Privacy Policy
A.W. Chesterton Company and its affiliated companies (“Chesterton”) respect your privacy and are committed to protecting it. We want you to understand what information is collected, how that information is used, and how you can contact us if you have privacy questions. This Privacy Policy explains Chesterton’s collection and use of information that may identify you and covers information collected through its websites, including this website, and / or through any software application, social media platform, or other digital platforms, including email communications and via the Chesterton Connect™ application (together, the “Electronic Platforms”). By accessing or using any of the Electronic Platforms, you agree to this Privacy Policy. This Policy may change from time to time, so please check periodically for updates. Certain portions of this Privacy Policy also apply to other personal information collected or maintained by Chesterton, for example, under the “Rights Under the California Consumer Privacy Act” and “General Data Protection Regulation (GDPR)” sections below.
Please note that A.W. Chesterton Company is located in the United States. This Privacy Policy also applies to the processing of personal data of individuals located in the European Union. If you are located in the European Union, if the processing of your data is subject to the laws of a member state of the European Union by virtue of public international law, if your information is otherwise governed by European Union Law, or the processing activities are related to the offering of goods or services to data subjects in the European Union or the monitoring of individuals’ behavior that takes place within the European Union, please review carefully the “General Data Protection Regulation (GDPR)” section below for more information regarding your rights and our activities relating to your personal data. If the GDPR section is applicable to your information, then other sections in this Privacy Policy still may apply to you but are subject to (and considered modified by) the GDPR section.
Information We Collect About You
Please review the chart below to help you understand what information we do and do not collect about you. Any information not listed in this chart above is not collected by the Chesterton websites. However, please note that this website uses third-party cookies, as described below; information obtained from third-party cookies is anonymized before Chesterton receives it.
We obtain this information from the following sources:
- Directly from you when you create an account, fill out a form, or otherwise actively enter information on an Electronic Platform (including filling out a form to download an e-book, requesting that a Chesterton representative contact you, requesting marketing material, subscribing to our publications, giving us feedback, or otherwise contacting us);
- From observing your actions on the Electronic Platforms;
- Through others to whom you have actively provided information (such as others within your business organization or trade show organizers);
- From analytics providers such as Google Analytics based in the United States; and
- Otherwise through your use of the Electronic Platforms, including the Chesterton Connect™ application.
Category | Information We Collect | How We Obtain It |
Identifiers | Name and username | Directly from you, from others within your business organization (including account administrators) or from third parties (such as trade show organizers) to whom you have given your contact information |
Contact Information | Work address, email address, employer, job title, location of work, and telephone numbers | Directly from you, from others within your business organization (including account administrators) or from third parties (such as trade show organizers) to whom you have given your contact information |
Profile Data | Username, password, communication preferences, product preferences, industry | Directly from you. Product preferences and industry information may also be obtained and from others within your business organization (including account administrators) or from third parties (such as trade show organizers) to whom you have given your contact information |
Electronic Platform Activity | Browsing history (including pages viewed and date/time you viewed them), search history, login history, features of the Electronic Platforms used, and interaction with the Electronic Platform | From you and from analytics providers, passively provided based on your browsing activities or based on your responses to survey questions |
Technical Data | Device type, operating system, IP address, browser type and version, time zone, operating system, and other technology on the devices you use to access the Electronic Platform | From you and from analytics providers, passively provided based on your browsing activities |
Location Data | City / town and country where you are located while using an Electronic Platform | From you and from analytics providers, actively provided through your inputs or passively provided by your devices |
Product Information | The name you give your Chesterton Connect product, the type of associated equipment, equipment identification information, and the Chesterton Connect product install location | Directly from you |
Use of your information
Subject to compliance with our obligations under applicable law, we may use or disclose the personal information we collect for one or more of the following purposes:
- We will use the information to fulfill or meet the reason you provided the information. For example, if you share your name and contact information to request a quote or ask a question about our products or services, we will use that personal information to respond to your inquiry.
- We will add your contact information to our marketing distribution list so you can receive more information about product and service offerings relevant to your interests as well as industry updates.
- We may use your information to assess your interest in Chesterton products and services. Based on this assessment, we may contact you to discuss Chesterton products and services.
- We may use your information to provide, support, personalize, understand, develop, and improve our websites, products, services and marketing materials or strategy.
We rely on several lawful bases for these activities: your consent, performance of a contract with you, and the fact that they are necessary for our legitimate interests (to develop potential customers and grow our business, to study how customers use our products/services, to inform our business and marketing strategy, to define types of customers for our products and services, and to keep our website updated and relevant).
Sharing of your information
We may share your personal information with third parties for the purposes identified under “Use of your information.” We share personal information with the following third parties:
- Service providers may have access to any of the personal information collected by virtue of the services that they provide to Chesterton (such as IT services or communications platforms).
- We share your information with our affiliated companies so that they can carry out analyses or actions on our behalf, including contacting you so they can respond to requests you submit through the Electronic Platforms.
- We share your name, contact information, and certain profile data (such as your product preferences) with third-party distributors of Chesterton product so that they can contact you regarding Chesterton product and services. We may also share product information with your local distributor at your request or to help you address one of your product concerns. If your local distributor has sent you a link to view Chesterton material on awchestertonco.showpad.com, that distributor can view your Electronic Platform Activity and Location Data.
- If you have taken courses through the Chesterton University training platform, we may share your training record with your employer and your local distributor.
- Our Electronic Platform licensors, including but not limited to Preddio Technologies Inc. and Showpad, have access to personal information provided through or on that platform.
Chesterton has not sold personal information and we will never sell your personal information.
Data Retention
We will only retain your personal data for as long as reasonably necessary to fulfil the purposes for which we collected it, including for the purposes of satisfying any legal, regulatory, or other requirements. If you have questions, please contact us using the contact information set forth at the bottom of this Policy.
Contact Us Regarding Your Rights
If you wish to exercise any rights regarding your information, please:
- email marketingdist@chesterton.com;
- send a letter to A.W. Chesterton Company, Legal Department, 860 Salem Street, Groveland, MA 01834, United States; or
- call our United States headquarters at +1-978-469-6446 and ask for the Legal Department.
Please include sufficient information so we can assess your request. We may need to request additional information from you to help us confirm your identity and ensure your rights. This is a security measure to ensure information is not shared with someone who has no right to it. We may also contact you to ask you for further information in relation to your request so that we can assess or fulfill your request.
Use of Cookies
Like many companies, our website collects information about visitors through “cookies.” Cookies are bits of text placed on your computer when you visit certain websites. Cookies allow websites to remember your actions and preferences over a period of time.
How Do We Use Cookies?
We use necessary cookiesto enable you to move around the website.
We use functional cookies to record information about the choices you have made. This information is typically anonymized and is not used for any other purpose.
We use the Google Analytics Demographics and Interests function and performance cookies placed by other service providers to help us understand our visitors’ interests and improve our website functionality. These cookies provide us information on audience size, geographic locations, demographic information (such as statistics on age and gender of visitors) and usage patterns. This information is used for statistical purposes only. However, if at any time you provide us with your Contact Information, we may combine that with information from our web analytic services to understand in more detail how you use our website and may use your online browsing behavior to assess your interest in Chesterton products.
If you choose to opt out of cookies, anonymized information will still be tracked and gathered.
We work with third parties to understand the effectiveness of our online advertisements and may use targeting cookies to deliver to you customized product and service advertisements.
How Can You Control Cookies?
You can control and/or delete cookies as you wish – for details, see aboutcookies.org. You can delete all cookies that are already on your computer and you can set most browsers to prevent them from being placed. If you do this, however, you may have to manually adjust some preferences every time you visit a site and some services and functionalities may not work.
If you do not want to be tracked by Google Analytics, see Google Analytics’s opt-out options.
Do-Not-Track
Your browser may offer you a “Do Not Track” option, which allows you to signal to operators of websites and web applications and services (including behavioral advertising services) that you do not wish such operators to track certain of your online activities over time and across different websites. Some Electronic Platforms may not support Do Not Track requests at this time, which means that we collect information about your online activity while you are using our Electronic Platforms and may track which website you visit immediately before or after accessing the Electronic Platforms.
Third-Party Sites
Our Privacy Policy does not apply to services offered by other companies or individuals, including Chesterton’s third-party product distributors, products or websites that may be displayed to you in search results, websites that may include Electronic Platforms, or other websites linked from our Electronic Platforms, including but not limited to Shopify. This Privacy Policy does not cover the information practices of other companies and organizations who advertise through or on our Electronic Platforms, and who may use cookies, pixel tags and other technologies to serve and offer relevant ads.
Confidentiality and Security
We maintain reasonable safeguards to protect the personal information we collect. While we implement these measures, please note that 100% security is not possible, and we cannot guarantee that the security measures we have in place to safeguard personal information will never be defeated or fail, or that those measures will always be sufficient or effective.
Chesterton may assign you a user ID and a password as part of your participation and access to the Electronic Platforms and your account. Only you may use your user ID and password. You may not share your user ID and password with anyone else, and you are solely responsible for maintaining and protecting the confidentiality of your user ID and password. You are fully responsible for all activities that occur under your user ID. You play a role in protecting your information as well.
Social Media Electronic Platforms and Websites
Any information, communications, or material of any type or nature that you submit to any public areas of the Electronic Platforms, if any (e.g., any pages that display comments) or third-party websites (including, but not limited to any Chesterton-related or -controlled pages contained on a social media Electronic Platform, application or website such as Facebook or Twitter) by email, posting, messaging, uploading, downloading, or otherwise (collectively, a “Submission”), is done at your own risk and without any expectation of privacy. Chesterton cannot control the actions of other users of any social media Electronic Platforms or website and we are therefore not responsible for any content or Submissions contained on such sites and Electronic Platforms or public areas of our Electronic Platforms.
Visiting our Electronic Platforms from Outside of the United States
Your information may be transferred to, and maintained on, computers located outside of your state, province/territory, or country where the privacy laws may not be as protective as those where you live. If you are located outside the United States and choose to provide information to us, please be aware that we transfer your personal information to the United States and process and store it there. As a result, this information may be subject to access requests from governments, courts, law enforcement officials and national security authorities in the United States according to its laws. Subject to the applicable laws, we will use reasonable efforts to ensure that appropriate protections are in place to maintain protections on the personal information. By submitting your personal information, you consent to having your personal data transferred to, processed, and stored in the United States.
Business Transfers
If we or any of our affiliates is involved in a merger, acquisition, asset sale, joint venture or other, similar transaction, we may transfer or allow access to your information as part of the transaction and in review or preparation for it as described below.
In the event that:
● We engage in one or more asset sales or purchases;
● We are acquired;
● We engage in one or more business combinations, mergers or acquisitions;
● Substantially all of our assets are acquired; or
● We are subject to an event of bankruptcy
You acknowledge and agree that personal and other information comprises an asset of ours and that personal information and other information is subject to assignment, transfer and/or acquisition by a third party. Accordingly, and notwithstanding anything to the contrary in this Privacy Policy, you acknowledge and agree that such transfers may occur and that a person or entity that acquires us may continue to subsequently use your personal information, and that such subsequent use may not be consistent with this Privacy Policy.
Children’s Privacy
We do not knowingly collect or solicit personal information from children under the age of 13. By using the Electronic Platforms, you represent that you are at least 13 years old. If you are under 13, please do not attempt to register for an Account or send any personal information about yourself to us. If we become aware that we have inadvertently received or collected personal information from a user of the Electronic Platforms who is under the age of 13, we will attempt to immediately delete that information from our files and records. Furthermore, we encourage users of the Electronic Platforms that are minors that are 13 years of age or older to ask their parents or guardians for permission before sending any information about themselves over the Internet.
If you believe a child who is under the age of 13 has provided us with personal information, please contact us at the address listed above.
Requests, Questions or Concerns
Contact marketingdist@chesterton.com if you have any questions or concerns about our information practices.
Revision date: March 8, 2021
Last reviewed on: March 8, 2021
California Residents’ Privacy Rights
This section is applicable to residents of California. If you are a resident of California, you have certain rights described below. The following do not apply to individuals who do not live in California on a permanent basis.
- RIGHTS PROVIDED BY CALIFORNIA CIVIL CODE SECTION 1798.83
A California resident who has provided personal data to a business with whom he/she has established a business relationship for personal, family, or household purposes (a “California Customer”) may request information about whether the business has disclosed personal information to any third parties for the third parties’ direct marketing purposes. In general, if the business has made such a disclosure of personal data, upon receipt of a request by a California Customer, the business is required to provide a list of all third parties to whom personal data was disclosed in the preceding calendar year, as well as a list of the categories of personal data that were disclosed. California Customers may request further information about our compliance with this law by mailing us at A.W. Chesterton Company, Attention: Legal Department, 860 Salem Street, Groveland, Massachusetts 01834 or emailing us at marketingdist@chesterton.com. Please note that we are only required to respond to two requests per California Customer each year under Code Section 1798.83.
■ RIGHTS UNDER THE CALIFORNIA CONSUMER PRIVACY ACT
This section of our Privacy Policy provides California residents with a comprehensive description of Chesterton’s online and offline practices regarding the collection, use, disclosure, and sale of personal information and the rights of California consumers regarding their personal information under the California Consumer Privacy Act (“CCPA”). This section applies to all California residents (but not including legal entities, such as companies). The section will not apply, however, if Chesterton does not collect any personal information about you or if all of the information we collect is exempt from the statute (for example, the CCPA does not protect information that is already protected by certain other privacy laws, and it does not protect information that is already publicly available). “Personal information,” for purposes of this section regarding the rights of California residents, does not include publicly available information that is lawfully made available to the general public from federal, state, or local government records.
1. You have a Right to Know About Personal Information Collected, Disclosed, or Sold.
California residents have the right to request that Chesterton disclose what personal information it collects, uses, discloses, and sells. This is called the “Right to Know”. Under the Right to Know, you can request a listing of the types of personal information we have collected about you, the sources of that information, how we use the information (e.g., our business or commercial purposes for collecting or selling personal information), other individuals and business with whom we share personal information, and the specific pieces of personal information that we have collected about you.
If you would like the above information, you may contact us through our webpage or customer service. Contact information is at the bottom of this section. When you make a request under your Right to Know, you can expect the following:
- We will verify your identity. You will need to provide us the following information: email address and full name in order for us to verify that you are who you say you are.
- We will confirm our receipt of your request within 10 days. If you have not received a response within a few days after that, please let us know by contacting us as provided in the “Contact Us Regarding Your Rights” section above.
- We will respond to your request within 45 days. If necessary, we may need an additional period of time, up to another 45 days, but we will reply either way within the first 45-day period and, if we need an extension, we will explain why.
- In certain cases, a Request to Know may be denied, for example, if we cannot verify your identity or if providing you the information could create an unreasonable risk to someone’s security (for example, we do not want very sensitive information disclosed inappropriately). If we deny your request, we will explain why we denied it. If we deny a request, we will still try to provide you as much of the information as we can, but we will withhold the information subject to denial.
In the last 12 months, we have collected the categories of personal information described above under the section “Information we collect about you.” All such information was collected from sources as described above and for the purposes described above. We only disclose such information to third parties as described in the section “Sharing of your information”. Chesterton does not sell personal information.
2. You have a Right to Request Deletion of Personal Information about You.
California consumers have a right to request the deletion of their personal information collected or maintained by Chesterton. If you would like information about you to be deleted, you may contact us as provided in the “Contact Us Regarding Your Rights” section. When you make a request for deletion, you can expect the following:
- After you request deletion, you will need to confirm that you want your information deleted.
- We will verify your identity. You will need to provide us the following information: email address and full name.
- We will confirm our receipt of your request within 10 days. If you have not received a response within a few days after that, please let us know by contacting us at the webpage or phone number listed below.
- We will respond to your request within 45 days. If necessary, we may need an additional period of time, up to another 45 days, but we will reply either way within the first 45-day period and, if we need an extension, we will explain why.
- In certain cases, a request for deletion may be denied, for example, if we cannot verify your identity, the law requires that we maintain the information, or if we need the information for internal purposes such as providing Electronic Platforms or completing an order. If we deny your request, we will explain why we denied it and delete any other information that is not protected from deletion.
3. Right to Opt-Out of the Sale of Personal Information
California consumers have a right to opt-out of the sale of their personal information by businesses. Chesterton does not sell personal information, however, so opt-out is not relevant.
4. Right to Non-Discrimination for the Exercise of a Consumer’s Privacy Rights
You have a right not to receive discriminatory treatment by us for exercising any of your privacy rights conferred by the CCPA. We will not discriminate against any California consumer because such person exercised any of the consumer’s rights under CCPA, including, but not limited to:
- Denying goods or services.
- Charging different prices or rates for goods and services, including through the use of discounts or other benefits or imposing penalties.
- Providing a different level or quality of goods or services.
- Suggesting that the consumer will receive a different price or rate for goods or services or a different level or quality of goods or services.
We may, however, charge a different price or rate, or provide a different level or quality of goods or services, if that difference is related to the value provided to you by your data.
5. Authorized Agents
If you would like, you may designate an authorized agent to make a request under the CCPA on your behalf. We will deny requests from agents that do not submit proof of authorization from you. To verify that an authorized agent has authority to act for you, we may require a copy of a power of attorney or require that you provide the authorized agent with written permission and verify your own identity with us.
General Data Protection Regulations (“GDPR”)
In the event that we collect Personal Data (as defined in the GDPR) that is subject to the GDPR, this section will apply. Terms in this section are to be understood in a manner consistent with GDPR including the definitions of such terms in the GDPR. Such terms may have a different definition or meaning in other portions of this Privacy Policy because GDPR may not apply to those sections.
Identification of Data Controller:
The Data Controller of data that you provide to Chesterton is Chesterton. You may provide data to one or more of Chesterton’s affiliates in other jurisdictions; in which event the Data Controller is the affiliate to whom you provide your data. You may contact Chesterton as set forth in the Contact Us Regarding Your Rights Section above.
Contacting a Data Protection Authority
You have the right to lodge a complaint regarding the processing of your Personal Data with us by contacting our legal department as provided in the Contact Us Regarding Your Rights section. You also may lodge a complaint with the Data Protection Authorities in the Member State where you habitually reside, work, or where an infringement occurred.
Processing Purposes and Legal Bases:
Chesterton processes your Personal Data for the lawful purposes, and under the legal bases, set forth above.
Onward Transfer:
Chesterton will not disclose Personal Data to a third party except as stated below:
We may disclose Personal Data as set forth in the “Use of your personal information” and “Sharing of your personal information” sections above. Before disclosing Personal Data to a processor or subprocessor, other than parties that you have provided direct consent for processing (such as our distributors),we will obtain assurances from the recipient that it will: (i) transfer such data only for limited and specified purposes; (ii) ascertain that the subcontractor or third-party agent is obligated to provide at least the same level of privacy protection as is required by the GDPR; (iii) take reasonable and appropriate steps to ensure that subcontractors and third-party agents effectively process the personal information transferred in a manner consistent with the organization’s obligations under the GDPR; (iv) require subcontractors and third-party agents to notify the organization if it makes a determination that it can no longer meet its obligation to provide the same level of protection as is required by the GDPR; (v) upon notice, including under (iv), take reasonable and appropriate steps to stop and remediate unauthorized processing; and (vi) provide a summary or a representative copy of the relevant privacy provisions of its contract with subcontractors and third-party agents to the Supervisory Authorities upon request.
Chesterton also may be required to disclose, and may disclose, Personal Data in response to lawful requests by public authorities, including for the purpose of meeting national security or law enforcement requirements, or in the event of a merger or acquisition.
Retention of Personal Data
Personal Data obtained by Chesterton is adequate, relevant and not excessive in relation to the purposes described in this Privacy Policy. The Personal Data is processed for purposes specified herein and will only be processed consistent with the purposes described herein. We will request only the minimum amount of information required to perform the applicable Electronic Platforms and will retain such information only for as long as necessary to provide the Electronic Platforms or for compatible purposes, such as to provide additional Electronic Platforms, to comply with legal requirements, or to preserve or defend our legal rights.
Right of Access to your Personal Data
Data Subjects have the right to access the Personal Data an organization holds about them. If such Personal Data is inaccurate or processed in violation of the GDPR, a Data Subject also may request that Personal Data be corrected, amended, or deleted. When we receive Personal Data, we do so on behalf of the individual submitting such Personal Data. To request access to, or correction, amendment or deletion of, Personal Data, Data Subjects should contact our Data Protection Officer. We will cooperate with all reasonable requests to assist Data Subjects to exercise their rights under the GDPR.
Choice
Data Subjects have the right to opt out of (a) disclosures of their Personal Data to third parties not identified at the time of collection or subsequently authorized, and (b) uses of Personal Data for purposes materially different from those disclosed at the time of collection or subsequently authorized. Data Subjects who wish to limit the use or disclosure of their Personal Data should submit that request to our Data Protection Officer. We will cooperate with Data Subjects’ instructions regarding Data Subjects’ choices.
Security
See “Confidentiality and Security” above for more information about our security practices.
Transfers to the United States from the European Union
In using the Electronic Platforms, your Personal Data will be transferred to the United States, which is not recognized as a country having adequate safeguards for the protection of Personal Data. Chesterton relies on Article 49 of the GDPR (including but not limited to explicit consent of the Data Subject after having been informed of the possible risks of such transfers) and the Standard Contractual Clauses for transfers of data collected from Data Subjects in the EU and EEA. If you are providing Personal Data of another Data Subject, you must ensure that you have appropriate authority and consent to provide such Personal Data. Additionally, we transfer data as necessary for the performance of a contract between you as the Data Subject and Chesterton as the Controller, to data processors who have an agreement with us that includes protecting your privacy and the security of your data, and in cases where your Personal Data is necessary for the implementation of pre-contractual measures taken in accordance with your requests.