers), personal information categories described in Cal. Civ. Code §1798.80(e) (such as contact information and financial information), characteristics of protected classifications (such as age, gender, marital status – if you provide them), commercial information (if you engage our services, details about those services), internet or other electronic network activity information (through your interactions with our website/app, as described in our Cookies Policy), professional or employment-related information (if you provide details about your job or employer as part of our service), and sensitive personal information (such as health or medical information, or information about racial or ethnic origin or other sensitive categories you provide for service purposes). We collect these categories of information for the purposes described in Section 5 of this Privacy Notice, including to operate and improve our services, to fulfill contractual obligations, and to comply with law.

Categories of Sources: We collect personal information directly from you (the consumer) and from other sources as needed to provide our services (see Section 4, “How Personal Information is Collected,” for a detailed list of sources, such as public databases, your employer (if your access is through an employer-provided service), or other professionals involved in your matters).

Business or Commercial Purposes for Collection: We use and disclose personal information we collect for the business purposes outlined in Sections 5/6 of this Notice. Generally, these purposes include providing our services to you, communicating with you, improving our platform, ensuring security, marketing (with consent), and compliance with legal obligations. We do not collect additional categories of personal information or use the collected information for materially different, unrelated, or incompatible purposes without providing you notice.

Categories of Third Parties to Whom We Disclose Personal Information: We may disclose personal information to third parties as described in Section 8 of this Notice. In the past 12 months, we have disclosed the categories of personal information listed above to service providers and other contractors who assist us in running our business (e.g., cloud storage providers, IT support, communications services), to professional advisors and partners involved in delivering services to you, and to other parties in the event of corporate transactions or as required by law (e.g., in response to legal process or government requests). All such disclosures are for the purposes of our business (or as required by law) and we ensure the recipients are bound to keep the information confidential and use it only for our specified purposes.

Sale of Personal Information / Sharing for Targeted Advertising: Apiary Life does not sell personal information to third parties for monetary consideration. We also do not “share” personal information as defined under CPRA (we do not disclose personal information to third parties for cross-context behavioral advertising purposes). In the past 12 months, we have not sold personal information about consumers, and we have not shared personal information for targeted advertising. If our practices change in the future, we will update this policy and provide appropriate notices and opt-out mechanisms as required by law. (Note: Transfers of personal information to our service providers and sub-processors as listed in Section 8 are done solely for business purposes on our behalf and are not considered a sale or sharing under CCPA/CPRA.)

Your California Privacy Rights: As a California consumer, you have the following rights with respect to your personal information, under the CCPA/CPRA:

  • Right to Know: You have the right to request that we disclose what personal information we have collected, used, and disclosed about you over the past 12 months. This includes the specific pieces of information we have about you, as well as the categories of personal information, the categories of sources of that information, the business or commercial purposes for collecting it, and the categories of third parties to whom we disclosed it. (Much of this information is provided in this Privacy Notice; you may also request it formally.)
  • Right to Delete: You have the right to request that we delete personal information we have collected from you (and direct our service providers to do the same), subject to certain exceptions. For example, we may need to retain certain information to complete a transaction you requested, to detect security incidents, to comply with a legal obligation, or other reasons allowed by law. If an exception applies, we will let you know in our response.
  • Right to Correct: You have the right to request that we correct inaccurate personal information that we maintain about you. As described above, you can contact us to update or correct your information at any time. We may ask for documentation if needed to verify the correct information.
  • Right to Opt Out of Sale/Sharing: As noted, Apiary Life does not sell personal information or share it for targeted advertising. If we ever intend to sell your personal information, you will be provided with clear notice and the opportunity to opt out. Since we do not engage in these practices, we do not display a “Do Not Sell or Share My Personal Information” link.
  • Right to Limit Use of Sensitive Personal Information: You have the right to direct us to limit the use or disclosure of your sensitive personal information if we use it for purposes beyond what is necessary to provide our services or other exempt purposes. In our case, any sensitive personal information we collect (such as health data or other special categories) is used only to provide you services and for purposes you expect or authorize. We do not use sensitive information to infer characteristics about you or for any secondary purposes that would trigger the right to limit. If that ever changes, we will honor your right to limit and provide a mechanism for you to exercise that right.
  • Right to Non-Discrimination: You have the right not to receive discriminatory treatment from us for exercising any of your CCPA rights. This means we will not deny you services, charge you a different price, or provide a different level of quality of service just because you exercised your privacy rights under California law. Any financial incentive or benefit we might offer related to your personal information would require opt-in consent and would be explained to you in a separate notice (we do not currently offer such programs).

How to Exercise Your California Rights: To exercise your Right to Know, Delete, or Correct as a California resident, you (or your authorized representative) may submit a request to us by contacting us through any of the methods listed in Section 15 (see “Contact Us” below). For CCPA requests, you can reach us by email at contactus@apiary.life with the subject line “California Privacy Rights Request,” or mail your request to our postal address provided in this Notice. If you have an existing account with us, you may also be able to submit requests through your account or profile settings when logged in, if applicable.

Verification: We will need to verify your identity (and/or your agent’s authority) for security purposes before processing a California rights request. This may involve asking you to provide certain information that we can match against our records (such as confirming pieces of data we already have, or providing identification). For an authorized agent making a request on your behalf, we may require proof of the agent’s registration with the California Secretary of State (if applicable) or a valid power of attorney, as well as evidence of your permission for the agent to submit the request on your behalf. We aim to respond to verifiable consumer requests within 45 days as required by the CCPA (and we will inform you if an extension of up to an additional 45 days is needed).

15. COMPLAINTS

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Apiary Life commits to resolve DPF Principles-related complaints about our collection and use of your personal information.  Individuals with inquiries or complaints regarding our handling of personal data, including that received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF should first contact Apiary Life at contactus@apiary.life.

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Apiary Life commits to referring unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF to JAMS (an alternative dispute resolution provider based in the U.S.) as our independent recourse mechanism for the Data Privacy Framework.  If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit https://www.jamsadr.com/DPF-Dispute-Resolution or more information or to file a complaint.  The services of JAMS are provided at no cost to you.

16. CHANGES TO THIS PRIVACY NOTICE 

We reserve the right to update or modify this Privacy Policy at any time. Any changes to this Privacy Policy will be effective immediately upon posting the revised version on our Marketing Site. The history of such revisions is listed below.

Your continued use of our services following the posting of any changes constitutes your acceptance of those changes. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. If we make any material changes to this Privacy Policy, we will notify you by placing a prominent notice on our Marketing Site or by other appropriate means.  If you have any concerns or would like to receive the most recent version of our privacy policy then please contact us at contactus@apiary.life.  We may also notify you in other ways from time to time about the processing of your personal information.