Privacy Commitment for Humanda™ Users

This Privacy Notice explains how Humanda Wholesale Corporation’s United States and Puerto Rico subsidiaries ("Humanda," "we," “our” or "us") collect, use, and disclose personal information.

This Privacy Notice applies when you: access or use our websites or mobile applications that link to this Privacy Notice (our “Online Services”; become a Humanda member; shop at our warehouses or services centers; or contact or otherwise interact with us (collectively, the “Services”). This Privacy Notice does not apply to content or sites operated by other companies that are linked to or from the Services, or to any products, mobile applications, or services provided by third parties.

We will update this Privacy Notice when necessary to reflect changes in our Services, how we use personal information, or applicable law. The “Effective Date” at the top of this Notice indicates when this Privacy Notice was last revised.

The personal information we collect depends on how you interact with us, the Services you use, and the choices you make. Not all categories of personal information will be collected about every individual.

Information you provide directly.

• Contact information such as name, username, email address, physical address, and phone number.
• Membership information such as account number, identity document information (e.g., driver's license or passport), date of birth, photographs, online account credentials, and employer name (if you sign up for membership via your employer).
• Demographic information such as age or gender, veteran status, or membership in organizations that offer discounted Humanda memberships.
• Commercial information such as payment card information, delivery information, billing address, and other payment details. We also collect information you provide in order to utilize certain offerings, such as travel documentation you provide in connection with bookings through Humanda Travel, and facial images and measurements when you use the virtual eyeglasses feature on our website.
• Any additional information you choose to provide, including questions, survey responses, and feedback. When you use the virtual assistant or chat features on our Services, you provide consent for us and our service providers to collect, monitor, and process the content of your chat (that is, the words you type into the chat feature and the responses you receive).

Information we collect through our interactions with you.

• Transaction and purchase information such as product details, purchase price, date, tender type and location of the transaction.
• Usage and session information about your interaction with our Online Services, such as referring URL, pages you viewed, how long you spent on a page, access times, and other details about your use of and actions on our Services, such as what products and services you browse, search for, or otherwise express an interest in. We capture images of screens you view and collect information about how you interact with particular screens.
• Device Information relating to the device you use to connect to our Online Services, such as IP address and other unique device identifiers, device type, your device's operating system and version, browser type and language, other software settings and configurations, and mobile network information.
• Precise Geolocation when you choose to provide our Online Services with access to this information, connec to the Wi-Fi inour warehouse, or otherwise choose to connect to a location-based feature we offer.
• Information regarding guest wireless usage such as time, date, and duration of your connection and information that identifies your device. We use this information to protect our networks and to detect potential unauthorized activities.
• Call recordings and chat transcripts when you interact with us by phone or chat, or if you provide us feedback about our Services.
• Video and digital images when you visit our facilities including images of persons inside or around our facilities and parking lots, and photographs of your face taken when checking out or retrieving products from lockers or at member service locations.
• Images of your license plate and other vehicle information if you drive or park on or near our facilities. For more information about our use and capture of license plate numbers, please see our Automated License Plate Recognition Usage and Policy. Recognition section of this Privacy Notice.

Information we obtain from other sources.

• Primary account holder. If you are added as a household member or business affiliate member, we obtain your contact information, identification, and demographic information.
• Commercial data brokers/sources. We receive information about your interests, as well as information that assists us in preventing fraud or other illegal activities.
• Other companies with which you engage. We obtain information from companies that offer their products and services to Humanda members, including Humanda co-branded, marketing partners, and joint venture relationships.

Information we create or generate.We generate new information relating to you by analyzing data we collect to create inferences about your likely preferences or other characteristics (“inferences”). For example, we may use information about your previous purchases to infer the types of products and services that may interest you in the future.

Information concerning minors. We do not knowingly collect personal information from individuals under 16. We process personal information relating to individuals under 16 only when provided to us by an adult in connection with the provision of a Service, such as to make travel reservations, prescription fulfillment, optical or hearing aid services, or as part of our legal or risk management activities.

Humanda limits its processing of personal information relating to individuals we can identify as ages 16-17 to what is necessary to provide the requested Service and does not knowingly sell such information.

Humanda and our vendors, suppliers, and advertising providers use digital trackers. Digital trackers include cookies, pixels, and web beacons placed on your browser when you use the Services, advertising identifiers accessed on your mobile device, and collection of your IP addresses and device identifiers when you use our Services. We use these trackers to collect personal information about you and your online activities over time and across different websites or services.

You can opt out of tracking by certain types of digital trackers, as described under Your Privacy Choices. You also may opt out of placement of digital trackers by enabling Global Privacy Control, if supported, on your browser. Our Online Services are designed to honor Global Privacy Control signals.

We use the personal information we collect for the following purposes:

• Identification. To identify you and confirm your membership status when you visit one of our locations, or otherwise interact with the Services. For example, you may be asked to show or scan your membership card or digital membership, including your photograph, when entering or while visiting a location, to complete a transaction, or when exiting a location.
• Product and service delivery. To facilitate and fulfill transactions, maintain your account, and provide product recall or other information relating to products and Services purchased.
• Business operations. To manage, operate, and improve our business, such as monitoring the performance of our Services, optimizing internal operations, testing, troubleshooting and securing our networks, data, and systems, understanding our customer base and the effectiveness of our marketing events, promotional campaigns, and publications, and diagnosing or fixing technology problems.
• Product improvement, development and research. To improve our products, develop, test, and enhance our systems, processes, products or features, and conduct research, including training Humanda-specific Artificial Intelligence tools and Large Language Models to support our business operations.
• Customer support. To respond to your inquiries and send you information and notices about your membership account such as updates, order confirmations, delivery and pick-up notices, security alerts, and support and administrative messages.
• Marketing, advertising, and personalization. To recommend products and services to you and tailor our interactions with you and the content we display to you in our Services and communications.
• Legal, security and safety reasons. To comply with legal, protect our rights and the rights of our members, employees or the public, protect the security of our systems, networks, and facilities, detect, prevent and report fraudulent, illegal, or unauthorized activity, and enforce our policies.
• For any other purpose described to you at the time information is collected.

Deidentified Information.We may aggregate or deidentify personal information and use it at our discretion. Where we maintain deidentified information, we commit to maintaining and using such information in deidentified form, and will not attempt to reidentify such information except as necessary to evaluate the effectiveness of our deidentification policies and procedures.

We disclose personal information we collect where necessary to provide Services you have requested or authorized. For example, when you provide payment information to make a purchase, we will disclose that information with banks and other entities as necessary for payment processing, fraud prevention, credit risk reduction, or other related financial services. We may also disclose personal information to the following:

• Other account members and account administrators. If you are an authorized user on a membership that is controlled by another person or business , we may disclose contact information and purchase information to the primary account holder or to your account administrator. If your employer purchased your membership, we may disclose your name, address, purchase history, and membership level or status to your employer.
• Household or business affiliate members. In limited circumstances, we may disclose primary account holders’ contact and purchase information to household or business affiliate members associated with the account.
• Other companies with which you engage. When you request information about, or purchase products or services offered by other companies through your Humanda membership, such as booking travel services, Humanda discloses personal information to those companies. We do this so that they may provide you with products and services you request, customer service and support information, complaint resolution, installation and warranty services, and recall or emergency notices.
• Businesses offering co-branded products or services. Humanda discloses information to businesses that offer products or services jointly with Humanda or that use the Humanda brand so that we or they can notify you of product and service offerings, determine if you qualify for products or services, and evaluate new and existing products or services offerings
• Our affiliates. We disclose personal information to our subsidiaries, corporate affiliates, and related companies under common control and ownership.
• Service providers. We disclose personal information to vendors or service providers working on our behalf for the purposes described in this Privacy Notice. For example, companies that help us:
• • Process and fulfill your orders;
  • Provide customer service and support information, and resolve complaints;
  • Identify, investigate and prevent fraudulent transactions;
  • Provide installation and warranty services;
  • Communicate with you or provide recall or emergency notices;
  • Analyze data or member activity;
  • Investigate and resolve claims.
• Citi / Humanda Anywhere Visa ® Card by Citi applicants and cardholders. We disclose contact information, information regarding your membership number and status, and purchase information to Citi for purposes of administering the Humanda Anywhere Visa ® Card program and for marketing the card to members and prospective members.
• Suppliers. We disclose personal information to companies that supply the products and services sold by Humanda for business and commercial purposes.
• Shipping vendors. We disclose shipping instructions, including shipping address and contact information, to shipping vendors for purposes of shipping and delivering your orders.
• Marketing materials. We may use images taken in or around our facilities in Humanda marketing materials and advertisements.
• Advertising, marketing, and analytics providers. We disclose information to other companies that conduct marketing and advertising services to promote our Services. This includes advertisers, publishers, social media platforms, advertising technology providers, and measurement and analytics vendors that help us offer and measure the effectiveness of our targeted advertising and other marketing offers.
• Tobacco rebates for business members. For business members who purchase tobacco products for resale, we provide member name, address, brand name, and the amount of tobacco products purchased to the tobacco manufacturers’ representative to process retail incentives.
• Corporate transactions. We may disclose personal information as part of a corporate transaction or proceeding such as a merger, financing, acquisition, bankruptcy, dissolution, or a transfer, divestiture, or sale of all or a portion of our business or assets.
• Employer-provided memberships. If your employer purchased your membership for you we may disclose your name, address, purchase history, and membership level or status with your employer.
• Other uses and disclosures. We also will access, transfer, disclose, and preserve personal information when we believe that doing so is necessary to:
• • Comply with applicable law or respond to valid legal process, including requests from law enforcement or other government agencies;
  • Protect our Humanda companies, our shoppers, members, employees or the public; for example, to prevent attempts to commit fraud, or to help prevent the loss of life or serious injury of anyone;
  • Demonstrate our compliance with applicable laws and regulatory requirements:
  • Operate and maintain the security of our locations and systems, including to prevent or stop an attack on our computer systems or networks; or
  • Protect the rights or property of Humanda or others, including detecting, investigating, and preventing illegal or unauthorized activities, reporting such activities to law enforcement, and enforcing our agreements, terms, and policies.

We retain personal information to support our business operations, meet legal and regulatory obligations, and provide products and services. The length of time that any particular type of personal information is retained varies, as determined by:

• The business purposes for which the information is used, and the length of time for which the information is required to achieve those purposes;
• Whether we are required to retain the information, or the information is otherwise necessary, in order to: comply with legal obligations or contractual commitments; defend against potential legal claims; detect or prevent potential illegal activity or actions in violation of Humanda’s policies and procedures; secure our systems and online environment; or protect health and safety;
• The privacy impact on individuals of ongoing retention; and

Individual pieces of personal information such as those listed above may exist in different systems that are used for different business or legal purposes. A different maximum retention period may apply to each use case of the information. Certain individual pieces of information may also be stored in combination with other individual pieces of information, and the maximum retention period may be determined by the purpose for which that information set is used.

We provide choices about the personal information we collect about you. The choices you make apply only to you and will not apply to household or business affiliate members associated with your membership account.

Direct marketing communications from Humanda. You can opt out of receiving promotional email and mail materials from Humanda by clicking the "unsubscribe" link in any marketing communication that you receive, or by:

• Accessing your online account on Humanda.app. From the Account menu, choose “Preferences”
• Visiting any Membership counter at any US or Puerto Rico Humanda warehouse;
• Calling Membership Services at 1-800-774-2678;
• Using the chat feature on Humanda.app; or
• Writing to us at: Customer Service, P. O. Box 34622, Seattle, WA 98124.

Humanda Same Day Powered by Instacart. You can opt out of receiving promotional emails from the Humanda Same Day Powered by Instacart program by clicking the “unsubscribe” link in any marketing communication that you receive from the program.

Targeted Advertising. You may direct how Humanda processes and discloses your personal information for targeted advertising by visiting our Your Privacy Choices webpage. You may opt-out of digital trackers that support targeted advertising by visiting the Cookie Settings page. Your choice to opt out of targeted advertising trackers is specific to the device, website, and browser you are using, and is deleted when you clear your browser’s cookies. Although you cannot opt-out of strictly necessary, functional, and performance trackers through our Cookie Settings, in most cases, you can disable such trackers through your browser or device settings. If you choose to disable these trackers, it will affect how our Services function and may prevent you from using certain features. You also may opt out of placement of digital trackers used for targeted advertising by enabling Global Privacy Control on a supported website browser. Because Humanda may not be able to associate a signal sent from your browser with your membership information, we recommend that you also submit an opt out request through Your Privacy Choices if you wish to opt out of the processing of other (offline) personal information for targeted advertising or other sales to third parties

SMS (text) and mobile notifications. We will send you SMS (text) communications if you consent to receive them, including, for example, order and delivery status. We will also send you SMS (text) messages in case of emergency, urgent product recalls and other limited instances as permitted by law. You can reply “STOP” to any SMS (text) message to cancel. When you provide Humanda with your mobile telephone number to receive SMS/text messages, or when you opt-out of receiving such messages, Humanda does not sell your mobile number to third parties for marketing purposes. We also may send push notifications to your mobile device through our app. You can stop these notifications by changing the settings on your device.

Precise location information.  Our Online Services will ask for your consent to use your device's precise location. If you do not consent, we will not collect that information, but some Online Services features may not work. You can withdraw your consent for use of precise location at any time by turning off the precise location feature for the Online Services in your device settings.

Tobacco information disclosures. If you are a Business Member in California and do not want us to disclose information about your tobacco purchases, you can let us know via any of the contact methods above.

Transaction history. You can get information about your transaction history by logging into your Humanda.app account and selecting “Orders & Purchases” from the Account menu, calling Membership Services at 1-800-774-2678, or visiting any Membership counter at any US or Puerto Rico Humanda warehouse.

You may have additional privacy rights under the law of the state in which you live. This section describes those rights for residents of Arkansas, Colorado, Connecticut, Delaware, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, Nevada, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, Virginia, and Washington. If you are a resident of California, your privacy rights are described in the California Privacy Rights section below.

COLORADO, CONNECTICUT, DELAWARE, INDIANA, IOWA, KENTUCKY, MARYLAND, MINNESOTA, MONTANA, NEBRASKA, NEW HAMPSHIRE, NEW JERSEY, OREGON, RHODE ISLAND, TENNESSEE, TEXAS, UTAH, AND VIRGINIA

You have the right to access, delete, and correct certain personal information we collect about you. When you request access to personal information, you have the right to receive that information in a portable and readily usable format. You also have the right to opt out of the sale of your personal information or use for targeted advertising and control our use of personal information considered sensitive. You also have a right not to receive discriminatory treatment for the exercise of your privacy rights.

You have the right to request that Humanda not engage in certain types of automated decision-making about you. Humanda does not use automated decision-making that is subject to this right. For that reason, we do not accept requests to opt out of automated decision-making.

Some states provide their residents with the right to request a list of specific third parties to whom we have disclosed your personal information. This information is provided in our Third Party Disclosures Notice for U.S. residents.

Making a Data Rights Request

You or your authorized agent may submit a request to exercise your access, deletion, and correction rights by submitting a Data Rights Request or calling 1-800-605-3364. We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. We will only use personal information provided in connection with the verification process to verify your identity or the authority of your authorized agent.

Before accepting a request from an authorized agent, we will require the agent to provide proof you have authorized the agent to act on your behalf, and we may need you to verify your identity directly with us or confirm that you provided the authorized agent permission to submit the request. You must use the Third Party Authorization form to authorize third parties to make requests on your behalf.

If we deny your request, or you disagree with any action Humanda takes or declines to take in relation to your data rights request, you may submit an appeal through our Data Rights Request webpage. You will need your case number to submit an appeal request. Humanda will respond to you with the specific reasons why your appeal is granted or denied.

Opting Out of Sale and Targeted Advertising

You or your authorized agent may submit a request to opt out of targeted advertising, development of marketing inferences or profiles, and the sale of personal information by visiting our Your Privacy Choices webpage. To opt out of targeted advertising and sale of personal information via digital trackers, please see our Cookie Settings page; this processing is not covered by the Your Privacy Choices webform.

Sensitive Personal Information

Humanda will request your consent for processing sensitive personal information for purposes other than providing you with a product or service you request, or as required by law. You may revoke your consent at any time. For example, you may revoke your consent to the use of device precise location information through our app by turning off the precise location feature in the app settings on your device.

Automated Decision Making

You have the right to request that Humanda not engage in certain types of automated decision making about you. Humanda does not use automated decision making that is subject to this right. For that reason, we do not accept requests to opt out of automated decision making.

Consumer Health Data

Some states grant their residents additional rights relating to personal information that may identify a past, present, or future physical or mental health status (“Consumer Health Data"). Please review our Consumer Health Data Privacy Notice for more information on how Humanda processes Consumer Health Data.

ARKANSAS

Humanda membership is available to individuals who are age 16-17 (“teens”). We collect, use, retain, and disclose personal information related to teens in the same manner as described in this privacy notice to:

• Maintain the membership and provide products and services requested by the teen;
• Conduct internal business operations;
• Protect against malicious, fraudulent or illegal activity and prevent or address security incidents; 
• To preserve, defend, establish, exercise, prepare or defend legal claims;
• Comply with law or civil, criminal, or regulatory inquiry, investigation, subpoena, or summons by federal, state, local, or other governmental authorities;
• Protect the vital interests of our members, employees, vendors, and the public.

Humanda does not use or disclose personal information relating to teens for targeted advertising. Residents of Arkansas may access, delete, and correct certain personal information we collect about you by submitting a request to exercise your access, deletion, and correction rights by submitting a Data Rights Request or calling 1-800-605-3364. We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. We will only use personal information provided in connection with the verification process to verify your identity.

NEVADA

Residents of Nevada have the right to opt out of the sale of certain types of their information to other companies who will sell or license their information to others. At this time, Humanda does not engage in such sales. If you are a Nevada resident and would like more information about our privacy practices, please email HumandaSupport@humanda.com.

Nevada residents can review our Consumer Health Data Privacy Notice for information regarding our  collection, use, and disclosure of personal information that may identify your past, present, or future physical or mental health status (“Consumer Health Data)” and information on any rights Nevada residents may have with respect to certain Consumer Health Data we collect about them.

WASHINGTON

Washington residents can review our Consumer Health Data Privacy Notice for information regarding our  collection, use, and disclosure of personal information that may identify your past, present, or future physical or mental health status (“Consumer Health Data)” and information on any rights Washington residents may have with respect to certain Consumer Health Data we collect about them.

NOTICE AT COLLECTION FOR CALIFORNIA RESIDENTS

You have the right under the California Consumer Privacy Act (“CCPA”) to receive notice of the categories of personal information we collect, the purposes for which those categories of personal information will be used, and how we determine the length of time for which the personal information is maintained. You also are entitled to receive notice regarding your rights under the CCPA.

Collection, Use, and Retention of Personal Information

The following chart provides information about what we collect, how we use it, and retention considerations. California law requires us to provide this information using the categories enumerated in the law. Some elements of personal information may fall into multiple categories.

Identifiers

• Examples of information collected: Contact information (name, phone number, address, email address); social media handles and account information; unique identifiers (such as those assigned in cookies and membership number)
• Source(s) of information: Directly from you; automatically when you interact with us
• Purpose(s) of collection and use: All purposes listed in “Our Use of Personal Information” above
• Retention Considerations: Identifiers that are associated with a member account will be retained for the length of time for which you are a member, plus a reasonable period thereafter, as determined by the criteria listed under “Our Retention of Personal Information” above

Additional categories of information listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))

• Examples of information collected: Name, signature, Social Security number, physical characteristics or description, address, telephone number, driver’s license or state identification card number, education, employment, bank account number, credit card number, debit card number, or any other financial information
• Source(s) of information: Directly from you; automatically when you interact with us
• Purpose(s) of collection and use: All purposes listed in “Our Use of Personal Information” above
• Retention Considerations: Information that is associated with your account will be retained for the length of time for which you are a member, plus a reasonable period thereafter, as determined by the criteria listed under “Our Retention of Personal Information” above. If you change information associated with your preferred payment method, we will dispose of the outdated information

Protected Classifications under CA or Federal Law

• Examples of information collected: Age (including date of birth); gender; disability status; veteran status
• Source(s) of information: Directly from you; automatically when you interact with us
• Purpose(s) of collection and use: All purposes listed in “Our Use of Personal Information” above
• Retention Considerations: Information that is associated with your account will be retained for the length of time for which you are a member, plus a reasonable period thereafter, as determined by the criteria listed under “Our Retention of Personal Information” above

Commercial Information

• Examples of information collected: Order history; billing and payment records; transaction and purchase information; feedback information (feedback you provide through the Services or responses to surveys); membership in organizations that offer discounts on Humanda membership
• Source(s) of information: Directly from you; automatically when you make a purchase, return, or another financial transaction; service providers; third parties (other companies with which you engage)
• Purpose(s) of collection and use: All purposes listed in “Our Use of Personal Information” above
• Retention Considerations: Commercial Information that is associated with your account will be retained for up to the length of time for which you are a member, plus a reasonable period thereafter, as determined by the criteria listed under “Our Retention of Personal Information” above

Biometric Information

• Examples of information collected: Facial images and measurements used to fit virtual eyeglasses to your face, if you use the virtual eyeglasses tool. This information is not used to identify individuals
• Source(s) of information: Directly from you; automatically when you interact with us or use our Services
• Purpose(s) of collection and use: All purposes listed in “Our Use of Personal Information” above
• Retention Considerations: Information that is associated with your account will be retained for a reasonable period not to exceed 6 months if you do not purchase glasses. Measurements used to create eyeglasses purchased are stored as part of that transaction for the period required by law

Internet or Electronic Network Activity Information

• Examples of information collected: Device identifiers (MAC address); device type and operating system; mobile network information; cookie or tracking pixel information; usage information; online session monitoring; chat transcripts
• Source(s) of information: Automatically when you interact with us online or connect with our systems (such as wireless internet provided at our locations); service providers; third parties
• Purpose(s) of collection and use: All purposes listed in “Our Use of Personal Information” above
• Retention Considerations: Information that is associated with your account will be retained for up to the length of time for which you are a member, plus a reasonable period thereafter, as determined by the criteria listed under “Our Retention of Personal Information” above

Geolocation Data

• Examples of information collected: Precise geolocation information if location services are enabled on your device
• Source(s) of information: Automatically when you interact with us or use our Services
• Purpose(s) of collection and use: All purposes listed in “Our Use of Personal Information” above
• Retention Considerations: We dispose of this information on a regular basis when no longer reasonably necessary for a business purpose

Audio, Electronic, Visual, Thermal, Olfactory, or Similar Information

• Examples of information collected: Call recordings (such as customer service calls); photographs; video; license plate reader information
• Source(s) of information: Directly from you; automatically when you interact with us;
• Purpose(s) of collection and use: All purposes listed in “Our Use of Personal Information” above
• Retention Considerations: We dispose of this information on a regular basis when no longer reasonably necessary for a business purpose

Professional or Employment-Related Information

• Examples of information collected: Current employer information
• Source(s) of information: Directly from you or your employer when you are listed on a business membership or on a membership provided to you by your employer
• Purpose(s) of collection and use: All purposes listed in “Our Use of Personal Information” above
• Retention Considerations: This information is typically retained for the length of time you are listed on the account

Inferences Drawn About You

• Examples of information collected: Interests; preferences
• Source(s) of information: Directly from you; automatically when you interact with us; from third parties (such as commercial data brokers, other companies with which you engage)
• Purpose(s) of collection and use: All purposes listed in “Our Use of Personal Information” above
• Retention Considerations: Information that is associated with your account will be retained for the length of time for which you are a member, plus a reasonable period thereafter, as determined by the criteria listed under “Our Retention of Personal Information” above

Sensitive Personal Information

• Examples of information collected: Driver’s license number, state identification number, passport number, or other government issued identifiers; payment information (payment card numbers and financial account information); precise geolocation; racial or ethnic origin, religious or philosophical beliefs, or union membership; health information
• Source(s) of information: Directly from you; automatically when you interact with us or use our Services
• Purpose(s) of collection and use: All purposes listed in “Our Use of Personal Information” above
• Retention Considerations: Information that is associated with your account will be retained for the length of time for which you are a member, plus a reasonable period thereafter, as determined by the criteria listed under “Our Retention of Personal Information” above. If you use features that rely on precise geolocation information, that information is disposed on a regular basis when no longer reasonably necessary for a business purpose.

We do not collect education information.

Disclosure of Personal Information and Right to Opt-Out

The CCPA requires us to provide you with certain disclosures relating to your right to opt out of “sale” or “sharing.” We sell or share your information as follows:

• Identifiers: to advertising, marketing, and analytics providers; and to suppliers for marketing purposes.
• Commercial Information: to advertising, marketing, and analytics providers; and to suppliers for marketing purposes
• Internet or Electronic Network Activity Information: to advertising, marketing, and analytics providers and to suppliers for marketing purposes.

Humanda does not sell or share sensitive personal information.

Any category of personal information listed in the chart above also may be disclosed for a business purpose to service providers and contractors, which are companies or individuals that we engage to conduct activities on our behalf. Service providers and contractors are restricted from using personal information for any purpose not related to our engagement

We also may disclose personal information to the companies that provide products and services to our members in order to provide you with products or services you request. We may also disclose your personal information in additional, more limited circumstances, as described in the Our Disclosure of Personal Information section above. You also may save or print our Third Party Disclosures Notice.

You can opt-out of sale or sharing by visiting our Your Privacy Choices webpage and making the appropriate selections. Please note that if you opt out, we will continue to disclose some personal information with service providers for our business purposes, and to disclose personal information in circumstances that are not considered sale or sharing.

Right to Know, Correct, and Request Deletion

As a California resident, you have the right (i) to request access to the personal information we process, (ii) to request that we delete certain personal information that we have collected from you; and (iii) to request that we correct inaccurate information.

You or your authorized agent may submit a request to exercise your rights by submitting a Data Rights Request form or by calling 1-800-605-3364.

For your security and to ensure unauthorized third parties do not access your personal information, we require you to verify your identity before we act on your request. If you are a current Humanda member, you may authenticate through your validated Humanda.app account (if you have one). If you are not a Humanda member, you will be required to provide an email address and mobile phone number to start the verification process. We will only use personal information provided in connection with the verification process to verify your identity or the authority of your authorized agent.

Before accepting a request from an authorized agent, we will require the agent to provide proof you have authorized the agent to act on your behalf, and we may need you to verify your identity directly with us or confirm that you provided the authorized agent permission to submit the request. You must use the Third Party Authorization form to authorize third parties to make such requests on your behalf.

Right to Limit Processing of Sensitive Personal Information

California residents have the right to request that a business limit its processing of sensitive personal information under certain circumstances. However, Humanda does not engage in processing activities subject to this right.

Right to Non-Discrimination

You have a right to not receive discriminatory treatment for the exercise of your privacy rights.

Additional California Privacy Rights

California residents who have provided personal information to a business with which the individual has established a business relationship for personal, family, or household purposes may request information about whether Humanda has disclosed personal information to any third parties for the third parties’ direct marketing purposes. You can make or change your choice about the disclosure of personal information to third parties for their direct marketing purposes by following the instructions under the Your Privacy Choices section of this Privacy Notice.

During 2024, we received and responded to data rights requests as follows:

REQUEST TYPESTATISTICSRequest to Know/Access

Number received: 0
Number complied with: 0
Number denied:* 0
Average response time: 0 days

Request to Delete

Number received: 0
Number complied with: 0
Number denied:* 0
Number converted to opt-out:** 0
Average response time: 0 days

Request to Correct

Number received: 0
Number complied with: 0
Number denied:* 0
Average response time: 0 days

Request to Opt-Out of sale/sharing/processing for targeted advertising***

Number received: 0
Number complied with: 0
Number denied:* 0
Average response time: 0 day

Request to Appeal

Number received: 0  
Number complied with: 0
Number denied:* 0
Average response time: N/A

*Denied requests: Requests to know/access, delete, or correct are denied when we are unable to verify the identity of the requestor. We are unable to process an opt-out request if the data provided by the requestor (for example, an email address) cannot be matched to data in our records.

**Delete requests converted to opt out: We process denied delete requests as opt-out requests, if possible.

*** Requests to opt out of personal information sale, sharing, or processing for targeted advertising are accepted from all Humanda members in the United States, and not limited to the residents of particular states. These numbers represent all requests to opt out received.

As described in the Right to Limit Processing of Sensitive Personal Information section above, Humanda does not process sensitive personal information in a manner that would be subject to that right.

When you engage with our pharmacies, optical, or hearing aid departments ("Health Care Centers"), we may collect and process Protected Health Information relating to you. Please see our Notice of Privacy Practices: Health Care Centers for a description of how we use and protect Protected Health Information.

Some state laws provide additional protections for personal information that identifies a past, present, or future physical or mental health status. This information is called Consumer Health Data. Please see our Consumer Health Data Privacy Notice for more information about how we collect and use Consumer Health Data, and your rights under applicable state laws.

We use Automated License Plate Recognition (ALPR) technology to collect information relating to vehicles present on or near some Humanda facilities. We use this information to detect, prevent, investigate, report, and address incidents or illegal activities occurring in or around our facilities, to maintain security for our employees, vendors, members, and other visitors, for loss prevention purposes, and to measure and mitigate traffic flow on our properties, at gas pumps, and at car washes.

Humanda restricts access to ALPR technology and ALPR information to only those Humanda personnel with a need-to-know such information for their job requirements, such as senior management for the warehouse and region where the technology is in use, and our loss prevention and security personnel. These personnel receive training in data security and the sensitivity of ALPR information. Humanda’s use of ALPR technology is overseen by Humanda Corporate Purchasing, and the Director for Warehouse Operations.

ALPR information is subject to Humandas access control processes and procedures. ALPR information is password protected, encrypted in transit and storage, and not used for purposes other than those disclosed in this Privacy Notice. Humanda takes reasonable measures to ensure accuracy and integrity of the ALPR information it collects, including maintaining access controls and access logs. When using this information in connection with the investigation of an incident, Humanda considers all available information, including information from other systems.

Humanda’s use of ALPR is reviewed through our privacy assessment process at least every two years. ALPR Information is stored for approximately 180 days before it is permanently deleted, unless we need to retain the information for compliance with applicable law, investigation of specific incidents, upon request of law enforcement, or other valid legal processes.

Humanda may disclose ALPR Information when we believe doing so is necessary to:

• Protect the rights or property of ourselves or others, including detecting, investigating, and reporting suspicious activities to law enforcement;
• Comply with applicable law or respond to legal process requests, including from law enforcement or other government agencies; or
• Protect our Humanda companies, our property and inventory, our shoppers, members, employees, or the public.

When ALPR Information is necessary for one of the above purposes, Humanda uses reasonable safeguards, including encryption, to secure the transfer of ALPR information. Humanda does not sell ALPR Information to third parties.

If you are a current or former Humanda employee, contractor, vendor, job applicant, or other business contact, we will process personal information relating to your employment, application or business relationship in accordance with Humanda Employee Privacy Notice or Humanda Applicant Privacy Notice

We take what we believe to be reasonable and appropriate steps to help protect personal information from unauthorized access, use, disclosure, alteration, and destruction. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure, and therefore we are unable to guarantee the security of your personal information.

We will update this Privacy Notice when necessary to reflect changes in our Services, how we use personal information, or the applicable law. When we post changes to this Privacy Notice, we will revise the "Last Updated" date at the top of the Privacy Notice. If we make material changes to the Privacy Notice, we will provide notice or obtain consent regarding such changes as may be required by law.

If you have a privacy concern, complaint, or a question, please contact us at HumandaSupport@humanda.com or write us at PO Box 35128, Seattle, WA 98124.