This Privacy Statement describes our privacy practices as required by the General Data Protection Regulation (“GDPR”) (EU) (2016/679) and other applicable data protection laws (collectively “Privacy Laws”). This Privacy Statement applies where Newell Brands is acting as a Data Controller with respect to the Personal Data of our customers, employees, website users, partners and service providers. In other words, this Privacy Statement applies where we determine the purposes and means of the processing of Personal Data.
2. PERSONAL DATA WE COLLECT ABOUT YOU
When you submit a request, set up an account, apply for a position, visit our Sites, etc., with any ALLSOOS Brands entity, you may be asked to provide certain information, including, but not limited to, your name, title, company, address, phone number, e-mail address, credit card information, and line of business. You may also be providing us with data regarding your devices including, your IP address, your geolocation, your data usage, your client or supplier account, etc. In limited circumstances, we may collect information related to you, and your family members, such as age, gender and civil status. This information and data may be Personal Data under applicable Privacy Laws.
3. WHY WE PROCESS YOUR PERSONAL DATA, LEGAL BASES FOR PROCESSING AND RETENTION
Please consult the table below to see the categories of Personal Data we may collect about you, why we process (collect, use, store, etc.) your Personal Data, the legal grounds for such processing (where applicable) and the relevant maximum retention period.
4. HOW WE SHARE YOUR PERSONAL DATA
Your Personal Data may be shared with others as described below:
We may disclose your Personal Data to any member of our group of companies, affiliates, resellers, suppliers, and service providers, including advertising networks, as reasonably necessary for the purposes, and on the legal bases, set out in this Privacy Statement.
We may disclose your Personal Data to our insurers and professional advisers as reasonably necessary for the purposes of obtaining or maintaining insurance coverage, managing risks, obtaining professional advice, or the establishment, exercise or defense of legal claims, whether in court proceedings or other legal proceedings.
We may disclose your Personal Data with our payment services providers to complete financial transactions. We will share transaction data with our payment services providers only to the extent necessary for the purposes of processing your payments, refunding such payments and dealing with complaints and queries relating to such payments and refunds.
In addition to the specific disclosures of Personal Data set out in this section, we may disclose your Personal Data: (a) where such disclosure is necessary for compliance with a legal obligation to which we are subject, including a subpoena, court order or search warrant; (b) enforce our Terms of Service, this Privacy Statement, or other contracts with you, including investigation of potential violations thereof; (c) respond to claims regarding violations of third party rights; (d) respond to your requests for customer service; and/or (e) protect the rights, property or personal safety of ALLSOOS and its employees, its agents and affiliates, its users and/or the public. This includes exchanging information with other companies and organizations for fraud protection, spam/malware prevention, or in order to protect your vital interests or the vital interests of another natural person.
We reserve the right to transfer your Personal Data in the event of bankruptcy or a sale or transfer of all or a portion of our business or assets, an acquisition, merger or divestiture.
Except as otherwise set forth herein, we do not sell, trade, rent or otherwise share your Personal Data with any third parties outside of Newell Brands or with our affiliated companies for monetary or other valuable consideration.
6. INTERNATIONAL DATA TRANSFERS
Our customers and the users of our Sites may be located anywhere in the world. The privacy laws in some countries may not provide protections equivalent to those in your country of residence, and your government may or may not deem such privacy protections adequate. We may process your information in, or transfer your information to, the United States, third parties in the United States, or other countries.
For residents of EU/EEA countries, in the event of transfer of your Personal Data to a country which has been deemed to have an inadequate level of protection for Personal Data, we will implement safeguards, including selecting “Privacy Shield” certified processors or putting in place standard contractual clauses, in accordance with the EU requirements.
7. YOUR RIGHTS REGARDING ACCESS TO AND CONTROL OVER PERSONAL DATA
Your rights regarding your Personal Data depend on local law in the jurisdiction where you reside.
If you reside in the EU/EEA, you may have the right, after submitting a verified request to:
Information and Access - You may request to access your Personal Data, receive supplemental information about your Personal Data, and/or be provided with a copy of your Personal Data.
Rectification - You may request to rectify and/or update your inaccurate or out-of-date Personal Data.
Erasure - You may have the right to have your Personal Data erased.
Restriction - You may have the right to restrict the processing of your Personal Data.
Object to Processing - You may have the right to object to specific types of processing of your Personal Data.
Data Portability - You may have the right to request a portable copy of your Personal Data. For example, Data Portability does not apply to paper records, and must not prejudice the rights of others, or sensitive company information.
Right not to be subject to decisions based solely Automated Decision Making - You may have the right not to be subject to decisions based solely on automated processing (i.e., without human intervention).
Right to lodge a complaint - You may have the right to lodge a complaint with a supervisory authority in the country in which you reside, details of which can be provided on request by the Data Privacy Committee at Online Webform
If you reside in California, you may have the right, after submitting a verified request to:
Know the categories of personal information we collect about you;
Know whether your personal information was sold or disclosed to third parties for a business purpose, including for direct marketing purposes by third parties, during the immediately preceding calendar year;
Know the identity of the third parties that received your personal information for their direct marketing purposes during that calendar year;
Deletion of your personal information maintained by us;
Opt-out of the sale of your personal information;
Access your personal information and to a portable copy of your data;
Not be discriminated against for exercising your rights; and
Notification of your rights.
8.PERSONAL DATA SUBMITTED BY CHILDREN
Some of the content on our Sites may be directed toward children under age 13. However, we do not knowingly collect or solicit personal information from children under age 13 without parental consent, unless permitted by law. If we become aware that we have collected personal information from a child under age 13 without parental consent or unless otherwise permitted by law, we will delete it in accordance with applicable law. If you believe that a child may have provided us with Personal Data without parental consent or otherwise not permitted by law, please contact us as detailed below in the “Contact Us” section.
9. COOKIES, WEB BEACONS AND OTHER TRACKING TECHNOLOGIES
Some of our business partners set web beacons and Cookies on our site. In addition, third-party social media buttons may log certain information such as your IP address, browser type and language, access time, and referring website addresses.
There is no perfect security. We have implemented appropriate and commercially reasonable organizational, technical and administrative safeguards to protect Personal Data. You are responsible for maintaining the secrecy of any credentials that can be used to access any account or service with ALLSOOS. If you should suspect any unauthorized activity please report this to us immediately.
11.LINKS TO THIRD PARTY SITES
We may collect your information from third parties sites. This includes when you log in through a third party site such as Facebook, Snapchat, Instagram, LinkedIn, Twitter, etc. We may also disclose information collected from third parties to customize ads and to manage and facilitate messaging on third party sites. Please note that when you unsubscribe from our marketing email there may be a delay in the discontinuation of our ads directed to you on third party sites.
12.DO NOT TRACK
ALLSOOS does not track its customers over time and across third party websites to provide targeted advertising and therefore does not respond to Do Not Track (DNT) signals. However, some third party sites do keep track of your browsing activities when they serve you content, which enables them to tailor what they present to you. If you are visiting such sites, you may be able to set the DNT signal on your browser so that third parties (particularly advertisers) know you do not want to be tracked.