Privacy Policy
Updated: April 17, 2023
ChromaDex, Inc. and its affiliates (“ChromaDex”, “we”, “us”, or “our”) takes the protection of personal data very seriously. This Privacy Policy (the “Policy”) is designed to help you understand how we collect, use, share and protect the personal data of individuals in connection with providing our services and business operations. This Policy applies to the personal data we collect online and offline in the course of our business operations, including on our websites: www.chromadex.com, www.truniagen.com, www.truniagen.co.uk, www.truniagen.ca, www.truniagen.cn, pro.truniagen.com, aboutnad.com, investors.chromadex.com, and standards.chromadex.com.
The personal data we may obtain includes:
If you are using our services to purchase a product on behalf of another, we may require you to provide certain personal data about that person, such as their medical history. If this is the case, we ask that you inform this person that you have provided us their personal data and make them aware of this Policy.
We may collect this information when you use our websites (including to make purchases), apply for jobs with ChromaDex, attend one of our live events, visit our booth at trade shows or otherwise interact with us (for example, call or email us). In some cases, we also may obtain your personal data from other parties, such as through referrals, from your employer, our providers of recruiting services, or from our affiliates, vendors and other third parties with whom we work. We also may obtain other personal data about you in ways that we describe at the time of collection or otherwise with your consent.
Where we need to collect personal data by law or under the terms of a contract with you, and you choose not to provide that information when requested, we may not be able to provide you with our services. In this case, we may need to cancel a service you obtain from us but we will notify you if this is the case. For example, if you purchase a product from us, we require certain personal data about you (and the intended recipient of the product, if different) in order to complete the sale. Without such personal data, we may not be able to provide our products to you or the intended recipient. Similarly, if we purchase any products or services from you, we may require certain personal data about you in order to complete the purchase and without such personal data, we would be unable to procure products or services from you.
When you use our websites or open our emails, we may obtain certain information by automated means, such as through cookies, web server logs, web beacons (including pixels and tags) and other technologies. A “cookie” is a small file stored on your device that contains information about your device. These technologies help us (1) remember your information so you will not have to re-enter it; (2) track, understand and analyze how you use and interact with our websites; (3) personalize your experience with our websites, including providing you advertising and content based on your interests and location; (4) measure the usability of our websites and the effectiveness of our communications; (5) authenticate your identity, protect against fraud and provide our products and services; and (6) otherwise manage and enhance our products and services, and help ensure they are working properly.
We may use these automated technologies through our websites to collect information about your device, browsing actions, usage patterns and location. Through these automated means, we obtain certain device and browser information, such as your device IP address, general location information, unique device identifiers, device type and model, device characteristics and settings, browser information (e.g., browser type, settings and characteristics), operating system information (e.g., type and version), time zone setting and location, language and country preferences, referring or exit URLs and other device and application details. We also may obtain information about your interactions with our websites, such as pages visited (including the webpages you visited before coming to our websites), links clicked, features used, dates and times of access, session information, and other information about your use of our websites.
If you would prefer not to accept cookies, you can alter the configuration of your browser to reject all cookies or some cookies. Note, if you reject certain cookies, you may not be able to access all of the features on our websites.
For more information, please visit our Cookie Policy.
We use the personal data we obtain about you to perform our contract with you, or to take steps to form a contract with you, such as to:
We also use your personal data to pursue our legitimate interests in managing our customer relationships, securing and managing our websites, and running our business and recruitment process efficiently. For example, we process your personal data to:
We also may use the information in other ways for which we provide specific notice at the time of collection or with your consent, if required under applicable law.
If you are a based in the EEA or the UK, please see our EEA and UK Privacy Supplement for additional information on your rights in relation to the personal data we hold about you.
We may use third-party analytics services on our websites, such as Google Analytics. The providers of these analytics services use technologies such as cookies and web beacons to help us analyze your use of our websites. The information collected through these means may be disclosed to or collected directly by these analytics services. To learn more about Google Analytics, please visit: https://www.google.com/policies/privacy/partners/.
You may see our ads on other websites because we use third-party ad services on our websites. Through these ad services, we can tailor our messaging to individuals considering demographic data, inferred interests and browsing context. These ad services track information about your online activities over time and across third-party websites and apps by collecting information through automated means, including through the use of cookies, web server logs, web beacons and other similar technologies. These ad services may collect data about your visits to websites and apps that participate in these services, such as the pages or ads you view and the actions you take on the websites or apps. This data collection takes place both on our websites and on third-party websites and apps that participate in these ad services. These ad services use this information to show you ads that may be tailored to your individual interests. This process also helps us track the effectiveness of our marketing efforts.
To learn how to opt out of interest-based advertising, please visit::
www.aboutads.info/choices,
www.networkadvertising.org/choices/, or
http://preferencemgr.trustee.com/
In the EEA and UK, please visit:
www.youronlinechoices.eu/
(or www.youronlinechoices.com/uk/ in the UK).
For additional information on how we use cookies in connection with these services, please see our Cookie Policy.
We may share personal data, as described below:
We reserve the right to use, transfer, sell and share aggregated or other anonymous data, which does not include any personal data, about the users of our services as a group for any legal business purpose, such as analyzing usage trends and seeking compatible advertisers, sponsors, clients and customers.
ChromaDex maintains administrative, technical, organizational and physical security measures to help protect personal data from accidental, unlawful or unauthorized processing, such as unauthorized access, disclosure, use, alteration, loss or destruction.
To the extent required by applicable law, we keep the personal data we obtain about you for the period necessary to achieve the purposes described in this Policy, taking into account applicable statute of limitations periods and any legal, regulatory, tax, accounting or other records retention requirements. We may retain your personal data for a longer period in the event of a complaint or in reasonable anticipation of litigation. We generally seek to delete personal data within thirteen months of the last interaction with the respective data subject, unless such data is otherwise necessary to retain pursuant to the criteria described above.
If you are a job candidate, we will typically retain your personal data for a period of at least a year following the application process, unless otherwise permitted by law. We may keep some specific types of data, for example, your resume, for longer where we have a legitimate business reason to do so, such as to contact you for future opportunities.
Subject to applicable law, you may (1) request access to the personal data ChromaDex maintains about you; (2) request that ChromaDex update, correct, amend or delete your personal data; (3) request the restriction of ChromaDex’s use of your personal data; or (4) opt-out of the processing of your personal data for purposes of targeted advertising, certain profiling or the sale of your personal data. In addition, subject to applicable law, you may receive, in a structured, commonly used and machine-readable format, certain elements of your personal data that you have provided to ChromaDex. Subject to applicable law, you may have the right to have this information transmitted to another company, where it is technically feasible.
To exercise these rights, please contact us using the information in the “Contact Us” section of this Policy. We reserve the right to verify your identity in connection with any requests regarding personal data to help ensure that we provide the data we maintain to the individuals to whom it pertains, and allow only those individuals or their authorized representatives to exercise rights with respect to that data. You may appeal our decision with respect to a request you have submitted by contacting us as described in the “Contact Us” section below.
In addition, you may ask us to stop sending you marketing emails or other promotional communications. You may opt out of receiving such emails by following the instructions contained in each promotional email we send you or by contacting us as specified in the “Contact Us” section of this Policy. You also may update certain elements of your account details and settings by logging into your account on our websites.
If you are a California resident, please refer to our California Consumer Privacy Statement for more information about our privacy practices and your privacy rights under California law.
If you are a based in the EEA or UK, please see our EEA and UK Privacy Supplement for additional information on your rights in relation to the personal data we hold about you.
Our websites are designed for a general audience and are not directed to children under the age of 13. We do not knowingly solicit or collect personal data from anyone under the age of 18. If you believe your child’s personal data may be processed in the services, you can contact us using the information in the “Contact Us” section of this Policy to request that we delete the personal data.
For your convenience and information, our websites may provide links to other online services, and may include third-party features such as apps, tools, widgets and plug-ins. These online services and third-party features may operate independently from us. The privacy practices of the relevant third parties, including details on the data they may collect about you, are subject to the privacy statements of these parties, which we strongly suggest you review. To the extent any linked online services or third-party features are not owned or controlled by ChromaDex, we are not responsible for these third parties’ information practices.
We may update this Policy from time to time without notice to you to reflect changes in our privacy practices and the law. We will indicate at the top of the Policy when it was most recently updated. If we make any significant change to this Policy, we will post a notice on our website or otherwise notify you, to the extent required by applicable law. We encourage you to periodically review this page for the latest information on our privacy practices.
If you have any questions about this Policy or our processing of your personal data, please call us at +1.888.642.4361 or send us an email to privacy@chromadex.com.
Our Data Protection Officer may be contacted as follows: privacy@chromadex.com.
This EEA and UK Privacy Statement supplements our Privacy Policy and applies solely if you reside in the European Economic Area (EEA), the United Kingdom or Switzerland.
In the context of this Policy, ChromaDex, Inc. acts as a data controller for the personal data we process. This means that we decide why and how your personal data will be processed.
We may transfer the personal data we collect about you to recipients in countries other than the country in which personal data was originally collected. Those countries may not have the same data protection laws as the country in which you initially provided the personal data. When we transfer your personal data to recipients in other countries, we will protect that personal data as described in this Policy.
We are headquartered in the United States and your personal data will be transferred to or accessed by ChromaDex and our affiliates in the United States for the purposes described in this Policy. Where we transfer your personal data to the United States, or any other jurisdiction that has not been deemed to provide an adequate level of data protection, we will comply with applicable legal requirements regarding the provision of appropriate safeguards for the transfer of personal data to such jurisdictions. These safeguards include entering into EU approved Standard Contractual Clauses and/or the UK Data Transfer Addendum (as applicable) or relying on other appropriate transfer mechanisms permitted by the EU/UK GDPR.
You may ask for a copy of these safeguards by contacting us using the contact details provided below.
As a data subject located in the EEA or UK, you may have the following rights regarding your personal data, subject to applicable law:
You may exercise your rights by contacting us as described “Contact Us” section of this Policy.
You also have the right to lodge a complaint with a supervisory authority in your country if you are not satisfied with our response.
VeraSafe has been appointed as ChromaDex’s representative in the EU for data protection matters, pursuant to Article 27 of the EU GDPR. VeraSafe can be contacted in addition to ChromaDex only on matters related to the processing of personal data under the EU GDPR. To make such an inquiry, please contact VeraSafe using this contact form: https://www.verasafe.com/privacy-services/contact-article-27-representative
Alternatively, VeraSafe can be contacted at:
VeraSafe has been appointed as ChromaDex’s representative in the UK for data protection matters, pursuant to Article 27 of the UK GDPR. VeraSafe can be contacted in addition to ChromaDex only on matters related to the processing of Personal Data under the UK GDPR. To make such an inquiry, please contact VeraSafe using this contact form: https://verasafe.com/public-resources/contact-data-protection-representative
or via telephone at +44 (20) 4532 2003.
Alternatively, VeraSafe can be contacted at: