True Botanicals, Inc. Privacy Policy

Last Updated: January 1, 2023

This “Privacy Policy” describes the privacy practices of True Botanicals, Inc. (“Company,” “we,” “us” and “our”) in connection with the website, located at (the “Site”) and online and offline services (including our retail stores) (“Services”), and the rights and choices available to individuals with respect to their information.

How to Contact Us Path

If you have any questions or concerns or complaints about our Privacy Policy or our data collection or processing practices, please contact us at the following address, email or phone number:

True Botanicals 
One Lovell Avenue 
Mill Valley, California 94941

Children Path

The Services are not directed to, and we do not knowingly collect personal information from, anyone under the age of 13. If a parent or guardian becomes aware that his or her child has provided us with information without their consent, he or she should contact us. We will delete such information from our files as soon as reasonably practicable. We encourage parents with concerns to contact us.

Users Outside the United States Path

If you are a non U.S. user of the Site, by visiting the Site and providing us with data, you acknowledge and agree that your Personal Data may be processed for the purposes identified in the Privacy Policy. In addition, your Personal Data may be processed in the country in which it was collected and in other countries, including the United States, where laws regarding processing of Personal Data may be less stringent than the laws in your country. By providing your data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to require that your data is treated securely and in accordance with this Privacy Policy.

Personal Information We Collect Path

Information you provide to us

Personal information you may provide to us through the Site or Services or otherwise communicate to us may include:

  • Account Registration: When you create an account to log into our network (“Account”), we may collect information such as, but not limited to, your first and last name, email and mailing addresses, phone number, username and password.
  • Purchases: If you sign up for a subscription or make a purchase, we, or our third-party payment processor, will collect your transaction details and other information needed to process and fulfill your order, including your credit card type, credit card number, expiration date, security code, billing address, and delivery address.
  • Contact Information: We collect your contact details (such as, but not limited to, your name, email and mailing addresses, phone number and professional title) when you provide it to us through the Site, the Services or otherwise, including by signing up for our newsletter.
  • Feedback: If you provide us feedback or contact us via email, we will collect your name and email address, as well as any other content included in the communication.
  • Survey Data: If you participate in one of our surveys, such as our online Skincare Quiz,  or our Skin Tint Shade Finder, we will collect your responses to those surveys, which may include information about your age range, skin type, skin care routine, interests and preferences.
  • Other Information: We may collect other information about you that is not specifically listed here and will use it in accordance with this Privacy Policy.
Information You Provide to Social Media Platforms

We may maintain pages for our Company on social media platforms, such as Facebook, LinkedIn, Twitter, Google, YouTube, Instagram, TikTok, and other third-party platforms. When you visit or interact with our pages on those platforms, the platform provider’s privacy policy will apply to your interactions and their collection, use and processing or your personal information. You or the platforms may provide us with information through the platform, and we will treat such information in accordance with this Privacy Policy.

If you choose to login to the Services via a third-party platform or social media network, or otherwise connect your account on the third-party platform or network to your account through the Services, we may collect information from that platform or network. For example, this information may include your Facebook username, user ID, profile picture, cover photo, and networks to which you belong (e.g., school, workplace). You may also have the opportunity to provide us with additional information via the third-party platform or network, such as a list of your friends or connections and your email address. You can read more about your privacy choices in the “Third-party platforms or social media networks” portion of the “Your Choices” section below.

Information Collected via Technology

We, our service providers, and our business partners may automatically log information about you, your computer or mobile device, and activity occurring on or through the Sites and other online services. The information that may be collected automatically includes:

  • Device Data, such as your computer or mobile device operating system type and version number, manufacturer and model, device identifier (such as the Google Advertising ID or Apple ID for Advertising), browser type, screen resolution, IP address, the website you visited before browsing to our Site, and general location information such as city, state or geographic area; and
  • Online Activity Data, such as information about your use of and actions on the Sites, including pages or screens you viewed, how long you spent on a page or screen, navigation paths between pages or screens, information about your activity on a page or screen, access times, and length of access.

Our service providers and business partners may collect this type of information over time and across third-party websites and mobile applications.

Information Collected from Others

We may receive personal information about you from third-party sources. For example, a business partner may share your contact information with us if you have expressed interest in learning specifically about our products or services, or the types of products or services we offer. We may obtain your personal information from other third parties, such as marketing partners or publicly available sources.

Cookies & Other Technologies Path

We may allow service providers, including but not limited to our email service provider, and other third parties to use cookies and similar technologies to track your browsing activity over time and across the Site and third-party websites and online services. Cookies are text files that websites store on a visitor‘s device to uniquely identify the visitor’s browser or to store information or settings in the browser for the purpose of helping you navigate between pages efficiently, remembering your preferences, enabling functionality, helping us understand user activity and patterns, and facilitating analytics and online advertising. This information, which may be used internally or for marketing purposes generally, allows us, among other things, to improve the delivery of our Site to you, analyze usage, and measure traffic on the Sites. We review our users' preferences, interests, demographics, traffic patterns, and other information so that we can better understand our audience and what they want.

  • Google Analytics: We use Google Analytics for this purpose. Google Analytics uses its own cookies. You can find out more information about Google Analytics cookies here and about how Google protects your data here. You can prevent the use of Google Analytics relating to your use of our websites by downloading and installing the browser plugin available here.
  • Flash Cookies: When we post videos, third parties may use local shared objects, known as flash cookies to store your preferences for volume control or to personalize certain video features. Flash cookies are different from cookies because of the amount and type of data and how the data is stored.
  • Web Beacons: Web beacons are also known as pixel tags or clear GIFs, which are used to demonstrate that a webpage or email address was accessed or opened, or that certain content was viewed or clicked. 
  • Do Not Track: Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit. We currently do not respond to “Do Not Track” or similar signals. To find out more about “Do Not Track,” please visit
  • Session Replay Technologies: We use session replay technologies, such as those provided by Hotjar, that employ software code to record users’ interactions with the Services in a manner that allows us to watch and analyze visual reconstructions of those user sessions. The replays may include users’ clicks, mobile app touches, mouse movements, scrolls, and keystrokes/key touches during those sessions. These replays help us diagnose usability problems and identify areas for improvement. You can learn more about Hotjar at, and you can opt-out of session recording by Hotjar at

How We Use Your Personal Information Path

To operate the services

We may use your personal information to:

  • provide, operate and improve the Service
  • provide information about our products and services
  • establish and maintain your user profile on the Service
  • facilitate your ability to login to the Services via third-party identity and access management providers, such as Facebook and Wunderkind
  • fulfill any order(s) you place with us, including to facilitate shipping and returns
  • communicate with you about the Service, including by sending you announcements, updates, security alerts, and support and administrative messages
  • operate and communicate with you about events or contests in which you participate
  • understand your needs and interests, and personalize your experience with the Services and our communications
  • provide support and maintenance for the Services
  • respond to your requests, questions and feedback
To send you marketing and promotional communications.

We may send you True Botanicals-related marketing communications as permitted by law. You will have the ability to opt out of our marketing and promotional communications as described below.

To serve Targeted advertisements.

We work with advertising partners to display advertisements on the Services. These advertisements are delivered by our advertising partners and may be targeted based on your use of the Services or your activity elsewhere online. To learn more about your choices in connection with advertisements, please see the section below titled “Targeted online advertising.”

To display user testimonials and feedback.

We often receive testimonials and comments from users who have had positive experiences with our Services. We occasionally publish such content. When we publish this content, we may identify our users by their first and last name and may also indicate their home city and age range. We obtain the user’s consent prior to posting his or her name along with the testimonial. In addition, we may publish user feedback on the Site or other Service platforms from time to time. We will share your feedback with your first name and last initial only. If we choose to post your first and last name along with your feedback, we will obtain your consent prior to posting your name with your feedback. If you make any comments on a blog or forum associated with our Site, you should be aware that any personal data you submit there can be read, collected, or used by other users of these forums, and could be used to send you unsolicited messages. We are not responsible for the personally identifiable information you choose to submit in these blogs and forums.

To create anonymous, aggregated or de-identified data.

We may create anonymous, aggregated or de-identified data records from your personal information and other individuals whose personal information we collect. We make personal information into anonymous, aggregated or de-identified data by excluding information (such as your name) that makes the data personally identifiable to you. We may use this data and share it with third parties for our lawful business purposes.

For compliance.

We may use your personal information to:

  • comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities
  • protect our, your or others’ rights, privacy, safety or property (including by making and defending legal claims)
  • audit our internal processes for compliance with legal and contractual requirements and internal policies
  • enforce the terms and conditions that govern the Services
  • prevent, identify, investigate and deter fraudulent, harmful, unauthorized, unethical or illegal activity, including cyberattacks and identity theft

How We Share Your Personal Information Path

Information you provide to us

We do not share your personal information with third parties without your consent, except in the following circumstances or as described elsewhere in this Privacy Policy:

  • Service Providers: We may share your personal information with third-party service providers to:  provide you with the Services that we offer you, including through our Site; to conduct quality assurance testing; to facilitate creation of accounts; to provide technical support; to send you emails; and/or to provide other services to the Company.
  • Payment Processors: Any payment card information you use to make a purchase on the Service is collected and processed directly by our payment processors, such as Braintree and Shopify. Each payment processor may use your payment data in accordance with its respective privacy policy. Braintree’s Privacy Policy is available at ( and Shopify’s Privacy Policy is available at (
  • Affiliates: We may share some or all of your personal information with our parent company, subsidiaries, joint ventures, or other companies under a common control, in which case we will require our Affiliates to honor this Privacy Policy.
  • Corporate Restructuring: We may share some or all of your personal information in connection with or during negotiation of any merger, financing, acquisition or dissolution, transaction or proceeding involving sale, transfer, divestiture, or disclosure of all or a portion of our business or assets.  In the event of an insolvency, bankruptcy, or receivership, personal information may also be transferred as a business asset. If another company acquires our company, business, or assets, that company will possess the personal information collected by us and will assume the rights and obligations regarding your personal information as described in this Privacy Policy.
  • Third-Party Companies:  We may enter into agreements with business partners, such as companies that aggregate consumer data that we collect to facilitate advertising.  We do not share California residents’ personal information in this manner.
  • Advertising Partners: When we use third-party cookies and other tracking tools, our advertising partners may collect information from your device to help us analyze use of the Service, display advertisements on the Service and advertise the Service (and related content) elsewhere online.
  • Third-Party Platforms and Social Media Networks: If you have enabled features or functionality that connect the Service to a third-party platform or social media network, we may disclose the personal information that you authorized us to share. We do not control the third-party’s use of your personal information.
  • Compliance: We may share personal information with law enforcement, government authorities, and private parties, as we believe in good faith to be necessary or appropriate for the compliance purposes described above.

Third-Party Websites Path

Our Site may contain links to third-party websites. When you click on a link to any other website or location, you will leave our Site and go to another site and another entity may collect personal data from you. We have no control over, do not review, and cannot be responsible for, these outside websites or their content. Please be aware that the terms of this Privacy Policy do not apply to these outside websites or content, or to any collection of your personal data after you click on links to such outside websites. We encourage you to read the privacy policies of every website you visit. The links to third-party websites or locations are for your convenience and do not signify our endorsement of such third parties or their products, content or websites.

Your Choices Path

Your Choices Regarding Your Information.

You have several choices regarding use of information on our Services:

  • Email Communications: We will periodically send you free newsletters and emails that directly promote the use of our Site or Services.  When you receive newsletters or promotional communications from us, you may indicate a preference to stop receiving further communications from us and you will have the opportunity to opt out by following the unsubscribe instructions provided in the email you receive or by contacting us directly (please see contact information above). We may still send you service-related communications, including notices of any updates to our Terms of Use or Privacy Policy.
  • Text Communications: You may elect to receive text messages from us. When you sign up to receive text messages, we will send you information about promotional offers and more. These messages may use information automatically collected based on your actions while on our sites and may prompt messaging such as cart abandon messages. To the extent you voluntarily opt to have Text notifications sent directly to your mobile phone, we receive and store the information you provide, including your telephone number or when you read a text message. You may opt out of receiving text messages at any time by texting “STOP” to our text messages. For more information about text messages, see our Terms and Conditions.
  • Cookies: Most browsers let you remove or reject cookies.  To do this, follow the instructions in your browser settings.  Many browsers accept cookies by default until you change your settings.  Please note that if you set your browser to disable cookies, the Site may not work properly. For more information about cookies, including how to see what cookies have been set on your device and how to manage and delete them, visit  Similarly, your browser settings may allow you to clear your browser web storage.
  • Access or Update Your Personal Information: You may change any of your personal data in your Account by editing your profile within your Account or by sending an email to us at the email address set forth above.  You may request deletion of your personal data by us, and we will use commercially reasonable efforts to honor your request, but please note that we may be required to keep such information and not delete it (or to keep this information for a certain time, in which case we will comply with your deletion request only after we have fulfilled such requirements).  When we delete any information, it will be deleted from the active database, but may remain in our archives. We may also retain your information for fraud or similar purposes.
  • Third-Party Platforms or Social Media Networks: If you choose to connect to the Services via a third-party platform or social media network, you may have the ability to limit the information that we may obtain from the third-party at the time you login to the Services using the third-party’s authentication service or otherwise connect your account. Subsequently, you may be able to control your settings through the third-party’s platform or service. For example, you may access and change your settings through the Facebook settings page for Apps and Websites. If you withdraw our ability to access certain information from a third-party platform or social media network, that choice will not apply to information that we have already received from that third-party.
  • Advertising Choices: You may be able to limit use of your information for targeted advertising through the following settings/options/tools:
  • Blocking cookies in your browser: Most browsers let you remove or reject cookies, including cookies used for interest-based advertising. To do this, follow the instructions in your browser settings. Many browsers accept cookies by default until you change your settings. For more information about cookies, including how to see what cookies have been set on your device and how to manage and delete them, visit
  • Blocking advertising ID use in your mobile settings: Your mobile device settings may provide functionality to limit use of the advertising ID associated with your mobile device for interest-based advertising purposes.
  • Using privacy plug-ins or browsers: You can block our websites from setting cookies used for interest-based ads by using a browser with privacy features, like Brave, or installing browser plugins like Privacy Badger, Ghostery, uBlock Origin, or DuckDuckGo, and configuring them to block third party cookies/trackers.
  • Platform opt-outs: The following advertising partners offer opt-out features that let you opt-out of use of your information for interest-based advertising:
    ⁃ Google:
    ⁃ Facebook:
    ⁃ Outbrain:
  • Advertising industry opt-out tools: You can also use these opt-out options to limit use of your information for interest-based advertising by participating companies:
    - Digital advertising Alliance:
    Network Advertising Initiative:

Note that because these opt-out mechanisms are specific to the device or browser on which they are exercised, you will need to opt-out on every browser and device that you use.

Targeted Online Advertising

Some of the business partners that collect information about users’ activities on or through the Service may be members of organizations or programs that provide choices to individuals regarding the use of their browsing behavior or mobile application usage for purposes of targeted advertising.

Users may opt out of receiving targeted advertising on websites through members of the Network Advertising Initiative by clicking here or the Digital Advertising Alliance by clicking here. Please note that we also may work with companies that offer their own opt-out mechanisms and may not participate in the opt-out mechanisms that we linked above.

If you choose to opt-out of targeted advertisements, you will still see advertisements online, but they may not be relevant to you. Even if you do choose to opt out, not all companies that serve online behavioral advertising are included in this list, so you may still receive some cookies and tailored advertisements from companies that are not listed.

Security of Personal Information Path

The security of your personal information is important to us. We employ a number of organizational, technical and physical safeguards designed to protect the personal information we collect. However, security risk is inherent in all internet and information technologies and we cannot guarantee the security of your personal information.

For online payments and/or Automated Clearing House (ACH) payouts, we use the payment services of Braintree ( and/or Shopify ( We do not process, record or maintain your credit card or bank account information. For more information on how payments are handled, or to understand the data security and privacy afforded such information, please refer to Braintree’s Privacy Policy ( and Shopify’s Privacy Policy (

Data Retention Path

We retain personal information for as long as necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements, to establish or defend legal claims, or for fraud prevention purposes.

To determine the appropriate retention period for personal information, we may consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.

Changes to this Privacy Policy Path

We reserve the right to modify this Privacy Policy at any time. If we make changes to this Privacy Policy, we will post them on the Sites and indicate the effective date of the change. If we make material changes to this Privacy Policy, we will notify you by email or through the Site. We may also provide notification of changes in another way that we believe is reasonably likely to reach you, such as via e-mail (if you have an account where we have your contact information) or another manner through the Services.

Any modifications to this Privacy Policy will be effective upon our posting the new terms and/or upon implementation of the new changes on the Site (or as otherwise indicated at the time of posting). In all cases, your continued use of the Services after the posting of any modified Privacy Policy indicates your acceptance of the terms of the modified Privacy Policy.

State Privacy Rights Path

Except as otherwise provided, this section applies to residents of California, Virginia and other states to the extent they have privacy laws applicable to us that grant their residents the rights described below.

This section describes how we collect, use, and share Personal Information of residents of these states and the rights these users may have with respect to their Personal Information. Please note that not all rights listed below may be afforded to all users and that if you are not a resident of one of these states listed above, you may not be able to exercise these rights. In addition, we may not be able to process your request if you do not provide us with sufficient detail to allow us to confirm your identity or understand and respond to it.

For purposes of this section, the term “Personal Information” has the meaning given to “personal data”, “personal information” or other similar terms in the State Privacy Laws and does not include information exempted from the scope of the State Privacy Laws. In some cases, we may provide a different privacy notice to certain categories of residents of these states, such as job applicants, in which case that notice will apply instead of this section.

Your privacy rights

The State Privacy Laws may provide residents with some or all of the rights listed below. However, these rights are not absolute and some State Privacy Laws do not provide these rights to their residents. Therefore, we may decline your request in certain cases as permitted by law.

  • Information. You can request the following information about how we have collected and used your Personal Information during the past 12 months:
    The categories of Personal Information that we have collected.
    The categories of sources from which we collected Personal Information.
    The business or commercial purpose for collecting and/or selling Personal Information.
    The categories of third parties with which we share Personal Information.
    The categories of Personal Information that we sold or disclosed for a business purpose.
    The categories of third parties to whom the Personal Information was sold or disclosed for a business purpose.
  • Access. You can request a copy of the Personal Information that we have collected about you during the past 12 months.
  • Appeal. You can appeal our denial of any request validly submitted.
  • Correction. You can ask us to correct inaccurate Personal Information that we have collected about you.
  • Deletion. You can ask us to delete the Personal Information that we have collected from you.
  • Opt-out of certain processing for targeted advertising purposes. You can opt-out of certain processing of personal information for targeted advertising purposes.
  • Opt-in. If we know that you are 13-15 years of age, we will ask for your affirmative authorization to sell your Personal Information or share your Personal Information for targeted advertising purposes before we do so.
Exercising your right to information, access, appeal, correction, deletion, and limitation of processing of Sensitive Personal Information.

You may submit requests to exercise your right to information/know, access, appeal, correction, or deletion at our Digital Privacy web form, calling us toll free at 1-888-416-0870 M-F 9am-5pm EST, or via email to

Exercising your right to opt-out of the “sale” or “sharing” of your Personal Information.

While we do not sell personal information for money, like many companies, we use services that help deliver interest-based ads to you as described above. The State Privacy Laws may classify our use of some of these services as “selling” or “sharing” your Personal Information with the advertising partners that provide the services. You can by submit requests to opt-out of tracking for targeted advertising purposes or other sales of Personal Information here: Digital Privacy web form, or via email to or via phone by calling us toll free at 1-888-416-0870 M-F 9am-5pm EST. We sell or share the following categories of data with advertising partners: account registration; purchases; contact information; feedback; survey data; device data; online activity data; information collected from others; and data derived from the above categories.

Verification of Identity; Authorized agents.

We may need to verify your identity in order to process your information/know, access, appeal, correction, or deletion requests and reserve the right to confirm your residency. To verify your identity, we may require government identification, a declaration under penalty of perjury, or other information, where permitted by law.

Under some State Privacy Laws, you many enable an authorized agent to make a request on your behalf upon. However, we may need to verify your authorized agent’s identity and authority to act on your behalf. We may require a copy of a valid power of attorney given to your authorized agent pursuant to applicable law. If you have not provided your agent with such a power of attorney, we may ask you to take additional steps permitted by law to verify that your request is authorized, such as by providing your agent with written and signed permission to exercise your State Privacy Laws rights on your behalf, the information we request to verify your identity, and confirmation that you have given the authorized agent permission to submit the request.

Personal Information We Collect, Use and Disclose
Personal information we collect CCPA-defined categories Purposes for which we may collect and use the personal information

Account Registration

Survey Data



Online Identifiers

Commercial Information

Financial Information

Physical Description

Protected Classification Characteristics

To operate the Services

To send you marketing and promotional communications

Contact Information


Information You Provide to Social Media Platforms

Information Collected from Others


Online Identifiers

Education information

Professional or Employment Information

Physical Description

Sensory Information

To operate the Services

To send you marketing and promotional communications

To display user testimonials and feedback

To create anonymous, aggregated or de-identified data

Information Collected via Technology (Device Data and Online Activity Data)

Cookies and Other Technologies

Online Identifiers

Internet or Network Information Inferences

To operate the Services

To send you marketing and promotional communications

To serve targeted advertisements

Please note that we may also disclose all personal information to Affiliates and service providers, or for purposes of corporate restructuring and compliance, as described in the “How We Share Your Personal Information” section of the Privacy Policy.

Additional information for California residents.
  • Sensitive personal information. We do not use or disclose sensitive personal information for purposes that California residents have a right to limit under the California Consumer Privacy Act.
  • Shine the light law. Under California’s Shine the Light law (California Civil Code Section 1798.83), California residents may ask companies with whom they have formed a business relationship primarily for personal, family or household purposes to provide the names of third parties to which they have disclosed certain personal information (as defined under the Shine the Light law) during the preceding calendar year for their own direct marketing purposes, and the categories of personal information disclosed. You may send us requests for this information to In your request, you must include the statement “Shine the Light Request,” and provide your first and last name and mailing address and certify that you are a California resident. We reserve the right to require additional information to confirm your identity and California residency. Please note that we will not accept requests via telephone, mail, or facsimile, and we are not responsible for notices that are not labeled or sent properly, or that do not have complete information.

The CCPA requires us to verify the identity of the individual submitting a request to access or delete personal information before providing a substantive response to the request. We may attempt to verify your identity by asking you to confirm the information that we have on file about you or your interactions with us. Where we ask for additional personal information to verify your identity, we will only use it to verify your identity or your authority to make the request on behalf of another consumer.

We respect your privacy. We will only use information you provide through the Program to transmit your mobile messages and respond to you, if necessary. This includes, but is not limited to, sharing information with platform providers, phone companies, and other vendors who assist us in the delivery of mobile messages. WE DO NOT RENT, LOAN, TRADE, LEASE, OR OTHERWISE TRANSFER FOR PROFIT ANY PHONE NUMBERS OR CUSTOMER INFORMATION COLLECTED THROUGH THE PROGRAM TO ANY THIRD PARTY. Nonetheless, We reserve the right at all times to disclose any information as necessary to satisfy any law, regulation or governmental request, to avoid liability, or to protect Our rights or property. When you complete forms online or otherwise provide Us information in connection with the Program, you agree to provide accurate, complete, and true information. You agree not to use a false or misleading name or a name that you are not authorized to use. If, in Our sole discretion, We believe that any such information is untrue, inaccurate, or incomplete, or you have opted into the Program for an ulterior purpose, We may refuse you access to the Program and pursue any appropriate legal remedies.

California Civil Code Section 1798.83 permits Users of the Program that are California residents to request certain information regarding our disclosure of the information you provide through the Program to third parties for their direct marketing purposes. To make such a request, please contact us at the following address:

True Botanicals 
1 Lovell Avenue 
Mill Valley, 94941   

This Privacy Policy is strictly limited to the Program and has no effect on any other privacy policy(ies) that may govern the relationship between you and Us in other contexts.