This privacy notice (Privacy Notice) sets out the ways in which we, Kravet Inc. (we, us, our), collect and use your personal data (your personal information) in connection with our business. It also explains what rights you have to access or change your personal information.
We are a company incorporated in the State of Delaware and our registered address is set out below.
You can contact us as follows:
Vice President & General Counsel
225 Central Avenue South, Bethpage, New York 11714
GP & J Baker, 6 Stinsford Road, Poole, Dorset, BH17 0SW, UK
INFORMATION WE COLLECT ABOUT YOU
Information that you provide to us
We will collect any information that you provide to us when you:
make an inquiry, provide feedback or make a complaint over the phone, in person or by email;
submit correspondence to us by mail, email or via our website;
order products from us;
supply products to us;
visit our showrooms;
order services from us, for example our design and sampling services;
subscribe to our newsletter and mailing lists;
visit our websites;
update your account details;
‘follow’, ‘like’, post to or interact with our social media accounts, including Facebook, Instagram, Pinterest, LinkedIn and Twitter;
register to and/or attend our events; and
submit a job application or CV, or attend an interview.
The information you provide to us will include (depending on the circumstances):
Identity and contact data: Titles, names, addresses, email addresses, IP addresses and phone numbers;
Account profile data: If you’re registering to open an account with us you provide a job title/position and company;
Financial Data: If you purchase products or services, you will also provide payment details, which includes billing addresses, credit/debit card details and bank account details. If we purchase products from you, you will provide payment details;
Survey data: From time to time we might ask if you would be willing to participate in our surveys. If you agree to participate, we will also collect any information that you provide as part of that survey;
Employment and background data: If you are submitting a job application, you may also provide additional information about your academic and work history, qualifications, skills, projects that you are involved in, references, your entitlement to work in the USA, your social security number, your passport or other identity document details, your current level of remuneration (including benefits)(where allowed by law) and any other such similar information that you provide to us; and
Sensitive information: If you are submitting a job application, you may provide information about your race or ethnicity, religious beliefs, health and whether or not you have any disability.
Information we collect about you:
Information contained in correspondence: We will collect any information contained in any correspondence between us. For example, if you contact us by email or telephone, we keep a record of that correspondence;
Transactional data: We will collect information related to your transactions, including the date and time, the amounts charged and other related transaction details; and
CCTV images: If you visit certain of our offices and showrooms we collect images of you via CCTV;
Website usage data:We will collect information about your interactions with the website, including information such as login data, IP address, page views, searches, requests, orders, pre-approvals, confirmations, agreements between you and other website users and other actions on the website; and
Technical data: We will also collect certain information about how you use our website and the device that you use to access our website, even where you have not created an account or logged in. This might include your geographical location, device information (such as your hardware model, mobile network information, unique device identifiers), the data transmitted by your browser (such as your IP address, date and type of the request, content of the request regarding the specific site, time zone settings, access status/HTTP status code, volume of data transmitted, browser type and version, language settings, time zone settings referral source, length of visit to the website, date and time of the request, operating system and interface) number of page views, the search queries you make on the website and similar information. This information may be collected by a third-party website analytics service provider on our behalf and/or may be collected using cookies or similar technologies. For more information on cookies please read the COOKIES section below; and
Social Media: If you share our content through social media, for example by liking us on Facebook, following or liking a post on Instagram, or following or tweeting about us on Twitter, those social networks will record that you have done so. In addition, we may “follow” you or like your posts on your social media profiles.
Information we receive from third parties
In certain circumstances, we will receive information about you from third parties. For example:
Service providers: We may collect personal information from our payment services provider, insurers, bank and credit card provider, credit reference agency, recruiters, pension and healthcare scheme providers, third party payroll bureau and company car lessors based inside and outside the EU;
Stockists: We may collect personal information from our stockists based in the EU, for example, when we receive orders for products, requests for samples, product returns etc.;
Employers and recruitment agencies: If you are a job applicant we may contact your recruiter and/or your current and former employers, who may be based inside or outside the EU, to provide information about you and your application;
Fraud detection agencies: Where permitted or required by law, we may receive information about you, including demographic data or fraud detection information from third party service providers and/or partners who are based both inside and outside the EU; and
Website security: We will collect information from our website security service partners who are based both inside and outside the EU, about any misuse to the website, for instance, the introduction of viruses, Trojans, worms, logic bombs, website attacks or any other material or action that is malicious or harmful.
HOW WE USE INFORMATION ABOUT YOU AND RECIPIENTS OF YOUR INFORMATION
We will use your information for the purposes listed below either on the basis of:
performance of your contract with us and the provision of our products and services to you;
your consent (where we request it);
where we need to comply with a legal or regulatory obligation; or
our legitimate interests (see paragraph 4.3 below).
We use your information for the following purposes:
To manage your requests or purchases with us. We will use your information to provide you with any products that you request or purchase from us. This includes requests for samples (on the basis of our legitimate interests to assist you in sampling our products) and purchase and delivery of a product (on the basis of performing our contract with you);
To process and facilitate transactions with us: We will use your information to process transactions and payments, and to collect and recover money owed to us (on the basis of performing our contract with you and on the basis of our legitimate interest to recover debts due);
To conduct business with you or your employer. We use your information to contact you and manage and facilitate our business relationship with you and your employer;
To send you service communications and provide customer support. We will use your information to send you any communications relevant to the products you’ve requested or purchased from us. This includes sending you an email to notify you of changes to your delivery, provide you with customer service and support, deal with your inquiries, complaints, comments or observations shared with us (on the basis of performing our contract with you or on the basis of our legitimate interests to provide you with customer service);
To improve our customer service. We monitor calls for the purposes of improving our customer service, ensure quality assurance, training, security and for general business purposes (on the basis of our legitimate interest in improving our customer service);
Recruitment and employment: To process any job applications you submit to us, whether directly or via an agent or recruiter (on the basis of our legitimate interest to recruit new employees or contractors), verify your eligibility to work in the USA and make any reasonable adjustments for job applicants, employees and current employees under disability laws and regulations (on the basis of complying with our legal and regulatory obligations);
Marketing: To keep in contact with you about our news, events, new website features, products or services that we believe may interest you (either on the basis of your consent where we have requested it, or our legitimate interests to provide you with marketing communications where we may lawfully do so);
Social media interactions: To interact with users on social media platforms including Facebook, Twitter, Instagram and Pinterest, for example, responding to comments and messages, posting, ‘retweeting’ and ‘liking’ posts (on the basis of our legitimate interest in promoting our brand and communicating with interested individuals);
Analytics: To use data analytics to improve our website, products/services, marketing, customer relationships and experiences (on the basis of our legitimate interests in defining types of customers for our website and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy);
Fraud and unlawful activity detection: To protect, investigate, and deter against fraudulent, unauthorised, or illegal activity, including identity fraud (on the basis of our legitimate interests to operate a safe and lawful business or where we have a legal obligation to do so);
Compliance with policies, procedures and laws: To enable us to comply with our policies and procedures and enforce our legal rights, or to protect the rights, property or safety of our employees and share your information with our technical and legal advisors (on the basis of our legitimate interests to operate a safe and lawful business or where we have a legal obligation to do so); and
Equal opportunities monitoring: To carry out equal opportunities monitoring during the recruitment process (where it is required by law).
Where we refer to using your information on the basis of our "legitimate interests", we mean our legitimate business interests in conducting and managing our business and our relationship with you, including the legitimate interest we have in:
providing you with samples of our products;
providing you with and improving our customer service;
keeping our records updated and study how our website and services are used personalising, enhancing, modifying or otherwise improving the products, services and/or communications that we provide to you;
detecting and preventing fraud and operating a safe and lawful business; and
improving security and optimisation of our network, sites and services.
Where we use your information for our legitimate interests, we make sure that we take into account any potential impact that such use may have on you. Our legitimate interests do not automatically override yours and we will not use your information if we believe your interests should override ours unless we have other grounds to do so (such as your consent or a legal obligation). If you have any concerns about our processing please refer to details of “Your Rights” in paragraph 10 below.
HOW WE USE PARTICULARLY SENSITIVE PERSONAL INFORMATION
"Special categories" of particularly sensitive personal information require higher levels of protection. We need to have further justification for collecting, storing and using this type of personal information. We process special categories of personal information where it is needed in the public interest for equal opportunities monitoring.
WHO WE MIGHT SHARE YOUR INFORMATION WITH
In connection with the purposes and on the lawful grounds described above and in addition to the recipients of your information as described above, we will share your personal information when relevant with third parties such as:
Our service providers: Service providers we work with to deliver our business, who are acting as processors and provide us with:
website development and hosting services based in the USA;
marketing services (such as Bronto) based in the USA;
IT, system administration and security services based in the USA;
analytics services (such as Google Analytics) based in the EU and USA;
payment services based in UK, USA, Canada and Mexico
courier and delivery companies based in UK, EU and USA;
identity verification, fraud prevention and detection services based in USA, UK and EU;
banking services based in UK, USA, Canada and Mexico France, Belgium, Germany, Austria, Italy, Sweden, Norway, Denmark, Switzerland;
legal, accountancy, auditing and insurance services and other professional advisers based in the UK and the USA; and
recruitment service providers based in the UK and USA.
Regulators and governmental bodies: United States Internal Revenue Service, regulators, governmental bodies and other authorities acting as processors or joint controllers based in the USA who require reporting of processing activities in certain circumstances;
Prospective sellers and buyers of our business: Any prospective seller or buyer of our business or assets, only in the event that we decide to sell or buy any business or assets; and
Other third parties (including professional advisers): Any other third parties (including legal or other advisors, regulatory authorities, courts, law enforcement agencies and government agencies) based in the UK where necessary to enable us to enforce our legal rights, or to protect the rights, property or safety of our employees or where such disclosure may be permitted or required by law.
We require third parties to maintain appropriate security to protect your information from unauthorised access or processing.
If you do not wish for cookies to be installed on your device, you can change the settings on your browser or device to reject cookies. For more information about how to reject cookies using your internet browser settings please consult the “Help” section of your internet browser (or alternatively visit http://www.aboutcookies.org). Please note that, if you do set your Internet browser to reject cookies, you may not be able to access all of the functions of our website.
The names of the cookies used on our website and the purposes for which these cookies are used are set out in the table below;
The cookie allows us to identify you as a visitor to the Website, stores your session ID
A Session Identifier On The Server. Used To Help Make Speed Of Webpage Requests Quicker And More Efficient.
This cookie allow us to track events and analytics on the website using Google Analytic services.
Do Not Track (DNT) is a privacy preference that users can set in some web browsers, allowing users to opt out of tracking by websites and online services. At the present time, the World Wide Web Consortium (W3C) has not yet established universal standards for recognizable DNT signals and therefore, we do not recognize DNT
HOW WE LOOK AFTER YOUR INFORMATION AND HOW LONG WE KEEP IT FOR
We operate a policy of “privacy by design” by looking for opportunities to minimise the amount of personal information we hold about you. We use appropriate technological and operational security measures to protect your information against any unauthorised access or unlawful use, such as:
ensuring the physical security of our offices, warehouses or other sites;
ensuring the physical and digital security of our equipment and devices by using appropriate password protection;
maintaining a data protection policy for, and delivering data protection training to, our employees; and
limiting access to your personal information to those in our company who need to use it in the course of their work.
We will retain your information for as long as is necessary to provide you with the products and services that you have requested from us or for as long as we reasonably require to retain the information for our lawful business purposes, such as for the purposes of exercising our legal rights or where we are permitted to do. We operate a data retention policy and look to find ways to reduce the amount of information we hold about you and the length of time that we need to keep it. For example,
we archive our email and paper correspondence regularly and destroy information older than eight years from the applicable transaction date;
we retain information relating to orders and refunds for approximately 7 years and/or as long as the business relationship continues;
we maintain a suppression list of email addresses of individuals who no longer wish to be contacted by us. So that we can comply with their wishes, we must store this information permanently.
HELP KEEP YOUR INFORMATION SAFE
You can also play a part in keeping your information safe by:
choosing a strong account password on e-commerce sites and changing it regularly;
using different passwords for different online accounts;
keeping your passwords confidential and avoiding sharing your login with others;
making sure you log out of e-commerce sites each time you have finished using them. This is particularly important when using a shared computer;
letting us know if you know or suspect that your account has been compromised, or if someone has accessed your account without your permission;
keeping your devices protected by using the latest version of your operating system and maintaining any necessary anti-virus software;
being vigilant to any fraudulent emails that appear to be from us. Any emails that we send will come from an email address ending in ‘@kravet.com’, @leejofa.com and/or @brunschwig.com;
clearing your browsing history on public devices.
INFORMATION FOR INDIVIDUALS IN THE EU
International data transfers
Our company is located in the USA but we have affiliate companies located in the European Economic Area (EEA).
Whenever we transfer your personal information from inside the EEA out of the EEA, we ensure a similar degree of protection is afforded to it as is provided to it in the EEA so that your rights and protections travel with your data. We use a specific contract approved by the European Commission which gives personal information the same protection it has in Europe. For further details, see European Commission: Model contracts for the transfer of personal information to third countries.
Your rights to the information we hold about you
If you are an individual in the EU, in certain circumstances, you have certain rights in respect of the information that we hold about you, including:
the right to ask us not to process your personal information for marketing purposes;
the right to request access to the information that we hold about you;
the right to request that we correct or rectify any information that we hold about you which is out of date or incorrect;
in certain circumstances, the right to ask us to stop processing information about you; and
the right to lodge a complaint about us to complaint with the relevant authority in your country of work or residence, such as the UK’s Information Commissioner’s Office;
the right to withdraw your consent for our use of your information in reliance of your consent (refer to paragraph 4 to see when we are relying on your consent), which you can do by contacting us using any of the details at the top of this Privacy Notice;
the right to object to our using your information on the basis of our legitimate interests (refer to paragraph 4 above to see when we are relying on our legitimate interests) (or those of a third party)) and there is something about your particular situation which makes you want to object to processing on this ground;
the right to receive a copy of any information we hold about you (or request that we transfer this to another service provider) in a structured, commonly-used, machine readable format, in certain circumstances; and
the right to ask us to limit or cease processing or erase information we hold about you in certain circumstances.
Please note that we need to retain certain information for our own record-keeping purposes. We may also need to send you service-related communications relating to product or service requests even when you have requested not to receive marketing communications.
How to exercise your rights
You may exercise your rights above by contacting us using the details in paragraph 2 of this Privacy Notice, or in the case of preventing processing for marketing activities also by using the unsubscribe button at the bottom of our marketing emails. We will comply with your requests unless we have a lawful reason not to do so.
What we need from you to process your requests
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal information (or to exercise any of your other rights). This is a security measure to ensure that personal information is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances. We will try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
INFORMATION FOR INDIVIDUALS IN CALIFORNIA
California residents who provide personal information in obtaining products or services for personal, family, or household use are entitled to request and obtain from us once a calendar year information about the customer information we shared with third parties for their own direct marketing purposes, including the categories of information and the names and addresses of those businesses with which we have shared such information. As discussed elsewhere in this Privacy Notice, we do not currently share the personal information of California residents with third parties for their own direct marketing purposes. However, if you have further questions about our privacy practices and compliance with California law, please contact us via the address at the top of this Privacy Notice.
If you are a California resident, the California Consumer Privacy Act provides you with the following rights with respect to your personal information:
The right to request to know the categories or specific pieces of personal information we have collected, used, disclosed and sold about you. To submit a request to know, you may call us at (866) 644-5728 or visit https://www.kravet.com/ccpa-request-to-know. Please contact us at firstname.lastname@example.org for more information if you wish to submit a request through an authorized agent.
The right to request that we delete any personal information we have collected about you. To submit a request for deletion, you may call us at (866) 644-5728 or visit https://www.kravet.com/ccpa-deletion-request. Please contact us at email@example.com for more information if you wish to submit a request through an authorized agent.
When you exercise these rights and submit a request to us, we will verify your identity by asking you to log in to your account if you have one with us. Or if you do not, we may ask for your email address. We also may use a third party verification provider to verify your identity.
The fact that you have elected to exercise these rights will have no adverse effect on the price and quality of our products or services.
We do not and will not sell your personal information to third parties.
We do not knowingly solicit or collect personally identifiable information online from children under the age of 13 without prior verifiable parental consent. If we learn that a child under the age of 13 has submitted personally identifiable information online without parental consent, it will take all reasonable measures to delete such information from its databases and to not use such information for any purpose (except where necessary to protect the safety of the child or others as required or allowed by law). If you become aware of any personally identifiable information we have collected from children under 13, please call us at (866) 644-5728 or email us at firstname.lastname@example.org.
Minors under 18 years of age may have the personal information that they provide to us deleted by sending an email to email@example.com requesting deletion. Please note that, while we make reasonable efforts to comply with such requests, deletion of your personal information does not ensure complete and comprehensive removal of that data from all systems.
CHANGES TO THIS PRIVACY NOTICE AND YOUR DUTY TO INFORM US OF CHANGES
We may make changes to this Privacy Notice from time to time. We will post any changes to our site, or notify you of any material changes by e-mail. To request a copy of this Privacy Notice in a different format, please contact us via the contact details at the top of this Privacy Notice.
It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during your relationship with us by updating your profile account information or contacting us via the contact details at the top of this Privacy Notice.
This Privacy Notice was updated on 18 December 2019.