California Consumer Privacy Act Disclosures

California Consumer Privacy Act Disclosures

These disclosures, which supplement our Privacy Policy, are provided by Simply Good Foods USA, Inc. (“Company”) and apply solely to residents of the State of California (“consumers,” or “you”) with respect to personal information Company processes as a business. Any terms defined in the California Consumer Privacy Act of 2018, as amended from time to time, including by the California Privacy Rights Act of 2020 and its implementing regulations (“CCPA”), have the same meaning when used in these disclosures. These disclosures do not reflect our collection, use, or disclosure of California residents’ personal information or data subject rights, where an exception or exemption under the CCPA applies. You can download a pdf version of these disclosures here.

1.

Website Visitor Notice at Collection

We have set out below categories of personal information about California residents website visitors. Please note that we do not monetize personal information about California resident website visitors in the sense of exchanging personal information for money. However, we disclose the following categories of personal information collected about visitors of our website to advertising partners to provide website visitors with more interesting and customized information, promotions, and advertising, which is considered “selling” and “sharing” under the CCPA. Please see our notice of right to opt-out of selling/sharing here: “Do Not Sell or Share My Personal Information // Your Opt-Out Rights.” The California Consumer Privacy Act Privacy Policy is in section 5 of these disclosures.

Categories of personal information:

  • Identifiers such as a real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers.
    • Specifically: name; address; domain name; and email address; and any other information that you choose to provide.
  • Internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding a consumer’s interaction with an internet website application, or advertisement.
    • Specifically: your browser type and operating system; web pages you view; links you click; the length of time you visit our Site and use our Services; and the referring URL, or the webpage that led you to our Site.
  • Geolocation data.
    • Specifically: your IP address; your location.

Your personal information will be retained for as long as necessary for the purposes for which it was collected, plus any additional time periods necessary for the compliance with laws (usually a minimum of 4 years), exercise or defense of legal rights, and archiving, back-up, and deletion processes.

We use non-sensitive personal information to the extent permitted or required under applicable law for the following purposes:

  • To provide our site and services to you and to facilitate the features on our site.
  • To communicate with you, such as to respond to your inquiries, to send you information that you have requested, and for other communication purposes.
  • To keep you up to date on announcements or other information we think you would like to hear about.
  • To better understand how users access and use our Site and Services, both on an aggregated and individualized basis, in order to improve our Site and Services and respond to user desires and preferences and for other research and analytical purposes.
  • To measure and understand the effectiveness of the advertising we serve to you and others and deliver relevant advertising to you.
  • To the extent permitted by applicable laws, provide you, or allow selected third parties to provide you, with information about goods or services we feel may interest you. You may opt out of receiving marketing communications from us or our affiliates by sending an email to  SMPLPrivacy@simplygoodfoodsco.com, or by unsubscribing through the unsubscribe or opt-out link in an email.
  • To engage in research and development efforts to assess the performance of our sites and services, analyze usage, interests, and trends in connection with our sites and services, improve and personalize our sites and services, and develop new products and services.

We do not have actual knowledge that we sell or share for cross-contextual behavioral advertising the personal information of California residents under 16 years of age.

2.

Registered User Notice at Collection

We have set out below categories of personal information we collect from California resident registered users. We do not sell or share for cross context behavioral advertising any personal information of California resident registered users. The California Consumer Privacy Act Privacy Policy is in section 5 of these disclosures.

Categories of personal information:

  • Identifiers such as a real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers.
    • Specifically: real name; alias; email address; account name.
  • Any information that identifies, relates to, describes, or is capable of being associated with, a particular individual, including, but not limited to, his or her name, signature, social security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information, but excluding publicly available information that is lawfully made available to the general public from federal, state, or local government records.
    • Specifically: name; physical characteristics or descriptions; medical information.
  • Characteristics of protected classifications under California or federal law.
    • Specifically: gender.
  • Inferences drawn from any of the information identified in this subdivision to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
    • Specifically: consumer’s preferences, characteristics, predispositions, behavior.

Your personal information will be retained for as long as necessary for the purposes for which it was collected, plus any additional time periods necessary for the compliance with laws (usually a minimum of 4 years), exercise or defense of legal rights, and archiving, back-up, and deletion processes.

We use non-sensitive personal information to the extent permitted or required under applicable law for the following purposes:

  • To provide the services to you and to facilitate the features on our Site.
  • To communicate with you, such as to respond to your inquiries, to send you information that you have requested, and for other communication purposes.
  • To better understand how users access and use our Site and Services, both on an aggregated and individualized basis, in order to improve our Site and Services and respond to user desires and preferences and for other research and analytical purposes.
  • To engage in research and development efforts to assess the performance of our Site and Services, analyze usage, interests, and trends in connection with our sites and services, improve and personalize our sites and services, and develop new products and services.

Further, we use sensitive personal information to the extent permitted or required under applicable law for the following purposes:

  • To perform the services or provide the goods reasonably expected by our registered users.
  • To detect security incidents that compromise the availability, authenticity, integrity, and confidentiality of stored or transmitted personal information, including in or via our premises, computers, software, networks, communications devices, and other similar systems.
  • To resist malicious, deceptive, fraudulent, or illegal actions directed at us and to prosecute those responsible for those actions.
  • To ensure the physical safety of natural persons.
  • For short-term, transient use.
  • To perform services on our behalf.
  • To verify or maintain the quality or safety of our services and products.
  • To improve, upgrade, or enhance our services and products.
  • To perform functions that are required under laws that apply to us.

We do not have actual knowledge that we sell or share for cross-contextual behavioral advertising the personal information of California residents under 16 years of age.  

3.

Job Applicant Notice at Collection

We have set out below categories of personal information we collect from California resident job applicants. We do not sell or share for cross context behavioral advertising any personal information of California residents job applicants. The California Consumer Privacy Act Privacy Policy is in section 5 of these disclosures.

Categories of personal information:

  • Identifiers such as a real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers.
    • Specifically: name; address; domain name; and email address; and any other information that you choose to provide.
  • Characteristics of protected classifications under California or federal law.
    • Specifically: diversity information (ethnicity, gender, sexual orientation, disability).
  • Internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding a consumer’s interaction with an internet website application, or advertisement.
    • Specifically: your browser type and operating system; web pages you view; links you click; the length of time you visit our Site and use our Services; and the referring URL, or the webpage that led you to our Site.
  • Geolocation data.
    • Specifically: your IP address; your location.
  • Professional or Employment-related information.
    • Specifically: employment history; educational history.
  • Education information, defined as information that is not publicly available personally identifiable information as defined in the Family Educational Rights and Privacy Act (20 U.S.C. Sec. 1232g; 34 C.F.R. Part 99).
    • Specifically: resume; educational history; names and contact information of references.

Categories of sensitive personal information:

  • A consumer’s racial or ethnic origin, citizenship or immigration status, religious or philosophical beliefs, or union membership.
    • Specifically: diversity information (ethnicity, gender, sexual orientation, disability).
  • Personal information collected and analyzed concerning a consumer’s sex life or sexual orientation.
    • Specifically: diversity information (ethnicity, gender, sexual orientation, disability).
  • Personal information collected and analyzed concerning a consumer’s health.
    • Specifically: work restrictions; necessary accommodations.

Your personal information will be retained for as long as necessary for the purposes for which it was collected, plus any additional time periods necessary for the compliance with laws (usually a minimum of 4 years), exercise or defense of legal rights, and archiving, back-up, and deletion processes.

We use non-sensitive personal information to the extent permitted or required under applicable law for the following purposes:

  • Administering the recruiting process and assessing your suitability for the role for which you are applying or other roles (including setting up a job applicant HR file, managing your application, conducting assessments, organizing interviews, arranging or reimbursing for your travel and accommodations, processing interview feedback, and conducting background checks and screening); engaging in an equal opportunity monitoring and diversity initiatives; performing analyses to better understand our applicant pool; and onboarding you as an employee, if you are hired (“Recruiting-Related Purposes”);
  • Conducting internal audits and workplace investigations, and investigating and enforcing compliance with any potential breaches of Company policies and procedures (“Investigation and Audit Purposes”);
  • Complying with applicable employment-related laws and requirements and administration of those requirements (“Regulatory-Related Purposes”); and
  • Supporting any claim or defense that the Company Group could face before any jurisdictional and/or administrative authority, arbitration, or mediation panel, and cooperating with – or informing – law enforcement or regulatory authorities to the extent required by law (“Litigation-Related Purposes”).

Further, we use sensitive personal information to the extent permitted or required under applicable law for the following purposes:

  • To perform the services or provide the goods reasonably expected by job applicants.
  • To detect security incidents that compromise the availability, authenticity, integrity, and confidentiality of stored or transmitted personal information, including in or via our premises, computers, software, networks, communications devices, and other similar systems.
  • To resist malicious, deceptive, fraudulent, or illegal actions directed at us and to prosecute those responsible for those actions.
  • To ensure the physical safety of natural persons.
  • For short-term, transient use.
  • To perform services on our behalf.
  • To verify or maintain the quality or safety of our services and products.
  • To improve, upgrade, or enhance our services and products.
  • To collect or process it where such collection or processing is not for the purpose of inferring characteristics about a consumer.
  • To perform functions that are required under laws that apply to us.

We do not have actual knowledge that we sell or share for cross-contextual behavioral advertising the personal information of California residents under 16 years of age.  

4.

Corporate Representative Notice at Collection

We have set out below categories of personal information we collect from corporate representatives who reside in California. We do not sell or share for cross context behavioral advertising any personal information of corporate representatives who reside in California. The California Consumer Privacy Act Privacy Policy is in section 5 of these disclosures.  

Categories of personal information:

  • Identifiers such as a real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers.
    • Specifically: name; address; domain name; and email address; and any other information that you choose to provide.
  • Internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding a consumer’s interaction with an internet website application, or advertisement.
    • Specifically: your browser type and operating system; web pages you view; links you click; the length of time you visit our Site and use our Services; and the referring URL, or the webpage that led you to our Site.
  • Geolocation data.
    • Specifically: your IP address; your location.
  • Professional or Employment-related information.
    • Specifically: work email addresses; work phone numbers including cellular phone numbers; worksite location; job details (title, manager, start date / end date, worker category, department).

Categories of sensitive personal information:

  • Specifically: necessary accommodations.

Your personal information will be retained for as long as necessary for the purposes for which it was collected, plus any additional time periods necessary for the compliance with laws (usually a minimum of 4 years), exercise or defense of legal rights, and archiving, back-up, and deletion processes.

We use non-sensitive personal information to the extent permitted or required under applicable law to place and receive orders; make and receive shipments; process transactions; and manage supplier, customer and reseller relationships.

Further, we use sensitive personal information to the extent permitted or required under applicable law for the following purposes:

  • To perform the services or provide the goods reasonably expected by our corporate representatives.
  • To detect security incidents that compromise the availability, authenticity, integrity, and confidentiality of stored or transmitted personal information, including in or via our premises, computers, software, networks, communications devices, and other similar systems.
  • To resist malicious, deceptive, fraudulent, or illegal actions directed at us and to prosecute those responsible for those actions.
  • To ensure the physical safety of natural persons.
  • For short-term, transient use.
  • To perform services on our behalf.
  • To verify or maintain the quality or safety of our services and products.
  • To improve, upgrade, or enhance our services and products.
  • To collect or process it where such collection or processing is not for the purpose of inferring characteristics about a consumer.
  • To perform functions that are required under laws that apply to us.

We do not have actual knowledge that we sell or share for cross-contextual behavioral advertising the personal information of California residents under 16 years of age.

5.

California Consumer Privacy Act Privacy Policy

Last Updated: March 1, 2024

Our Personal Information Handling Practices in 2023

We have set out below categories of personal information about California residents we have collected, and as applicable “sold,” “shared,” or disclosed for a business purpose in the preceding 12 months. The table is followed by a description of the purposes for which we collected personal information. Please note that we do not monetize personal information about California residents in the sense of exchanging personal information for money. However, we disclosed certain personal information collected to advertising partners to provide website visitors with more interesting and customized information, promotions, and advertising, as set out below, which is considered “selling” and “sharing” under the CCPA. Please see our notice of right to opt-out of selling/sharing here: “Do Not Sell or Share My Personal Information // Your Opt-Out Rights.”

Category of personal information Did we collect? If so, from what source? Did we sell? If so, to whom and for what purpose? Did we share? If so, to whom and for what purpose? Did we disclose? If so, to whom and for what purpose?
Personal Information
Identifiers such as a real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers. Specifically: first and last names; aliases; personal email address; personal phone number; personal address; photograph; passport number; Social Security number; driver’s license; last 4 digits of Tax ID.
  • Directly from you (e.g., through your use of the site or through SharePoint Form App)
  • Indirectly (e.g., from recruiting agencies)
 Yes, we may have “sold” this category of personal information to advertising business partners for the purposes of supporting our advertising efforts. Yes, we may have “shared” this category of personal information to advertising business partners for the purposes of supporting our advertising efforts. To various service providers, such as:
  • Recruiting agencies for recruiting-related purposes
  • Payroll providers, benefits providers, banks and payment processing service providers, documents processing and storage services providers, travel agencies, expense reimbursement service providers for HR purposes
  • Benefits and insurance providers for HR and insurance purposes
  • IT security companies, network monitoring companies, for security, investigation, and enforcement purposes
  • Business analysts for analytics purposes
  • Building management and security services providers for security and access control purposes
To corporate partners, for corporate transaction purposes

To government agencies for HR, insurance, and regulatory purposes
Any information that identifies, relates to, describes, or is capable of being associated with, a particular individual, including, but not limited to, his or her name, signature, social security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information, but excluding publicly available information that is lawfully made available to the general public from federal, state, or local government records. (The categories of personal information described in the California Customer Records Act (Cal. Civ. Code § 1798.80(e)) Specifically: first and last names; aliases; personal email address; personal phone number; personal address; links to personal and professional social media profiles; diversity information (ethnicity, gender, sexual orientation, disability); passport number; Social Security number; driver’s license; signature; car details (make, model, license plate #); photograph; last 4 digits of Tax ID; medical information.
  • Directly from you (e.g., through your use of the site or through SharePoint Form App)
  • Indirectly (e.g., from recruiting agencies)
 No. No. To various service providers, such as:
  • Recruiting agencies for recruiting-related purposes
  • Payroll providers, benefits providers, banks and payment processing service providers, documents processing and storage services providers, travel agencies, expense reimbursement service providers for HR purposes
  • Benefits and insurance providers for HR and insurance purposes
  • Business analysts for analytics purposes
  • Building management and security services providers for security and access control purposes
To corporate partners, for corporate transaction purposes

To government agencies for HR, insurance, and regulatory purposes
Characteristics of protected classifications under California or federal law. Specifically: diversity information (ethnicity, gender, sexual orientation, disability); EEO-1 Category designation; California Pay Equity Category designation. Directly from you No. No. To various service providers, such as:
  • Benefits and insurance providers for HR and insurance purposes
  • Building management and security services providers for security and access control purposes
To corporate partners, for corporate transaction purposes

To government agencies for HR, insurance, and regulatory purposes
Commercial information, including records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. Specifically: name; shipping address; credit card details; order history. Directly from you   No. No. To payment processing and delivery services providers for purposes of using our websites
Internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding a consumer’s interaction with an internet website application, or advertisement. Specifically: the length of time you visit our Site and use our Services; and the referring URL, or the webpage that led you to our Site; domain name; IP address; browser type and version; device manufacturer and model; operating system and platform (Windows or Macintosh); network information; service provider; apps installed on device; screen resolution; language; pages visited; page response times; duration of visit; date and time stamps of actions; download errors; App usage data; information and files downloaded to the App based on your device number; information about your interaction with our sites; name and version of the sites visited; information collected through cookies, pixel tags, and other similar technologies. Indirectly from consumers and job applicants (through the website), and indirectly from employees (through their activity on the company network or usage of company devices) Yes, we may have “sold” this category of personal information to advertising business partners for the purposes of supporting our advertising efforts. Yes, we may have “shared” this category of personal information to advertising business partners for the purposes of supporting our advertising efforts. To various service providers (such as IT security companies, network monitoring companies, etc.) for security purposes

Regarding the activity of consumers to certain marketing service providers for consumer marketing purposes

To corporate partners, for corporate transaction purposes

To government agencies for HR, insurance, and regulatory purposes  
Geolocation data. Specifically: access card number; badge number; IP address. Indirectly from consumers (through the website), and indirectly from employees (through their access card and/or badge number) Yes, we may have “sold” this category of personal information to advertising business partners for the purposes of supporting our advertising efforts. Yes, we may have “shared” this category of personal information to advertising business partners for the purposes of supporting our advertising efforts. To various service providers, such as:
  • Building management and security services providers for security and access control purposes
  • Regarding the activity of consumers, to certain marketing service providers for consumer marketing purposes
Audio, electronic, visual, thermal, olfactory, or similar information. Specifically: photographs. Directly from employees at work No. No. To various service providers, such as:
  • Building management and security services providers for security and access control purposes
  • Marketing services providers for client marketing purposes
To corporate partners, for corporate transaction purposes
Professional or Employment-related information. Specifically: first and last name; home address; Social Security number; hire/rehire date; date of birth; personal and work email addresses; personal and work phone numbers; worksite location; compensation details; job details (title, manager, start date / end date, worker category, department); ADP File #; ADP Position ID; temp assignment details (role, start date, end date, work schedule); employment history; educational history; criminal history; desired salary (for applicants); volunteer work; certifications; hobbies; location preference; Self-ID questions (ethnicity, gender, sexual orientation, disability); date of birth; gender; marital status; shirt size; emergency contact information;  EEO-1 Category designation; California Pay Equity Category designation; disability designation; accommodations requested; military status; signature; eligibility to work in US; visa sponsorship requirements; I-9 form and supporting documentation (passport, Social Security card, driver’s license, etc.); direct deposit details; voided picture of a check; federal and state tax forms; payroll details; income details; hourly wage details; amount of equity awards; bank account details; identity verification details; credit card details; frequent traveler numbers; car details (make, model, license plate #); access card number; badge number; date of last medical exam; doctor’s name; work restrictions; necessary accommodations; list of symptoms; limited treatment details; health and insurance plan details (category, type, provider, plan name); coverage level, coverage level amount (GTL, STD, LTD, CI, Vol.Life/AD&D); employee cost; employer cost; dependent’s name, date of birth, last 4 of SSN, and plan enrollments; marriage certificate; birth certificate; performance evaluation; separation details; final pay details; severance details; termination details; IT access termination date.
  • Directly from you (e.g., through your use of the site or through SharePoint Form App)
  • Indirectly (e.g., from recruiting agencies)
 No. No. To various service providers, such as:
  • Payroll providers, benefits providers, banks and payment processing service providers, documents processing and storage services providers, travel agencies, expense reimbursement service providers for HR purposes
  • Benefits and insurance providers for HR and insurance purposes
  • Business analysts for analytics purposes
  • Building management and security services providers for security and access control purposes
  • Marketing services providers for clients marketing purposes
To corporate partners, for corporate transaction purposes

To government agencies for HR, insurance, and regulatory purposes
Education information, defined as information that is not publicly available personally identifiable information as defined in the Family Educational Rights and Privacy Act (20 U.S.C. Sec. 1232g; 34 C.F.R. Part 99). Specifically: resume; education history. Directly from you (e.g., through your use of the site or through the SharePoint Form App)Indirectly (e.g., from recruiting agencies) No. No. To various service providers, such as:
  • Document processors and storing services companies for HR purposes
  • Professional profile service providers for HR and client marketing purposes
  • Business analysts for analytics purposes
To corporate partners, for corporate transaction purposes
Inferences drawn from any of the information identified in this subdivision to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. Specifically: consumer’s preferences, characteristics, predispositions, behavior. Directly from registered users No. No. To service providers to receive services from them.
Sensitive Personal Information
A consumer’s account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account. Specifically: consumer’s account log-in to Atkins Site in combination with its password. Directly from registered users No. No. To service providers to receive services from them.
A consumer’s social security, driver’s license, state identification card, or passport number Specifically: social security; driver’s license; passport number. Directly from you No. No. To government agencies for regulatory purposes
A consumer’s precise geolocation. Specifically, access card number; badge number. Indirectly from consumers (through the website), and indirectly from employees (through their access card and/or badge number) No. No. To various service providers, such as:
  • Building management and security services providers for security and access control purposes
  • Regarding the activity of consumers, to certain marketing service providers for consumer marketing purposes
A consumer’s account log-in, in combination with any required security or access code, password, or credentials allowing access to an account   Directly from you No. No. To various service providers (such as IT security companies, network monitoring companies, etc.) for security purposes

Regarding the activity of consumers to certain marketing service providers for consumer marketing purposes

To corporate partners, for corporate transaction purposes  
A consumer’s racial or ethnic origin, citizenship or immigration status, religious or philosophical beliefs, or union membership. Specifically: diversity information (ethnicity, gender, sexual orientation, disability); EEO-1 Category designation; California Pay Equity Category designation. Directly from you No. No. To corporate partners, for corporate transaction purposes

To government agencies for HR, insurance, and regulatory purposes
The contents of a consumer’s mail, email, and text messages unless the business is the intended recipient of the communication. Specifically: private communications to and from employees’ work email addresses and work phones, or on company network. Indirectly from employees (through company network activity and use of company devices) No. No. To various service providers (such as IT security companies, network monitoring companies, etc.) for security purposes
Personal information collected and analyzed concerning a consumer’s health. Specifically: date of last medical exam; doctor’s name; work restrictions; necessary accommodations; list of symptoms; limited treatment details; individual health conditions, treatment, diseases, or diagnosis; bodily functions, vital signs, symptoms, or measurements of other types of consumer health data; and other information that may be processed to derive or infer data. Directly from employees and indirectly from employee doctors; and directly from registered users. No. No. To various service providers, such as:
  • Travel agencies for HR purposes
  • Benefits and insurance providers for HR and insurance purposes
  • Building management and security services providers for security and access control purposes
To government agencies for HR, insurance, and regulatory purposes
Personal information collected and analyzed concerning a consumer’s sex life or sexual orientation. Specifically: diversity information (ethnicity, gender, sexual orientation, disability). Directly from you No. No. To government agencies for HR, insurance, and regulatory purposes

Business or Commercial Purpose for Collecting Personal Information

Regarding Website Visitors, we use non-sensitive personal information to the extent permitted or required under applicable law for the following purposes:

  • To provide our Site and Services to you and to facilitate the features on our site.
  • To communicate with you, such as to respond to your inquiries, to send you information that you have requested, and for other communication purposes.
  • To keep you up to date on announcements or other information we think you would like to hear about.
  • To better understand how users access and use our Site and Services, both on an aggregated and individualized basis, in order to improve our Site and Services and respond to user desires and preferences and for other research and analytical purposes.
  • To measure and understand the effectiveness of the advertising we serve to you and others and deliver relevant advertising to you.
  • To the extent permitted by applicable laws, provide you, or allow selected third parties to provide you, with information about goods or services we feel may interest you. You may opt out of receiving marketing communications from us or our affiliates by sending an email to  SMPLPrivacy@simplygoodfoodsco.com, or by unsubscribing through the unsubscribe or opt-out link in an email.
  • To engage in research and development efforts to assess the performance of our sites and services, analyze usage, interests, and trends in connection with our sites and services, improve and personalize our sites and services, and develop new products and services.

Regarding Registered Users, we use non-sensitive personal information to the extent permitted or required under applicable law for the following purposes:

  • To provide the services to you and to facilitate the features on our Site.
  • To communicate with you, such as to respond to your inquiries, to send you information that you have requested, and for other communication purposes.
  • To better understand how users access and use our Site and Services, both on an aggregated and individualized basis, in order to improve our Site and Services and respond to user desires and preferences and for other research and analytical purposes.
  • To engage in research and development efforts to assess the performance of our Site and Services, analyze usage, interests, and trends in connection with our sites and services, improve and personalize our sites and services, and develop new products and services.

Regarding Job Applicants, we use non-sensitive personal information to the extent permitted or required under applicable law for the following purposes:

  • Administering the recruiting process and assessing your suitability for the role for which you are applying or other roles (including setting up a job applicant HR file, managing your application, conducting assessments, organizing interviews, arranging or reimbursing for your travel and accommodations, processing interview feedback, and conducting background checks and screening); engaging in an equal opportunity monitoring and diversity initiatives; performing analyses to better understand our applicant pool; and onboarding you as an employee, if you are hired (“Recruiting-Related Purposes”);
  • Conducting internal audits and workplace investigations, and investigating and enforcing compliance with any potential breaches of Company policies and procedures (“Investigation and Audit Purposes”);
  • Complying with applicable employment-related laws and requirements and administration of those requirements (“Regulatory-Related Purposes”); and
  • Supporting any claim or defense that the Company Group could face before any jurisdictional and/or administrative authority, arbitration, or mediation panel, and cooperating with – or informing – law enforcement or regulatory authorities to the extent required by law (“Litigation-Related Purposes”).

Regarding Corporate Representatives, we use non-sensitive personal information to the extent permitted or required under applicable law to place and receive orders; make and receive shipments; process transactions; and manage supplier, customer and reseller relationships.

In addition to the above, if you are hired by the Company as an Employee, we also process non-sensitive personal information collected during the application and onboarding process to the extent permitted or required under applicable law for the following purposes:

  • Managing your employment relationship with the Company (including onboarding processes, timekeeping, payroll, and expense report administration, employee benefits administration, employee training and development requirements, the creation, maintenance, and security of your online employee accounts, reaching your emergency contacts when needed, such as when you are not reachable or are injured or ill, workers’ compensation claims management, employee job performance, including goals and performance reviews, promotions, discipline, and termination, payment of your compensation (including bonuses and equity awards), and other human resources purposes) (“HR Purposes”);
  • Administer and maintain the Company’s operations, including for safety purposes (“Safety Purposes”);
  • Facilitating and managing security and access control regarding Company Group offices and premises, equipment, and systems, including security activities, parking access, and gym access (“Security and Access Control Purposes”);
  • Performing workforce analytics, data analytics, and benchmarking (“Analytics Purposes”);
  • Marketing to existing or future clients (“Client Marketing purposes”);
  • Maintaining commercial insurance policies and coverages, including workers’ compensation and other liability insurance (“Insurance Purposes”); and
  • Engaging in corporate transactions requiring review of employee records, such as for evaluating potential mergers and acquisitions of the Company (“Corporate Transaction Purposes”).

Regarding Website Visitors, Registered Users, Job Applicants, Corporate Representatives and Employees, we use sensitive personal information to the extent permitted or required under applicable law for the following purposes:

  • To perform the services or provide the goods reasonably expected by our website visitors, job applicants, corporate representatives and employees.
  • To detect security incidents that compromise the availability, authenticity, integrity, and confidentiality of stored or transmitted personal information, including in or via our premises, computers, software, networks, communications devices, and other similar systems.
  • To resist malicious, deceptive, fraudulent, or illegal actions directed at us and to prosecute those responsible for those actions.
  • To ensure the physical safety of natural persons.
  • For short-term, transient use.
  • To perform services on our behalf.
  • To verify or maintain the quality or safety of our services and products.
  • To improve, upgrade, or enhance our services and products.
  • To collect or process it where such collection or processing is not for the purpose of inferring characteristics about a consumer.
  • To perform functions that are required under laws that apply to us.

We do not have actual knowledge that we sell or share for cross-contextual behavioral advertising the personal information of California residents under 16 years of age.

CCPA Rights

As a California resident, you have the following rights under the CCPA:

  • The right to know what personal information we have collected about you, including the categories of personal information, the categories of sources from which the personal information is collected, the business or commercial purpose for collecting, selling, or sharing personal information, the categories of third parties to whom we disclose personal information, and the specific pieces of personal information we have collected about you. You may only exercise your right to know twice within a 12-month period.
  • The right to delete personal information that we have collected from you, subject to certain exceptions.
  • The right to correct inaccurate personal information that we maintain about you.
  • The right to opt out of the sale or sharing of your personal information by us. We disclose California residents’ personal information to advertising business partners for the purposes of supporting our advertising efforts and, as such, we “sell” and “share” personal information as these terms are defined under the CCPA. Please note that we do not monetize personal information in the sense of disclosing your personal information in exchange for money. Please also note that, if you exercise your right to opt-out of the “sale” and “sharing” of your personal information, we may still disclose your personal information to third parties for purposes other than cross-contextual behavioral advertising, as described in our privacy disclosures. 
  • The right to limit our use and disclosure of sensitive personal information to purposes specified in subsection 7027(m) of the California Consumer Privacy Act Regulations. We do not use or disclose sensitive personal information for purposes other than those specified in subsection 7027(m) of the California Consumer Privacy Act Regulations.
  • The right not to receive discriminatory treatment by the business for the exercise of privacy rights conferred by the CCPA, in violation of California Civil Code § 1798.125, including an employee’s, applicant’s, or independent contractor’s right not to be retaliated against for the exercise of their CCPA rights.

How to exercise CCPA Rights

Methods of Submission and Instructions:

Verification: Only you, or someone legally authorized to act on your behalf, may make a request related to your personal information. You may designate an authorized agent by taking the steps outlined under “Authorized Agent” further below.In your request or in response to us seeking additional information, you, or your authorized agent, mustprovide sufficient information to allow us to reasonably verify that you are, in fact, the person whose personal information was collected, which will depend on your prior interactions with us and the sensitivity of the personal information being requested. We may ask you for information to verify your identity, and if you do not provide enough information for us to reasonably verify your identity, we will not be able to fulfill your request. We will only use the personal information you provide to us in a request for the purposes of verifying your identity and fulfilling your request.

Opt-Out Preference Signals:  We respond to opt-out preference signals communicated via the Global Privacy Control and will process such signals with respect to the browser or device communicating the signals, or with respect to you specifically if you have signed onto your Simply Good Foods account while communicating Global Privacy opt-out preference signals. To use Global Privacy Control opt-out preference signals, please follow the instructions here: https://globalprivacycontrol.org/.

Authorized Agents:  You can designate an authorized agent to make a request under the CCPA on your behalf if:

  • The authorized agent is a natural person or a business entity, and the agent provides proof that you gave the agent signed permission to submit the request; and
  • You directly confirm with Company that you provided the authorized agent with permission to submit the request.

If you provide an authorized agent with power of attorney pursuant to Probate Code sections 4121 to 4130, it may not be necessary to perform these steps, and we will respond to any request from such authorized agent in accordance with the CCPA.

Contact Us

If you have any questions or comments about these disclosures or our practices, please contact us by populating our web form available at http://www.thesimplygoodfoodscompany.com/contact-ir, or you can write to us at:

Simply Good Foods USA, Inc.

Attention: Legal Department/Privacy

1225 17th Street, Suite 1000

Denver, CO 80202