EFFECTIVE DATE: May 31, 2018
1. ABOUT HAWORTH
Haworth, Inc. is a privately-held, family-owned corporation headquartered in Holland, MI which designs and manufactures adaptable workspaces for businesses. The company serves markets in more than 120 countries through a global network of over 600 dealers.
At Haworth, Inc., your privacy is important to us. We process personal data in different contexts by fully respecting your privacy and your rights and freedoms as part of our commitment to ethical and responsible practices.
You may be subject to additional terms or policies. For instance, during the provision of certain services to our customers, when you access particular services or materials on certain areas of this website or by following links that take you away from this website.
Finally, please note that our online store is currently only available to US residents.
3. TYPES OF PERSONAL DATA WE COLLECT AND USE
Haworth classifies personal data as any information related to an identified or identifiable individual. Depending on your interactions with Haworth, we collect and use different types of personal data from visitors, customers, prospective customers and agents.
We value the privacy of our website visitors. We do not sell your personal data. We will only collect and use your information as explained in this Policy. This section gives a brief overview of our data collection and use. Please contact us if you have any questions.
Information we collect directly from you
The categories of information that we may collect directly from you include the following:
• Clients, vendors and suppliers: We collect name, contact information for key personnel, and personal data that you provide us on a voluntary basis such as credit card and financial information.
• Prospective clients: We collect name and contact information.
• Visitors to our locations: We collect name, contact information and video images from security cameras in some of our office buildings.
Information we collect about your use of the website
The following are examples of the other categories of information which we may collect when you visit and use our websites:
• Technical information collected from your computer or mobile device (e.g. your IP address, browser type, operating system);
• Information about your usage of our websites (e.g. the pages you visit when using the Services, the search terms you enter on the Services, how often you use the Services, and the pages you access before and after accessing the Services).
For more information about these activities, please see our cookies policy),
Information we collect from other sources
The following are examples of the categories of information we may collect from other sources.
• Personal and contact details (e.g. name, phone number, email address, mailing address) from our subsidiaries and affiliates in order to more efficiently manage our customer relationships;
• Details about your advertising preferences (e.g. products purchased, interaction with advertisements online);
4. USES AND PURPOSES OF PERSONAL DATA
The purposes for which we collect and use your personal data may vary depending on the type of relationship you have with us, such as if you are one of our customers or a website user. Haworth collects and uses personal data according to the purpose limitation principle.
The information we collect is used to:
• Administer your account. If you have a commercial relationship with Haworth, we use your personal data to develop our contractual relationship and to comply with legal, regulatory, insurance, security and processing requirements.
• Maintain our business records for commercial relationships using customer information to ensure the proper operation of the day-to-day business, such as by personalizing your site experience, allowing customer service to better respond to your requests, quickly processing any transactions and administering sales activities.
• Respond to prospective customer requests for information, products or services, and for marketing activities such as administering a contest, promotion, survey, or other site feature.
• Send marketing messages if you opt-in to receive marketing communications from us. You may change your preferences or opt out of all e-mails at any time by clicking on the "unsubscribe" link found at the bottom of each e-mail.
• Improve our products, including by conducting analytics, collecting statistics, to generating profiles to the extent that it is in our legitimate interest to do so.
• Operate this website, including by managing your account registration, storing your preferences and settings, providing interest-based advertising to website visitors, generating aggregated statistics and analyzing how you use our website and online services. For additional information on these activities, see our cookies policy.
• Comply with our legal obligations, including by complying with tax reporting obligations and responding to legitimate law enforcement requests.
We will seek your consent before using your personal data for any purposes not listed above.
Your contact information
When you provide us with your contact information, we will use that information to provide services related to this website. For example, if you purchase a product on our site, we will use your mailing address to ship your order. We may also send you e-mail messages confirming your order or reporting on the status of your order.
If you register on our site, we give you the option to add your e-mail address to one or more e-mail lists. You may change your preferences or opt out of all e-mails at any time by clicking on the "unsubscribe" link found at the bottom of each e-mail. Note that if you unsubscribe, we may still email you in connection with specific requests from you or regarding issues specific to you.
Please note that, at all times, you are responsible for updating the personal data you provide to us. You can update your online account information with us at any time by clicking on the "My Account" link found in the upper right corner of the home page. Alternatively, you may contact us at [email protected] or +44 (0) 207 324 1360 to update your information.
Payment for products
If you purchase any products through this website, like any other retailer we will have to provide your credit card information to our credit card processor and authenticator for payment purposes, and your name and address to the company that ships our merchandise.
Information shared with our business partners
Business operations, law enforcement and legal actions
We may release your information without prior notice when we believe it is appropriate to prevent fraud; to comply with law or to cooperate with law enforcement activity or other governmental request; to respond to subpoenas, court orders or administrative agency requests for information; to enforce our policies; to protect the rights, property and safety of our business and of others; or when required or otherwise permitted by law. For example, we may share information with law enforcement to reduce the risk of fraud or if someone uses or attempts to use our site for illegal reasons. If there is a sale or merger of all or substantially all of the company, division or business unit that operates this site, we may also transfer the information we have collected in connection with such sale or merger.
5. LEGAL BASES FOR DATA PROCESSING
Haworth only processes personal data when there is a fair and legal basis for its collection and use, for instance, when the collection of personal data is necessary to enter into a contract, to meet our legitimate interests, to comply with legal obligations or when we have your consent.
The information we collect when we enter into a contract or business relationship with you is necessary to comply with our contractual obligations to you. Without your personal data, we would not be able to provide our goods and services to you. In some cases, we are required to collect personal information to comply with our legal obligations under U.S., EU or other applicable law, as described elsewhere in this notice. For example, some tax laws, labor, and anti-fraud laws require organizations to collect certain information that may vary depending on local regulations.
We conduct marketing activities based on your consent unless you have an existing business relationship with us. In any case you can opt-out of these communications any time and free of charge.
When we process your personal data for our legitimate interests, we conduct a balancing test in order to ensure that data subject rights are not overridden. It is in our legitimate interest to process your data to provide our products and services, to improve our products and services, facilitate administrative functions, maintain system security, and conduct product development and research activities, among other purposes.
6. OUR POLICY TOWARDS CHILDREN’S PERSONAL DATA
While our site is available for all to visit, you must be at least 16 years old to register on our website, to purchase products or participate in any of our contests. We will not knowingly collect information about children under the age of 16. If you are under the age of 16, please do not register as a user and do not submit your personal data. If you are a parent who believes that we have collected information about a child under age 16, please contact us with your child's name and address, and we will be happy to delete the information we have about your child from our records and provide information in accordance with the U.S. Children's Online Privacy Protection Act.
7. RETENTION PERIODS
Haworth retains personal data for only the length of time required to fulfill the purpose for which the data was collected. We do not keep personal data for longer than is necessary, and what is necessary depends on specific circumstances such as regulations requiring us to retain information for a certain period of time and limitation periods of legal claims.
We use the information that we collect about you only for the purposes for which it is collected and consistent with this Policy. We keep information provided to us for as long as we believe necessary for our business purposes and as permitted by applicable law.
The retention period depends on the context in which we process data such as data from use of our website, or customer data after service with customer as ended. The retention periods are established considering Haworth’s legitimate business purposes and according to local regulations.
8. DISCLOSURES TO THIRD PARTIES AND PROCESSING ACTIVITIES
At times, Haworth engages third party agents, service providers, or other vendors to help accomplish our business objectives. There are other circumstances where we are required by law to disclose personal data to third parties such as public bodies or judicial authorities.
We engage with third party contractors, service providers and other vendors for some of the following services: SAP for our Customer Relationship Management (CRM), Adobe for digital customization, MailChimp for marketing email distributions and Lynx for dealer orders. We may also give you the option to have your information shared with vendors whose goods we carry so that they can send you coupons or other promotional information in which you are interested.
If the engagement involves the transmission of personal data, Haworth requires the service provider to treat that data consistent with this Policy. A contract to protect the personal data should be executed before any data is disclosed.
In certain circumstances, Haworth may be required to disclose personal data in the context of any sale or transaction involving all or a portion of the business, or when required by law, to protect our legal rights, or in an emergency situation where the security of an individual is endangered. In addition, your personal data may be disclosed in response to inquiries or requests from government authorities or to respond to judicial process in the United States.
Haworth is committed to the security, confidentiality and integrity principle. We take commercially reasonable precautions to keep your information secure against unauthorized access and use and we periodically review our security measures. We are committed to processing your data in a secure manner and have put in place specific technical and organizational measures to prevent the personal data we hold from being accidentally or deliberately compromised.
We use commercially reasonable means to protect the integrity of our website and limit access to your personal data. For example, if you purchase any products on our site, we will use a Secure Sockets Layer (SSL) connection to process your payment information and we will store your personal data on firewall-protected servers. We limit access to your personal data to those who have a legitimate need to use the information. If you have set up a user name and profile, you should be sure to protect your user ID and password to prevent others from being able to access the site in your name. We cannot provide absolute assurances against, and will not be liable for, breaches of confidentiality due to system failures or unauthorized access by third parties.
We also conduct information risk assessments and we include both physical security and IT security in our overall data security approach. We are diligent in selecting vendors or agents that process personal data on our behalf so that they also ensure appropriate technical and organizational measures to protect the data.
Haworth makes reasonable efforts to notify individuals and regulatory authorities, as required by law, if we have reason to believe that personal data or payment card information has been stolen, disclosed, altered or infringed by an unauthorized person. We create and maintain a breach notification and reporting protocol.
We also endorse the concept of privacy by design which is an approach to projects that promotes privacy and data protection compliance from the outset. This means considering the privacy and security implications for any new project or process throughout its lifecycle.
Haworth uses DigiCert
for its website security certificates. The certificates encrypt all information that is gathered except information not collected through our website such as information provided by e-mail.
Orders that are placed on the Haworth Store site are from a secure order form using SSL and requires users to provide contact, billing, and credit card information. This information is transmitted to the user's credit card company to authorize the purchase. We do not reveal the credit card number during order confirmation. We require each user's phone number to protect Haworth and the user from possible fraud. In order to protect against unauthorized access to your account, it is recommended that you close the browser when you have finished using the site.
10. YOUR EUROPEAN DATA PROTECTION RIGHTS
If you reside in the territory European Economic Area or Switzerland, Haworth is committed to facilitate the exercise of your rights granted by the European data protection law. You may contact us at any time to discuss your privacy concerns.
Privacy rights under the European regulation:
• Transparency and the right to information: we provide notice to our customers, suppliers, website visitors and others of how we use personal data at the time of collecting personal data, or as soon thereafter as possible. We also publish this Policy for a greater transparency.
• Right to access, rectification, restriction of processing and erasure: we provide data subjects with access to their own personal data where required by applicable law. In addition, we will rectify their personal data when it is incorrect or inaccurate and we will ensure the right to erasure and to restriction of processing when these rights are not compatible with local regulations.
• Right to object and withdraw consent at any time: for all marketing materials, you can opt-out anytime, free of charge. The right to object to other processing activities will be balanced in order to ensure that it is not incompatible with local regulations or the legitimate interests of Haworth.
• Right to lodge a complaint with a supervisory authority: if you are not satisfied on how we attended your rights and requests, you can lodge a complaint with your local Data Protection Authority.
These requests should be submitted as follows:
• Opt-out of marketing communications: you can opt-out anytime by following the opt-out instructions in our commercial e-mails.
• Right to withdraw consent.
• Right to lodge a complaint with a supervisory authority: you may have the right to lodge a complaint with the supervisory authority of your habitual residence or place of work or the place of the alleged infringement.
• To exercise the rest of your rights: you should send a communication in writing to the contact information listed below and provide information in order to verify your identity. Haworth will attend to your request in a timely manner within 30 days after receiving your request. If for any reason we need to extend this period of time, we will contact you.
11. YOUR CALIFORNIA PRIVACY RIGHTS
For California residents: Haworth may share your personal data with affiliated third parties, some of which do not share the Haworth name, for their direct marketing purposes. As this category of affiliate is considered an unaffiliated party under California law, you may request information about our disclosure of personal data to third parties for their direct marketing purposes. To make such a request, please contact us. We do not respond to or honor “do not track” signals or similar mechanisms transmitted by web browsers.
12. INTERNATIONAL TRANSFERS OF PERSONAL DATA
If you are located outside the United States and you interact with our website or provide us personal data, then your personal data may be transferred to the United States. If you are based in the European Economic Area or Switzerland, please be informed that the United States is not in the list of countries that the European Commission considers adequate to the protection of personal data. However, we provide appropriate safeguards for your data in the US.
13. CHANGES TO THIS POLICY
We reserve the right to modify this Policy and related business practices at any time. We will duly inform you of any changes.
Our business and the laws that regulate us change from time to time, and we reserve the right to change this Policy. If we do change this Policy, we will post the revised version on this site. If we change the Policy in a material way, we will provide appropriate notice to you. We will give you the opportunity to express your consent for processing your data for different and new purposes, or we will in any case inform you about the legal basis of such processing other than consent. The time stamp you see on the Policy will indicate the last date it was revised.
14. CONTACT INFORMATION
At Haworth we are committed to apply this Policy and the accountability principle. For this reason, if you have any concern or questions about how your personal data is used, please feel free to contact us.
If you have additional questions, please contact us at any time by using our online form located here, by emailing us at [insert email], by calling us at [insert phone number], or by writing to us at:
One Haworth Center
Holland, MI 49423-9576
If you are located in the EU and have any questions about this policy or about our use of your personal information, you may also contact our Data Protection Officer and EU representative, Hartwig Noelle at [email protected]