Moon Valley Nurseries, including its parent, affiliated, and subsidiary companies, (collectively, “MVN,” “our,” “we” or “us”), is a leading provider of retail tree and plant products at our various locations in the United States. We respect your privacy. We created this Privacy Policy to help you become familiar with how we collect, use, disclose, share, and protect Personal Data (defined below) and otherwise comply with applicable consumer privacy laws, including the choices we offer with respect to your Personal Data. We encourage you to read this Privacy Policy in full before using https://www.moonvalleynurseries.com/, or any other MVN website (collectively, the “Website” or “Websites”), or any other online service (e.g., mobile apps) that posts a link to this Privacy Policy, opening our e-mails or otherwise submitting Personal Data to us (collectively, the “Service” or our “Services”). Should you have any questions or requests you may contact us at dataprivacy@mvncorp.com. See the section titled “Contact Us” at https://www.moonvalleynurseries.com/contact-us for further contact information.
This Privacy Policy together with our posted Terms of Use at https://www.moonvalleynurseries.com/terms-and-conditions explains how we collect, use, and safeguard information in the course of providing and operating the Service. By visiting or otherwise using the Service, you agree to the Service’s Terms of Use https://www.moonvalleynurseries.com/terms-and-conditions.
This Privacy Policy does not apply to applicants seeking employment with us, our current or past employees, contractors, or interns. To receive a copy of our employee privacy notice, please contact us.
Your State Privacy Rights: Residents of California have certain privacy rights detailed below. To the extent there is a conflict between this Privacy Policy and the State Privacy Notice section, the State Privacy Notice section will control.
A. Information About You That You Provide.
We and/or our Service Providers (defined below) may, from time to time, request that you provide us with Personal Data when you request a proposal from us, place orders with us, establish an account with us, request information, interact with our customer service, participate in a marketing campaign, complete surveys, or use our Websites. In some instances, we may need to supplement the information you provided with certain Personal Data about you obtained from third parties to process your online transaction. In addition, when you interact with Third-Party Services (defined below), you may be able to provide information to those third parties and those Third Parties, in turn, may provide information to us.
We, our Service Providers and/or Third-Party Services may collect your “Personal Data,” including:
B. Information Collected Automatically
We, our Service Providers and/or Third-Party Services may also automatically collect certain information about you when you access or use the Services (“Usage Information”). Usage Information may include IP address, device identifier, browser type, operating system, information about your use of the Service, the device you use, the web page you visited before coming to our sites, and identifiers associated with your devices and you (depending on their settings) may also transmit location information to the Service.
The methods that may be used on the Services to collect Usage Information include cookies, web beacons (also known as “tracking pixels”), embedded scripts, location-identifying technologies, device recognition technologies, in-app tracking methods, device and activity monitoring and other tracking technologies now and hereafter developed (“Tracking Technologies”) may be used to collect information about interactions with the Website or e-mails, including information about your browsing and purchasing behavior. Such Tracking Technologies may include:
Some information about your use of the Service and certain other online websites may be collected using Tracking Technologies across time and Services and used by us and third parties for purposes such as to associate different devices you use and deliver relevant ads and/or other content to you on the Website and certain other online websites, in accordance with applicable data protection laws.
C. Information We Collect from Other Sources
We may also obtain information about you from other sources, including Service Providers and Third-Party Services. We are not responsible or liable for the accuracy of the information provided by third parties or for third party policies and practices.
D. Limitations
To the extent non-Personal Data, or Personal Data collected outside of the Service or by Third-Party Services, is combined by or on behalf of us with Personal Data we collect directly from you on the Service (“MVN-Collected Personal Data”), we will treat it in accordance with this Privacy Policy. Notwithstanding the foregoing or anything to the contrary, unless required by applicable law, this Privacy Policy is not intended to limit our activities regarding information that does not personally identify you such that it does not constitute Personal Data, including Personal Data that has been “De-identified” (i.e., the removal or modification of the personally identifiable elements, or the extraction of non-personally identifiable elements), and non-MVN Collected Personal Data (including third-party-sourced, or non-Service-sourced, information) that is not combined with MVN Collected Personal Data.
We may use information about you for any purposes not inconsistent with our statements under this Privacy Policy, or otherwise made by us in writing at the point of collection, and not prohibited by applicable law, including, without limitation, for the following purposes:
Generally, we may share information about you for any purpose not inconsistent with our statements under this Privacy Policy, or statements otherwise made by us in writing at the point of collection, and not prohibited by applicable law, including, without limitation:
Third parties are permitted to use your personal data only to assist us in providing our Services to you or to offer complementary goods and/or services that we have good reason to believe may be of particular interest to you and to the extent permissible under applicable law.
All parties we share information with are required to treat your information confidentially and show that they have appropriate data protection and security controls, and that they protect personal data consistent with the principles articulated in this Privacy Policy. Wherever it is possible and reasonable, we will disclose only the minimum information necessary to complete and process an order.
The Service may include or link to Third-Party Services, apps, locations, platforms, code (e.g., plug-ins, application programming interfaces, and software development kits (“SDKs”)), or other websites (collectively, “Third-Party Service(s)”). These Third-Party Services may use their own cookies, web beacons, and other Tracking Technologies to independently collect information about you and may solicit Personal Data from you.
Certain functionalities on the Service permit interactions that you initiate between the Service and Third-Party Services. Examples of such interactions include connecting the Service to a Third-Party Service (e.g., to pull or push information to or from the Service). If you enable such interactions, both we and the third party may have access to certain information about you and your use of the Service and any Third-Party Service.
We may engage and work with Service Providers, Third-Party Services, and other third parties to serve advertisements on the Website and/or on other online websites. Some of these ads may be tailored to your interest based on your browsing of the Website and elsewhere on the Internet, which may include use of precise location and/or cross-device data, sometimes referred to as “interest-based advertising” and “online behavioral advertising” (“Interest-based Advertising”) (where permitted under applicable law), which may include sending you an ad on another online website after you have left the Website (i.e., “retargeting”).
We are not responsible for, and make no representations regarding, the policies or business practices of any third parties, including, without limitation, analytics Service Providers and Third-Party Services associated with the Website, and encourage you to familiarize yourself with and consult their privacy policies and terms of use.
We do not knowingly collect any Personal Data from children under the age of 13 through our Services. If you are under 13, please do not give us any Personal Data. We encourage parents and legal guardians to monitor their children’s Internet usage and to help enforce our Privacy Policy by instructing their children never to provide Personal Data to us without their permission. If you have reason to believe that a child under the age of 16 has provided Personal Data to us, please contact us at dataprivacy@mvncorp.com and we will endeavor to delete that Personal Data from our databases.
To the extent required by applicable law, we may provide web pages or other mechanisms allowing you to delete, correct, or update some of your information that we have collected and retained, and potentially certain other information about you (e.g., profile and account information). Further, except to the extent prohibited by applicable law, we reserve the right to retain data: (a) as required by applicable law; and (b) for so long as reasonably necessary to fulfill the purposes for which the data was collected.
The security of your Personal Data is important to us. We employ reasonable technical and organizational measures to protect against the loss of, or unauthorized access to, the information under our control. Although we take reasonable and appropriate measures to protect your information, we cannot guarantee that your information will always remain secure.
A. Tracking Technologies Generally
Regular cookies may generally be disabled or removed by tools available as part of most commercial browsers, and in some instances blocked in the future by selecting certain settings. Browsers offer different functionalities and options, so you may need to set them separately. Also, tools from browsers may not be effective with regard to certain Tracking Technologies. Please be aware that if you disable or remove these technologies, some parts of the Services may not work and when you revisit the Services your ability to limit browser-based Tracking Technologies is subject to your browser settings and limitations.
Your browser settings may allow you to automatically transmit a “Do Not Track” signal to online websites you visit. Like many online websites, we currently do not alter our practices when we receive a “Do Not Track” signal from a visitor’s browser.
B. Analytics and Advertising Tracking Technologies
You may choose whether to receive some Interest-based Advertising by submitting opt-outs. Some of the advertisers and Service Providers that perform advertising-related services for us and third parties may participate in the Digital Advertising Alliance’s (“DAA”) Self-Regulatory Program for Online Behavioral Advertising. To learn more about how you can exercise certain choices regarding Interest-based Advertising, including use of Cross-device Data for serving ads, visit http://www.aboutads.info/choices/, and http://www.aboutads.info/appchoices for information on the DAA’s opt-out program specifically for mobile apps (including use of precise location for third party ads). Some of these companies may also be members of the Network Advertising Initiative (“NAI”). To learn more about the NAI and your opt-out options for their members, see http://www.networkadvertising.org/choices/. Please be aware that, even if you are able to opt out of certain kinds of Interest-based Advertising, you may continue to receive other types of ads. Opting out only means that those selected members should no longer deliver certain Interest-based Advertising to you but does not mean you will no longer receive any targeted content and/or ads (e.g., from other ad networks). Also, if your browsers are configured to reject cookies when you visit these opt-out webpages, or you subsequently erase your cookies, use a different device or web browser or use a non-browser-based method of access (e.g., mobile app), your NAI / DAA browser-based opt-out may not, or may no longer, be effective.
You may exercise choices regarding the use of cookies from Google Analytics by going to https://tools.google.com/dlpage/gaoptout or downloading the Google Analytics Opt-out Browser Add-on. We may also use Microsoft Advertising Websites. To learn about the data Microsoft collects and how your data is used by it and to opt-out of certain Microsoft browser Interest-based Advertising, please visit here.
We are not responsible for effectiveness of, or compliance with, any third-parties’ opt-out options or programs or the accuracy of their statements regarding their programs.
C. Communications
You can opt out of receiving certain promotional communications from us at any time by: (i) for promotional e-mails, following the instructions provided in emails to click on the unsubscribe link, or if available by changing your communication preferences by logging onto your account; (ii) for text messages, following the instructions provided in text messages from us to text the word, “STOP”; and (iii) for app push notifications turn off push notifications on the settings of your device and/or the app, as applicable. Please note that your opt-out is limited to the e-mail address or phone number used and will not affect subsequent subscriptions. If you opt-out of only certain communications, other subscription communications may continue. Even if you opt out of receiving promotional communications, we may, subject to applicable law, continue to send you non-promotional communications, such as those about your account, transactions, servicing, or our ongoing business relations.
This State Privacy Notice applies to “Consumers” as defined under the California Consumer Privacy Act, including as amended by the California Privacy Rights Act (“CPRA”) (together, the “CCPA”), Chapter 603A of the Nevada Revised Statutes, and all laws implementing, supplementing or amending the foregoing, including regulations promulgated thereunder (collectively, “U.S. Privacy Laws”). This State Privacy Notice is a supplement to our other privacy policies or notices, including the remainder of this Privacy Policy. In the event of a conflict between any of our other policies, statements, or notices and this State Privacy Notice, this State Privacy Notice will prevail as to Consumers and their rights under the applicable state law, unless stated otherwise. This State Privacy Notice is designed to meet our obligations under the U.S Privacy Laws. Capitalized terms not defined herein shall have the meaning ascribed to them under the applicable U.S. Privacy Law.
Scope of PI: There may be additional information that we collect that meets the definition of personal information (also referred to herein as “PI”) under the CCPA but is not reflected by a category in the table that follows, in which case we will treat it as PI as required but will not include it when we describe our practices by category of PI. We reserve the right, to the extent permitted by the CCPA and other applicable California privacy laws, not to treat the following as PI: deidentified, aggregated data or publicly available information. We reserve the right, as allowable, to convert, or permit others to convert, your PI into deidentified or aggregate Consumer information.
Non-Applicability, Human Resources: This California Privacy Notice does not apply to applicants seeking employment with us, our current and past employees, contractors, or interns (“Personnel”) and human resources PI (“HR PI”) however, our California Personnel may obtain a separate privacy notice that is applicable to them by contacting our Human Resources Department.
A. PI Collection, Use, and Disclosures, by Category
The description of our data practices in this Notice covers only the twelve (12) months prior to the Effective Date (“Reporting Period”) and will be updated at least annually. Our data practices may differ between updates, however, if materially different from this California Privacy Notice, we will provide pre-collection notice of the current practices, which may include references to other privacy policies, notices or statements posted or referenced on the Service that reflect current practices.
Generally, we collect, retain, use, and disclose your PI in order to provide you services and as otherwise related to the operation of our business. The table immediately below describes the categories of PI we collect, in the left column. The right column states the categories of third parties that receive such PI as part of disclosures, by us to them, for what the CCPA refers to as “Business Purposes" as well as disclosures which may be considered a “sale” or “sharing” as defined under CCPA. “Business Purposes” include:
Additional Business Purposes include disclosing PI to other parties in a context that is not a regulated “Sale” or “Sharing” under the CCPA, such as to our Service Providers or Contractors that perform services for us (“Vendors”), to the Consumer or to other parties at the Consumer’s direction or through the Consumer’s action, for the additional purposes explained at the time of collection (such as in the applicable privacy policy or notice), as required or permitted by applicable law, to the government or private parties to comply with law or legal process, and to assignees as part of an acquisition, merger, asset sale, or other transaction where another party assumes control over all or part of our business (“Additional Business Purposes”). Subject to restrictions and obligations under the CCPA, our Vendors may also use your PI for Business Purposes, including Additional Business Purposes, and may engage their own Service Providers or Contractors to enable them to perform services for us.
The collection of PI by some third-party cookies, such as by some interest-based advertising cookie operators, may be considered a “Commercial Purpose” and a “Sale” under the CCPA and potentially other state laws, and our Processing of PI for certain advertising purposes may be a “Sharing.” See the next subsection for more detail.
Category Of PICategories of PI Recipients – Business Purposes (“BP”) and Sale / SharingRetention Period
1) Identifiers and Contact Information (such as name, phone number, address, email address, mobile identification number, IP address, cookie ID)
BP: Service Providers, such as cloud vendors, analytics companies, social media networks, advertising providers
Sale/Share: N/A
Generally between 1 and 3 years, or as otherwise stated below.
2) Personal Records (such as payment information, identification number)
BP: Service Providers, such as cloud vendors and financial services companies; Government Entities (e.g., related to compliance obligations)
Sale/Sharing: N/A
Generally between 1 and 3 years, or as otherwise stated below.
3) Personal Characteristics or Traits (e.g., Age, Gender)
BP: Service Providers such as cloud vendors, analytics companies, advertising providers, and social media networks; Government Entities (e.g., related to compliance obligations)
Sale/Sharing: N/A
Generally between 1 and 3 years, or as otherwise stated below.
4) Customer Account Details / Commercial Information (e.g., your purchase history)
BP: Service Providers such as analytics companies, advertising providers, cloud vendors, financial services companies,; Government Entities (e.g., related to compliance obligations)
Sale/Sharing: N/A
Generally between 1 and 3 years, or as otherwise stated below.
5) Internet Usage Information (such as search or browsing history on the Service)
BP: Service Providers such as cloud providers, analytics companies, advertising providers, and social media networks; Affiliates and Related Entities; Government Entities
Sale/Share: Cookie operators,
Generally between 1 and 3 years, or as otherwise stated below.
6) Location Data (such as where you enable location-based features on your device)
BP: Service Providers such as analytics companies, advertising providers, and social media networks; Affiliates and Related Entities; Government entities
Sale/Sharing: N/A
Generally between 1 and 3 years, or as otherwise stated below.
7) Audiovisual and Similar Information (such as security camera footage, customer service call recordings)
BP: Service Providers such as customer service providers, call center operators, and security companies; Affiliates and Related Entities; Government Entities
Sale/Sharing: N/A
Generally between 1 and 3 years, or as otherwise stated below.
8) Professional or Employment Information (such as employment history)
BP: Service Providers such as cloud service providers, analytics companies, advertising providers, and social media networks; Affiliates and Related Entities; Government Entities
Sale/Sharing: N/A
Generally between 1 and 3 years, or as otherwise stated below.
9) Inferences from PI Collected
BP: Service Providers such as analytics companies, advertising providers, and social media networks; Affiliates and Related Entities; Government Entities
Sale/Sharing: N/A
Generally between 1 and 3 years, or as otherwise stated below.
Retention Details: As required by California law, we note our general PI retention rules by category of PI in the chart above. Because there are so many different types of PI in each category, and so many purposes and use cases for different PI, we provide general retention ranges above. However, actual retention periods will depend upon how long we have a legitimate purpose for the retention consistent with the collection purposes and applicable law. For instance, we may maintain business records for so long as relevant to our business, and may have a legal obligation to hold PI for so long as potentially relevant to prospective or actual litigation or government investigation. We apply the same criteria for determining if we have a legitimate purpose for retaining your PI that you ask us to delete. If you make a deletion request, we will conduct a review of your PI to confirm if legitimate ongoing retention purposes exist, will limit the retention to such purposes for so long as the purpose continues, and will respond to you with information on any retention purposes on which we rely for not deleting your PI.
B. PI Collection, Use, and Disclosure – By Processing Purpose
We collect, use, and disclose PI for the processing purposes described below.
Processing Purpose(s)
Examples(s) of Processing Purpose
Categories of PI Processed
Categories of Recipients
Performing Services
To provide our Services to you or communicate about our Services: to provide you with info or services, to send you electronic newsletters and push notifications (if you have elected to receive such), to communicate with you about your use of the Services, to provide you with special offers or promotions
Enable additional features of our sites: to enable you to participate in a variety of our site’s features, including marketing campaigns, complete surveys, or use our Websites
Process Transactions: to process or fulfill a transaction
Contact You: to contact you about your use of our Services and, in our discretion, changes to our Services or our Service’s policies
Account management: to process your registration with our Services, verify your info is active and valid, manage your account
Customer Service: to respond to any questions, comments, or requests you have for us or for other customer service purposes
Payment and other purchase-related purposes: to facilitate a purchase made using our Services, including payment
Managing Interactions and Transactions
Auditing: related to counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with user interaction or transaction specifications and standards (e.g., ecommerce activities)
Security and fraud prevention
Security/fraud prevention: to protect the security of Company, our Services, or its users and to prevent and address fraud
Debugging
Repairs: identify and repair errors that impair existing intended functionality of our Services
Advertising & Marketing (excluding Cross-Context Behavioral Advertising and Targeted Advertising)
Content and offers customization: to customize your experience on our websites, apps, or other Services, or to serve you specific content and offers that are relevant to/customized for you (e.g., pricing and discounts based on your profile, location, or shopping history)Advertising, marketing, and promotions: to assist us in determining relevant advertising and the success of our advertising campaigns; to help us determine where to place our ads, including on other websites; for promotional activities such as running sweepstakes, contests, and other promotions.
Quality Assurance
Ensuring the Quality and Safety of Service: undertaking activities to verify or maintain the quality or safety of our Services, and to improve, upgrade, or enhance our Services
Processing Interactions and Transactions
Short-term, transient use: including, but not limited to, non-personalized advertising shown as part of a Consumer’s current interaction with Company and use of our Services’ features and functionality (e.g., completing e-commerce transactions)
Research and Development
Research and analytics: to better understand how users access and use our Services, both on an aggregated and individualized basis, to improve our Services and respond to user preferences, and for other research and analytical purposes.
Market research and customer satisfaction surveys: to administer surveys and questionnaires, such as for market research or customer satisfaction purposes.
Additional Business Purposes
Compliance with legal obligations: to comply with legal obligations, as part of our general business operations, and for other business administration purposes
Prevention of illegal activities, fraud, injury to others, or violation of our terms and policies: to investigate, prevent or take action if someone may be using info for illegal activities, fraud, or in ways that may threaten someone’s safety or violate of our terms or this Notice
Purposes disclosed at PI collection: We may provide additional disclosures at the time of PI collection, such as on a checkout page
Related or compatible purposes: for purposes that are related to and/or compatible with any of the foregoing purposes
Commercial Purposes
Cross-context Behavioral Advertising
Targeted Advertising
Strategic partnerships with select marketing partners that offer services to our customers, such as credit card issuers
C. Your Consumer Rights and How to Exercise Them
As described more below, subject to meeting the requirements for a Verifiable Consumer Request (defined below) under U.S. Privacy Laws, MVN provides Consumers the privacy rights described in this section as required by U.S. Privacy Laws. For residents of states without consumer privacy rights we will consider requests but will apply our discretion in how we process such requests except as required by applicable law. We will also consider applying state law rights prior to the effective date of such laws but will do so in our discretion.
With regard to PI that qualifies as Sensitive PI under applicable the U.S. Privacy Laws, as of January 1, 2023 we will provide you with a pre-collection notice informing you of the categories of Sensitive PI to be collected and the purposes for which such categories are collected or used, whether that information is Sold or Shared and our retention practices as to that Sensitive PI. If you elect to provide us with that Sensitive PI you will have consented to such Processing. However, residents of California can opt-out of certain types of Sensitive PI Processing.
Residents of California are entitled to access PI up to twice in a 12-month period.
California residents have a right to submit a request for any of the following for the twelve (12) month period prior to the request date:
We offer this right only to California residents. To exercise such rights follow the instructions, see below.
You may request to confirm if we are Processing your PI and request to obtain a transportable copy of your PI that we have collected and are maintaining, subject to applicable request limits. We will apply the heightened verification standards set forth below to your specific pieces of information request, as required by the CCPA. We have no obligation to re-identify information or to keep PI longer than we need it or are required to by applicable law to retain it to comply with access requests. We will apply our discretion in how we process requests from Consumers residing in states that do not have laws granting consumers this right except as required by applicable law.
Under the various U.S. Privacy Laws there are broad and differing concepts of “Selling” PI for which an opt-out is required. California also has an opt-out from “Sharing” for Cross-Context Behavioral Advertising (use of PI from different businesses or services to target advertisements). Other states have an opt-out of “Targeted Advertising” (defined differently but also addressing tracking, profiling, and targeting of advertisements). We may Sell or Share your PI and/or use your PI for Targeted Advertising, as these terms apply under U.S. Privacy Laws. However, we provide U.S. Consumers an opt out of Sale/Sharing/Targeting that is intended to combine all of these state opt-outs into a single opt-out available regardless of state of residency.
Third-Party digital businesses (“Third-Party Digital Businesses”) may associate cookies and other tracking technologies that Collect PI about you on our Services, or otherwise Collect and Process PI that we make available about you, including digital activity information. We understand that giving access to PI on our Services, or otherwise, to Third-Party Digital Businesses could be deemed a Sale and/or Share under some state laws and thus we will treat such PI (e.g., cookie ID, IP address, and other online IDs and internet or other electronic activity information) collected by Third-Party Digital Businesses, where not limited to acting as our Service Provider (or Contractor or Processor), as a Sale and/or Share and subject to a Do Not Sell/Share/Target opt-out request. We will not Sell your PI, Share your PI for Cross-Context Behavioral Advertising, or Process your PI for Targeted Advertising if you make a Do Not Sell/Share/Target opt-out request.
Opt-out for non-cookie PI: If you want to limit our Processing of your non-cookie PI (e.g., your email address) for Targeted Advertising, or opt-out of the Sale/Sharing of such data, make an opt-out request at dataprivacy@mvncorp.com.
Opt-out for cookie PI: If you want to limit our Processing of your cookie-related PI for Targeted Advertising, or opt-out of the Sale/Sharing of such PI, please contact us at dataprivacy@mvncorp.com.
We do not knowingly Sell or Share the PI of Consumers under 16, unless we receive affirmative authorization (“opt-in”) from either the Consumer who is between 13 and 16 years old, or the parent or guardian of a Consumer who is less than 13 years old. If you think we may have unknowingly collected PI of a Consumer under 16 years old, please contact us at dataprivacy@mvncorp.com.
We may disclose your PI for the following purposes, which are not a Sale or Sharing: (i) if you direct us to disclose PI; (ii) to comply with a Consumer rights request you submit to us; (iii) disclosures amongst the entities that constitute MVN as defined above, or as part of a merger or asset sale; and (iv) as otherwise required or permitted by applicable law.
Except to the extent we have a basis for retention under applicable law, you may request that we delete your PI. Our retention rights include, without limitation:
Please also be aware that making a deletion request does not ensure complete or comprehensive removal or deletion of PI or content you may have posted.
All the above categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.
Note also that, depending on where you reside (e.g., California), we may not be required to delete your PI that we did not collect directly from you. For residents of U.S. states that do not have laws granting Consumers this right we will consider deletion requests but will apply our discretion in how we process such requests except as required by applicable law.
Consumers may bring any inaccuracies they find in their PI that we maintain to our attention, and we will act upon such a complaint consistent with applicable law. You can also make changes to your online account in the account settings section of the account. That will not, however, change your information that exists in other places.
We do not engage in Automated Decision Making or Profiling.
To submit a request to exercise your Consumer privacy rights, or to submit a request as an authorized agent, please follow the instructions at dataprivacy@mvncorp.com and respond to any follow-up inquiries we make. Please be aware that we do not accept or process requests through other means (example, via fax, chats, social media etc.).
As permitted by the CCPA, any request you submit to us must be a “Verifiable Consumer Request,” meaning when you make a request, we may ask you to provide verifying information, such as your name, e-mail address, phone number and/or account information. We will review the information provided and may request additional information (e.g., confirmation of recent transaction(s)) via e-mail or other means to ensure we are interacting with the correct individual. We will not fulfill your Right to Know (Categories), Right to Know (Specific Pieces), Right to Delete, or Right to Correction request unless you have provided sufficient information for us to reasonably verify you are the Consumer about whom we collected PI. We do not verify opt-outs of Sell/Share/Target or Limitation of SPI requests unless we suspect fraud.
We will use PI provided in a Verifiable Consumer Request only to verify your identity or authority to make the request and to track and document request responses, unless you also gave it to us for another purpose. If we suspect fraudulent or malicious activity on or from the password-protected account, we may decline a request or request that you provide further verifying information.
We verify each request as follows:
To protect Consumers, if we are unable to verify you sufficiently, we will be unable to honor your request. We will use PI provided in a Verifiable Consumer Request only to verify your identity or authority to make the request and to track and document request responses, unless you also gave it to us for another purpose.
You may use an authorized agent to make a request for you, subject to our verification of the agent, the agent’s authority to submit requests on your behalf, and of you. Once your agent’s authority is confirmed, they may exercise rights on your behalf subject to the agency requirements of the CCPA.
Residesnts of California may appeal our decision regarding a request by sending us an e-mail at dataprivacy@mvncorp.com.
Some PI we maintain about Consumers is not sufficiently associated with enough PI about the Consumer for us to be able to verify that it is a particular Consumer’s PI when a Consumer request that requires verification is submitted to us (e.g., clickstream data tied only to a pseudonymous browser ID). We do not include that PI in response to those requests. If we cannot comply with a request, we will explain the reasons in our response.
We will make commercially reasonable efforts to identify Consumer PI that we Process to respond to your Consumer privacy rights request(s). In some cases, particularly with voluminous and/or typically irrelevant data, we may suggest that you receive the most recent or a summary of your PI and give you the opportunity to elect whether you want the rest or not. We reserve the right to direct you to where you may access and copy responsive PI yourself. We will typically not charge a fee to fully respond to your requests; provided, however, that we may charge a reasonable fee, or refuse to act upon a request, if your request is excessive, repetitive, unfounded, or overly burdensome. If we determine that the request warrants a fee, or that we may refuse it, we will give you notice explaining why we made that decision. You will be provided a cost estimate and the opportunity to accept such fees before we will charge you for responding to your request.
Consistent with the CCPA and our interest in the security of your PI, we will not deliver to you your Social Security number, driver’s license number, or other government-issued ID number, financial account number, any health information or medical identification number, an account password, security questions or answers, or unique Biometric Information generated from measurements or technical analysis of human response to a Consumer privacy rights request; however, you may be able to access some of this information yourself through your account if you have an active account with us.
We will not discriminate against you in a manner prohibited by the U.S. Privacy Laws for your exercise of your Consumer privacy rights. We may charge a different price or rate or offer a different level or quality of good or service, to the extent that doing so is reasonably related to the value of the applicable data.
Notwithstanding anything to the contrary, we may collect, use, and disclose your PI as required or permitted by applicable law and this may override your rights under the CCPA. In addition, we are not required to honor your requests to the extent that doing so would infringe upon our or another person’s or party’s rights or conflict with applicable law.
California residents may request a list of all third parties to which we have disclosed certain personal information (as defined by California’s Shine the Light law), collected via our online Service, during the preceding year, for those third parties’ own direct marketing purposes, unless we have obtained your consent or given you an opportunity to opt-out. This is different than, and in addition to, CCPA rights, and must be requested separately. If you are a California resident and want such a list, please contact us dataprivacy@mvncorp.com For Shine the Light requests, you must put the statement “Shine the Light Request” in the body of your correspondence. In your request, please attest to the fact that you are a California resident and provide a current California address for your response. Please note that we will not accept Shine the Light requests by telephone or by fax, and we are not responsible for notices that are not labeled or sent properly or that do not have complete information.
To contact us with any requests concerning your information, questions regarding this Privacy Policy, or any related matter, please contact us:
E-mail: dataprivacy@mvncorp.com
Post: Moon Valley Nurseries
Attention: General Counsel
14000 N. Pima Rd., Suite 150
Scottsdale, Arizona 85260
We will occasionally update this Privacy Policy to reflect your feedback, to implement changes required by applicable law, or as we may otherwise deem necessary or appropriate. If there are material changes to this Privacy Policy or in how we use your Personal Data, we will prominently post such changes to the Website prior to implementing the change. We encourage you to periodically review this Privacy Policy to be informed of how we are using and protecting your information.
Last Updated: April 1, 2024
Arizona ROC #
:140536
California CSLB #
:1092420
Nevada License #
:0058408