1. ABOUT THIS PRIVACY POLICY
In Short: This Policy explains how we handle your Personal Information. It helps you understand what we do with it and your privacy rights.
Welcome! This Privacy Policy (“Policy”) explains how UAB BeWell EU, trading as Purisaki Berberine brand and other Household brands (“Company”, “we”, “us”, or “our”) handles your Personal Information (“Personal Information” or “Data”) when you:
Visita os nossos sites de vendas (“Site”);
Compra os nossos produtos ou serviços (“Produtos” ou “Serviços”);
Interações connosco de outra forma (apoio, redes sociais, concursos, programas de afiliados, etc.).
This Policy applies only if you are resident of United States and it outlines what Personal Information we collect, its purposes, how we use and share it, how long we retain it, your rights, and how we protect your Data. We are fully committed to process your Personal Information lawfully, fairly, and transparently in accordance with:
the California Consumer Privacy Act (CCPA/CPRA);
U.S. state privacy laws (e.g. VCDPA, CPA, CTDPA, UCPA);
If you do not agree with our practices, please refrain from using the Website, purchasing our Goods or Services or submitting your Data in any other way. This Policy is effective as of 19th of November 2025.. We may update this Policy occasionally all updates take effect upon publication, so we encourage you to review it regularly to stay informed.
2. WHO IS RESPONSIBLE FOR YOUR PERSONAL INFORMATION?
We are: UAB BeWell EU
Nosso número empresarial é: 305788600
A nossa morada registada: Gynėjų St. 4-333, LT-01109 Vilnius, Lithuania
O nosso endereço de e-mail de apoio: support@purisaki.com
We have appointed a Privacy Officer to oversee our Data protection obligations. You can contact the Privacy Officer directly at dpo@purisaki.com, or use any of the communication methods provided in Section 11 of this Policy.
3. CATEGORIES OF INFORMATION COLLECTED AND HOW IT IS USED
Em resumo: recolhemos principalmente apenas os Dados necessários para fornecer os nossos Produtos ou Serviços e operar o nosso Site. Esta secção explica porque é que os recolhemos e como os utilizamos.
We only collect the Data we truly need – and only use it for clear, lawful reasons. Below, you’ll find a detailed list of the categories of information we collect, how we use it, and how long we keep it. This section also serves as our Notice at Collection under the California Privacy Rights Act (CPRA) and Summary of Processing for the 12 Months Preceding.
We may collect or process the following categories of information, depending on how you interact with us. More detailed information provided in tables below:
1. IDENTIFIERS & COMMERCIAL DATA
2. PAYMENT & FINANCIAL DATA
3. MARKETING & PREFERENCE DATA
4. COMMUNICATION DATA
5. LEGAL CLAIMS DATA
6. INTERNET & NETWORK ACTIVITY DATA
7. VISUAL DATA
8. SENSITIVE PERSONAL INFORMATION (SPI)
9. CONTEST & PROMOTIONAL DATA
10. AFFILIATE & PARTNER DATA
11. SOCIAL MEDIA DATA
Here are also few important things for you to know:
Automated tools and AI: We may use AI or other fully or semi-automated technologies to support service delivery (e.g., chatbots, ChatGPT, Gemini, AI tools providers and etc.), but we do not use automated decision-making that produces legal or similarly significant effects on you. All AI-assisted or automated responses are reviewed by humans when decisions could impact your rights.
Cross-Context: We may combine information from different sources (e.g., your Website activity, purchase history, and customer-service interactions) to improve your experience and our service.
We may “sell” or “share” Data: Under California law, a “sale” includes making Personal Information available to a third party for any form of value, not only for money, and “sharing” refers to disclosing Personal Information for cross-context behavioral advertising. We do not sell Personal Information for monetary consideration, but in some cases we share limited data – such as internet or network activity and inferences – with advertising and analytics partners to measure performance and deliver relevant ads. You can opt out at any time through our “Your Privacy Choices” link, and where required by law, we honor browser- or device-based opt-out signals (e.g., Global Privacy Control).
Children’s data: Our Website and Services are not intended for minors. We do not knowingly collect, sell, or share Personal Information of individuals under the age established by law. If we become aware of such a collection, we will delete the information promptly.
4. PERSONAL INFORMATION COLLECTION SOURCES
In Short: We get your Data directly from you, through your use of our Website, or from trusted third parties, public sources, etc. This helps us operate our business and stay in touch with you.
We collect Personal Information from the following categories of sources:
Directly from you: When you place an order, contact us for support or inquiries, complete forms or surveys, participate in contests or promotional campaigns, communicate with us by email, phone, chat, or social media, or otherwise use our Services.
Automatically via technology: When you visit or interact with our Website or other online platforms, we automatically collect certain Data, including identifiers and information regarding your activity using cookies, pixels, SDKs, log files, and similar technologies. We use these tools to improve functionality, enhance your experience, analyze usage patterns, and secure our systems.
From third parties, vendors, and service providers: We collaborate with carefully selected partners (e.g., payment processors, shipping carriers, analytics and marketing platforms, and customer-support providers). They may share limited Personal Information with us when they collect them during service.
From our affiliate and referral partners: If you follow a referral link, use a partner discount code, we may receive information that might contain your Personal Information.
From other Intra-Group companies (if applicable): Where necessary for internal administrative, service provision, or business development purposes, we may receive your Data from other entities within our corporate group.
From publicly available sources (if applicable): Where appropriate and permitted by law, we may collect Personal Information from public registers (e.g. company registries, professional association websites), official government databases, or social media profiles (e.g. LinkedIn), particularly in the context of business-to-business (B2B) communication, professional outreach or due diligence.
Note! This Policy does not govern the privacy practices of unaffiliated third parties that operate independently, such as external social networks, advertising providers, or linked websites. We encourage you to review their privacy policies to understand how they process your information.
5. CATEGORIES OF INFORMATION DISCLOSED & SHARED WITH THIRD PARTIES
In Short: We share your Data but only when necessary and with strong safeguards – always ensuring your privacy is protected.
We share your Personal Information when necessary, and with your privacy in mind.
We may share limited Data with trusted third parties to provide our Services, meet legal obligations, or support business daily operations. Whenever we do, we ensure that your Data is protected and handled responsibly. We may share your Data with:
Service Providers, Contractors: We engage with various service providers to support our business functions (e.g. IT support, hosting, payments, shipping, analytics, customer service, marketing, auditing, legal services, etc.). These providers may access only the Data required to perform their duties and are contractually prohibited from using it for any other purpose.
Intra-Group Companies: We may share your Data with other entities within our corporate group for internal administrative purposes, centralized services, or to provide integrated services. All intra-group transfers are covered by internal data-protection agreements ensuring consistent safeguards across all locations.
Advertising/ Analytics Partners or Third Parties: We may share limited Data with platforms that deliver marketing campaigns and analytics. Under California law, this type of disclosure may be considered “sharing” for cross-context behavioral advertising. You can opt out at any time by using our link placed at the bottom of the Website footer “Your Privacy Choices”.
Public or governmental authorities: In certain circumstances, your Data may be shared with third parties such as public authorities, law enforcements, courts, insurers, fraud prevention services agencies, independent service providers etc.
Other corporates or auditors: In the context of a potential or actual merger, acquisition, asset sale, or restructuring, we may disclose limited Data to potential investors, buyers, or their auditors, and advisors.
Outros terceiros com o seu consentimento: quando legalmente exigido, apenas partilharemos os seus Dados com terceiros se nos tiver dado explicitamente o seu consentimento informado e de forma livre.
6. PERSONAL INFORMATION RETENTION PERIODS
In Short: We keep your Data only as long as needed for legal, contractual, or Services-related purposes – then we delete or anonymize it securely.
Conservamos os seus Dados apenas durante o tempo necessário para:
cumprir os fins para os quais foram recolhidos;
fornecer-lhe os nossos Produtos ou Serviços;
cumprir obrigações legais, regulamentares ou contratuais; ou
resolver litígios ou fazer cumprir os nossos acordos.
Os períodos de retenção detalhados para cada finalidade de processamento de dados estão definidos na Secção 3 desta política . Uma vez expirado o período de retenção aplicável, eliminaremos os seus Dados com segurança ou anonimizá-los-emos irreversivelmente dentro de um prazo razoável, de acordo com as melhores práticas do setor e requisitos legais.
7. SECURITY OF PERSONAL INFORMATION
Em resumo: utilizamos fortes medidas técnicas e organizacionais para manter os seus Dados seguros e trabalhamos continuamente para prevenir o acesso não autorizado e para proteger a sua privacidade.
We are committed to protecting your Data and take the security of your information seriously. We apply a combination of technical and organisational measures to prevent unauthorised access, accidental loss, misuse, alteration, or disclosure of Personal Information. These safeguards reflect the principles of privacy laws, including accountability, limiting collection, accuracy, openness, and safeguards:
Processing Personal Information fairly, lawfully, and transparently;
Limiting collection and retention to what is necessary;
Restricting access to authorized employees only;
Requiring service providers to meet strict security standards;
Providing regular privacy and security training to staff;
Conducting periodic internal and external audits;
Using encryption and other safeguards where sensitive information may be involved;
Performing regular Data backups and logging activity for security purposes;
Continuously monitoring our systems for threats and vulnerabilities;
Updating our processes as risks and technology evolve.
Note! Even with strong safeguards, no system or internet transmission is completely risk-free. To help protect yourself, use strong and unique passwords, keep them confidential, secure your devices, and be cautious with suspicious links. If a data breach occurs that poses a risk of significant harm, we will notify affected individuals and regulators as required by law.
8. INTERNATIONAL PERSONAL INFORMATION TRANSFERS
In Short: Sometimes we need to transfer your Personal Information outside your country or state, but only when necessary and always with strong legal safeguards to keep your Data protected.
Our Company works with partners and service providers around the world. This means your information may be transferred outside the United States – for example, to the EU, the UK, or other countries where our Intra-group companies or service providers are located.
Whenever we transfer Personal Information internationally, we apply appropriate contractual, organizational, and technical safeguards to ensure an equivalent level of protection consistent with the privacy laws of your jurisdiction. These safeguards may include:
Data-transfer agreements incorporating Standard Contractual Clauses (SCCs) or their local equivalents approved by regulators;
Intra-group data-protection agreements binding all affiliated entities to the same high standards of confidentiality and security;
Vendor due diligence to confirm that third-party processors maintain adequate security and privacy controls; and
Risk assessments and ongoing monitoring of cross-border data flows.
9. AUTOMATED DECISION MAKING AND ARTIFICIAL INTELLIGENCE
In Short: We use some AI and automated tools to support our Services, but we do not rely on them to make decisions that have legal or similarly significant effects on you.
We may use certain Artificial Intelligence (AI) – based tools and fully or semi-automated systems – for example, AI may help our customer service team by suggesting draft replies or transcribing a call to enhance the speed and accuracy of our services.
However, we do not engage in automated decision-making, including profiling, that produces legal, financial or similar effects concerning you. Specifically:
quaisquer recomendações, respostas ou informações geradas por ferramentas de IA são fornecidas apenas para fins informativos e estão sujeitas a revisão e validação por parte da nossa equipa humana;
não usamos algoritmos nem sistemas automatizados para tomar decisões sobre si que produzam efeitos legais (por exemplo, a negação de um serviço), sem envolvimento humano significativo;
You have the right to request human intervention and express your point of view if you believe any decision or response has been generated through automated means that significantly affects you, and to obtain an explanation and review of such a decision by a human member of our staff;
We try to be transparent and inform you when AI or automation was used to help deliver a service;
We never use your identifiable Personal Information to train AI models. If any Data is used for improvement, it is anonymized so it can no longer identify you;
We keep this information only as long as needed to deliver the service, protect it under strict contracts with our vendors, and prohibit those vendors from using identifiable data for their own model training.
10. YOUR RIGHTS OVER YOUR PERSONAL INFORMATION
In Short: You have rights over your Personal Information, including access, correction, deletion, objection, and more. This section explains what those rights are and how they work.
If we process your Data as set out in this Policy, or you believe we may be doing so, you have the following rights. These rights apply regardless of whether we process your Data as a client, supplier, contractor, or professional contact:
If you are a U.S. resident or our processing relates to U.S. individuals, your rights under State Privacy Laws (which may vary by state):
Right to know/access – Request information about the categories and specific pieces of Personal Information we have collected, used, disclosed, sold, or shared about you, and obtain a copy of that Data.
Right to deletion – to request the deletion of Personal Information we hold about you, subject to certain exceptions ((e.g., to complete a transaction, detect fraud, or comply with recordkeeping laws).
Right to correction – to request correction of inaccurate Personal Information.
Right to data portability – to request receive a copy of your Personal Information in a portable format.
Right to Opt-out of Sale or Sharing (California law and other states) – Opt-out of the “sale” or “sharing” of Personal Information, including use for cross-context behavioral advertising. We provide a link in footer “Your Privacy Choices” where you can easily execute your right.
Right to Limit the Use of Sensitive Personal Information (CPRA) – Request that we restrict the use and disclosure of your sensitive information (e.g., precise geolocation, health data, or financial details) beyond what is necessary to provide requested services.
Right to Opt-Out of Profiling (where applicable by state law) – Object to profiling that produces legal or similarly significant effects concerning you.
Right to Non-Discrimination – You should not receive any discriminatory treatment for exercising your privacy rights.
Right to Appeal (Virginia, Colorado, Connecticut) – If we deny your privacy rights request, you may appeal our decision by contacting us through the same request channel. If your appeal is denied, you may contact your state Attorney General.
Right to limit use of sensitive Personal Information (CPRA only) – to request restrictions on how we use sensitive information (e.g., precise geolocation, health data, financial data).
Right to non – discrimination – You will not be treated differently for exercising your privacy rights.
Right to appeal – You have the right to appeal if we deny your privacy rights request (as required by Virginia, Colorado, and Connecticut laws). If the appeal is denied, you may contact your state Attorney General.
Atenção: os seus direitos não são absolutos. Em alguns casos, o exercício dos seus direitos pode ser restringido pelas leis de proteção de dados aplicáveis — por exemplo, quando o cumprimento do seu pedido possa afetar adversamente os direitos e liberdades de terceiros ou quando formos legalmente obrigados a reter certos dados pessoais (por exemplo, para fins de conformidade, reivindicações legais ou fins regulamentares).
11. COMO PODE EXERCER OS SEUS DIREITOS OU CONTACTAR-NOS?
If you have any general questions about this Policy, how we process Data, complaint or if you wish to exercise any of your Data Subject rights, you can contact us by email at: dpo@purisaki.com or via post address: Gynėjų St. 4-333, LT-01109 Vilnius, Lithuania.
Para nos ajudar a processar o seu pedido de forma eficiente, pedimos que:
clearly express your question or complaint,
specify which right you wish to exercise (if applicable),
provide enough information to identify you (we may ask for proof of identity or proceed identity verification process), and
include any relevant details that will help us respond quickly.
You may also authorize someone to act on your behalf. If so, please ensure your authorized person provides us with written and signed permission confirming they are allowed to act for you. We may deny a request if sufficient proof of authorization is not provided.
We aim to respond without undue delay within 45 days of receiving your request. This time is extendable by an additional 45 days where reasonably necessary in which case, we will inform you in advance and explain the reason for the delay.
End Of Politics