Privacy Policy

Last updated:
28th February 2023

We believe that your personal data is an asset that you should have ownership and control over. Our goal is to build tools that enable you to use your data for your own personal benefit.

It is this belief that drives our number one priority, your trust. Your privacy is essential to earning and keeping that trust. This principle drives all of the decisions we make, as well as how we gather, use and store any information we acquire directly from you or on behalf of you.

Your Privacy Is Important

This Privacy Policy ("Privacy Policy") explains how HSAMax ("us," "our," and "we"), collects, uses, and shares information when you interact with us, and covers our processing activities as a data controller.

This Privacy Policy applies to all users of HSAMax's website as published at www.hsamax.co (and any other websites with "HSAMax" branding that link to this Privacy Policy), and any mobile-device applications we offer that are branded "HSAMax" and link or reference this Privacy Policy (collectively, the "Service").

For the purpose of this Privacy Policy, a User is an individual who uses our Service.‍

Please read this Privacy Policy carefully. This Privacy Policy replaces and supersedes the last version of this Privacy Policy for all users (including for those users that registered prior to the Effective Date). If you do not agree to our practices, please do not register, subscribe, create an account, or otherwise interact with the Service. By signing up for, using, or continuing to use the Service, you consent to the privacy practices described in this policy.‍

This Privacy Policy is incorporated into and is subject to the HSAMax Terms of Use. Capitalized terms that are not defined in the Privacy Policy may have the meaning given to them in the Terms of Use.

The Service is provided to you by Cooklist Inc. This Privacy Policy therefore constitutes an agreement between you and Cooklist Inc.

1. How we collect information

We may ask you to provide information when you register, subscribe, or create an account for our Service, link your HSAMax account to a retailers account, contact HSAMax for customer service purposes, or otherwise interact with or use the Service. We may collect certain types of information, including information that can be used to identify you, such as your name, email address, mailing address, phone number, date of birth, geographic location, and other types of personal information (“Personal Information”), and information that does not identify you personally. We may collect the following types of information:

Data you give to us or give us permission to obtain:

  • Registration and Contact Information when you register for the Service. This information allows us to communicate with you, such as your name, email address, password, social media user account names, or other methods at which you receive communications from or on behalf of HSAMax.
  • Retailer account Information, meaning the usernames and passwords for the retailer accounts you choose to link to the Service, and the historical and future transaction information associated with those accounts, such as the items you purchase, the stores you purchase them from, and when.
  • Purchase Information about the items you purchase, such as item descriptions and quantities, time of purchase, total purchase cost, and the store you purchased the items from.

We also store technical information when you use HSAMax

  • Search Information, meaning the terms or keywords you search for when using the Service.
  • Transaction Information such as the products you purchase from the retailer accounts that you connect to the Service.
  • Location Information including state/province, city, or zip code, as well as precise location data and associated time of day, if you have activated our Service on a mobile device and permitted your mobile device to transmit location data.
  • Mobile Device Information. We collect certain information about your mobile device when you use our Service, including device identifier (such as the Android Advertising ID and the Apple iOS IDFA), user settings, the make, model, and operating system of your device, and information about your use of our Service while using the device, such as your use of features, functions, or clicks on notifications or content. Please see the Choices you can make about your info under the heading "mobile" for more information on how to opt-out of our Location Information-based features.
  • Information from Cookies and Similar Technologies. When you use our Service, we and our partners may collect information using cookies and similar technologies, such as pixel tags, web beacons, browser analysis tools, and web server logs. Cookies are small text files containing a string of alphanumeric characters. We may use both session cookies and persistent cookies. A session cookie disappears after you close your browser/app. A persistent cookie remains after you close your browser/app and may be used by your browser/app on subsequent visits to the Service. Pixel tags and web beacons are tiny graphic images placed on website pages or in our emails that allow us to determine whether you have performed specific actions. When you access these pages or open email messages, the pixel tags and web beacons generate a notice of that action to us, or our service providers. These tools allow us to measure response to our communications and improve our web pages and promotions.
  • We collect many different types of information from cookies and other technologies. For example, we may collect and record information from the devices you use to access our Service, such as your IP address, operating system type or mobile device model, mobile device identifiers, browser type, domain, and other system settings, as well as the language your system uses and the country and time zone of your device. We may also collect information about the website you were visiting before you came to our Service.
  • In many cases, the information we collect using cookies and other tools is used in non-identifiable ways, without any reference to Personal Information. For example, we use the information we collect about users to optimize our Service and understand its traffic and usage patterns. In other cases, we associate the information we collect using cookies and related technologies with Personal Information. In that case, this Privacy Policy governs how we use that information. Additionally, if you have visited our mobile website or activated one of our mobile-device applications, and if the settings on your location-aware device allow us to receive Location Information, we will collect that automatically. If we associate Location Information with other Personal Information, this Privacy Policy governs how we would use that information too.
  • Please review your web browser’s “Help” file to learn the proper way to modify your cookie settings. However, please be aware that if you delete, or choose not to accept cookies from our Service, you may not be able to utilize the features of our Service to their fullest potential. Finally, please scroll down to the Choices you can make about your info section below, under the heading “cookies,” for more information about your cookie-related privacy options.
  • Referral Information. HSAMax may manage a referral program that allows you to earn credit for premium services in exchange for referring other users. By participating, you may provide us with information about the person to whom you refer our service, such as name and email address. We treat this information like all our other Personal Information.

Our Partners share information with us:

  • Information from Third Parties. We may receive information about you from third parties and combine it with the information we have about you. If you use a social media platform, a mobile device or other third-party method of communication to interact with HSAMax or the Service, that platform may have a specific privacy statement that governs the use of information related to that platform. If you have questions about the security and privacy settings of your mobile device, please refer to instructions from your mobile service provider or the manufacturer of your device to learn how to adjust your settings.

Info for Our Employees:

  • Employee Information from current, prospective and former Employees, their designated contact in case of a medical emergency, and beneficiaries under any insurance policy (“Employee Personal Information”). The Employee Personal Information we collect may include title, name, address, phone number, email address, date of birth, passport number, driver’s license number, social security number, financial information related to credit checks, bank details for payroll, information that may be recorded on a CV or application form, contact information in case of an emergency, and beneficiaries under any insurance policy. Additionally, we may collect sensitive Employee Personal Information, such as details of health and disability, including mental health, medical leave, and parental leave.

2. What we do with the information we collect

HSAMax and our partners use information to:

  • Operate and improve our Service, including web hosting
  • Send emails on our behalf
  • Have third parties process payments
  • Analyze and understand how you use our Service
  • Perform aggregated analytics that may be used for HSAMax’s marketing, advertising, and data enrichment activities
  • Provide customer support to users
  • Communicate and provide additional information which may be of interest to you about HSAMax and our merchants and business partners, such as HSAMax news, special offers, announcements, and marketing materials
  • Send you reminders, technical notices, updates, security alerts and support and administrative messages service bulletins, or marketing
  • Provide advertisements and marketing solicitations to you through the Service, email messages, text messages, push notifications, applications, or other methods of communication
  • Administer surveys, sweepstakes, contests, or other promotional activities or events sponsored by us or our partners
  • Manage our everyday business needs such as website administration, forum management, analytics, fraud prevention, Terms of Use or to comply with the law

Employee Personal Information

We acquire, hold, use and process Employee Personal Information for a variety of business purposes including but not limited to:

  • Human Resources administration and communication
  • Payroll and the provision of benefits; compensation, including bonuses and long term incentive administration, stock plan administration, compensation analysis, including monitoring overtime and compliance with labor laws, and company recognition programs
  • Workflow management, assigning, managing and administering projects
  • Performance and employee development management
  • Organizational development and succession planning
  • Emergency contacts and services
  • Processing of employee expenses and travel charges
  • Monitoring compliance with regulatory requirements

If an employee is also a User, the provisions hereunder related to Users will apply to such information in those circumstances.

3. Transferring your information

Service Providers. We may share information with our service providers that provide services for us to assist us in carrying out the purposes described in Section 2 above.

Third Parties. Cooklist may share information with third parties and service providers, but other than hashed information, device identifiers, or location information (in each case pseudonymized), we do not disclose your contact information or other personally identifiable information (PII). We share such information with third parties to assist us in carrying out the purposes described in Section 2 above.

Merger, Sale, or Other Asset Transfers. We may share your information to effect a merger, acquisition, or otherwise, and to support the sale or transfer of business assets. If HSAMax is involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified via email and/or prominent notice on the Service of any change in ownership or uses of your Personal Information, as well as any choices you may have regarding your Personal Information.

As Required by Law and Similar Disclosures. We may also disclose Personal Information to defend ourselves in litigation or a regulatory action; when required or advised to do so by law, such as in response to a subpoena, or similar legal process, including to law enforcement agencies, regulators, and courts in the United States and other countries where we operate; to enforce our rights or protect our property; to protect the rights, property or safety of others, investigate fraud, respond to a government request; or as needed to support auditing, compliance, and corporate governance functions.

Analytics. We also use third party services, such as Google Analytics, to help us understand how visitors interact with our website and to help improve our user experience. Google provides additional privacy options regarding cookie use described at https://policies.google.com/technologies/partner-sites

Aggregate Data. HSAMax may also disclose information about you that is not personally identifiable. For example, we may provide our merchants, business partners, or other third parties with reports that contain aggregated data, statistical data, and/or anonymized data.

Consent. We may also share your information with your consent.

4. Choices you can make about your info

We think that you benefit from a more personalized experience when we know more about you and the kinds of recipes, stores and products you like. However, you can limit the information you provide to HSAMax, and you can limit the communications that HSAMax sends to you.

Email. You can manage your email preferences by logging into the Service and going to the Notifications section under Settings. You may also manage your email preferences by clicking "unsubscribe" on any email communication we send you. You may choose to subscribe to some types of messages, and may choose to unsubscribe from others.

Cookies. You may manage how your browser handles cookies and related technologies by adjusting its privacy and security settings. Please note that if you disable cookies, you may be unable to access some customized features of our Service. You can opt-out of being targeted by certain third party advertising companies online at www.networkadvertising.org/consumer/opt_out.asp and http://www.aboutads.info/choices/.

Mobile. Some of the features of the Service may enable HSAMax to access and collect information about your current or past location in order to personalize the Service for you and provide other features of the Service ("Location-based Features"). In order to use Location-based Features, you must give HSAMax permission to use your geo-location through your device. HSAMax may access your geo-location using a variety of means, including GPS, IP address, or cell tower location. You may opt-out of using Location-Based Features by adjusting the settings on your mobile device to prevent the sharing of precise Location Information. You may also manage how your mobile device or mobile browser handles cookies and related technologies by adjusting your mobile device privacy and security settings. If you choose not to allow HSAMax to use your location information you will not be able to utilize certain features of the Service.


Connecting through Social Networks. You may be able to manage what social networks share with HSAMax when you register with us through a social media platform or application, such as through Facebook Connect. Please refer to the privacy settings of the social media platform or application to determine how you may adjust our permissions and manage the interactivity between HSAMax and your social media account.

Delete Data. You are also able to request that we delete your account and all data associated with you right from your account in the Service in the Account section in Settings or by emailing us at hello@hsamax.co

5. Accessing and managing information

Keeping your information helps ensure that we provide you with the best experience using the Service.
You may update or correct your profile information and preferences at any time by accessing your Settings through the Service.

If you want to close your account or have other questions or requests, or if you would like to access or request a correction to any other information we hold about you, please contact us at hello@hsamax.co. If you wish to cancel your account, contact us at hello@hsamax.co.

Please note that while your changes are reflected promptly in active user databases, we may retain all information you submit for as long as needed to fulfill a legitimate business need or as required by law, including for backups and archiving, prevention of fraud and abuse, compliance with legal obligations, dispute resolution, enforcing our agreements, and analytics.

6. Security of Personal Information

We use physical, managerial, and technical safeguards that are designed to improve the integrity and security of your Personal Information. We cannot, however, ensure or warrant the security of any information you transmit to us or store on the Service.

7. Policy on children’s information

Children under 13 are not allowed to use HSAMax. We do not knowingly collect, maintain, or use personal information from children under the age of 13, and no part of the Service is directed to children. If you learn that a child has provided us with personal information in violation of this Privacy Policy, then you may alert us at hello@hsamax.co.

8. International Users

The Service is hosted in the United States and is intended for visitors located within the United States. If you choose to use the Service from the European Union or other regions of the world with laws governing data collection and use that may differ from U.S. law, then please note that you are transferring your personally identifiable information outside of those regions to the United States for storage and processing, and by providing your personally identifiable information on the Service you consent to that transfer, storage, and processing.

9. Rights for those in California

If you reside in California and have provided your information to us, you may request information once per calendar year about our disclosures of certain categories of personal information to third parties for their direct marketing purposes. Such requests must be submitted to us in writing at hello@hsamax.co, or write to us at the address provided below, with "Request for California Privacy Information" in the subject line and body of your message.

10. Changes and updates to this Privacy Policy

We may make changes to this policy from time to time and if we do, we’ll post any changes on this page. If we materially change the ways in which we use or share personal information previously collected from you through the Service, we will notify you through the Service, by email, or other communication.

HSAMax encourages you to review this Privacy Policy periodically to be informed regarding how we are using and protecting your information and to be aware of any policy changes. Your continued relationship with HSAMax after the posting or notice of any amended Privacy Policy shall constitute your agreement to be bound by any such changes.

Any changes to this Privacy Policy will take effect immediately after being posted or otherwise provided by us. Each version of this Privacy Policy will be identified at the top of the page by its effective date.

11. Your Consent

Where the legal basis for us processing your personal data is that you have provided your consent, you may withdraw your consent at any time. You will not suffer any detriment for withdrawing your consent. If you withdraw your consent, this will not make processing which we undertook before you withdrew your consent unlawful.

You can withdraw your consent by contacting HSAMax as data controller, whose details are provided in section 12 below.

12. How to contact us

Please contact us with any questions or comments about this Privacy Policy, your information, our use and disclosure practices, or your consent choices by e-mail at hello@hsamax.co or by mail at:

HSA Max
ATTN: Privacy Operations
8631 Angora St
Dallas, TX 75218