The United States Department of Commerce and the European Commission have agreed on a set of data protection principles and frequently asked questions (the "Safe Harbor Principles") to enable US companies to satisfy the requirement under European Union law that adequate protection be given to Personal information transferred from the EU to the United States. The EEA also has recognized the US Safe Harbor as providing adequate data protection (OJ L 45, 15.2.2001, p.47). Consistent with its commitment to protect Personal privacy, American Standard adheres to the Safe Harbor Principles.
American Standard's Legal Team is responsible for the company's compliance and enforcement of this policy and data security issues. The Legal Team is available to any of its valued employees, customers, vendors, business partners or others who may have questions concerning this Policy or data security practices. Relevant contact information is provided herein.
The practices described in this Policy are current Personal data protection policies. American Standard reserves the right to modify or amend this Policy at any time consistent with the requirements of the Safe Harbor Principles. Appropriate public notice will be given concerning such amendments.
Personal information collected by American Standard from employees and applicants for employment is maintained at its corporate offices in Piscataway, New Jersey in the United States as well as the local office of the employee or applicant. American Standard collects Personal information for, among other things, legitimate human resource business reasons such as payroll administration; filling employment positions; administration and operations of its benefit programs; meeting governmental reporting requirements; security, health and safety management; performance management; company network access; and authentication. American Standard does not request or gather information regarding political opinions, religion, philosophy or sexual preference. To the extent American Standard maintains information on an individual's medical health or ethnicity (as legally required), American Standard will protect, secure and use that information in a manner consistent with this Policy and any applicable law.
Personal information collected by American Standard from prospective customers, consumers, vendors, business partners and others may be maintained at its corporate offices in Piscataway, New Jersey or at other American Standard facilities. American Standard collects Personal information for, among other things, legitimate business reasons such as customer service; product, warranty and claims administration; meeting governmental reporting and records requirements; maintenance of accurate accounts payable and receivable records; internal marketing research; safety and performance management; financial and sales data; and contact information. All Personal information collected by American Standard will be used for legitimate business purposes consistent with this Policy.
For purposes of this Policy, the following definitions shall apply:
- "Agent" means any third party that uses Personal information provided by American Standard to perform tasks on behalf of or at the instruction of American Standard.
- "American Standard" means AS America, Inc., d/b/a American Standard Brands, its predecessors, successors, subsidiaries, affiliates, officers, directors, divisions and business groups.
- "Personal information" means any information or set of information that identifies or could be used by or on behalf of American Standard to identify an individual. Personal information does not include information that is encoded or anonymized, or publicly available information that has not been combined with non-public Personal information.
- "Sensitive Personal information" means Personal information that reveals race, ethnic origin, trade union membership, or that concerns health. In addition, American Standard will treat as sensitive Personal information any information received from a third party where that third party treats and identifies the information as sensitive.
V. PRIVACY PRINCIPLES The privacy principles in this Policy are based on the seven Safe Harbor Principles.
(1) NOTICE: Where American Standard collects Personal information directly from individuals, it will inform them about the purposes for which it collects and uses Personal information about them, the types of non-agent third parties to which American Standard discloses that information, and the choices and means, if any, American Standard offers individuals for limiting the use and disclosure of their Personal information. Notice will be provided in clear and conspicuous language when individuals are first asked to provide Personal information to American Standard, or as soon as practicable thereafter, and in any event before American Standard uses the information for a purpose other than that for which it was originally collected. American Standard may disclose Personal information if required to do so by law or to protect and defend the rights or property of American Standard.
(2) CHOICE: American Standard will offer individuals the opportunity to choose (opt-out) whether their Personal information is (a) to be disclosed to a non-agent third party, or (b) to be used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual.
For sensitive Personal information, American Standard will give individuals the opportunity to affirmatively and explicitly (opt-in) consent to the disclosure of the information to a non-agent third party or the use of the information for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual.
American Standard will provide individuals with reasonable mechanisms to exercise their choices should requisite circumstances arise.
(3) DATA INTEGRITY: American Standard will use Personal information only in ways that are compatible with the purposes for which it was collected or subsequently authorized by the individual. American Standard will take reasonable steps to ensure that Personal information is relevant to its intended use, accurate, complete and current.
(4) TRANSFERS TO AGENTS: American Standard will obtain assurances from its Agents that they will safeguard Personal information consistently with this Policy. Examples of appropriate assurances that may be provided by Agents include: a contract obligating the Agent to provide at least the same level of protection as is required by the relevant Safe Harbor Principles, being subject to EU Directive 95/46/EC (the EU Data Protection Directive), Safe Harbor certification by the Agent, or being subject to another European Commission adequacy finding (e.g., companies located in Switzerland). Where American Standard has knowledge that an Agent is using or disclosing Personal information in a manner contrary to this Policy, American Standard will take reasonable steps to prevent or stop the use or disclosure. American Standard holds it Agents accountable for maintaining the trust our employees and customers place in the company.
(5) ACCESS AND CORRECTION: Upon request, American Standard will grant individuals reasonable access to Personal information that it holds about them. In addition, American Standard will take reasonable steps to permit individuals to correct, amend or delete information that is demonstrated to be inaccurate or incomplete. Any employees that desire to review or update their Personal information can do so by contacting their local Human Resources Representative.
(6) SECURITY: American Standard will take reasonable precautions to protect Personal information in its possession from loss, misuse and unauthorized access, disclosure, alteration and destruction. American Standard protects data in many ways. Physical security is designed to prevent unauthorized access to database equipment and hard copies of sensitive Personal information. Electronic security measures continuously monitor access to our servers and provide protection from hacking or other unauthorized access from remote locations. This protection includes the use of firewalls, restricted access and encryption technology. American Standard limits access to Personal information and data to those persons in American Standard's organization, or as agents of American Standard, that have a specific business purpose for maintaining and processing such Personal information and data. Individuals who have been granted access to Personal information are aware of their responsibilities to protect the security, confidentiality and integrity of that information and have been provided training and instruction on how to do so.
(7) ENFORCEMENT: American Standard will conduct compliance audits of its relevant privacy practices to verify adherence to this Policy and the US Department of Commerce Safe Harbor Principles. Any employee that American Standard determines is in violation of this Policy will be subject to disciplinary action up to and including termination of employment.
VI. DISPUTE RESOLUTION
Any questions or concerns regarding the use or disclosure of Personal information should be directed to the American Standard's General Counsel at the address given below. American Standard will investigate and attempt to resolve complaints and disputes regarding use and disclosure of Personal information in accordance with the principles contained in this Policy. For complaints that cannot be resolved between American Standard and the complainant, American Standard has agreed to participate in the dispute resolution procedures of the panel established by the European data protection authorities to resolve disputes pursuant to the Safe Harbor Principles.
VII. INTERNET PRIVACY
American Standard sees the Internet, intranets and the use of other technologies as valuable tools for communicating and interacting with consumers, employees, vendors, business partners and others. American Standard recognizes the importance of maintaining the privacy of Personal information collected through websites that it operates. American Standard's sole purpose for operating its websites is to provide information concerning products and services to the public. In general, visitors can reach American Standard on the Web without revealing any Personal information. Visitors on the Web may elect to voluntarily provide Personal information via American Standard websites but are not required to do so. American Standard collects information from visitors to the websites who voluntarily provide Personal information by filling out and submitting online questionnaires concerning feedback on the website, requesting information on products or services, or seeking employment. The Personal information voluntarily provided by website users is contact information limited to the user's name, home and/or business address, phone numbers and email address. American Standard collects this information so it may answer questions and forward requested information. American Standard does not sell or share this information with non-agent third parties.
American Standard may also collect anonymous information concerning website users through the use of "cookies" in order to provide better customer service. "Cookies" are small files that websites place on users' computers to identify the user and enhance the website experience. None of this information is reviewed at an individual level. Visitors may set their browsers to provide notice before they receive a cookie, giving the opportunity to decide whether to accept the cookie. Visitors can also set their browsers to turn off cookies. If visitors do so, however, some areas of American Standard websites may not function properly.
American Standard uses one or more companies to place advertisements for our products and services and those of third parties on our Site and third-party sites. Cookies and other technologies such as Web beacons or tags are used to measure the effectiveness of our ads and to determine the display of content and advertising to you based on your interests both on our site, as well as on third-party sites where you may visit. To support this interest based advertising solution, we, and companies who we have contracted with, may use anonymous information about your visits to our and other Web sites. The information collected and used by this process is always anonymous, and does not enable any third-party to identify you individually.
Although it is our hope that you find the display of advertising to you based on your anonymous interests valuable, if you would prefer not to participate in the services offered through these solutions, you can always opt-out of this activity by visiting the Network Advertising Initiative (NAI) website by clicking http://www.networkadvertising.org/managing/opt_out.asp.
Few, if any, of American Standard's websites are directed toward children. Nevertheless, American Standard is committed to complying with applicable laws and requirements, such as the United States' Children's Online Privacy Protection Act ("COPPA"). American Standard website users have the option to request that American Standard not use information previously provided, correct information previously provided, or remove information previously provided to American Standard. Those that would like to correct or suppress information they have provided to American Standard should forward such inquiries to:
AS America, Inc. Privacy Inquiries
One Centennial Avenue
Piscataway, New Jersey 08855-6820
Attention: Maria Chiclana, Senior Vice President and General Counsel
The inquiries should include the individual's name, address, and other relevant contact information (phone number, email address). American Standard will use all reasonable efforts to honor such requests as quickly as possible.
American Standard websites may contain links to other "non-American Standard" websites. American Standard assumes no responsibility for the content or the privacy policies and practices on those websites. American Standard encourages all users to read the privacy statements of those sites; their privacy practices may differ from those of American Standard.
VIII. MOBILE APPLICATION PRIVACY
(1). INFORMATION THAT WE MAY COLLECT
We collect your information in different areas of the Application. The exact information collected varies depending on how the Application is used by you. For example, as a registered user, you consent to the tracking and storage of any data transmitted through the Application, including, without limitation, name, email address, zip code and other location information, mobile number, search results, shopping lists or any other personal data, by the Company in the Company's database and the Company's use of your personal data for its internal and marketing purposes. Further, if you use the Application as an unregistered user, your mobile number may be stored in text file data logs, but will not be linked in any way to your product or service searches and will not be used by the Company to send text messages or for any other purpose. Note that any personal information (whether in connection with a registered or unregistered user), which was lawfully obtained by the Company from a third party having rights to distribute such personal data (through your prior consent, or otherwise), prior to and/or independent of any data submitted through the Application by you or a third party, may be used by the Company for any reason, including, without limitation, the sending of text messages.
Mobile device identification information. When you connect to the Service on your internet-enabled mobile device, if your service provider uniquely identifies the device, American Standard will receive this information. American Standard may use your unique mobile device identification information to communicate product information and other information. Certain American Standard services may require our collection from you of the phone number for your device. We may associate that phone number to the mobile device identification information and to other information we have collected from and about you; however we will not use that number for telemarketing.
Mobile device physical location. Some mobile phone service providers are required to operate a system that will pinpoint the physical location of devices that use their service. Depending on the provider, American Standard may automatically receive this information. In most cases users will consent to being located either as part of the application installation or during the location look-up process. In all cases these rules are determined by carrier and handset implementation.