Last Updated: June 3, 2025

JSHealth Vitamins US, Inc. (Company,” “we,” “us,” or “our) are committed to maintaining the confidentiality, security, and integrity of individual users’ personal information. This Privacy Notice governs the collection of personal data from our website, https://us.jshealthvitamins.com (“Website”). Our contact details can be found at the bottom of this Privacy Notice.

Please read this Privacy Notice carefully, as it contains important information about what personal data we hold about you, how it is collected and used, and how we keep it secure. We also set out your personal data rights and how to contact us if you have questions about this Privacy Notice. We reserve the right to revise or supplement this Privacy Notice at any time to address, including, but not limited to, any changes in our business, law, regulation, markets, or new technology.

Personal Data We Collect

Personal data means any information relating to a natural person that can be used to, directly or indirectly, identify that person, which includes specific identifiers such as a name, an identification number, location data, or an online identifier, as well as more sensitive information (Personal Data). 

We may collect the following Personal Data about you:

  • Contact details (name, address, telephone number, email address);

  • Purchase information (product information); or

  • Information on how you use our Website, including information on the device(s) you use to visit our Website.

How We Collect Your Personal Data

Directly

We may collect Personal Data directly from you. This may be when you use our Website, purchase products from our Website, complete marketing or application forms provided directly while doing business with us, participating in surveys, or registering for our events.

Indirectly

We may also collect your Personal Data indirectly, including when:

  • You provide to us information electronically through our Website;

    • Our Website maintain statistics about the number of visitors and the information viewed most frequently. These statistics are used to improve the content and level of service we provide to our clients, customers, and shareholders.

  • We receive cookies information (please refer to our Cookie Notice for further information);

  • We receive information from a third-party; or

  • We receive information from publicly available sources (e.g., social media platforms).

How We Use Your Personal Data

U.S. Privacy Rights

In compliance with applicable U.S. state law, including under the California Consumer Privacy Act (CCPA) and the Texas Data Privacy and Security Act (TDPSA), in the past twelve months, we may have collected the following categories of your Personal Data:

Category

Examples

Collected

A. Identifiers.


A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver's license number, passport number, or other similar identifiers.

Yes

B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).

A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.

Some personal information included in this category may overlap with other categories.

Yes

C. Protected classification characteristics under California or federal law.

Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).

Yes

D. Commercial information.

Records of personal property, products purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.

Yes

E. Biometric information.


Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.

No

F. Internet or other similar network activity.

Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement.

Yes

G. Geolocation data.

Physical location or movements.

No

H. Sensory data.

Audio, electronic, visual, thermal, olfactory, or similar information.

No

I. Professional or employment-related information.

Current or past job history or performance evaluations.

No

J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).

Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.

No

K. Inferences drawn from other personal information.

Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

Yes


We will not process or transfer your “sensitive” Personal Data without your consent, which includes Personal Data revealing racial or ethnic origin, religious beliefs, mental or physical health diagnosis, sexual orientation, citizenship or immigration status, genetic or biometric data, labor union membership for the purpose of uniquely identifying a natural person, a known child, or precise geolocation data.


We may disclose your Personal Data to a third party for a business purpose subject to confidentiality and non-use restrictions. We may sell or share Personal Data for cross-context behavioral advertising.


Personal Data Category

Categories of Third-Party Recipients

Business Purpose Disclosures

Sales or Sharing for Cross-Context Behavioral Ads

A. Identifiers.


Affiliates, Business Partners, Operating Systems & Platforms, Advertising networks, Business partners, data analytic providers, data aggregators

Advertising networks

B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).

Affiliates, Business Partners, Operating Systems & Platforms, Advertising networks, Business partners, data analytic providers, data aggregators


Advertising networks

C. Protected classification characteristics under California or federal law.

Affiliates, Business Partners, Operating Systems & Platforms, Advertising networks, Business partners, data analytic providers, data aggregators

Advertising networks

D. Commercial information.

Affiliates, Business Partners, Operating Systems & Platforms, Advertising networks, Business partners, data analytic providers, data aggregators

Advertising networks

E. Biometric information.


None

None

F. Internet or other similar network activity.

Affiliates, Business Partners, Operating Systems & Platforms, Advertising networks, Business partners, data analytic providers, data aggregators

Advertising networks

G. Geolocation data.

None

None

H. Sensory data.

None

None

I. Professional or employment-related information.

None

None

J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).

None

None

K. Inferences drawn from other personal information.

Affiliates, Business Partners, Operating Systems & Platforms, Advertising networks, Business partners, data analytic providers, data aggregators

Advertising networks


Your Data Privacy Rights

You may have certain data privacy rights under applicable law. Should you exercise any of your applicable rights under applicable U.S. state privacy law, you have the right not to receive discriminatory treatment by us.

  • Right to delete: You have the right to request that we delete your Personal Data that we have collected from you. You may call us at  +61405802877 or email us at support@jshealthvitamins.com with “CCPA Right to Delete” in the body of your message to exercise this right. There are circumstances where we are not required to comply with your request, and we will let you know if such situation arises.

  • Right to know: In some circumstances, you may have the right to request from us the categories of Personal Data that we have collected about you in the preceding twelve months, the categories of sources from which we collected your Personal Data, the business or commercial purpose that we collected your Personal Data, the categories of third parties with whom we shared your Personal Data with in the preceding twelve months, or the specific pieces of your Personal Data that we have collected. You may call us at  +61405802877 or email us at support@jshealthvitamins.com with “CCPA Right to Know” in the body of your message to exercise this right.

  • Right to opt-out: You have the right to request to opt-out of the sale of your Personal Data.

We reserve the right to verify your identity before processing any request relating to your Personal Data. You may use an authorized agent to submit a request to know or a request to delete. To use an authorized agent, you must provide your agent with written authorization, and we may require you to provide us with proof of your identity. We may deny a request from your agent if they do not submit proof that you have authorized them to act on your behalf. Such requirements will not apply where you have provided your authorized agent with power of attorney pursuant to Cal. Prob. Code Sections 4000 to 4465.

Shine the Light

Under California’s “Shine the Light” law, California residents who provide certain Personal Data in connection with obtaining products or services for personal, family, or household use are entitled to request and obtain from us, once per calendar year, information about the Personal Data that we shared with other businesses for their own direct marketing uses. If applicable, this information would include the categories of Personal Data and the names and addresses of those businesses with whom we shared your Personal Data for the immediate, prior calendar year. To obtain this information, please email us at support@jshealthvitamins.com with “Request for California Privacy Information” in the body of your message. We may ask for additional information to verify your identity. Please note that not all information sharing is covered by the “Shine the Light” law, and only legally required information will be provided.

EU & UK Privacy Rights

In compliance with applicable EU and UK law, we may collect and process your Personal Data pursuant to one or more of the following legal bases, a more detailed in the table below:

  • Performance of a contract with you: Where we need to perform the contract we are about to enter into or have entered into with you.

  • Legitimate interests: We may process your Personal Data where it is necessary to conduct our business and pursue our legitimate interests; for example, to enable us to give you the best customer experience. We consider any potential impact on you and your rights before we process your Personal Data for our legitimate interests.

  • Legal obligation: We may use your Personal Data where it is necessary for compliance with our legal obligations, for example to prevent fraud. We will identify the relevant legal obligation when we rely on this legal basis.

  • Consent: We rely on consent only where we have obtained your active agreement to use your Personal Data for a specified purpose; for example, if you subscribe to an email newsletter. For documentation purposes, statements of consent shall generally be obtained either in written or electronic form. The statement of consent should indicate that the individual has been notified of the purpose for which the personal data will be collected, used, or disclosed.

Purpose

  Personal Data

Legal Basis

To carry out contractual obligations, for example:

  • We may use your payment details and delivery address to process and fulfil your order(s) and to communicate with you about your order for a product;

  • Communicate with you about your account; or

  • Notify you about changes to our services and to otherwise communicate with you. For example, we will use your contact details to respond to your requests.

  • Identity Data

  • Contact Data

  • Transaction Data

  • Profile Data

Performance of a contract with you, where we use your Personal Data to meet our contractual obligations, keep you up to date with information about our services, and to respond to your requests.

Send you information about products, including promotions, exclusive offers, discounts, vouchers, free gifts, information about products and events.

  • Identity Data

  • Contact Data

  • Marketing and Communications Data

  • Profile Data

Legitimate interest, where we use Personal Data to help us deliver a quality service to customers. You have the right to object to processing of this nature and will be given the opportunity to do so.

Review your past purchases and viewing history on our website to provide you with special offers or to tailor your experience online.

  • Usage Data

  • Technical Data

  • Profile Data

Legitimate interest, where we use Personal Data to help us deliver a quality service to customers.

Help us review, develop, and improve the products we offer. 

  • Identity Data 

  • Contact Data 

  • Transaction Data

  • Marketing and Communications Data 

  • Profile Data 

Legitimate interest, where we use Personal Data to help us deliver a quality service to customers.

Improve and measure the effectiveness of our marketing communications, including online advertising.

We share cookie and other data with entities such as Google to make our advertising more relevant to you. Please see our Cookies Notice for full details of the cookies used. We require any such third parties to treat your Personal Data as confidential and to comply with all applicable data protection law.

  • Usage Data

  • Marketing and Communications Data

  • Technical Data

  • Profile Data 


Legitimate interest, where we use your Personal Data to deliver you a tailored experience when using our Website.

Provide, enhance, and personalise your experience on our digital services provided from our Website.

  • Usage Data

  • Marketing and Communications Data

  • Technical Data

  • Profile Data 


Legitimate interest, where we use your Personal Data to deliver you a tailored experience when using our Website.

Carry out security checks and identity checks to protect against fraudulent transactions and to prevent and detect criminal activity, such as money laundering and to ensure age restricted products are only sold to those of appropriate age.

  • Identity Data

  • Contact Data

Legitimate interest, where we use your Personal Data to protect against unlawful activities and comply with applicable laws. We may also be under a legal obligation to disclose your Personal Data.

Compliance with legal obligation, where some products sold on our Website are age restricted by law; therefore, in order to comply, we are required to ensure that customers purchasing these products are of appropriate age.

To address any claims made against us.

  • Identity Data

  • Profile Data

  • Transaction Data

  • Technical Data

Legitimate interests, where we use your Personal Data to address any claims you make against us. In some cases, we may also be under a legal obligation to disclose your Personal Data (for example, in connection with legal proceedings).


To comply with a legal obligation.

  • Identity Data

  • Profile Data

  • Technical Data

  • Transaction Data

Compliance with legal obligation, where we process your Personal Data to comply with our legal obligations.

We may share your Personal Data with others that have a legitimate business need to process your Personal Data for the purposes set out in this Privacy Notice. We may disclose your Personal Data to:

  • Our affiliates, third-party suppliers, contractors, and service providers for the purposes described in this Privacy Notice.

  • Select third parties to contact you with details of the services they provide only where you have expressly opted-in or consented to the disclosure of your Personal Data for this purpose.

  • Prospective sellers or buyers of our business or assets, including when a third party acquires, or is interested in acquiring, all or part of our assets or shares, or that succeeds us in carrying on all or a part of its business, whether by merger, acquisition, reorganization, or otherwise.

  • Regulatory authorities, government agencies, law enforcement agencies, credit reference agencies, data verification and tracing agencies, and fraud prevention agencies. Personal Data may be shared with fraud prevention agencies who will use it to prevent fraud, money laundering, and other financial crimes and to verify your identity. If fraud is detected, you could be refused certain services, finance, or employment. Further details of how your information will be used by us and these fraud prevention agencies can be found by accessing these links:

    • CIFAS: cifas.org.uk/fpn 

    • National Hunter: nhunter.co.uk/privacypolicy

Your Data Privacy Rights

You may have certain data privacy rights under applicable law, including:

The right of access: This is commonly known as a “Data Subject Access Request” (DSAR). This enables you to request, at any time, a copy of your Personal Data that we process and other information that can help you understand how and why we are processing your Personal Data. An individual also has the right to access records of transfers of its Personal Data to third parties.

The right to rectification: This allows you to ask us to have any of your Personal Data that is inaccurate or incomplete to be corrected. We may need to verify the accuracy of the corrected Personal Data you provide to us. For incomplete Personal Data, this may involve providing us with further information regarding the incomplete Personal Data.

The right to deletion: This allows you to ask us to delete or remove your Personal Data in certain circumstances under one of the following grounds: (a) the Personal Data is no longer necessary for the purposes for which it was collected or otherwise processed; (b) you withdraw your consent on which the processing of your Personal Data is based and there is no other legal ground for the processing; (c) you object to the processing of your Personal Data and there is no overriding legitimate grounds for the processing; (d) your Personal Data has been unlawfully processed; (e) your Personal Data needs to be erased due to a legal obligation; or (f) your Personal Data has been collected in relation to the offer of information society services to a child. We may not always be able to comply with your request of erasure of your Personal Data for certain legal reasons that we will inform you of at the time of your request. 

The right to restrict processing: This allows you to ask us to restrict the processing of your Personal Data in certain circumstances. When processing is restricted, we are permitted to store your Personal Data but not use it.

The right to object: You have the right to object to the processing of your Personal Data in certain circumstances. You have an absolute right to stop your Personal Data being used for direct marketing; however, in other cases where the right to object applies, we may be able to continue processing your Personal Data if we have a compelling, legitimate reason to do so.

The right to data portability: You can request the transfer of your Personal Data that you have provided to us. We will provide your Personal Data in a structured, commonly used, and machine-readable format.

The right to object to automated decision making, including profiling: You have the right not to be subject to a decision regarding your Personal Data based solely on automated processing, including profiling. We may carry out this type of processing if this type of processing of your Personal Data is: (a) necessary to enter into or perform a contract with you; (b) authorised by applicable law and which includes adequate safeguards of your rights, freedoms, and legitimate interests; or (c) based on your explicit consent.

The right to withdraw your consent: If the processing of your Personal Data is based on your prior consent, you can withdraw your consent to the processing of your Personal Data at any time by contacting us and without giving any reason. Please note that the withdrawal of consent is only effective for the future. It does not affect the processing that took place before the withdrawal.

The right to the Do-Not-Call Provisions: To the extent that any of the communication means which you have provided us with (which may include your telephone number and fax number) is listed on the Singapore Do Not Call Registry, by agreeing to this Policy, by any means of indication, you hereby grant to us your clear and unambiguous consent to contact you using all of your communication means you have provided to us including using voice calls, SMS, Whatsapp, fax or other similar communications for the purposes stated herein.

The right to lodge a complaint: If you wish to make a request or make a complaint, you may file such a complaint with a competent supervisory authority. However, we encourage you to contact us in advance using the details in the last section of this Privacy Notice in order to allow us to allay any concerns you have with regards to the processing of your Personal Data.


You are not required to pay a charge for exercising your rights. However, we may charge a reasonable fee in some circumstances. Alternatively, we may refuse to comply with your request in these circumstances, where we will provide you with our reason for our refusal if required by law. We may need to request information from you to help us confirm your identity, ensure your right to exercise your privacy right, or to assist us in our response. We have one calendar month to respond to you.

Australian Privacy Rights

This section of the Privacy Notice applies to individuals located in Australia. This section should be read in conjunction with the other general (non location-specific) sections of this Privacy Notice. Personal Data under this Australian section of the Privacy Notice has the same meaning as personal information in the Privacy Act 1988 (Cth). Any section of the Privacy Notice that is not specifically added to or expressly altered in this section applies to Australian residents in the same way as it does to all individuals subject to this Privacy Notice. 

Personal Data We Collect

  • Identifiers – Real name or alias, postal address, unique personal identifier, online identifier, Internet Protocol (IP) address, email address, account name, driver’s license or state identification number, passport number, or other similar identifiers;

  • Personal Information Categories (as defined under certain laws) – Name, signature, physical characteristics or description, address, telephone number, insurance policy number, education information, employment information and history, bank account number, credit card number, debit card number, other financial information, medical information, or health insurance information;

  • Protected Classification Characteristics (under applicable law) – Age (40 years or older), race or color, ancestry or national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity or expression), pregnancy or childbirth and related medical conditions, sexual orientation, veteran or military status, and genetic information (including familial genetic data) – and unless otherwise permitted or required by law we will only collect this type of information with your consent;

  • Commercial Information – Records of personal property, products or services purchased, obtained, or considered, and other purchasing or consuming histories or tendencies;

  • Internet or Other Electronic Network Activity Information – Browsing history, search history, and information regarding a consumer’s interaction with a website, application, or advertisement;

  • Professional or Employment-Related Information – Current or past job history and performance evaluations; and

  • Inferences Drawn from Other Personal Information – Preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

How and Why We Use Your Personal Data

We may collect and use your Personal Data for the following reasons:

  • To perform a contract with you: For example, to process your payments, deliver products, and communicate with you about your order;

  • To send you information about products and services, including promotions, exclusive offers, discounts, vouchers, and free gifts, and product information;

  • For our legitimate business interests: We may use your Personal Data to:

    • Improve your experience on our Website;

    • Tailor marketing communications and offers;

    • Understand customer behaviour and preferences; 

    • Develop and improve our products; and

    • Monitor the effectiveness of our marketing campaigns and initiatives; 

  • To investigate and respond to queries, for example using call recordings (if available and relevant) to help resolve your query and retaining the recording until the query is resolved;

  • To provide, enhance, and personalise your experience on our Website;

  • To comply with Australian legal obligations: We may use or disclose your information where we are required to do so under Australian law. For example, to verify your age for age-restricted products or to comply with financial reporting obligations;

  • To carry out security and identity checks, including protecting against fraudulent transactions, detecting criminal activity (e.g., money laundering), ensuring age-restricted products are sold only to eligible individuals; 

  • To address any claims made against us, for example, sharing accident logs with third-party claim handlers or insurers; and

  • With your consent: We may send you marketing communications (e.g., newsletters, offers) if you’ve actively opted in. You can withdraw your consent at any time.

When We May Share Your Personal Data

We may disclose your Personal Data to:

  • Our related entities, service providers, and third-party partners who help us operate our business;

  • Third parties you have consented to hear from (e.g., marketing partners);

  • Prospective buyers or investors if our business is sold or restructured;

  • Australian government authorities, regulators, or law enforcement, where required by law; and

  • Fraud prevention and identity verification services to help prevent financial crime.

You can access and update your Personal Data

You are generally entitled to access Personal Data that we hold about you. If you request access to your Personal Data, in ordinary circumstances we will give you full access to your Personal Data. Depending on the nature of the request, we may charge for providing access to this information, however such charge will not be excessive. However, there may be some legal or administrative reasons to deny access. If we refuse your request to access your Personal Data, we will provide you with reasons for the refusal where we are required by law to give those reasons. A request for access can be made by contacting us through our Comments & Questions section below.

We take all reasonable steps to ensure that any Personal Data we collect and use is accurate, complete and up to date. To assist us in this, you need to provide true, accurate, current and complete information about yourself as requested, and properly update the information provided to us to keep it true, accurate, current and complete.  Please contact us through our Comments & Questions section below if you believe that the Personal Data is inaccurate, incomplete or out of date, and we will use all reasonable efforts to correct the information.

It would assist us to ensure we properly understand your request, and allow us to respond more promptly, if requests are made in writing and include as much detail as possible.

Complaints about Privacy

If you feel that we have not respected your privacy or that we have conducted ourselves inconsistently with this Privacy Notice, please contact us as soon as possible. We will investigate your queries and privacy complaints within a reasonable period of time depending on the complexity of the complaint. It would assist us to respond to your complaint promptly if it is made in writing. Please detail information relevant to your complaint. We will notify you of the outcome of our investigation.

International Transfer of Personal Data

We are an international organization and from time to time we may transfer or disclose your Personal Data overseas for the purposes set out in this Privacy Notice, outside of the country in which you are located, including to our related entities and service providers who may be located in the US, Australia, EU, UK, and other countries from time to time. The Personal Data that we collect may be transferred for processing or storage at a destination outside of Australia, the EU or the UK. We will take all reasonably necessary steps to make sure that your Personal Data is handled with care and in accordance with applicable law. Where the UK or EU GDPR applies, we will only transfer your Personal Data to a recipient outside the EU or UK where:

  • We use Standard Contractual Clauses adopted or approved by the UK Information Commissioner’s Office or the EU Data Protection Commission;

  • The transfer is to a territory that is deemed “adequate” by the EU or UK; or;

  • The recipient is subject to an approved certification mechanism and the Personal Data is subject to appropriate safeguards to ensure that the standard of data protection in the recipient country is comparable to that of the transferring country.

If you want to receive more information about our measures implemented for international data transfers, you may contact us using the contact details specified below.

Notwithstanding any other provision of this Privacy Notice, for the avoidance of doubt, nothing herein prevents reporting possible violations of federal law or regulation to any governmental agency or entity or making other disclosures protected under the whistleblower provisions of federal law or regulation. However, reporting individuals should be mindful of existing state, federal, and international data privacy requirements, laws, and regulations.

Data Retention

Our policy is to retain Personal Data only for as long as it is needed for the purposes of which it was collected. We are obligated to retain certain Personal Data to ensure accuracy, to help maintain our quality of service, and for legal, regulatory, fraud prevention, and legitimate business purposes.

Data Security

We maintain physical, electronic, and procedural safeguards to protect your Personal Data, and we have procedures in place for appropriate disposal and protection against unauthorized access or use when we are no longer required to maintain Personal Data. 

Email Marketing

We may contact you to inform you of products we provide, but only if you have provided us with explicit consent to use your Personal Data for this purpose. If you have opted to receive marketing information from us via email, we require that all messages include instructions for unsubscribing from further marketing emails. Alternatively, you can contact us at support@jshealthvitamins.com  to unsubscribe from our marketing emails.

Some of our products are intended to be delivered and serviced electronically. Email communication may be utilized in such cases. Please do not provide any account or Personal Data, such as Social Security number, account number, or account balance, within your email correspondence to us.

Children’s Personal Data

Our Website is intended to be used by adults interested in and/or using our products. Our Website is not intended for children, and we do not knowingly collect or store Personal Data about individuals under the age of eighteen.

Changes to this Privacy Notice

We reserve the right to modify this Privacy Notice at any time to reflect changes in our privacy practices. We will notify you of any changes that may affect your rights under this Privacy Notice.

Comments & Questions

If you have any inquiries, requests, or complaints about our processing of your Personal Data, please contact us using the following:

  • Address: Santa Monica, California, United States · JSHealth Vitamins; or

  • Email: support@jshealthvitamins.com

If you are not satisfied with our response, you can raise a complaint with the relevant supervisory authority. However, we would appreciate the chance to deal with your concerns before you approach a supervisory authority.