iHerb, LLC. and its subsidiaries, including iHerb Netherlands B.V. (collectively, “iHerb”), respect your
information we collect about individuals through our website and mobile apps
(collectively, the “Services”), how we may use the information, with whom we
may share it, and the choices available regarding our use of the information.
personal information, how long we retain it and how individuals can contact us
about our privacy practices and to exercise their rights.
Click on one of the links below to jump to the listed section:
In connection with your use of the Services, you may provide personal
information to us in various ways. The types of personal information we obtain
contact information (such as name, email address, shipping address and instructions, postal
code, telephone number, and personal ID);
login credentials to create an account on the Services (such as email
address and password);
information contained on your social media public profile, to the extent you
decide to create an account on the Services using your social media account;
information you choose to submit on your personalized public profile “My
Page”, including web address name, user name, photograph, links to your
social media accounts and any other information you choose to submit on the
“Page Description” section of your “My Page”;
user generated content related to product reviews, comments, questions and
payment information, such as name, billing address, account number, and
payment card details (including card number, expiration date and security
code) for payments processed by us. To the extent any payments are processed
by any other third parties such as PayPal or Apple Pay, then the privacy
policies of those parties shall govern such information;
bank account and tax information related to any company programs that may
offer customer payouts (such as Rewards program);
order history, including information about products purchased or viewed on
details you provide through contests, sweepstakes and surveys;
social media information, such as social media handles, content and other
data shared with us through third-party features that you use on our
Services (such as apps, tools, payment services, widgets and plugins offered
by social media services like Facebook, Google , Instagram, LinkedIn,
Pinterest, Twitter and YouTube) or posted on social media pages (such as our
social media pages or other pages accessible to us);
other personal information contained in content you submit on the Services,
such as through our “Contact Us” feature or other customer support tools;
Country/region and language preference based on mobile device settings
IP address, device, operating system, and browser information that we
You are not required to provide this information but, if you choose not to do
so, we may not be able to offer you certain Services and related features.
Purpose Of Use Of The Information Collected
We will use the information we obtain through the Services as needed to
fulfill our contractual obligation to provide you with the products and
services you request and to deliver products ordered (including, but not limited
to, transportation and customs clearance through related third party service
We also will use the information we obtain through the Services if we have a
legitimate interest to do so, including to support the following functions and
establishing and managing your account;
communicating with you about your account or transactions and sending you
information about features and enhancements;
processing claims in connection with our products and services, and keeping
you informed about the status of your order;
managing our Rewards and loyalty programs;
posting your product reviews and managing our Reviews program;
improving and customizing your experience with the Services, including
providing recommendations based on your preferences;
identifying and authenticating you so you may use the Services;
marketing our products to you and providing you with promotions, including
special deals, coupons, discounts and chances to win contests;
communicating with you about, and administering your participation in,
contests, sweepstakes or surveys;
responding to your requests and inquiries and providing customer support, such as through our chatbot or other customer support tools;
operating, evaluating and improving our business (including developing new
services; enhancing and improving our Services; managing our communications;
analyzing our user base and Services; performing data analytics and market
research; and performing accounting, auditing and other internal functions);
protecting against, identifying and preventing fraud and other criminal
activity, claims and other liabilities;
communicating with you about changes to our policies.
In addition, we will use your contact information to send you Health
Newsletters, emails, SMS, push notifications and in-app notifications about our
products, services, sales and special offers if you sign up to receive them
and have not opted out.
We may combine information we obtain about you through our websites with the
information obtained through our apps for the purposes described above. We
also may use the information we obtain in other ways for which we provide
specific notice at the time of collection or otherwise with your consent.
Automated Collection Of Data
When you use our Services or open our emails, we may obtain certain
device identifiers, server logs and other technologies. The
information we obtain in this manner may include your device IP address,
domain name, identifiers associated with your devices, device and operating
system type and characteristics, web browser characteristics, language
preferences, clickstream data, your interactions with our Services (such as
the web pages you visit, links you click and features you use), the pages that
led or referred you to our Services, dates and times of access to our
Services, and other information about your use of our Services. We also may
receive your device’s geolocation and other information related to your
location through GPS, Bluetooth, WiFi signals and other technologies for
certain purposes listed above, such as to provide you with our Services. Your
device may provide you with a notification when the Services attempt to
collect your precise geolocation.
A “cookie” is a text file that websites send to a visitor’s computer or other
Internet-connected device to uniquely identify the visitor’s browser or to
store information or settings in the browser. Cookies may be set either directly by the website a user is visiting (“first-party cookies”), or by a domain other than the website the user is visiting (“third-party cookies”). A “Flash cookie,” also known as
a local shared object, functions like a web cookie to personalize a user’s
experience on sites that use Adobe Flash Player. A “web beacon,” also known as
an Internet tag, pixel tag or clear GIF, links web pages to web servers and
their cookies and may be used to transmit information collected through
cookies back to a web server. We and our third-party service providers may use
beacons in emails to help us track response rates, identify when our emails
are accessed or forwarded, and for other purposes listed above.
The following types of cookies and similar technologies are used on the
We use necessary cookies to help enable the Services to function, including
to (1) identify you once you have logged in to your account, (2)
keep track of preferences you specify while you use the Services, and (3) manage the security of the Services.
Through our Services, we may obtain personal information about your online activities over time and across third-party apps, websites, devices and other online services. On our Services, we use third-party online analytics services, such as those of Google Analytics. The service providers that administer these analytics services use automated technologies to collect data (such as email address, IP addresses, cookies and other device identifiers) to evaluate, for example, use of our Services and to diagnose technical issues. To learn more about Google Analytics, please visit www.google.com/analytics/learn/privacy.html, and to opt out of being tracked by Google Analytics across all websites, please visit: http://tools.google.com/dlpage/gaoptout.
Personalized Advertising Cookies
Through our Services, both we and certain third parties may collect
information about your online activities to provide you with advertising about
products and services tailored to your individual interests. You may see our
ads on other websites or mobile apps because we participate in advertising
networks. Ad networks allow us to target our messaging to users considering
demographic data, users’ inferred interests and browsing context. These
networks track users’ online activities over time by collecting information
through automated means, including through the use of browser cookies, web
beacons, device identifiers, server logs, web beacons and other similar
technologies. The networks use this information to show ads that may be
tailored to individuals’ interests, to track users’ browsers or devices across
multiple websites and apps, and to build a profile of users’ online browsing
and app usage activities. The information our ad networks may collect includes
data about users’ visits to websites and apps that participate in the relevant
ad networks, such as the pages or ads viewed and the actions taken on the
websites or apps. This data collection takes place both on our Services and on
third-party websites and apps that participate in the ad networks. This
process also helps us track the effectiveness of our marketing efforts.
How to Change Your Cookie Settings
To the extent required by applicable law, we will obtain your consent before placing non-essential cookies or similar technologies on your device, and keep your choice for a period of six (6) months. If you are located in the European Economic Area (“EEA”) or the United Kingdom (“UK”), Russia or Kazakhstan, you can change your cookie preferences at any time by clicking on the “Cookie Preferences” icon at the bottom of each page of our Services.
You also can stop certain types of cookies from being downloaded on your device by selecting the appropriate settings on your web browser. Most web browsers will tell you how to stop accepting new browser cookies, how to be notified when you receive a new browser cookie and how to disable existing cookies. The following external links will explain how to manage cookies for the most common browsers:
To find out how to manage cookies for other browsers, please click “help” on your browser’s menu or visit www.allaboutcookies.org. [Flash cookies typically cannot be controlled, deleted or disabled through your browser settings and instead must be managed through your Adobe Flash Player settings. To manage Flash cookies, which we may use on our website from time to time, you can go to the Adobe Flash Player Support page available here. In addition, your mobile device settings may allow you to prohibit mobile app platforms (such as Apple and Google) from sharing certain information obtained by automated means with app developers and operators such as us. Our Services are not designed to respond to “do not track” signals received from browsers. Please note that without cookies or other automated tools we use to collect this type of data, you may not be able to use all the features of our Services.
Our Services also use a chatbot to provide automated customer assistance. A chatbot is a computer program that communicates with you, using text on a digital message interface and artificial intelligence. Put simply, if you ask a question through our chatbot, the chatbot will reply to you in human-ish behavior. Our chatbot is supported by Ada Support, a third-party chatbot service provider located in Canada, who performs services on our behalf (“Ada”). Ada uses an automated decision making process, when deciding on the correct answer to serve based on your question, and will receive message logs and usernames when you interact with the chatbot. Message logs contain information such as details of your account with us, including your username, e-mail address, phone number and address, as well as any other content you choose to submit when you make a customer support inquiry through the chatbot. Ada will retain the content of those messages, together with responses to those messages and any outcome from those messages. This information will be retained for twelve (12) months and will be used only to provide customer support and improve the quality of the chatbot services. If you are located in the EEA, UK or Switzerland, the above information will be transferred to Ada in Canada - a country which has been recognized by the European Commission, UK and Swiss Administration as providing an adequate level of data protection.
We do not disclose personal information we obtain about you, except as
our (1) subsidiaries and affiliates, and (2) third-party service providers who
perform services on our behalf (such as payment processing and authorization,
order fulfillment, transportation, customs clearance, marketing, data
analytics, customer support and fraud prevention) for the purposes described
disclose the information except as necessary to perform services on our behalf
or comply with legal requirements.
We also may disclose information about you: (1) if we are required to do so by
law or legal process (such as a court order or subpoena); (2) in response to
requests by government agencies, such as law enforcement authorities; (3) to
establish, exercise or defend our legal rights; (4) when we believe disclosure
is necessary or appropriate to prevent physical or other harm or financial
loss; (5) in connection with an investigation of suspected or actual illegal
activity; (6) in the event we sell or transfer all or a portion of our
business or assets (including in the event of a reorganization, dissolution or
liquidation); or (7) otherwise with your consent.
We may transfer the personal information we collect about you to recipients in
countries other than the country in which the information originally was
collected. Those countries may not have the same data protection laws as the
country in which you initially provided the information. When we transfer your
information to recipients in other countries (such as the U.S.), we will
with applicable legal requirements providing adequate protection for the
transfer of personal information to recipients in countries other than the one
in which you provided the information, including by selecting service providers that are located in a country recognized by the European Commission as providing an adequate level of data protection or by implementing appropriate safeguards based on the European Commission’s Standard Contractual Clauses, where applicable. Subject to applicable law, you may obtain a copy of these safeguards by contacting us as indicated in the How to Contact Us section below.
iHerb, LLC. is
certified under the EU-U.S. and Swiss-U.S. Privacy Shield frameworks developed
by the U.S. Department of Commerce, and the European Commission and Swiss
Federal Data Protection and Information Commissioner, respectively. Click here
Entrustment of Personal Information
We may use third-party service providers when we use your personal information. The personal information may be shared with such third-party service providers.
You can see the list of the service providers and services to be performed by each such service providers here.
Name of service provider
The service provided
Global online payment services
Paid marketing agency
CJ Korea Express
eBay Korea, LLC.
Ecommerce marketplace, affiliate marketing
Paid social media
Digital analytics tool
KCP Co, Ltd.
Online payment services
Platform & related services for marketing automation & personalization
Lotte Global Logistics
Online payment services
Online payment services
Ecommerce marketplace, affiliate marketing
SADA Systems, Inc.
Cloud solutions provider
Rules engine, fraud risk
Customer Service Software
Your Rights And Choices
We offer you certain choices in connection with the personal information we
obtain about you. For example, if you have created an account with us, you can
change your communication preferences by logging into your account and
clicking on “Communication Preferences”. To the extent provided by applicable
law, you also can object to the use of your personal information for direct
marketing purposes and unsubscribe from our marketing mailing lists by
following the “Unsubscribe” link in our emails, texting STOP to the short code number from which our SMS are being sent or contacting us as specified
in the How to Contact Us section below. We will apply
your preferences going forward.
To the extent provided by applicable law, you may: (1) request access to the
personal information we maintain about you; (2) request that we update,
correct, amend, or erase your information; or (3) request the restriction of
our use of your personal information, by contacting us as specified in the
How to Contact Us section below.
To the extent provided by applicable law, you
also may object to the use of your personal information in certain situations
in which we use that information based on our legitimate interests, as
described above. In addition, to the extent provided by applicable law, you
may receive, in a structured, commonly used and machine-readable format, your
personal information you have provided to us based on your consent or a
contract to which you are party. You have the right to have this information
transmitted to another company, where it is technically feasible. To exercise
these rights, please contact us as specified in the
How to Contact Us section below.
Depending on your location, you may have the right to file a complaint with a
privacy regulator if you are not satisfied with our response.
If you are a California consumer, for more information about your privacy
Consumer Privacy Statement.”
Other Online Services And Third-Party Features
Our Services may provide links to other online services and websites for your
convenience and information, and may include third-party features such as
apps, tools, widgets and plug-ins (e.g., Facebook, Google , Instagram,
LinkedIn, Pinterest, Twitter, and YouTube). These services, websites, and
third-party features may operate independently from us. The privacy practices
of these third parties, including details on the information they may collect
about you, are subject to the privacy statements of these parties, which we
strongly suggest you review. To the extent any linked online services or
third-party features are not owned or controlled by us, iHerb is not
responsible for these third parties’ information practices.
Retention Of Personal Information
We will retain your personal information until the purposes of the collection is achieved, subject to the following:
The following information will be destroyed after being kept for a maximum of one (1) year from the date of the user’s withdrawal from the Service:
Account ID and email address.
Records of improper account usage
Other personal information that will be retained for the period stipulated under the relevant laws and regulations as follows:
Records to be Retained
Records of contract or withdrawal of subscription
Act on the Consumer Protection in Electronic Commerce, etc.
Records of payment and supply of goods
Records of consumer complaints and the settlement of dispute
Records of consumer complaints and the settlement of dispute
Books and supporting documents for all transactions specified by the Tax Act
Framework Act on National Taxes
Records of electronic financial transactions
Electronic Financial Transactions Act
Records of visits to service provider’s online site
Protection of Communications Secrets Act
We separately store or delete the personal information of the members who have not used our service for a period of one year.
How We Protect Personal Information
We maintain administrative, technical and physical safeguards designed to
protect personal information we obtain through the Services against
accidental, unlawful or unauthorized destruction, loss, alteration, access,
disclosure or use.
Children’s Personal Information
The Services are designed for a general audience and are not directed to
children under the age of 16. iHerb does not knowingly collect or solicit
personal information from children under the age of 16 through the Services.
If we learn that we have collected personal information from a child under the
age of 16, we will promptly delete that information from our records. If you
believe that a child under the age of 16 may have provided us with personal
information, please contact us as specified in the
you to reflect changes in our personal information practices. We will indicate
How To Contact Us
If you would like to exercise your privacy rights, please contact us by using
this form that will appear once you log in to your account.
You can also Email Us or write us, using the contact details below if you wish to
iHerb, LLC.Attn: Legal Department301 North Lake Avenue, Suite 600Pasadena, CA 91101, United States
For users in South Korea: iHerb’s Korean Domestic Representative is Bae, Kim & Lee LLC, Representative Attorney Yangho Oh, Centropolis B, 26 Ujeongguk-ro, Jongno-gu, Seoul, Korea 03161. Telephone: 02-3404-0107 Email: [email protected] If you would like to exercise your privacy rights, please contact us by using this form that will appear once you log in to your account.
Subject to applicable law, data requests submitted by email or sent via postal
mail may require that you provide additional documentation necessary to
confirm your identity.
If you prefer not to provide additional documentation along with your request,
we recommend you utilize the above form as it will automatically validate your