PRIVACY AND COOKIES POLICY
Your privacy, our responsibility
How we collect, protect, and use your data—transparently and with care.
Effective Date: May 2025
Last Update: May 2025
Weller Corporation (“Weller & Co.”, “we”, “us”, or “our”) is committed to protecting your privacy and the trust you place in us.
This Privacy and Cookies Policy ("Policy") is designed to help you understand what personal data we collect, why we collect it, how we use it, and how we protect it across our websites and digital services.
It also explains our use of cookies and similar tracking technologies to enhance your experience and improve our products and services.
Like many companies, we use technologies to collect information that helps us operate efficiently and deliver a more personalized experience.
The cookies we use help our website function properly and provide insights into what content is most useful to our visitors.
Please take a few moments to review this Policy.
If you have any questions, feel free to reach out to us via our contact form or by emailing info@wellercorporation.com.
If you're unfamiliar with terms such as “cookies,” “IP addresses,” or “browsers,” please refer to the Key Definitions section.
To assist you in understanding this Privacy and Cookies Policy, we have defined key terms commonly used in our privacy practices:
Anonymisation: Permanently removing personal identifiers from data so that individuals cannot be identified.
Behavioural Advertising: Tracking users' online activities to deliver targeted ads.
Binding Corporate Rules (BCRs): Internal rules that govern cross-border data transfers within multinational companies.
Biometric Data: Data derived from physical, physiological, or behavioral characteristics (e.g. fingerprints, facial images).California Consumer Privacy Act (CCPA) / California Privacy Rights Act (CPRA): California state laws that provide residents with specific rights over their personal data, including the right to know, delete, opt out of sale or sharing, and limit the use of sensitive personal information. The CPRA expands upon the CCPA by adding further consumer protections and establishing the California Privacy Protection Agency (CPPA).
Chief Privacy Officer: The Weller & Co. officer responsible for privacy strategy and compliance.Child: An individual under the age of 13, or under another age as defined by local laws.
Children’s Online Privacy Protection Act (COPPA): A U.S. law that imposes specific requirements on websites or online services directed to children under 13 years of age, including requirements for verifiable parental consent.
Consent: Freely given, specific, informed, and unambiguous indication of agreement to data processing.
Cookies: Small data files stored on a user’s device to remember preferences and usage.Covered Entity / Business Associate: As defined by HIPAA, a covered entity is a health care provider, health plan, or health care clearinghouse; a business associate is a person or organization that performs activities involving protected health information (PHI) on behalf of a covered entity.
Data Controller: The entity that determines how and why personal data is processed.
Data Processing: Any action performed on personal data (e.g., collection, storage, use).
Data Protection Authority: An independent public authority overseeing data protection laws.
Data Protection Officer: The Weller & Co. officer ensuring compliance with data laws.
Data Subject: A person whose personal data is collected and processed.
Direct Marketing: Marketing communications sent directly to individuals (e.g., emails, mail).
Encryption: Securing data by converting it into a coded format.Expert Determination: A method of de-identifying health data under the HIPAA Privacy Rule in which a qualified statistical expert applies accepted analytic techniques to determine that the risk of re-identification is very small. This process requires documentation of the expert’s analysis and rationale.
Financial Data: Personal information relating to financial transactions.General Data Protection Regulation (GDPR): A European Union regulation that governs the collection, processing, and transfer of personal data of individuals located in the EU/EEA. It grants individuals enhanced rights over their personal data and imposes strict obligations on organizations that process such data.
Genetic Data: Data relating to inherited or acquired genetic traits.Global Privacy Control (GPC): A browser- or device-based signal that communicates a user's privacy preferences—specifically, their desire to opt out of the sale or sharing of personal data. Recognized under laws such as the CCPA and CPRA, GPC must be honored where legally required.
Health Data: Information related to physical or mental health. This includes any dietary, allergy, supplement-use, or sensitivity information voluntarily submitted through digital our services or product-matching features.Health Insurance Portability and Accountability Act (HIPAA): A U.S. law designed to protect the privacy and security of individuals’ medical information and establish national standards for the electronic exchange of health data.
Identifiable Natural Person: An individual identifiable by reference to specific personal data.
International Organization: An entity governed by international law or treaties.
IP Address: A unique identifier for a device connected to a network.
Online Behavioural Advertising: Ads targeted based on past browsing behavior.Protected Health Information (PHI): Any individually identifiable health information held or transmitted by a covered entity or its business associate, in any form or medium.
Verifiable Parental Consent: A process required by COPPA to ensure that a parent or legal guardian has authorized the collection of personal data from a child under the age of 13.
If you have questions or need more information, contact us at info@wellercorporation.com.
You have rights concerning your personal data, including the right to object to certain uses such as direct marketing.
We explain how to exercise these rights in the sections that follow.
This Policy applies to individuals who interact with Weller & Co. as consumers.
It outlines how your data is collected, used, disclosed, and protected.
It covers data collected through: our websites, mobile applications, electronic communications, customer support channels, promotional campaigns, and interactions on social media platforms or third-party websites.
If we act as a covered entity or business associate under HIPAA in the course of providing services, we treat all Protected Health Information (PHI) in compliance with HIPAA’s privacy and security rules.
If you are located in the European Union (EU), European Economic Area (EEA), or United Kingdom (UK), this Policy is intended to comply with the General Data Protection Regulation (GDPR) and the UK GDPR.
Weller & Co. acts as a data controller for personal data collected through our websites and services.
We update this Policy periodically to reflect changes.
Additional compliance information is available in our Regulatory Disclosures.
We collect personal data through various channels.
These include our websites, mobile platforms, email or messaging exchanges, offline activities such as product demos and surveys, advertising interactions, and automatically generated usage data.
We may collect information from third parties, including social networks, public records, and business partners.
Depending on how you interact with us, we may collect your contact details, login credentials, demographic data, device and browser information, and your usage patterns on our platforms.
Uploaded forms and bank/accounting data are protected with encryption, access restrictions, and secure storage protocols.
We collect feedback you provide, any content you upload or share, authorized social media information, and details related to your transactions or payments, business contact information (e.g., company name, tax ID, VAT number, business license), banking details for payment purposes, downloadable/uploaded procurement documents, price offers, signed supplier/customer forms, contributor profile details such as academic credentials, institutional affiliations, article metadata, and publication history when users participate in our scientific submission platform.
Contributors must ensure that any third-party personal or health information included in submissions is anonymized or shared with valid, documented consent.
If your submission includes identifiable health data or case studies, you must obtain explicit written consent from the subject or use appropriate de-identification methods in line with HIPAA Safe Harbor or Expert Determination standards.
We may track downloads of informational materials (e.g., press kits, investor documents) for security and anti-abuse monitoring.
These downloads do not require personal data unless otherwise stated.
If you apply for a position via LinkedIn or submit a resume through a careers page, the personal data shared—including education, employment history, or certifications—may be processed in accordance with this Policy and LinkedIn’s own privacy practices. Weller & Co. does not store or process resumes directly on its servers unless separately submitted outside of LinkedIn.
We use your personal data to provide customer service, deliver marketing communications (where permitted), personalize your experience on our platforms, fulfill and ship orders, facilitate onboarding, procurement, payment, and compliance processes with suppliers and customers; to assess submitted price offers; to manage commercial relationships and ensure contractual obligations, analyze and improve our digital channels, to facilitate expert contributions and display scientific articles on our platform, to display contributor names, biographies, and institutional affiliations alongside published materials, to recommend content or related publications based on usage and reading patterns and comply with applicable laws. This allows us to support our relationship with you and continuously improve the value we offer.
All the above categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.
Download logs for press kits or investor materials may be recorded to monitor interest, detect misuse, or comply with licensing terms. No personal data is required to access these materials unless explicitly indicated.
If you engage with our Rootly™-branded services, we may use health-related information you voluntarily provide—such as allergies, sensitivities, health goals, or product preferences—in our automated product-matching system to offer tailored recommendations. This system uses predefined criteria and algorithms to analyze compatibility with our consumable products.
You have the right to opt out of this automated decision-making process by contacting us at info@wellercorporation.com or adjusting your privacy preferences in your Rootly™ account dashboard.
We use artificial intelligence (AI) systems as part of our Rootly™ platform to analyze health-related data you voluntarily provide—such as dietary preferences, allergens, symptoms, and lifestyle indicators—in order to generate dynamic product matches. These AI-driven processes may involve profiling based on your inputs and behavior across our platforms.
This automated profiling is designed to provide personalized recommendations, content, and communications. Where required by applicable law, we ensure appropriate safeguards are in place and provide you the right to object or opt out of such profiling.
You can exercise this right by contacting us at info@wellercorporation.com or by disabling personalization features within your Rootly™ account settings.
We may use health-related personal information you voluntarily provide—such as allergies, sensitivities, or product preferences—to personalize product recommendations or to communicate product safety information.
For individuals in the EU/EEA or UK, we process your personal data based on one or more of the following legal bases under the GDPR:
• Your consent
• The performance of a contract with you
• Compliance with a legal obligation
• Protection of your vital interests
• Our legitimate interests, provided these do not override your rights and freedoms
We use cookies and similar technologies—including pixel tags, SDKs, and log files—to ensure site functionality, analyze user behavior, personalize experiences, support social sharing, and detect fraud.
These technologies help us deliver content and advertising tailored to your preferences while improving site usability.
Types of cookies we use:
Strictly Necessary Cookies: Essential for website operation (e.g., login, settings). Cannot be disabled. Do not collect identifiable data.
Functionality Cookies: Enable personalization (e.g., language, preferences). Disabling may limit features. May store identifiable data.
Performance Cookies: Track usage patterns to improve site structure and content. Data collected is anonymized.
Targeting & Advertising Cookies: Deliver personalized ads and measure campaign effectiveness. May collect personal data using IP or device ID.
Social Media Cookies: Allow sharing across platforms. Social networks may use these for profiling and advertising.
Third-Party Cookies: Set by partners (e.g., advertisers or embedded services). May collect data based on interactions.
Cookies may be session-based (deleted after browsing session) or persistent (remain on your device until expiration or manual deletion).
Persistent cookies used on our sites typically expire within 6 to 12 months, depending on their purpose and applicable legal requirements.
You can manage cookie preferences by adjusting your browser settings or using our consent management tool.
If you use multiple browsers or devices, adjust settings accordingly.
Note: Disabling cookies may impact functionality or limit access to services.
We honor Global Privacy Control (GPC) signals where required by applicable law, including in jurisdictions such as California and Colorado.
We may revise our cookie practices to comply with legal or technical changes.
Updates will be posted clearly on our website.
Your data may be shared with affiliates of Weller & Co., service providers performing tasks on our behalf, regulatory or legal authorities when required, and trusted partners for co-marketing or analytics purposes (with safeguards in place).
Contributor content and profiles may be publicly viewable on the Site and discoverable via third-party search engines, unless otherwise configured.
If Weller & Co. undergoes a merger, acquisition, or restructuring, your data may be disclosed as part of that process.
Messaging Service Providers
We will not share your opt-in to an SMS messaging campaign with a third party for purposes unrelated to supporting you in connection with that campaign.
We may share your personal data with third parties that help us provide the messaging service, including, but not limited to, platform providers, phone companies, and other vendors who assist us in the delivery of text messages.
Affiliates
We may disclose personal data to our affiliates or subsidiaries. However, their use and disclosure of your personal data will remain subject to this Privacy and Cookies Policy.
Important Note
All the above categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.
We keep your data only as long as necessary to meet our operational and legal obligations.
Business and transactional records may be retained for up to 7 years or as required by financial and tax law.
The retention period may vary based on the duration of our relationship with you, applicable statutes of limitations, or specific business needs such as fraud prevention or internal auditing.
Your data may be stored or processed outside your country of residence.
Where applicable, we apply standard contractual clauses and other safeguards to ensure lawful international data transfers.
If we transfer your personal data outside the EU/EEA/UK, we will do so in accordance with applicable data protection laws and using appropriate safeguards, such as Standard Contractual Clauses (SCCs) approved by the European Commission or other lawful transfer mechanisms.
You may have the right to access your data, correct inaccuracies, delete or restrict processing, object to specific uses, withdraw consent, or request data portability.
Contributors may request corrections or updates to their published profile or articles but should note that scientific submissions may be retained or archived for record-keeping and citation integrity.
For individuals whose data is protected by HIPAA, you may request an accounting of disclosures, receive a copy of your protected health information (PHI), and request that we amend your PHI.
California residents have the right to opt out of the sale or sharing of their personal information and to limit the use of sensitive personal data.
If you are located in the EU/EEA or UK, you have the following additional rights under the GDPR:
• The right to object to processing carried out for legitimate interests or direct marketing
• The right to lodge a complaint with a supervisory authority in your country of residence or where a data breach occurred
• The right to request restriction of processing in certain circumstances (e.g., if you contest the accuracy of the data or object to its processing)You may exercise these rights through our website or by contacting us directly.
To exercise your rights, contact us at info@wellercorporation.com.
Verification may be required.
You can manage how your data is used by adjusting cookie settings through your browser, opting out of marketing communications, or updating your account preferences.
Even if you opt out of marketing, you will continue to receive transactional or service-related communications.
We allow the use of browser-based global privacy controls (such as GPC signals) to indicate your cookie preferences, where legally required.
We comply with the Children’s Online Privacy Protection Act (COPPA).
We do not knowingly collect personal data from children under 13 without verifiable parental consent.If we learn such data was collected in violation of COPPA, we will delete it promptly.
All child-related data is handled in accordance with applicable laws when consent is provided.
Parents or guardians may review, delete, or request no further collection of their child's personal data by contacting us directly.
Information related to health, wellness, or surgery featured on the Site is intended for informational purposes only and is not a substitute for professional medical advice, diagnosis, or treatment.
Always consult your physician or a qualified healthcare provider before acting on any information presented here.
Weller & Co. does not offer medical advice via this Site.
From time to time, specific campaigns, promotions, or services may include additional privacy terms.
We encourage you to review any such terms carefully, as participation may require agreement to them.
These will always be clearly presented to you.
If you are a patient or customer of Izmir HPB and your relationship with us involves protected health information, you may be presented with a separate HIPAA Notice of Privacy Practices outlining how we handle your PHI in accordance with federal regulations.
Information collected through sustainability or carbon reduction initiatives—such as pledge forms, offset programs, or opt-ins—may be used for internal tracking and communications.
We may update this Policy as needed to reflect legal, operational, or service changes.
All revisions will be posted here with an updated effective date.
Weller Corporation
8 The Green, Suite A
Dover, Delaware 19901
United States
Email: info@wellercorporation.com
We are committed to resolving any concerns promptly and transparently.
We will not reduce your rights under this Policy without your consent.
This Privacy and Cookies Policy is the intellectual property of Weller Corporation and may not be reproduced, republished, or distributed without our prior written permission.
The content herein is intended solely for informational purposes related to our business, services, and compliance obligations.
Copyright © May 2025 Weller Corporation. All rights reserved.
Subscribe to our newsletter
Our weekly newsletter with insights and intelligence from across the company.