Privacy Policy

Arryved, Inc., located at 3002 Sterling Cir Suite 100, Boulder, CO 80301 (“Arryved”, “we”, “us”, or “our”) has prepared this Privacy Policy (this “Privacy Policy”) to describe to you, or if you represent an entity or other organization, that entity or organization (in either case, “you,” or “your”) our online and offline practices regarding the personal information that Arryved collects, uses, and shares on behalf of end users (“Users”) of our online platforms (the “Platform”) accessed through the website located at https://www.insider.arryved.com/, and any other websites operated by Arryved (each, a “Site”) or using mobile applications provided by and on behalf of Arryved (each, an “Application,” and any Site or Application treated as a part of the “Platform” for purposes of this Privacy Policy). Capitalized terms not defined in this Privacy Policy, shall have the meanings as defined in the Arryved Terms of Service, located at https://insider.arryved.com/terms/.

Arryved reserves the right, at any time, to modify this Privacy Policy. If we make revisions that change the way we collect, use, or share personal information, we will post those changes in this Privacy Policy. You should review this Privacy Policy periodically so that you keep up to date on our most current policies and practices. We will note the effective date of the latest version of our Privacy Policy at the end of this Privacy Policy. Your continued use of the Platform following posting of changes constitutes your acceptance of such changes.

If you have any questions or concerns, please do not hesitate to contact us by contacting us as described below.

I. Information We Collect and How We Use It

Personal Information

“Personal information” means information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked to, directly or indirectly, a particular consumer or household. The following are ¢categories (with non-exhaustive examples) of personal information we may collect about you and for each category the purpose for which it may be used:

Categories	Examples	Purpose of Processing
A. Individual Identifiers and Demographic Information.	A real name, profile picture, company name alias, postal address, unique personal identifier, text messages, online identifier, Internet Protocol address, email address, address, telephone number, account name, driver’s license number, credit card information, your areas of interest or other similar identifiers.	• To improve the services generally • To provide you with the services • Processing orders (including collecting payment and sending invoices). • Delivering products/services. • Tracking and managing loyalty points and redemptions. • Responding to inquiries. • Management of customer purchases and accounts. • Compiling details of user engagement. • Sending marketing materials (including offers and other information we feel may be of interest to you). • Administration of contests and surveys. • Tracking and managing loyalty points and redemptions.
B. Sensitive Personal Information.	Financial or credit/debit card account information	• To improve the services generally • To provide you with the services • Processing orders (including collecting payment).
C. Commercial Information.	Orders made through the Platform, ordering preferences, breweries or other client establishments visited	• To improve the services generally • To provide you with the services • Processing orders (including collecting payment and sending invoices). • Tracking and managing loyalty points and redemptions. • Responding to inquiries. • Management of customer purchases and accounts, compiling details of user engagement.
D. Internet or Network Activity.	Browsing history, type of browser you are using, search history, terms you enter into the search functions of our Platform, information on a Consumer’s interaction with a client, website, application, or advertisement, client pages you visit, and the websites you visit immediately before and immediately after you visit our Platform.	• To improve the services generally • To provide you with the services • To evaluate consumer trends and usage related to our Platform and allows us to improve our k content and offerings accordingly. • Sending marketing materials (including offers and other information we feel may be of interest to you).
E. Geolocation Data.	Physical location or movements.	• To improve the services generally • To provide you with the services • To evaluate consumer trends and usage related to our Platform and allows us to improve our k content and offerings accordingly. • Sending marketing materials (including offers and other information we feel may be of interest to you).
F. Inferences Drawn from Personal Information.	Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.	• To improve the services generally • To provide you with the services • To evaluate consumer trends and usage related to our Platform and allows us to improve our k content and offerings accordingly. • Sending marketing materials (including offers and other information we feel may be of interest to you).

Personal information does not include:

Publicly Available – Publicly available information from government or other public records.
Deidentified or Aggregate Information – “Deidentified Information” means information that cannot reasonably identify, relate to, describe, be capable of being associated with, or be linked, directly or indirectly, to a particular individual, and for which Arryved has implemented technical safeguards and business processes that prohibit reidentification of the individual. “Aggregate Information” means information that relates to a group or category of individuals, from which individual identities have been removed, that is not linked or reasonably linkable to any individual or household, including via a device. We own all Deidentified Information and Aggregate Information which we create, and may use or share in our discretion.

Excluded Information – Certain laws require separate privacy notices or are exempt from general personal information privacy policy disclosure requirements. Such laws include health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) or clinical trial data; and data covered under the Fair Credit Reporting Act (FCRA).

Sources of Personal Information

We obtain the categories of personal information listed above on or through our Platform from the following categories of sources:

Personal Information You Provide – Arryved collects personal information when you voluntarily submit it to us. For example, we may collect or receive personal information from forms you complete or products and services you purchase, reviews you post, any requests you submit to our customer service team, any interactions you have with our social media pages, or otherwise from any interactions you have with us through the Platform. We may collect or receive personal information from Users when a User creates a user account; edits registration information; signs up to receive promotional communications; uses or accesses a Service or Content available through the Platform; participates in one of our promotional sweepstakes, contests, or surveys. When you sign up for a loyalty program, we collect that information.
Automatically Collected Personal Information – Arryved indirectly collects other information from you automatically through the Platform. For example, we receive personal information from you when you visit and navigate our Platform on any device; installs and uses the Application; and enables location-based features on the Application. We may also collect personal information about Users over time and across different websites, apps, and devices when a User accesses the Platform. Third parties also collect personal information this way on our Platform. Arryved collects some personal information automatically using cookies or other online tracking technologies as described below in this Privacy Policy.
Personal Information Obtained from Third Parties – Arryved may obtain or receive personal information about you from other third party sources. For example, we receive personal information from our business partners (including without limitation breweries with whom we contract) or other third party companies. We may also receive personal information from social media sites, or companies that provide personal information to supplement what we already know about Users. We may merge or combine such personal information with the personal information we collect from you directly or automatically.

Use of Personal Information

Arryved’s primary purpose in collecting personal information is to provide the Services and Content that you request on the Platform. Arryved may also use personal information for various purposes, including without limitation to:

We process personal information for the following purposes:

To Provide Our Products and Services; Track and Manage Loyalty Points and Redemption. This could include responding to, fulfilling, managing, and supporting your requests for products or services. It could also include processing purchases or other transactions. This could also include the calculating, tracking, and managing of loyalty points based on the times you visit our clients and make purchases. We may also save your personal information to facilitate new product or service orders, or process returns. We may also provide you with push notifications, which utilize geolocation.

To Improve Our Products and Services. We use personal information to understand and analyze the usage trends and preferences of our Users to make our Platform, Services, or Content better, diagnose technical issues, prevent fraud, and develop new features and functionality.
To Understand Your Interests. We use your personal information to personalize your experience on the Platform and to deliver information about products and services relevant to your interests. We also may compile details of user engagement generally.
To Process Your Payment for Products and Services. We use personal information to facilitate payment for products and Services that you select through our Platform.
To Respond to Your Requests or Questions. We use personal information to provide you with support and to respond to your requests for customer support, including to investigate and address your concerns and monitor and improve our responses. This may also include responding to your feedback.
To Determine Your Eligibility and Set Up Your Account. We use your personal information to verify your identity or determine your eligibility for some of our products, services, and promotions. For example, this may include verifying your age, date of birth, and place of residence. If you set up an Account on the Platform, we will use the Registration Information you provide in relation to that Account creation to create, maintain, customize, and secure your Account.
To Market Products or Services. We provide you with information about products, services, or promotions. For example, we may use cookies or other online tracking technologies to provide customized advertisements, content, and information; monitor and analyze the effectiveness of marketing activities; and track your entries, submissions, and status in any promotions. These might be third party offers we think you might find interesting. These communications may come in the form of interest-based advertising using information gathered across multiple websites, devices, or other platforms.
To Secure the Platform. We use personal information to maintain the safety, security, and integrity of our Platform, products and services, databases and other technology assets, business, and other Users.
To Communicate with You. We may communicate with you about your Account or our relationship. We may also contact you about this Privacy Policy or the Terms of Service.
As Required by Law. We use personal information to respond to requests from law enforcement and as required by applicable law, court order, or government investigation.

II. How We Share Your Information

In addition to the specific situations discussed elsewhere in this Privacy Policy, Arryved may share your personal information in the following circumstances:

Related Companies and M&A Transactions

We may share your personal information with companies that are affiliated with us (that is, that control, are controlled by, or are under common control with us). In addition, if we sell all or part of our business or make a sale or transfer of assets or is otherwise involved in a merger or business transfer, we may transfer your personal information to a third party as part of that transaction, including at the negotiation stage. We may buy, sell, or combine with other businesses. If so, personal information that we or other businesses have collected may be transferred as part of the transaction, subject to applicable law.

Consent

We may ask if you would like us to share your personal information with other unaffiliated third parties who are not described elsewhere in this Privacy Policy, and we may do so with your consent.

Third-Party Providers

We may share your personal information with third parties who perform services on our behalf that are necessary for the orderly operation of the Platform. Among other things service providers may help us perform website hosting, app design, maintenance services, database management, web analytics, app analytics, billing, payment processing, fraud protection, credit risk reduction, marketing, or any other use set out in this Privacy Policy. Access to your personal information by these service providers is limited to the information reasonably necessary for the service provider to perform its limited function. We require our service providers to keep the personal information that they are provided with confidential and to comply with all applicable laws.

Joint Promotions and Offers; Loyalty Programs

We sometimes offer promotions (like sweepstakes), loyalty and incentive programs, events, or other offers in conjunction with a third party. If you choose to participate in one of those promotions or offers, we may share your information with the third party as described in this Privacy Policy, and the third party may collect information from you independently as described in their privacy policies. If you enter into a loyalty program, we will share your information with our client brewer(ies) (or other establishment(s)) that you visit and/or make purchases from. They may use your personal information to send marketing and promotional emails to you. Additionally, if you upload a profile photo, we will share that information with our clients.If you provide any information to a client brewery, they will collect, use, and share that information in accordance with their privacy policy. We recommend that you review the third party’s privacy policy before choosing to participate in a promotion or offer. The personal information that you submit through an event, promotion, or other product or service offering may be combined and transmitted with the registration information related to your Account. Third party partners or clients may also collect information directly from you, which may be combined with personal information disclosed by us. If you decide to request, enter into, or participate in an event, promotion, or other product or service offering that is offered by us and identified as a joint effort with a third-party partner or client, the information that you provide may be shared with us and with that identified third party.

Behavioral-Based Advertising

We participate in behavioral-based advertising. This means that a third party may use technology (e.g., a cookie) to collect information about your use of our Platform so that we can provide advertising about products and services tailored to your interest. That advertising may appear either on our Platform, or on other websites.

Social Networking

The Platform may offer you the ability to share your personal information through a social networking website (e.g., Facebook, Twitter), using such site’s integrated tools (e.g., Facebook “Like” button, or Twitter “Tweet” button). The use of such integrated tools enables you to share personal information about yourself with other individuals or the public, depending on the settings that you have established with such social networking site. For more information about the purpose and scope of data collection and use in connection with such social networking site or a site’s integrated tools, please visit the privacy policies of the entities that provide these social networking sites.

Public Forum and Messaging

The Platform may provide you with the opportunity to post comments, messages, or reviews in a public forum. If you decide to submit personal information at these locations, that information will be available to other Users of the Platform.

Referrals

Users may recommend other Users to join the Platform by providing their contact information or selecting friends from a social networking site. Users may also provide information about other Users of the Platform such as reviews of the services or products that he or she received, booking or scheduling information, or reference information.

Other Disclosures

We may disclose your personal information in response to subpoenas, court orders, or other lawful requests by public authorities, including to meet national security or law enforcement requirements. We may also disclose personal information in order to enforce or apply our rights and agreements, or when we believe in good faith that disclosing this information is necessary or advisable, including, for example, to protect the rights, property, or safety of our businesses, our Platform, our customers, our users, or others, as permitted under the applicable laws, or as otherwise required by law or by government and regulatory entities. This includes exchanging information with other companies and organizations for fraud protection and credit risk reduction. We may also ask if you would like us to share your personal information with other unaffiliated third parties who are not described elsewhere in this Privacy Policy, and we may do so with your consent.

III. Retention Period

We will retain your personal information for as long as your account is active, as needed to provide you Services, and as necessary to comply with our legal obligations, to resolve disputes, and to enforce our agreements. If you wish to cancel your account or request that we no longer use your personal information, contact us using the contact information provided below.

IV. Security of the Information We Collect

No method of transmission over the Internet, or method of electronic storage, is fully secure. While we use reasonable efforts to protect your personal information from the risks presented by unauthorized access or acquisition, we cannot guarantee the security of your personal information. In the event that we are required by law to inform you of any unauthorized access or acquisition of your personal information we may notify you electronically, in writing, or by telephone, if permitted to do so by law.

V. Your Choices

You can make the following choices regarding your personal information:

Access to Your Personal Information. You may request access to your personal information by contacting us as described below. We will grant you reasonable access to the data that we have about you as required by law.
Changes to Your Personal Information. We rely on you to update and correct the personal information contained in your Account. Note that we may keep historical information in our backup files as permitted by law. If our Platform does not permit you to update or correct certain personal information, please contact us as described below.
Deletion of Your Personal Information. Typically, we retain your personal information for the period necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. You may, however, request that we delete your personal information by contacting us contacting us as described below. We will grant a request to delete information as required by law, but you should note that in many situations we must keep your personal information to comply with our legal obligations, resolve disputes, enforce our agreements, or for another one of our business purposes. Except as provided above, we will delete, aggregate, or de-identify all of your personal information as described in this subsection within the timeframes required by law.

VI. Opting Out

You can make the following choices to opt out of certain activities regarding your personal information:

Promotional E-mails. You may choose to provide us with your e-mail address for the purpose of allowing us to send newsletters, surveys, offers, and other promotional materials related to our Platform, as well as targeted offers from third parties. You can stop receiving promotional e-mails by clicking the “unsubscribe” links in the e-mails or by contacting us as described below. If you decide not to receive promotional e-mails, we may still send you service-related communications, such as those about your Account, to fulfill orders for products and service you have requested, or deliver notifications directly to you through the Platform.
Behavioral-Based Advertising. We participate in behavioral-based advertising. This means that a third party may use technology (e.g., a cookie) to collect information about your use of our Platform so that we can provide advertising about products and services tailored to your interest. That advertising may appear either on our Platform, or on other websites. If you wish to limit third parties’ collection of information about your use of our Platform, you can opt-out of such at the Digital Advertising Alliance in the US, the Digital Advertising Alliance of Canada in Canada, or the European Digital Advertising Alliance in Europe. PLEASE NOTE THAT OPTING-OUT OF BEHAVIORAL ADVERTISING DOES NOT MEAN THAT YOU WILL NOT RECEIVE ADVERTISING WHILE USING THE PLATFORM. IT WILL, HOWEVER, EXCLUDE YOU FROM INTEREST-BASED ADVERTISING CONDUCTED THROUGH PARTICIPATING NETWORKS, AS PROVIDED BY THEIR POLICIES AND CHOICE MECHANISMS.
Do-Not-Track. Some web browsers and devices permit you to broadcast a preference that you not be “tracked” online. At this time we do not modify your experience based upon whether such a signal is broadcast.

VII. Residents of California

The following applies to residents of California.

Notice to California Residents. Arryved must disclose whether the following categories of personal information are disclosed for a “business purpose” or “valuable consideration” as those terms are defined under California law. Note that while a category below may be marked, that does not necessarily mean that we have personal information in that category about you. In the preceding twelve months, we have disclosed the following categories of Personal Information in the manner described.

Category	Personal Information is Disclosed for a Business Purpose	Personal Information is Disclosed for Valuable Consideration
Processing orders (including collecting payment)	Yes	No
Delivering products/services	Yes	No
Tracking and managing loyalty points and redemptions	Yes	No
To evaluate consumer trends and usage related to our Platform and allows us to improve our Website content and offerings accordingly	Yes	No
To provide you with the services	Yes	No
Sending marketing materials (including offers and other information we feel may be of interest to you)	Yes	No
Responding to inquiries	Yes	No
Management of customer purchases and accounts	Yes	No
Compiling details of user engagement	Yes	No
Sending marketing materials (including offers and other information we feel may be of interest to you)	Yes	No
Administration of contests and surveys	Yes	No

Notice of Disclosure for Direct Marketing. Under California Civil Code sections 1798.83-1798.84, California residents who have an established business relationship with Arryved are entitled to ask us for a notice describing what categories of personal information we share with third parties for their direct marketing purposes. This notice will identify the categories of information shared with and will include a list of the third parties with which it is shared, along with their names and addresses. If you are a California resident and would like a copy of this notice, please submit your request to the address listed in the section titled “CONTACTING US” below.

VIII. Exercising your Privacy Rights

When exercising the rights or options described in this Privacy Policy, the following guidelines apply:

No Fee Usually Required. You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee or decline to comply with your request if your request is clearly unfounded, repetitive, or excessive.
What We May Need from You. When exercising your rights or otherwise assisting you, we may need to request specific information from you to help us confirm your identity. This is a security measure to ensure we do not disclose personal information to any person who is not entitled to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
Time to Respond. We try to respond to all legitimate requests within 30 days of your request. Occasionally it may take us longer than 30 days to respond, for instance if your request is particularly complex or you have made a number of requests. In this case, we will notify you of the delay, and may continue to update you regarding the progress of our response.
No discrimination. You will not be subject to discrimination as a result of exercising the rights described herein. In some cases, when you exercise one of your rights, we will be unable to comply with the request due to legal obligations or otherwise, or we will be unable to provide you certain products or services. These responses are not discrimination and our reasons for declining your request or ceasing services will be provided at that time.
Authorized Agent. You may designate an authorized agent to make a request on your behalf. In order to designate an authorized agent to make a request on your behalf, you must provide a valid power of attorney, the requester’s proof of identification, and the authorized agent’s proof of identification.

IX. Contacting Us

If you have any questions or concerns about our Privacy Policy or any other privacy or security issue, please contact us at:

Arryved, Inc.

Attn: Arryved Privacy Agent

3002 Sterling Cir, Suite 100

Boulder, CO 80301

privacy@arryved.com

Effective Date: 2/7/2020