- GDPR. GDPR stands for “General Data Protection Regulation.” GDPR is the European Union’s (“EU”) regulation on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, adopted by the European Parliament and the European Council on April 27, 2016, and current as of May 25, 2018. For additional information regarding GDPR, see Section 12 entitled “Additional Notices to European Union Residents and Other GDPR Data Subjects,” below.
- Data Subject. Under GDPR, a Data Subject is any living natural person whose personal data are processed.
- Processing. Processing means any operation that is performed on Personal Data, such as collection, recording, organization, structuring, storage, adaptation, alteration, retrieval, consultation, use, making available, combination, restriction, erasure, or destruction.
What Personal Data Does Heritage Mfg. Collect About Me? In general, we avoid collecting your Personal Data. The following are some of the types of Personal Data that we do gather.
- Information You Voluntarily Provide to Us. You may provide Personal Data to us via Our Websites when you do any of the following: (a) submit an inquiry using our “contact us” feature, (b) register an account, (c) subscribe to any of our newsletters or email lists, (d) submit an order, (e) enter a contest or sweepstakes, or (f) submit other information to us via Our Websites. Such Personal Data most often includes information such as your name, mailing address, email address, phone number, or credit or debit card number. You are under no obligation to provide such Personal Data. To learn more about how you can control the Personal Data that we receive from you, see Section 6 entitled “What are My Choices Regarding Use and Distribution of Personal Data,” below.
- Cookies. Cookies are data files placed on a web browser when you visit websites. They are sent to your device in order to personalize your experience on Our Websites. Cookies enable us to recognize your device (i.e. mobile phone, laptop, etc.) and provide you with personalized features on Our Websites and storage of items in places like your Cart between each visit. You may disable cookies using your browser’s preferences, but some features of Our Websites may not function properly or may operate slowly if you do so. For example, to place an order on Our Websites’ Online Store, your browser must be set to accept cookies. To learn more about how you can control Cookies, see Section 6 entitled “What are My Choices Regarding Use and Distribution of Personal Data,” below.
- Embedded Scripts. An embedded script is a programming code that is designed to collect information about your interactions with Our Websites, such as which links you click on. The code is temporarily downloaded onto your computer from our web server or a third party service provider, is active only while you are connected to Our Websites, and is deactivated or deleted thereafter.
How Does Heritage Mfg. Use Personal Data? We use Personal Data and the Website Usage Information collected from Our Websites for a variety of purposes, including but not limited to the following:
- Providing You with Services.We use Personal Data to provide you with information, products, or services that you have ordered, requested, or agreed to receive from us; to process your registration with any of Our Websites, including verifying that your email address is active and valid; and to process any applications, orders, payments, or changes to your account information.
- Communicating with You.We use Personal Data to communicate with you regarding information, features, products, services, or other offers that we believe may be of interest to you; to respond to your questions or other requests; to conduct surveys; and to contact you regarding a sweepstakes, contest, or promotions in which you have participated.
- Understanding Our Websites’ Visitors and Improving our Services and Our Websites.We use Personal Data to improve Our Websites, our services, and to customize your experience on Our Websites. Similarly, the Website Usage Information, or other aggregated user statistics, as well as anonymous de-identified information derived from Personal Data we collect may be used by us in system administration, to help us understand the demographics and other information of visitors to Our Websites, to enhance the performance of Our Websites, or to report aggregate information to our business partners.
With Whom Do We Share the Personal Data? We may share Personal Data that we collect on Our Websites in the following situations:
- Our Subsidiaries or Affiliated Businesses. We may disclose the Personal Data we collect with our subsidiaries or affiliated businesses.
- Third Parties Providing Services on Our Behalf. We may share Personal Data with our agents and representatives who perform services on our behalf. These services include, but are not limited to, hosting or operating certain functions or features on Our Websites; sending communications on our behalf, such as marketing emails; processing credit card and other payment transactions; fulfilling orders; analyzing data; providing marketing assistance; and providing customer service. While these third parties may have access to Personal Data in order to provide these services to us or to you on our behalf, they are permitted to access Personal Data only in accordance with our instructions.
- Sweepstakes, Contests and Promotions. We may offer sweepstakes, contests, and other promotions (collectively, “Promotions”) through Our Websites. If you choose to participate in any Promotions, Personal Data about you may be disclosed to third parties or the public in connection with the administration and marketing of such Promotion, including, without limitation, in connection with winner selection, prize fulfillment, and as required by law or permitted by the Promotion’s official rules, such as including your name on a winners’ list. Additionally, by entering a Promotion, you are agreeing to the official rules that govern that Promotion, which may contain specific requirements of you, including, except where prohibited by law, allowing the sponsor(s) of the Promotion to use your name, voice and/or likeness in advertising or marketing associated with the promotion.
What are My Choices Regarding Use and Distribution of Personal Data? When you are asked for Personal Data on any of Our Websites, you will be given the opportunity to “opt-in” to having Heritage Mfg. contact you regarding special offers and promotions.
If you opt-in to receive offers and promotions, we may occasionally send you information about products and services that we feel may be of interest to you. To the extent that third parties or our other representatives work with Personal Data, they are only allowed to do so in accordance with our instructions. You can opt-out from receiving these emails at any time by following the simple instructions provided in every email, or by writing to us at Heritage Manufacturing, Inc., Attention Marketing Department, 100 Taurus Way, Bainbridge, Georgia 39817. If you give us your telephone number, we will only use it to call you regarding orders that you have placed for products, or for product safety or advisory information.
If you would like to control how cookies are added to your device, or remove them altogether, the “help” feature on most web browsers will tell you how to change your cookie settings and how to prevent your browser from accepting new cookies. In some cases, your browser will show you how to receive a notification when you receive a new cookie. As mentioned above, if you choose to disable your browser from accepting cookies, you may not be able to use all of the features of Our Websites. Links and Advertisements. Our Websites may contain advertisements or other links to third-party websites that Heritage Mfg. does not own or control. Heritage Mfg. is not responsible for the privacy practices employed by any third-party website. Links or advertisements do not constitute or imply any review or endorsement of any non-Heritage Mfg. site. You visit other sites at your own risk. Because other sites may collect, use, and distribute your Personal Data in manners different than Heritage Mfg., we recommend that you read the privacy statements of all third party websites before submitting any Personal Data to those websites. They are not within our control. Consent to Transfer Personal Data to the United States. OurWebsites are operated in the United States. If you are located in the European Union, Canada, or elsewhere outside of the United States, please be aware that information we collect will be transferred to and processed in the United States. By using any of Our Websites or providing us with any information, you consent to this transfer and processing of your information in the United States. If you are a Data Subject, please see additional notices in Section 12, entitled “Additional Notices to EU Residents and Other GDPR Data Subjects,” below. About Our Websites’ Security. We have technical and organizational measures in place that are intended to safeguard and protect your Personal Data against unauthorized access, accidental loss, improper use, and disclosure. However, you should be aware that information transmitted over the internet is not completely secure because of the nature of the internet, and that systems and measures used to secure information are not flawless. For these reasons, although we will use reasonable efforts to protect your personal information, including those mentioned above, we do not warrant the security of personal information transmitted to us or stored by us. Personal Data that is transmitted to us by you electronically is done at your own risk.Notice to Parents. Our Websites are general audience websites. We do not knowingly collect, use, or disclose any Personal Data from users younger than the age of eighteen (18). If we become aware that we have unknowingly collected Personal Data from a user younger than the age of eighteen (18), then we will make reasonable efforts to delete any such Personal Data collected. If you are a parent or guardian and believe that we might have any Personal Data from or about your child under the age of eighteen (18), please contact us at the information listed in Section 13 entitled “Contact Us and Additional Information,” below.
Additional Notices to California Residents
- California Do-Not-Track Disclosure.At this time, Our Websites are not set up to honor web browser do-not-track settings.
- Information on Marketing Disclosures.California Civil Code Section 1798.83 permits our users who are California residents to request and obtain from us once a year, free of charge, information about their Personal Data (if any) we disclosed to third parties for direct marketing purposes in the preceding calendar year. If applicable, this information would include a list of the categories of Personal Data that was shared and the names and addresses of all third parties with whom we shared such Personal Data in the immediately preceding calendar year. To make such a request, please submit your request in writing to us at: Heritage Mfg., Attn: Marketing Department, 100 Taurus Way, Bainbridge, Georgia 39817.
Additional Notices to EU Residents and Other GDPR Data Subjects
- Legal Bases for Processing Personal Data of EU Citizens or Other GDPR Data Subjects. When processing your Personal Data, we may rely on one or more of the following legal bases (or other available legal grounds), depending on the circumstances:
- Legitimate Interest.We may process your Personal Data where we have a legitimate interest in such processing for managing, operating, or promoting our business, and where that legitimate interest is not overridden by your interests, fundamental rights, or freedoms.
- Consent.We may process your Personal Data where we have obtained your consent to such processing.
- Contractual Necessity.We may process your Personal Data where such processing is necessary in connection with any contract that we have with you.
- Legal Requirements. We may process your Personal Data where such processing is required by applicable law.
We may also disclose any information (including Personal Data) relating to you to law enforcement authorities or any regulatory or government authority in response to any request including requests in connection with the investigation of any suspected illegal activities.
- Security of Personal Data of EU Citizens or Other GDPR Data Subjects. We have technical and organizational measures in place that are intended to safeguard and protect your Personal Data against unauthorized access, accidental loss, improper use, and disclosure. However, you should be aware that information transmitted over the internet is not completely secure because of the nature of the internet, and that systems and measures used to secure information are not flawless. For these reasons, although we will use reasonable efforts to protect your personal information, including those mentioned above, we do not warrant the security of personal information transmitted to us or stored by us. Personal Data that is transmitted to us by you electronically is done at your own risk.
- Retention of Personal Data of EU Citizens or Other GDPR Data Subjects. Our policy is to retain your Personal Data only for as long as is necessary to fulfill the purposes for which we collected such Personal Data, including for the purposes of satisfying any professional, legal, accounting, or reporting requirements to which we are subject. To determine the appropriate retention period for Personal Data, we consider the scope, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of the Personal Data, the purposes for which we collected and processed your Personal Data and whether we can achieve those purposes through other means, and any applicable legal and professional requirements.
- Your Rights as a EU Resident or Other GDPR Data Subject. You have a number of rights concerning your Personal Data that we hold and use, including the following:
- Right of Access.You have the right to be informed about what Personal Data we hold about you and to a copy of this Personal Data.
- Right to Rectification.You have the right to have any inaccurate Personal Data that we hold about you updated or corrected.
- Right to Erasure.In certain circumstances, you may request that we delete the Personal Data that we hold about you.
- Right to Complain.You have the right to lodge a complaint regarding the processing of your Personal Data to an applicable governmental or supervisory authority in your country.
- Right to Withdraw Consent.Where processing of Personal Data is based on your consent, you have the right to withdraw such consent at any time.
- Right to Object.Where we rely on our legitimate interests to process your Personal Data, you have the right to object to such use and we are required to discontinue such processing unless we can demonstrate an overriding legitimate interest in such processing.
- Right to Restriction.You have the right to request that we stop using your Personal Data in certain circumstances including if you believe that the Personal Data we hold about you is inaccurate or that our use of your Personal Data is unlawful. If you validly exercise this right, we will store your Personal Data and will not carry out any other processing until the issue is resolved.