Privacy Policy
Nest Organic, Inc. takes your privacy seriously. This Privacy Policy explains what personal information we collect, how we use it, who we share it with, and what rights you have. We operate nestorganic.com ("the Site") and sell products directly to consumers in the United States. This policy applies to all information collected through the Site and any related communications.
Information We Collect
We collect information you provide directly and information collected automatically when you use the Site.
| Category | What we collect | When collected |
|---|---|---|
| Identity | Name, email address | Account creation, checkout, newsletter signup, contact forms |
| Contact | Shipping and billing address, phone number | Checkout, account management |
| Payment | Payment card type and last four digits; transaction ID | Checkout (processed by Shopify Payments — full card data is not stored by Nest) |
| Order history | Products purchased, order dates, subscription status, return history | Each transaction |
| Communications | Messages sent via contact forms, email correspondence | When you contact us |
| Usage data | Pages visited, time on site, referring URLs, browser type, device type, IP address | Automatically via cookies and analytics tools |
| Marketing preferences | Email newsletter opt-in/opt-out status | Newsletter signup, account settings, unsubscribe actions |
We do not collect sensitive personal information as defined under CPRA — such as precise geolocation, racial or ethnic origin, religious beliefs, health information, or biometric data — unless you voluntarily provide it in a contact form or communication.
How We Use Your Information
We use the information we collect for the following purposes:
Order fulfillment. Processing, packaging, and shipping your orders; sending order confirmations and tracking information; handling returns and refunds.
Account management. Creating and maintaining your nestorganic.com account; managing subscription preferences; providing customer support.
Communications. Sending transactional emails (order confirmations, shipping updates, subscription reminders). Marketing emails are sent only to customers who have opted in. You may unsubscribe at any time using the link in any marketing email or by contacting us directly.
Site improvement. Analyzing how visitors use the Site to improve navigation, product pages, and the overall experience. This is done using aggregated and anonymized analytics data where possible.
Fraud prevention and security. Detecting and preventing fraudulent transactions and unauthorized access to the Site or customer accounts.
Legal compliance. Meeting our obligations under applicable law, including tax reporting, consumer protection regulations, and data privacy law.
We do not use personal information to make automated decisions that produce legal or similarly significant effects.
Cookies & Tracking Technologies
We use cookies and similar tracking technologies to operate the Site and understand how it is used.
| Technology | Purpose | Opt-out |
|---|---|---|
| Shopify session cookies | Essential — maintain your shopping cart, login session, and checkout state. Cannot be disabled without breaking Site functionality. | Not optional for Site use |
| Google Analytics 4 (GA4) | Analytics — tracks page views, session duration, traffic sources, and user behavior in aggregate. IP addresses are anonymized. | Google Analytics opt-out browser add-on: tools.google.com/dlpage/gaoptout |
| Meta Pixel | Advertising — measures the effectiveness of advertising on Facebook and Instagram. Associates Site visits with Meta ad interactions. | Meta ad preferences: facebook.com/ads/preferences. Or opt out via the link on our Consent Preferences page. |
You may set your browser to refuse cookies or to alert you when cookies are being sent. If you do, some features of the Site may not function properly. You may also opt out of interest-based advertising through the Digital Advertising Alliance at optout.aboutads.info ↗ or the Network Advertising Initiative at optout.networkadvertising.org ↗.
California residents: The use of the Meta Pixel may constitute "sharing" of personal information for cross-context behavioral advertising purposes under the CPRA, even if no money changes hands. You have the right to opt out of this sharing. See Section 8 for how to exercise this right.
Third-Party Services
We use the following third-party services to operate the Site and fulfill orders. Each has its own privacy practices.
| Service | Role | Privacy policy |
|---|---|---|
| Shopify | E-commerce platform, payment processing, order management | shopify.com/legal/privacy |
| Google Analytics 4 | Site analytics | policies.google.com/privacy |
| Meta (Facebook/Instagram) | Advertising measurement (Meta Pixel) | facebook.com/privacy/policy |
| USPS / FedEx | Order shipping and delivery | Carriers' respective privacy policies |
| Yotpo | Product reviews and customer engagement | yotpo.com/privacy-policy |
We share only the minimum personal information necessary for each service provider to perform its function. We do not authorize service providers to use your personal information for their own marketing purposes.
Sharing of Information
We do not sell your personal information. We do not sell, rent, or trade your personal information to third parties for their own marketing or commercial purposes.
We may share your personal information in the following limited circumstances:
Service providers. We share information with the third-party services listed in Section 4 solely to enable them to provide their services to us.
Legal requirements. We may disclose personal information if required to do so by law, court order, or governmental authority, or if we believe in good faith that disclosure is necessary to protect our rights, your safety, or the safety of others.
Business transfers. In the event of a merger, acquisition, bankruptcy, or sale of all or substantially all of our assets, personal information may be transferred to the acquiring entity. We will notify affected users by email or prominent notice on the Site before any such transfer occurs.
With your consent. We may share your information for any other purpose with your explicit consent.
Data Retention
We retain personal information for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.
Order records are retained for a minimum of seven (7) years for tax and accounting purposes.
Account information is retained for as long as your account is active. You may request account deletion at any time by contacting us at hello@nestorganic.com. Note that certain information may be retained even after account deletion if required by law or for legitimate business purposes such as fraud prevention.
Marketing preferences and email history are retained until you opt out or request deletion. Suppression records (records of opt-outs) are kept indefinitely to ensure we do not re-subscribe you.
Analytics data is retained in accordance with Google Analytics 4's default data retention settings, currently 14 months for user and event data.
Data Security
We implement reasonable technical and organizational measures to protect your personal information against unauthorized access, disclosure, alteration, and destruction. The Site is hosted on Shopify, which maintains SOC 2 Type II certification and PCI DSS Level 1 compliance for payment data.
All transactions on the Site are transmitted using SSL/TLS encryption. We do not store full payment card numbers on our servers.
No method of transmission over the internet or method of electronic storage is completely secure. While we strive to use commercially reasonable means to protect your personal information, we cannot guarantee absolute security. In the event of a data breach that affects your personal information, we will notify you as required by applicable law.
California Privacy Rights (CCPA/CPRA)
If you are a California resident, the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA) provides you with the following rights regarding your personal information.
Right to Know
You have the right to request that we disclose what personal information we have collected about you, including the categories, sources, business purposes, and third parties with whom it has been shared.
Right to Delete
You have the right to request deletion of personal information we have collected from you, subject to certain exceptions (e.g., information needed to complete a transaction or comply with legal obligations).
Right to Correct
You have the right to request correction of inaccurate personal information we maintain about you.
Right to Opt Out of Sale / Sharing
We do not sell personal information. You have the right to opt out of the sharing of your personal information for cross-context behavioral advertising (e.g., Meta Pixel). Use the link on our Consent Preferences page to exercise this right.
Right to Limit Sensitive Information Use
You have the right to limit our use of sensitive personal information. We do not use sensitive personal information for purposes beyond those necessary to perform the services you request.
Right to Non-Discrimination
We will not discriminate against you for exercising any of these rights. We will not deny you goods, charge different prices, or provide a lesser level of service because you exercised a privacy right.
How to submit a request
To exercise any of these rights, click Do Not Sell or Share My Personal Information or contact us at hello@nestorganic.com with the subject line "California Privacy Request" and specify which right(s) you wish to exercise. We will respond within 45 days of receiving a verifiable consumer request, as required by law. We may extend this period by an additional 45 days where reasonably necessary, with prior notice.
We may need to verify your identity before processing your request. Verification may involve confirming information associated with your account or order history.
You may designate an authorized agent to make a request on your behalf. Authorized agent requests must be accompanied by written proof of authorization.
Do Not Sell or Share My Personal Information: We do not sell personal information. To opt out of sharing for cross-context behavioral advertising (Meta Pixel), visit our Consent Preferences page.
Children's Privacy (COPPA)
Important: Although Nest Organic products are designed for use on infants and young children, this Site is directed to and intended for use by adults only — specifically parents, caregivers, and healthcare practitioners.
The Site is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child under 13 has provided us with personal information, please contact us immediately at hello@nestorganic.com and we will take steps to delete that information promptly.
We comply with the Children's Online Privacy Protection Act (COPPA). No personal information about a child is collected through the Site. Information collected through purchase transactions reflects the adult purchaser, not the child using the products.
Third-Party Links
The Site may contain links to third-party websites, including research publications, social media platforms, and retail partners such as Target.com. These third-party sites have their own privacy policies and we are not responsible for their privacy practices. We encourage you to review the privacy policy of any site you visit through a link on our Site.
Links to peer-reviewed research publications (e.g., PubMed, PMC) are provided for informational purposes. Those sites are not affiliated with Nest Organic and we have no control over the information they collect.
Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, the services we offer, or applicable law. When we make material changes, we will update the "Last updated" date at the top of this page and, where required by law, provide notice by email or prominent notice on the Site.
Your continued use of the Site after any changes to this Privacy Policy constitutes your acceptance of the revised policy. We encourage you to review this page periodically.
Contact & Privacy Requests
For questions about this Privacy Policy, to exercise your privacy rights, or to make a data request, contact us at:
Nest Organic, Inc.
Attn: Privacy
3728 Cross Creek Rd
Malibu, CA 90265
hello@nestorganic.com
Please use the subject line "Privacy Request" for all privacy-related inquiries. We will respond within 45 days for California privacy rights requests, and within a reasonable time for all other inquiries.