Privacy Policy

 

 

Your privacy is important to us. It is GRINBLU d.o.o.’s policy to respect your privacy and comply with any applicable law and regulation regarding any personal information we may collect about you, including across our website, www.cancercarerheroes.com, and other sites we own and operate.

 

Personal information is any information about you which can be used to identify you. This includes information about you as a person (such as name, address and date of birth), your devices, payment details, and even information about how you use a website or online service.

 

This purpose of this Privacy Policy is to inform you what personal information we may collect and explain how our company uses the personal data we collect from you when you use our website. This Privacy Policy applies in addition to the terms and conditions of our site.

 

This Privacy Policy applies to information we collect:

• on the website,

• in email and other electronic messages between you and the website,

• when you interact with us on other platforms or through advertising, if there is a link to this Privacy Policy

This Privacy Policy does not apply to:

• information we collect offline, unless we have specifically indicated the applicability of the Privacy Policy to that information, or

• information collected by third parties

 In the event our website contains links to third-party sites and services, please be aware that those sites and services have their own privacy policies. After following a link to any third-party content, you should read their posted privacy policy information about how they collect and use personal information. Please note that we are not responsible for and have no control over their privacy policies and practices. This Privacy Policy does not apply to any of your activities after you leave our website.

 

Please carefully review this Privacy Policy so you understand how we may use your personal information. If you do not agree with this Privacy Policy, your choice is to not use our website. By accessing our website, you are agreeing to the terms set forth in this Privacy Policy.

 

 

This policy is effective as of 02 April 2025.

Last updated: 09 January 2026.

 

  

1. What data do we collect and how do we collect it?

2. How will we use your data?

3. Who do we share your data with?

4. How long do we store your data?

5. How do we protect your data?

6. International data transfer

7. What are your data protection rights?

8. Additional CCPA information

9. Cookies

10. Changes to our Privacy Policy

11. How to contact us

12. Complaints

 

 

1. What data do we collect and how do we collect it?

 

We only collect data that helps us achieve the purpose set out in this Privacy Policy. We will not collect any additional data beyond the data listed below without notifying you first.

 

1.1 Information we collect

 

Information we collect falls into one of two categories: “voluntarily provided” information collected in a non-automatic way and “automatically collected” information.

 

“Voluntarily provided” information refers to any information you knowingly and actively provide us when using or participating in any of our services and promotions. “Automatically collected” information refers to any information automatically sent by your devices in the course of accessing our products and services.

 

Data collected automatically

 

When you visit our website, our servers may automatically log the standard data provided by your web browser. It may include your device type, your location, your browser type and version, the pages you visit,  Internet Protocol (IP) address(es), the time and date of your visit, the time spent on each page, referral source, and other details about your visit.

 

Data we collect can depend on the individual settings of your device and software. We recommend checking the policies of your device manufacturer or software provider to learn what information they make available to us.

 

Additionally, if you encounter certain errors while using the site, we may automatically collect data about the error and the circumstances surrounding its occurrence. This data may include technical details about your device, what you were trying to do when the error happened and other technical information relating to the problem. You may or may not receive notice of such errors, even in the moment they occur, that they have occurred, or what the nature of the error is.

 

Please be aware that while this information may not be personally identifying by itself, it may be possible to combine it with other data to personally identify individual persons.

 

Data collected in a non-automatic way (voluntarily provided information)

 

We may ask for personal information (for example, when you submit content to us, when you contact us or when you place an order) which may include one or more of the following:

 

1. First and last name

2. Email address

3. Billing address

4. Phone number (optional)

 

Under certain location-based rights, such as GDPR, this is synonymous with personal data.

 

1.2 Legitimate reasons for processing your personal information

 

We only collect and use your personal information when we have a legitimate reason for doing so. In which instance, we only collect personal information that is reasonably necessary to provide our services to you.

 

1.3 Collection of information

 

We may collect personal information from you when you voluntarily submit it to our website, including but not limited to:

• registering online or placing an order for any of our digital products or services,

• contacting us via contact forms, surveys, email, social media or on any similar technologies,

• providing feedback on any of our forms or via email,

• signing up to a webinar or other online event,

• signing up to our newsletter or providing your name and/or email address to obtain a free resource 

1.4 Information we collect from others

We may receive information about you from other sources. For example, if you use third-party software through the site, they may transfer information to us for fulfillment.

 

 

2. How will we use your data?

 

Data collected on our website will only be used for the purposes specified in this Privacy Policy or indicated on the relevant pages of our site. We will not use your data beyond what we disclose in this Privacy Policy.

 

We may collect, hold, use and disclose data for the following purposes, and personal information will not be further processed in a manner that is incompatible with these purposes: 

• to provide you with our platform’s core features and services,

• to process your order and manage your account,

• to enable you to customize or personalize your experience of our website,

• to contact and communicate with you,

• to provide you with notifications regarding your account, such as renewal notices,

• to provide you with user support,

• when you have opted in, to email you with special offers on other products or services we think you may like. Each email promotion will provide information on how to opt out,

• when you have opted in but abandoned your cart, to email you with information on how to complete your purchase. Each abandoned cart email will provide information on how to opt out,

• to send you administrative communications, such as administrative emails, confirmation emails, technical notices, updates on policies or security alerts,

• to protect, investigate and deter unauthorized or illegal activity,

• for analytics, market research and business development, including to operate and improve our website, associated applications and associated social media platforms,

• for advertising and marketing,

• in any other way described to you at the time your information is collected,

• for any other purpose with your consent

We may combine voluntarily provided and automatically collected personal information with general information or research data we receive from other trusted sources. For example, our marketing and market research activities may uncover data and insights, which we may combine with information about how visitors use our site to improve our site and your experience on it.

 

 

3. Who do we share your data with?

 

Employees

We may disclose user data to any member of our organization who reasonably needs access to user data to achieve the purposes set out in this Privacy Policy.

 

Other disclosures

From time to time, we may share your information with third parties, such as: 

• contractors, service providers and other third parties who we use to support the website, which are further detailed below,

• to fulfill the purpose that you provided your personal information. For example, if you subscribe to our newsletter, we will share your information with the software provider we use for our mailing list

The website may use third-party service providers to service various aspects of the website. Each third-party service provider’s use of your personal information is dictated by their respective privacy policies. The website currently uses the following third-party service providers: 

• Stripe – this service is used to serve our online shop. If you purchase something from the website, your data will be shared with this service provider. At no time is your banking information passed back from the payment processor to the website. We receive only information used for order fulfillment. https://stripe.com/privacy

• Kartra –  this service is used for hosting courses, digital products and memberships, and for delivering email updates and newsletters. We store your name and email address for purposes of delivering such communications. Kartra will also track information regarding your interaction with products and interaction with our emails, such as whether they have been opened or you have clicked on a particular link. https://home.kartra.com/privacy

• Google Analytics – we use this service to track statistical data so we can better understand how people use our website. https://policies.google.com/privacy

• Meta Pixel - we use this service to track statistical data so we can better understand how visitors interact with our website and to track the effectiveness of our adverts. The processing of this data by Meta takes place within the framework of Meta’s data policy. https://www.facebook.com/policy.php

 

At this time, your personal information is not shared with any other third-party applications. This list may be amended from time to time in our sole discretion.

 

We will not sell or share your data with other third parties, except in the following cases:

1. if the law requires it,

2. if it is required for any legal proceeding,

3. to prove or protect our legal rights,

4. to enforce our terms of use and other agreements for billing or collection purposes, and

5. to buyers or potentially buyers of this company in the event that we seek to sell the company

 

 

4. How long do we keep your data?

 

User data will be stored until the purpose the data was collected for has been achieved. This time period may depend on what we are using your information for, in accordance with this Privacy Policy. For example, if you have an account with us or have registered to use your services, we keep your personal information for as long as you have the account. We keep your information to respond to enquiries, demonstrate completion of our services and compliance with the law.

 

We do not retain your data for longer than necessary for the reasons we have indicated in this Privacy Policy. When it is no longer needed, we will either delete or make it anonymous by removing all details that identify you.

 

However, if necessary, we may retain your personal information for our compliance with a legal, accounting or reporting obligation, or for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes.

 

 

5. How do we protect your data?

 

We take precautions to protect your information. When you submit sensitive information via the website, your information is protected both online and offline. These security measures vary based on the sensitivity of the information that we collect, process and store, and the current state of technology.

 

While we take all reasonable precautions to ensure that user data is secure and that all users are protected, we advise that no method of electronic transmission or storage is 100% secure and therefore we cannot guarantee that unauthorized access, hacking, data loss or a data breach will never occur.

 

You are responsible for selecting any password and its overall security strength, ensuring the security of your own information within the bounds of our services. For example, ensuring any passwords associated with accessing your personal information and accounts are secure and confidential.

 

 

6. International data transfers

 

The personal information we collect is stored and/or processed in the European Union, or where we or our partners, affiliates and third-party providers maintain facilities.

 

The countries to which we store, process or transfer your personal information may not have the same data protection laws equivalent to those in force in the European Economic Area or specifically the country in which you initially provided the information. By using our website you expressly agree to such transfers. If we transfer your personal information to third parties in other countries:

(i) we will perform those transfers in accordance with the requirements of applicable law; and

(ii) we will protect the transferred personal information in accordance with this Privacy Policy.

 

 

7. What are your data protection rights?

 

7.1 If you are a resident of the European Union (EU), United Kingdom (UK), Lichtenstein, Norway or Iceland, you have additional rights under the EU or UK General Data Protection Regulation (GDPR) with respect to your personal data, as outlined below:

1. the right to be informed: you may be informed about how we use your personal information. This notice includes much information about this, but you may also inquire with us.

 

2. the right of access: you may access the personal information we have about you by submitting a request via email. You can also access certain pieces of your data by logging into your account.

 

3. the right to rectification: if you believe that any personal data we are holding about you is incorrect or incomplete, you can request that we correct or supplement such data. You can also correct some of this information directly by logging into your account.

 

4. the right to erasure: in certain situations, you can request that we erase some or all of your personal data from our systems.

 

5. the right to restrict processing: in certain situations, you may request that we restrict processing of your personal data.

 

6. the right to data portability: you have the right to request that we transfer the data that we have collected to another organization, when applicable.

 

7. the right to object: you have the right to object to direct marketing, including profiling analysis made for direct marketing purposes. You can opt out from direct marketing by following the unsubscribe link in any marketing email.

 

Children

We do not knowingly collect or use personal data from children under the age of 16. If we learn that we have collected personal data from a child under 16 years of age, this data will be deleted as soon as possible. If a child under 16 years of age has provided us with personal data, their parent or guardian may contact us at privacy@cancercarerheroes.com.

 

How to access, modify, delete or challenge the data collected

If you would like to know if we have collected your personal data, how we have used your personal data, if we have disclosed your personal data, if you would like your data to be deleted or modified in any way, or if you would like to exercise any of your rights under the GDPR, please contact us at privacy@cancercarerheroes.com. If you make a request, we have one month to respond to you.

 

7.2 If you are a resident of California, CCPA and CPRA provide you with specific rights regarding personal information. This section describes your rights and explains how to exercise those rights.

 

1. the right to be informed: depending on the circumstances, you have a right to know: 

• whether we collect and use your personal information,

• the categories of personal information that we collect,

• the purposes for which the collected personal information is used,

• whether we sell or share personal information to third parties,

• the categories of personal information that we sold, shared or disclosed for a business purpose, if your information is sold

• the business or commercial purpose for collecting, sharing or selling personal information, if your information is sold, and

• the specific pieces of personal information we collected about you 

This includes the right to access as well as the right to data portability. You have the right to request that we disclose certain information to you about the personal information we collect and how it has been used over the past 12 months. After we receive and confirm your verifiable request, we will disclose the above in a transmittable format.

 

2. the right to request data deletion: you have the right to request that we delete your personal information.  If you ask us to delete your personal information, we will respect your request and delete your personal information, subject to certain exceptions provided by law, such as (but not limited to) the exercise by another consumer of his or her right to free speech, our compliance requirements resulting from a legal obligation or any processing that may be required to protect against illegal activities.

 

In accordance with applicable law, we are not obligated to provide or delete consumer information that is de-identified in response to a consumer request or to re-identify individual data to verify a consumer request.

 

3. the right to non-discrimination: you have the right not to be discriminated against for exercising your rights under CCPA. In particular, we may not:

• deny you goods or services,

• charge you different prices for goods or services, whether through denying benefits or imposing penalties,

• provide you with a different level or quality of goods or services, or

• threaten you with any of the above

4. the right to opt out: you have the right to opt out of the sale or sharing of consumers personal information.

GRINBLU d.o.o. will not sell your personal information.

 

5. the right to correct inaccurate or incomplete personal information: you have the right to request correction of your personal data if it is incorrect, incomplete or no longer relevant, or ask to restrict the processing of the information

 

6. the right to limit use and disclosure of sensitive personal information:

We do not process sensitive personal information, with the exception of payment details for order fulfillment, as handled by our third-party provider Stripe (https://stripe.com/privacy).

 

How to submit a verifiable consumer request

To exercise these rights, you must submit a verifiable consumer request to us by email at privacy@cancercarerheroes.com.

 

Please note that only you or a person registered with the California Secretary of State that you authorize to act on your behalf may make a verifiable consumer request related to your personal information. You may also make a request on behalf of a minor child.

 

You may only make a request under these rights twice in a 12-month period. Your verifiable consumer request must:

• provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information (or that it is an authorized representative acting on your behalf),

• describe your request with sufficient detail that allows us to properly understand and respond to it 

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.

 

We will confirm receipt of your request within ten (10) business days. If you do not receive confirmation within the 10-day timeframe, please email us at hello@cancercarerheroes.com. We endeavor to substantively respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to another 45 days), we will inform you of the reason and extension period in writing.

 

Any disclosures we provide will only cover the 12-month period preceding receipt of your request.

 

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

 

7.3 Additional state privacy rights

Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Montana, Oregon, Tennessee, Texas, Utah, and Virginia each provide (now or effective in the future) their state residents with rights to: 

• confirm whether we process their personal information,

• access and delete certain personal information,

• data portability,

• opt-out of personal data processing for targeted advertising and sales (excluding Iowa) or profiling in furtherance of decisions that produce legal or similarly significant effects (excluding Iowa and Utah),

• correct inaccuracies in their personal information, taking into account the information's nature processing purpose (excluding Iowa and Utah),

• either limit (or opt-out of) or require consent to process sensitive personal data 

The exact scope of these rights may vary state by state. To exercise any of these rights or to appeal a decision regarding a consumer request, please email us at privacy@cancercarerheroes.com.

 

Nevada provides its residents with a limited right to opt-out of certain personal information sales. Please note that GRINBLU d.o.o. does not sell data triggering that statute's opt-out requirements.

 

Pursuant to the Nevada Online Privacy Law (“OPL”), Nevada residents may opt out of the sale of any personal information. As described above, your personal information may be shared with third-party service providers in order to fulfil purchased products or to communicate with you. We do not sell your covered information, which includes: your first and last name, your email address, your phone number, your billing address, any identifier that would allow you to be contacted either physically or online or any other information concerning you, collected from you by the website and maintained by us, in combination with an identifier in a form that makes the information personally identifiable.

 

Please note that we may need to retain certain information for record-keeping purposes or to complete transactions, or when required by law. Unless you exercise such rights, we reserve the right to retain your data.

 

 

8. Additional CCPA information

 

This privacy notice section for California residents supplements the information contained in our Privacy Policy and it applies solely to all visitors, users and others who reside in the State of California.

 

The website collects information that identifies, relates to, describes, is capable of being associated with or could reasonably be linked, directly or indirectly, with a particular consumer or household (“personal information”). We do not sell your personal information.

 

The website has collected the following categories of personal information from you.

 

8.1 The Website DOES collect information in the following categories:

8.1.1 Identifiers:

This category includes your: real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol (“IP”) address, email address, account name, social security number, driver’s license number, passport number or other similar identifiers.

• The website collects the following information in this category for the following reasons: real name, email address and Internet Protocol (“IP”) address when you visit, use or navigate our services. In addition, if you purchase a product, your billing address is collected. This information is used to deliver online products and/or services as requested or purchased, and for our internal analytics. 

8.1.2 Personal information listed in California Customer Records Statute (CA Code 1798.80(e)):

This includes your: name, signature, social security number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information or health insurance information.

• The website collects the following information in this category for the following reasons: name, email address, billing address and telephone number. This information is used to deliver online products and or services as requested or purchased, and for our internal analytics. 

8.1.3 Commercial information:

This includes records of personal property, products or services purchased, obtained or considered, or other purchasing or consuming histories or tendencies.

• The website collects the following information in this category for the following reasons: previous purchases to deliver and market products or services based on past sales with the website. 

8.1.4 Internet or other similar network activity:

This includes but is not limited to browsing history, search history and information regarding a consumer’s interaction with the website, application or advertisement.

• The website collects the following information in this category for the following reasons: information regarding a consumer’s interaction with the website, application or advertisement as determined by analytics services. 

8.1.5 Geolocation data:

This includes your approximate physical location.

• The website collects the following information in this category for the following reasons: information on a visitor’s location as determined by analytics services. 

8.2 The Website DOES NOT collect information in the following categories:

8.2.1 Protected classification characteristics (under California or federal law):

This includes age (over age 40), race, colour, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental health disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status or genetic information.

 

8.2.2 Biometric information:

This includes an individual’s physiological, biological or behavioural characteristics, including an individual’s DNA, that can be used, singly or in combination with each other or with other identifying data, to establish individual identity.

 

8.2.3 Sensory data:

Audio, electronic, visual, thermal, olfactory or other similar information

 

8.2.4 Professional or employment-related information:

This may include your current or past employment history or other information related thereto.

 

8.2.5 Non-public education information:

This is defined as information that is not publicly available personally identifiable information as defined in the Family Educational Rights and Privacy Act, which includes: records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, schedule, student identification codes, student financial information or student disciplinary records.

 

8.2.6 Inferences drawn from personal information:

This includes inferences drawn from the personal information collected by the website to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, predispositions, behaviour, attitudes, intelligence, abilities and aptitudes. 

 

9. Cookies

 

We may log information using cookies, which are small data files stored on your browser by the website. For further information about cookies, visit allaboutcookies.org.

 

We may use both session cookies, which expire when you close your browser, and persistent cookies, which stay on your browser until deleted, to provide you with a more personalized experience on the website.

 

We use the following types of cookies on our website:

1. Functional cookies: functional cookies are used to remember the selections you make on our website so that your selections are saved for your next visits (for example, keeping you signed in)

2. Analytics cookies: analytical cookies allow us to improve the design and functionality of our website by collecting data on how you access our website

 

The website uses cookies to store visitors’ preferences, record user-specific information on what pages users access or visit, ensure that visitors are not repeatedly sent the same banner ads, and customize website content based on visitors’ browser type or other information that the visitor sends. Cookies may also be used by third parties, as described herein.

 

Most web browsers are set to accept cookies by default. You may, at any time, prevent the setting of cookies, by the website, by using a corresponding setting of your internet browser and may thus permanently deny the setting of cookies. If you choose to remove cookies or reject cookies, this could affect certain features or services of our website. Furthermore, already set cookies may be deleted at any time via a web browser or other software programs. This is possible in all popular browsers.

 

Other tracking technologies

Some content or applications, including advertising, on the website are served by third parties, including advertisers, ad networks or content providers. These third parties may use cookies (alone or in conjunction with web beacons and pixels) to collect information about your use of the website. This may be used to provide interest-based advertising.

 

We reserve the right to use technological equivalents of cookies, including, but not limited to, social media pixels, such as Meta Pixel. These pixels allow our social media platforms to track visitors to our website so we can monitor the effectiveness of our adverts and tailor our marketing efforts for users while visiting our website. We reserve the right to use these pixels in compliance with the policies of the various social media channels. ​​You can opt out of the use of pixels by declining optional cookies on the cookie banner, rejecting cookies in your browser settings or deleting cookies.

 

 

10. Consent and legal basis for processing

 

By using our website users agree that they consent to the conditions set out in this Privacy Policy.

 

We will only collect and use your personal information when we have a legal right to do so. In which case, we will collect and use your personal information lawfully fairly and in a transparent manner. If we seek your consent to process your personal information and you are under 16 years of age, we will seek your parent or legal guardian’s consent to process your personal information for that specific purpose.

 

Our legal bases depend on the services you use and how you use them. This means we only collect and use your information on the following grounds: contractual necessity (fulfilling your order or responding to your related enquiry), our legitimate interests (such as research and development, understanding our audience, marketing and promoting our services, measures taken to operate our services efficiently, marketing analysis and measures taken to protect our legal rights and interests), compliance with law (we may have a legal obligation to use or keep your personal information), consent from you (where you give us consent to collect and use your personal information for a specific purpose). 

 

You may withdraw your consent at any time. If you withdraw your consent, it will not make processing which we completed before you withdrew your consent unlawful.

 

You can withdraw your consent by contacting us at privacy@cancercarerheroes.com.

 

 

11. Changes to our Privacy Policy

 

This Privacy Policy may be amended from time to time in order to maintain compliance with the law and to reflect any changes to our data collection process. When we amend this Privacy Policy we will update the effective date at the top of this Privacy Policy. We recommend that our users periodically review our Privacy Policy to ensure that they are notified of any updates.

 

If necessary, we may notify users by email (based on your selected preferences for communications from us) of changes to this Privacy Policy. If required by law, we will get your permission or give you the opportunity to opt in to or opt out of, as applicable, any new uses of your personal information.

 

 

12. How to contact us

 

If you have any questions about this Privacy Policy, the data we hold on you or you would like to exercise one of your data protection rights, please do not hesitate to contact us at privacy@cancercarerheroes.com.

 

 

13. Complaints

 

If you have any complaints about how we process your personal data, please contact us through the method described above so that we can resolve the issue. If you feel our company has not addressed your concern in a satisfactory manner, you may contact a supervisory authority. The GDPR gives you the right to lodge a complaint with the Information Commissioners’ Officer if you are in the UK or with the supervisory authority of the EU Member State where you work, normally live or where the alleged infringement of data protection laws occurred.