Privacy Policy

1.    Nature’s Sunshine Company 

 Nature’s Sunshine Products, Inc. and its affiliates and subsidiaries (“NSP”, “we”, “us”, or “our”) are leading natural health and wellness companies, marketing and distributing nutritional and personal care products in more than 40 countries through (a) NSP websites; (b) NSP apps and tools; and (c) a network of independent Consultants, Affiliates, and Customers.  

2.    Information Collection  

We collect “Personal Data” from you based on how you interact with us. Personal Data is any information that relates either directly or indirectly to an identified living individual. In this Privacy Statement, Personal Data includes the terms personally identifiable information, personal information, or any other term used by applicable law. We have outlined the categories of Personal Data we collect in various instances below. If you wish to see how we use Personal Data, please refer to “How do we use Personal Data?”

If you are a citizen or resident of the European Economic Area (“EEA”), United Kingdom, or Switzerland, the definition of Personal Data is defined under the General Data Protection Regulation (“GDPR”) and you have certain rights; therefore, please see the section below entitled “GDPR”.

Personal Data does not include information publicly available from government records or information excluded by applicable law. Personal Data also does not include Personal Data that has been deidentified, pseudonymized, anonymized, aggregated, and/or otherwise processed so as to be unidentifiable in such a way that the data can no longer be attributed to a specific individual (by reasonable means) without the use of additional information, and where such additional information is kept separate and under adequate security to prevent unauthorized re-identification of a specific individual such that one could not, using reasonable efforts, link such information back to a specific individual (collectively, all of the foregoing in this sentence being referred to as “De-Identified Personal Data”). 

Categories of Personal Data Collected.  The Personal Data we collect includes:  

• Identifiers, including first and last name, username (which may include first and last name), email address, postal address, unique personal identifier, e.g. customer/account name or number, phone number, mobile ad identifiers.

• Demographic information, including birth date and national country of residence.

• Characteristics of protected classifications under other California or federal law, including age and sex.

• Commercial information, such as products and services purchased and donation history---

• Internet or other electronic network activity, such as type and manufacturer of device and its ID/UDID or similar device-specific code, Internet Protocol (IP) address, protocol, and/or sequence information, operating system and platform, browsing, session, interaction, and search history related to our Website, cookies, pixel tags, browser type, language, and version, screen resolution, material and pages viewed, time and date of access to the Website.

• Sensory information, such as voice recordings.

• Professional or employment information, such as email address.

• Inferences drawn from any of the above to create a profile of a consumer, such as a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

Behavioral Tracking.
We also may use technologies to collect information about your online activities over time and across third-party websites or other online services, or associate Personal Data with other information collected in this manner.

Keystroke and Cursor Tracking/Logging. 

We or our service providers may keep track of and/or collect the keystrokes, mouse clicks, and cursor movements of Website visitors from our Website (and before we have any email address or other information about you (other than IP address) which would specifically identify you), but, this information is anonymous and, at the time of collection, we do not directly associate or attempt to associate this information with you as an identifiable individual. If you sign up to receive our emails (e.g., through the popup box that appears) we then do have the ability going forward to associate the keystroke and cursor information with the email address you provide. We use this information solely for the purpose of improving our Website to improve our customers’ user experience (e.g., improving navigation, readability, etc.). The information we collect automatically is statistical data and may include Personal Data, and we may maintain it or associate it with Personal Data we collect in other ways or receive from third parties. It helps us to improve our Website and to deliver better and more personalized products and services, including, but not limited to, by enabling us to: estimate our audience/visitor size and usage patterns, store information about your preferences, allowing us to customize and improve our Website, speed up your searches, and/or, recognize you when you return to our Website.

3.   Cookie and Other Tracking Technologies - Notice and Policy

The technologies we use for automatic data collection may include cookies, local storage cookies, web beacons, tracking pixels, GIF, IP address, software development kits, and other technologies. These technologies help us to better understand user behavior including security and fraud prevention purposes, help us monitor which parts of our websites people have visited, and facilitate and measure the effectiveness of advertisements and web searches.

We may use the following types of cookies and tracking technologies in connection with our Website and Services: 

• Essential Cookies

• Communication Cookies

• Performance Cookies

• Third-Party Pixels and/or Web Beacons

• Software Development Kits

• IP Address Tracking
  

 Tracking Pixels.  We incorporate “pixels” and/or “web beacons” provided by one or more different companies, e.g., from Meta Platforms, Inc. (Facebook), X (formerly Twitter), Google, etc., on our Website. This enables us to track user behavior after a user clicks on an ad (e.g., one from Facebook) and is redirected to our website. By doing so, we can assess the effectiveness of the ads for statistical and market research purposes and sometimes retarget certain users. Please note that the data collected through this process remains anonymous to us, meaning we do not have access to personal data of individual users. However, that pixel provider stores and processes this data. Therefore, we are providing you with this information based on our current understanding. Please be aware that the pixel provider may associate this information with your account with that pixel provider and utilize it for its own promotional activities, in accordance with its data usage policy. You have the option to authorize the pixel provider and its partners to display advertisements on and off that company’s website pages. Additionally, a cookie may be stored on your computer for these purposes.

 Google Tools:  We may use a combination of the following, or other tools provided by Google:  

• Google Analytics

• Google AdSense Advertising

• Google DoubleClick for Publishers Cookie

• Google Maps/Earth

• Google Tag Manager

• Google reCAPTCHA

Users can set preferences for how Google advertises to you using the Google Ad Settings page. Alternatively, you can opt out by visiting the Network Advertising Initiative Opt Out page or by using the Google Analytics Opt Out Browser add-on.

Do Not Track Requests. Web browsers may allow you to send a “Do Not Track” request with your browsing traffic, which would enable anonymous browsing of the Website. We honor Do Not Track requests from web browsers. However, anonymous browsing may prevent us from providing you with full functionality of the Website.

Social Media Plug-Ins

We integrate social media application program interfaces or plug-ins (“Plug-ins”) from social networks, such as Facebook, Google+, LinkedIn, Xing, Twitter, Instagram, Tumblr, Pinterest and/or possibly other companies, into the Website. In order to register as a user with us, you may have the option to sign in using your Facebook or other social media site login.

For example, when you visit our Website, the plugin creates a direct connection between your browser and the Facebook server. This allows Facebook to receive information about your visit to our Website with your IP address. If you click the Facebook “Like” button while you are logged on to your Facebook account, you can link the contents of our Website to your Facebook profile. This allows Facebook to assign your visit to our Website to your user account. Please note that as provider of the Website, we receive no notification about the contents of the transmitted data or their use by Facebook. If you do not want Facebook to assign your visit to our Website to your Facebook user account, please log out of your Facebook user account.

If you do so, you authorize us to access certain social media site account information, such as your public social media profile (consistent with your privacy settings in the social media site), your email address, interests, likes, gender, birthday, education history, relationships, interests, current city, photos, personal description, friend list, and information about and photos of your social media site friends who might be common social media site friends with other users. Plug-ins may transfer information about you to the Plug-in’s respective platform without action by you. This information may include your platform user identification number, which website you are on, and more. Interacting with a Plug-in will transmit information directly to that Plug-in’s social network and that information may be visible by others on that platform. Plug-ins are controlled by the respective social media site’s Privacy Statement (available on their website), and not by our Privacy Statement.

Content Posting

You may submit information, such as comments, reviews, testimonials, etc., to be published or displayed (“posted”) on public areas of the Website or transmitted to other users of the Website or third parties (collectively, “Content”). Your Content is posted and transmitted to others at your own risk. We cannot control the actions of other users of the Website with whom you may choose to share your Content. Therefore, we cannot and do not guarantee that your Content will not be viewed by unauthorized persons. By posting any Content or submitting Content for posting you agree to and do hereby grant us and our licensors, affiliates, partners, successors and assigns, a nonexclusive, perpetual, irrevocable, worldwide, sublicensable, transferrable, royalty-free right and license to use, store, publicly display, perform, publish, transmit, transfer, distribute, translate, reproduce, rearrange, edit, redact, modify, aggregate, summarize, abstract, adapt, and create derivative works of the Content that you post or otherwise submit to us for any purpose, in any form, medium, or technology now known or later developed (“Right to Use”).

The Right to Use you grant us above also extends to any Content that you have posted on our Facebook or other social media account pages, or on other websites, e.g., Google, Yelp, Trip Advisor, Instagram, etc.

4.   Purposes for Collecting Personal Data

We may collect Personal Data for a number of reasons, including:

• To prepare and perform an agreement with you. This includes agreements such as a Membership Agreement or Affiliate Agreement, which may involve calculating your earnings or those of other NSP Consultants, Affiliates, or Customers, and maintaining such information on your membership genealogy; process an order; deliver/take-back products and manage warranties; or payment processing.

• To meet our legal obligations. This includes obligations such as tax and accounting or responding to request from public authorities.

• To fulfill our legitimate business purposes. This includes purposes such as providing our services; maintaining the security and integrity of our services; to improve the user/member experience of the Website; to enforce our terms of use, policies and procedures and other rights; or to provide you with information that you may request or opt to receive regarding our products and services.

• Because of your consent. You may consent to receive services or offerings; participate in events and challenges; have your information used in connection with marketing of our products and or services; the use of cookies as explained below. You may withdraw your consent as set out below, but you may not be able to the Website or our products or services if you do.

*You may have the right to oppose certain of these reasons under applicable law, but if so, you may not be able to experience the full functionality of the Website.

5.  Usage of Personal Data

If you provide us with Personal Data, we will use it to:

• Provide you with the services you have requested, to serve you with content, to analyze trends, and to enhance your overall experience while visiting the Website.

• To present to you our Website and contents and provide information and notices (e.g., updates) related thereto.

• To deliver, analyze, maintain and support our text message marketing program (the “Messaging Service”).

• To enhance the Messaging Service features and customize and personalize your experiences on the Messaging Service.

• To provide you with products, services, and information related thereto that you request from us and your related questions

• To provide customer service and support.

• To process transaction payments, refunds, and reimbursements for any products or services that you choose to purchase from us.

• To send you emails and newsletters with product, service, company, and other information and offers.

• To send electronic publications to online subscribers.

•  Product fulfillment, such as the use of addresses for shipping and credit card information for payment.

• To process any applications or changes to your account information and provide you with relevant notices, including expiration and renewal notices.

• To contact you about and to process discounts, offers, loyalty rewards, promotions, contests, sweepstakes, awards, and/or rebate requests, forms, and applications (including those of the foregoing in which you have participated) and coordinate with the manufacturer, retailer and/or wholesaler.

• To allow you to participate in interactive features on our Website.

• To ask for ratings and reviews and request your participation in surveys, polls, focus groups, product or service trials, or other initiatives which help us to gather information used to develop and enhance our products and services and to provide you with any prizes, Products or awards as applicable

• To enhance, improve, and personalize our products and services, for example, by performing internal research, analyzing user trends and measuring demographics and interests and for analyzing how the products and services are used, diagnosing service or technical problems, and maintaining security.

• To develop and train artificial intelligence (AI) and/or machine learning models, develop, provide, and personalize our Products and Services, and gain insights with the help of AI, automated systems, and inferences, so that our Products and Services can be more relevant and useful to you and others.

• To de-identify, aggregate, anonymize, etc., your Personal Data

• For internal purposes, such as Website, service, product, mobile app and system administration or internal audits and reviews, and use of identity-verification technologies.

• To our affiliates, subsidiaries, divisions, and/or our members of our family of companies.

• To comply with applicable law(s) (e.g., to comply with a search warrant, subpoena or court order) or to carry out professional ethics/conduct investigations.

• In any other way we may describe and for which we obtain your consent when you provide the information.

6.   Sharing Information with Third Parties

NSP may use internal and external service providers to operate the Website and perform other work on our behalf in the course of providing you with services you have requested such as developing the Website; fulfilling orders; delivering packages; administrative or accounting functions; and providing customer service. These service providers may have access to your Personal Data but are contractually bound to use your Personal Data only for the purpose of performing their duties. Even so, we remain responsible for your Personal Data and in cases of onward transfer to third parties of data of EEA data subjects received pursuant to the EU-U.S. Data Privacy, NSP is potentially liable. Some of these service providers may be established in countries that offer less privacy protection than your country of residence.

You may place an order through your Consultant, Affiliate/Customer, or directly with NSP and NSP will share your information with your upline Consultant or Affiliate/Customer in order to process your order. Each customer may choose how to place an order and how to be contacted when placing an order. A Consultant, Affiliate, or Customer who introduces a new Consultant, Affiliate, or Customer to the NSP business is known as a Sponsor and Sponsors may build their own independent sales organizations. To assist with their businesses, NSP provides Sponsors with organizational reports that contain their Consultant, Affiliate, and Customer Personal Data and business data, including, but not limited to, name, address, NSP identification number, telephone number, email address, fax number, level or rank within the NSP Consultant Business Model or Affiliate/Customer Sharing Plan, and volume and sales statistics. 

NSP may share your Personal Data (i) in response to lawful requests by public authorities, including to meet national security or law enforcement requirements, (ii) in response to lawful requests by private parties, in connection with a lawsuit, subpoena, investigation or similar proceeding, (iii) to respond to a matter of personal or public safety, (iv) to investigate security incidents, and (v) to protect our interests, rights and property. 

Your Consent to Disclosure/Transfer/Assignment of Your Personal Data. You consent to (and shall not object to) our disclosure, transfer, assignment, and/or sale of your Personal Data, De-Identified Personal Data, and other information you provide to us, as well as the rights you have granted or consented to in this Privacy Statement  (collectively, “Transferred Information”) to a potential or actual buyer or acquirer of assets or equity of our company or other successor for the purpose of considering or undergoing a merger, divestiture, restructuring, reorganization, dissolution, change in control, or sale or transfer of some or all of our assets (each of the foregoing referred to as a “Transfer”), whether as a going concern or as part of bankruptcy, liquidation or other court proceeding, in which Personal Data held by us is among the assets transferred. We cannot make any representations regarding the use or transfer of Transferred Information that we may have in the event of our bankruptcy, reorganization, insolvency, receivership, or an assignment for the benefit of creditors. Furthermore, except as required by law, we are not and will not be responsible for any breach of security by any third parties or for any actions of any third parties that receive any of the Transferred Information that is disclosed to us.

7.    Security of Information  

NSP takes administrative, technical and physical measures to help ensure that your Personal Data remains accurate, timely and secure. However, no data transmission over the Internet, or through an electronic database, is guaranteed to be 100% secure.

8.    NSP’s Use of Personal Data  

In general, our retention of Personal Data is reasonably necessary and proportionate to achieve the purposes for which the Personal Data was collected or processed, or for another disclosed purpose that is compatible with the context in which the Personal Data was collected, and not further processed in a manner that is incompatible with those purposes. The time period for which we retain your Personal Data depend on the purposes for which we use it. We will retain your Personal Data for as long as your account is active, or as long as you are a registered subscriber or member or account holder or user of our services or for as long as we have another business purpose to do so (such as, but not limited to, for business, tax, or legal purposes) and, thereafter, for no longer than is required or permitted by law, or our records retention policy, reasonably necessary for internal reporting and reconciliation purposes, or to provide you with feedback or information you might request. This period of retention is subject to our review and alteration. We will also retain Usage Data for analytics purposes. “Usage Data” refers to data collected automatically, either generated by the use of the service or from the service infrastructure itself (for example, the duration of a page visit). Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our service, or we are legally obligated to retain this data for longer time periods.

You can delete your account or request that we delete your account by contacting us.

We retain your information after you request such deletion for longer periods for specific purposes to the extent that we are obliged to do so in accordance with applicable laws and regulations and/or as necessary to protect our legal rights or for certain business requirements. We may retain De-Identified Personal Data for as long as we deem appropriate. For example, if we process your payments, we will retain this data for longer periods of time as required for legal, regulatory, tax, or accounting purposes. Additional examples of specific reasons we would retain some Personal Data for longer periods of time include:

• Our contractual and business relationships with you.

• Security, fraud and abuse prevention – i.e., to protect you, other people, and us from fraud, abuse, and unauthorized access.

• Financial recordkeeping – when you make a payment to us we are often required to retain this information for long period of time for purposes of accounting, dispute investigation and resolution, and compliance with tax, anti-money laundering, and other financial regulations.

• Complying with legal or regulatory requirements – to meet any applicable law, regulation, legal process, or enforceable governmental request, as required to enforce our terms of service, including investigation of potential violations.

• Direct communications with us – if you have directly communicated with us, through a customer support channel, feedback form, or a bug report, we may retain reasonable records of those communications.

Even if you delete your account, keep in mind that the deletion by our service providers may not be immediate and that the deleted information may persist in backup copies for a reasonable period of time. We may retain De-Identified Personal Data for as long as we deem appropriate.

9.   Children

The Website is a general audience website and is not designed or targeted at children. NSP does not knowingly collect, use or disseminate any Personal Data from children under the age of 18. If you believe we may have collected information from your child on the Website, please contact us and we will make reasonable efforts to delete the information from our records.

10.   Third-Party Links

The Website may contain links to websites operated and maintained by third parties over which we have absolutely no control. Any information you provide to third party websites will be governed under the terms of each websites’ Privacy Statement and we encourage you to investigate and ask questions before disclosing any information to the operators of third-party websites. We have no responsibility or liability whatsoever for the content, actions or policies of third-party websites. The inclusion of third-party websites on our Website in no way constitutes an endorsement of such websites’ content, actions or policies.

11.    state privacy rights

Certain states in the U.S., including California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Montana, Oregon, Tennessee, Texas, Utah, and Virginia (as of the effective date of this Privacy Statement) provide (now or in the future) their state residents with rights related to their Personal Data. Although some of these rights apply generally, certain rights will only apply to limited individuals or circumstances. To the extent that these laws apply, you may exercise the following rights: 

• Right to Know and Access Information - Note that much of the information you are entitled to know or access is disclosed in this Privacy Statement. With this said, you have the right to know about our information practices. You also have the right to access the categories of data we collect, with whom we share or sell that information, and, in some cases, what specific Personal Data we associate with you or your account.

• Right to Data Portability - If you request a copy of your specific information then we will provide it in an easily accessible format.

• Right to Deletion - You may request that we delete the information we have collected about you. Depending on the applicable law, in some cases we are required or permitted to retain your information, even if you validly requested we delete or erase it. Upon receipt of a verifiable request to delete, NSP will delete Personal Data from our records and notify our service providers to delete the same Personal Data from their records. Please note, NSP may delete some information and deidentify some information. In cases where NSP deidentifies information, NSP implements technical safeguards and business processes as outlined in “Security of Information”. NSP may not be able to comply with a deletion request if it is necessary for NSP to keep information in order to, among other things, provide goods or services requested, maintain an ongoing business relationship, comply with legal obligations, protect against fraudulent or illegal activity, or perform other necessary activities as permitted under applicable law.

• Right to Correct Information - You may request we correct or rectify inaccurate information we have collected about you.

• Right to Opt out of Targeting Advertising, Sales, or Profiling - You may opt-out of our use of your Personal Data for targeted advertising, sales, or profiling in furtherance of decisions that produce legal or similarly significant effects.

We have not sold or shared (as those terms are defined under CPRA) your Personal Data for monetary or other valuable consideration; however, our use of cookies and other website tracking technologies may be considered a sale or sharing of Personal Information under the CPRA, in which case the categories of Personal Information that we have sold or shared under the CPRA include identifiers (e.g., IP addresses) and internet or other similar network activity. Categories of third parties to whom Personal Information is sold or shared under the CPRA include data analytics providers and advertising and marketing providers.

How to Exercise Rights under State Privacy Laws  

U.S. residents wishing to exercise any rights under this section should submit a request to NSP by:

• Emailing us at privacy@natr.com

• Calling us at: (800) 223-8225

• Writing to us at: Nature’s Sunshine Products, Inc.
  Attn: Legal Department, Privacy
  2901 W. Bluegrass Blvd., 100
  Lehi, Utah 84043

We will use the information above, and any information it already maintains to verify identity to make sure we do not provide or delete Personal Data in response to a fraudulent request. NSP may request additional information to help identify an individual or verify that you want your information deleted. If NSP is unable to confirm that the individual making the request is the same person about whom we have collected Personal Data, we will not be able to complete the request.

We will attempt to provide the requested information or confirm completion of a request to delete Personal Data within the time period required by law. NSP will notify you within that time period if we will need additional time to process your request.

We do not charge a fee to process or respond to your request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

If we deny your rights request, you may have the right to request an appeal of our decision. To initiate an appeal, follow the instructions provided in the communication denying your request, or contact us at the information provided in this Privacy Statement.

You have the right to not experience discrimination from us for exercising the rights listed in this Section. What we mean by discrimination is denying you access to our services or limiting the quality of our services. However, limiting use of, or deleting, your Personal Data may restrict the purposes or uses that rely on that information.  

12.  Messaging Services

Our Messaging Services may include sending you Short Message Service (“SMS”) messages as described in this section, to which you hereby consent. Message frequency may vary. Additionally, we may also contact you by SMS messages with billing and payment reminders,  surveys, informational and service-related communications, including important security updates, about your purchases, returns (if available), Website updates, conduct surveys, or informational and service-related communications, including important security updates as well as for marketing and awareness purposes (e.g., reminders to get your flu shot annually). Consent to receive automated marketing text messages is not a condition of any purchase. You can opt-out of receiving further commercial text messages via the Messaging Service by responding to any of our text messages with any of the following replies: STOP, END, CANCEL, UNSUBSCRIBE, or QUIT. After this, you will no longer receive SMS messages from us. If you want to join again, just sign up as you did the first time and we will start sending SMS messages to you again. Messaging and data rates may apply, depending on your cell phone plan. Carriers are not liable for delayed or undelivered messages.

The following provisions in this Section 13 apply only if you are a citizen or resident of the UK, EEA, or Switzerland (collectively referred to in this section for convenience as the “EU Region”). For such citizens or residents, all processing of your Personal Data is performed in accordance with privacy rights and regulations, in particular, (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, known as the General Data Protection Regulation (“GDPR”, and which includes the UK’s and Switzerland’s similar laws), and our processing will take place in accordance with the GDPR. For purposes of the GDPR, we will be the “data controller” of Personal Data (defined in the GDPR (available here) as “Personal Data”, but still referred to herein as Personal Data) we collect through the Website, unless we collect such information on behalf of a “data controller” in which case we will be a “data processor.”

Our Legal Basis for Processing Personal Data (UK, EEA, and Swiss Visitors Only)

If you are a visitor using our Website from the UK, EEA, or Switzerland, our legal basis for collecting and using the Personal Data described above will depend on the Personal Data concerned and the specific context in which we collect it. However, we will normally collect Personal Data from you only where we need the Personal Data to provide products and services for you for which you have contracted with us, or where the processing is in our legitimate interests or rely upon your consent where we are legally required to do so and not overridden by your data protection interests or fundamental rights and freedoms. In some cases, we also may have a legal obligation to collect Personal Data from you or may otherwise need the Personal Data to protect your vital interests or those of another person.

The collection and processing of your Personal Data may be necessary for the purposes of our legitimate interests. Such legitimate interest purposes may include:

• fraud prevention.

• ensuring network and information security.

• indicating possible criminal acts or threats to public security, including enhancing protection of our community against spam, harassment, intellectual property infringement, crime, and security risks of all kind, and enforcing legal claims, including investigation of potential violations of our Terms of Use.

• when we are complying with legal obligations

• performing the function or service you requested of us.

• providing our services and their functionality to you where such processing is necessary for the purposes of the legitimate interests pursued by us or by our service providers related to the services.

• direct marketing

• the relevant and appropriate relationship we have with you.

• analytics, e.g., assess the number of visitors, page views, use of the Website, etc., in order to understand how our Website, products, and services are being used, to optimize the Website and/or future communications, and to develop new services and Website features

• updating your information and preferences

• offering and improving our Website, products, mobile app, and services.

Your Data Rights Under GDPR

If you are subject to GDPR, your rights include the following:

• The right to access - Upon request, we will confirm any processing of your Personal Data and, provide you with a copy of that Personal Data in an acceptable machine-readable format.

• The right to rectification - You have the right to have us correct any inaccurate Personal Data or to have us complete any incomplete Personal Data

• The right to erasure - You may ask us to delete or remove your Personal Data and we will do so in some circumstances, such as where we no longer need it (we may not delete your data when other interests outweigh your right to deletion).

• The right to restrict processing - You have the right to ask us to suppress the processing of your Personal Data but we may still store your Personal Data. See below for more information.

• The right to object to processing - You have the right to object to your Personal Data used in the following manners: (a) processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling); (b) direct marketing (including profiling); and, (c) processing for purposes of scientific/historical research and statistics. See below for more information.

• The right to data portability - You have the right to obtain your Personal Data from us that you consented to give us or that is necessary to perform fulfillment of member benefits with you. We will give you your Personal Data in a structured, commonly used and machine-readable format.

• Rights regarding automated decision making - You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, except for the exceptions applicable under relevant data protection laws.

• The right to complain to a supervisory authority - You have the right to file a complaint with a supervisory authority, in particular in the European member state of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of Personal Data relating to you infringes upon your rights.

• The right to withdraw consent - If we are processing your Personal Data based on your consent to do so, you may withdraw that consent at any time.

EU Personal Data Transfers with Standard Contractual Clauses.  We recognize that the European Union and its member states have a data protection regime that generally restricts the transfer of Personal Data about individuals located in the EU to recipients located outside of the European Economic Area (“EEA”). We inform you that your Personal Data might be transferred to other entities inside our group outside your country of residence, and particularly to the US. These data transfers were done in the past according to the EU-U.S. Data Privacy Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personally identifiable information from the EEA. Now these data transfers are done in compliance with our Standard Contractual Clauses, according to the European Commission Decision C(2004)5721 and the rest of the regulations applicable in order to guarantee that your Personal Data are duly protected.

14.  Questions and ISSUES

NSP takes your privacy seriously. If you believe we have not complied with this Privacy Statement, please contact us so we can investigate.

Direct inquiries or concerns about our Privacy Policy to:
Nature’s Sunshine Products, Inc.
Legal Department, Privacy
2901 W. Bluegrass Blvd., 100
Lehi, Utah 84043
(801) 341-7800
privacy@natr.com

Please summarize the nature of your question in the subject line of any email you send. Thank you for reviewing our Privacy Policy.

Effective Date: June 18, 2025