We are committed to the responsible use and protection of Personal Information. This Policy contains details about how we collect, use, maintain, and share with third parties Personal Information that we obtain from or about you, whether through use of our Tensar+, and your other related interactions with us, or otherwise as described in this Policy.
Overview and Scope
We obtain Personal Information about you from you when you use Tensar+. If you are a California resident, please see “Your California Privacy Rights” at the end of this Policy for more information about your privacy rights under California law. If you are a resident of the United Kingdom or the European Economic Area, please see "Your Europe Privacy Rights" towards the end of this Policy for more information about your privacy rights under applicable European laws.
Personal Information We Collect
We may collect the following types of Personal Information:
- Identifiers, such as name, title, employer, email address, physical address, telephone number, account number or name and password.
- Professional or employment-related information, such as your profession.
- Internet usage information, such as your IP addresses or cookie IDs. For more information, see “Cookies,” below.
- Commercial information, including products, technologies or services purchased, obtained or considered, order history, or other purchasing or consumer history.
- Audio, electronic, visual or similar information such as from cameras located on our premises or your attending online training, conferences or meetings, organized by us.
- Inferences drawn from any of the information we collect to create a profile about you reflecting your preferences and to enhance your user experience.
We may also collect deidentified or aggregated information that does not identify you.
How We Collect Personal Information
We collect Personal Information about you in the following ways and from the following sources:
- From you directly. We will collect Personal Information that you provide by completing forms, applications, questionnaires, surveys, placing orders with us on behalf of customers, customer service or other information requests, conference attendance applications, or collected by other means such as email, meetings, in-person events, contests, and other interactions with us. We may also collect Personal Information provided voluntarily to us. This includes information provided at the time of registering to use Tensar+ or other Company software, subscribing to our newsletters or other services, or requesting further services or information. We may also ask you for your information when you report a problem with Tensar+ or any of our Websites or software or report another concern or issue to us.
- Through cookies. We may collect information about how you use Tensar+ or otherwise interact with us online automatically, such as IP address, information about your device, internet usage, browsing preferences, browser type, Website activity, and other technical information when you interact with us online. For more information, see “Cookies,” below.
How We Use Personal Information
We may use Personal Information for the following purposes:
- In connection with our products, technologies and services, such as to provide information regarding such items or to notify you of changes to our business.
- In connection with contractual obligations or transactions with us, such as to carry out a notification or other obligation arising from any contracts entered into between you and us, or to deliver on requested transactions with us.
- For our own internal business purposes, such as to evaluate or audit the usage, performance and other aspects of, or projects for the potential use of our products, systems technologies and services; to design new products, systems, technologies and services; to operate our software; for internal research and analytics; to evaluate the effectiveness of our advertising or marketing efforts; to evaluate and improve the quality of your interactions with us; to catalog your responses to surveys or questionnaires; or to maintain internal business records.
- For marketing, such as for contextual ad customization or to market our products, systems, technologies and services or those of our affiliates, business associates, or other third parties. We may use Personal Information we collect to send you newsletters, updates, surveys, questionnaires, promotions, contests, or information about events, or to invite or admit you to attend activities such as webinars or virtual events.
We may use deidentified or aggregated information for any legal purpose.
With Whom We Share Personal Information
We may share Personal Information with the categories of recipients described below:
- Affiliates. We may share Personal Information with our affiliates who directly or indirectly control, are controlled by, or under common control with us, which includes parents, subsidiaries and other company affiliates, their shareholders, and other business units.
- Business Associates. We may share information with our distributors, licensees or other business associates who are part of our business channel in providing (or seeking to provide) our products, systems, technologies or services to you, or with another company with whom we may partner for a particular event.
- Service providers. We may share information with service providers or subcontractors that help us with Tensar+ or other software, or perform business or administrative functions on our behalf, including completing a transaction you request or supporting our relationship with you, such as IT providers, training and communication providers, accountants, logistics providers, analytics companies, and marketing or advertising providers. Please see the paragraph entitled "Sub-Processors" below for more information.
- Law enforcement and other government agencies. We may share information with third parties like law enforcement or other government agencies and other authorities to comply with the law or legal requirements and to protect our and/or third party rights, property, safety or other legitimate interests.
- Parties to a corporate transaction. In the event that we enter into, or propose to enter into, a transaction that directly or indirectly alters the structure, ownership or control of any of our companies or businesses, such as a reorganization, merger, sale, joint venture, assignment, transfer, change of control, or other disposition of all or any portion of our business, assets or securities, we may share Personal Information with third parties in connection with such transaction. Any other entity which buys us or part of our business will have the right to continue to use your Personal Information, but only in the manner set forth in this Policy, unless you agree otherwise.
(i) You consent to our appointment of the sub-processors listed in the Sub-Processing Schedule attached to this Policy to process the Personal Information under this Policy and as set out therein. You confirm we have prior written general authorization to amend the Sub-Processing Schedule in accordance herewith.
(ii) We confirm we have entered into, or will enter into as the case may be, written agreements with its sub-processors that are substantially similar to the terms set out in this Policy. As between us, we shall remain fully liable for all acts or omissions of any third-party sub-processor appointed by us pursuant to this Policy,
(iii) Where we intend to amend the Sub-Processing Schedule, we will provide no less than thirty (30) days’ prior email notice of the appointment of any new sub-processor to you.
International Data Transfers
Where required by applicable laws, we agree to enter into the Standard Contractual Clauses or any equivalent agreement with you or another relevant entity or to provide other appropriate safeguards in order to legalize the transfer of Personal Information to a third country. Where we engage a sub-processor or transfer your Personal Information to another company in the Tensar group of companies, including Tensar’s parent company, Commercial Metals Company (“CMC”) and CMC’s subsidiaries and affiliates, and such engagement involves an international transfer of Personal Information, we shall take such measures as are necessary to ensure the transfer is in compliance with applicable laws.
What are Cookies? A “cookie” is a small text file that is sent to or accessed from your web browser or your computer’s hard drive. Some cookies exist only during a single browsing session and some are persistent over multiple browsing sessions. A cookie typically contains the name of the domain (internet location) from which the cookie originated, the “lifetime” of the cookie (when it expires), and a randomly generated unique identifier. A cookie may also contain information about your computer, such as user settings, browsing history and activities conducted while using one of our Websites.
- Sign-in and authentication. When you sign into your account on our websites, we store a unique ID number, and the time you signed in, in an encrypted cookie on your device. This cookie allows you to move from page to page within a particular Website without having to sign in again on each page. You can also save your sign-in information so you do not have to sign in each time you return to the websites.
Controlling cookies. Most web browsers automatically accept cookies but provide controls that allow you to block or delete them. For example, in most modern browsers, you can block or delete cookies by clicking Settings > Privacy > Cookies. Instructions for blocking or deleting cookies in other browsers may be available in each browser's privacy or help documentation.
Certain features of our websites depend on cookies. Please be aware that if you choose to refuse or delete cookies, some of our website functionality may be impaired. If you change computers, devices or browsers, or use multiple computers, devices, or browsers, and delete your cookies, you may need to repeat this process for each computer, device, or browser. Please refer to your browser’s Help instructions to learn more about how to manage cookies.
We maintain organizational, technical and administrative measures designed to protect Personal Information within our Company against unauthorized access, destruction, loss, alteration or misuse, consistent with applicable regulatory requirements and applicable published security standards.
However, no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially reasonable means to protect your Personal Information, we cannot guarantee absolute security. If you have reason to believe that your Personal Information is no longer secure (for example, if you feel that the security of your account has been compromised), please contact us immediately as set out in the Contact Details section.
We recognize the importance of children’s safety and privacy on the Internet. For this reason, we do not knowingly collect from or sell any information (including Personal Information) about children under 16 years of age. Our products, systems, technologies and services are intended for individuals over 16 years of age. They are not directed at, marketed to, or intended for, children under 16 years of age. We may occasionally sponsor contests involving participation by children, for example, to submit a drawing depicting the use of our products with an award for the most creative illustration; in this situation we would request permission from a parent of the child or other adult caregiver to use any such material and to collect on a voluntary basis any minimum required Personal Information. If you believe that we have without prior authorization or otherwise inadvertently collected Personal Information from a child under the age of 16, please contact us as set out in the Contact Details section, and we will take immediate steps to delete the Personal Information.
Tensar+ may contain links to external sites or other online services that we do not control, including those embedded in third party advertisements. We are not responsible for the privacy practices and data collection policies for such third-party services. You should consult the privacy policies of those third-party services for details.
We may use your Personal Information to send you promotional information about third parties which we think you may find interesting if you tell us that you wish for us to do so.
If you feel that the security of your Personal Information has been compromised, please contact us immediately at (855) 237-8950 (Western Hemisphere) or +44 01254 262431 (Eastern Hemisphere) or firstname.lastname@example.org (global)
If you have questions regarding this Policy or our privacy practices in general, or if you are having trouble viewing or accessing this Policy and need it made available to you in an alternative format, please contact us at:
Phone: (855) 237-8950
Mail: Tensar Corporation
2500 Northwinds Parkway, Suite 500
Alpharetta, GA 30009
Attn: VP Marketing
Phone: +44 01254 262431
Mail: Tensar International Limited
Units 2-4 Cunningham Court
Shadsworth Business Park
Blackburn BB1 2QX
Attn: Data Protection Co-ordinator
We may update this Policy from time to time. The current Policy will be effective when posted. Please check this Policy periodically for updates. If any of the changes that we may make are unacceptable to you, you should cease interacting with us. When required under applicable law, we will notify you of any changes to this Policy by posting an update on our websites.
Your California Privacy Rights
This section applies to California residents whose Personal Information is subject to the California Consumer Privacy Act of 2018 (“CCPA”). If you are not a California resident, the rights described in this section do not apply to you.
Please note that the CCPA defines the term “sale” very broadly and includes the disclosure of Personal Information to third parties for which we receive “valuable consideration” (i.e., a benefit other than money), a definition that is much broader than the ordinary understanding of the term “sale.” In the preceding 12 months, we have not disclosed Personal Information to any third parties in exchange for money; however, we have disclosed Personal Information to third parties such as distributors, licensees and other business associates who may use such Personal Information to market their products and services. It is possible that this could be considered a “sale” for “other valuable consideration” under the CCPA.
Summary of Personal Information Collected, Used, Sold or Shared
Below is a summary of the categories of Personal Information we have shared for a business purpose or sold (as defined by the CCPA) in the previous 12 months and the categories of third parties with whom we have shared or sold such Personal Information. Information about the categories of Personal Information we have collected from or about consumers in the previous 12 months, sources from which we collect Personal Information and the purposes for which we collect, use, share and sell Personal Information are described above in “Personal Information We Collect,” “How We Collect Personal Information” and “How We Use Personal Information,” respectively.
|Categories of Personal Information We Sold or Shared for a Business Purpose||Categories of Third Parties To Whom We Sold or With Whom We Shared Personal Information for a Business Purpose|
|Identifiers||Our affiliated companise, distributors, licensees, other Company business associates, service providers, e-commerce providers, advertising networks (including social networks), and entities involved in a potential or actual acquisition or merger with the Company|
|Financial information||Our professional service providers and e-commerce providers|
|Internet usage information||Our affiliated companies, distributors, licensees, other Company business associates, service providers, e-commerce providers, and advertising networks (including social networks)|
|Commercial information||Our affiliated companies, distributors, licensees, other Company business associates, service providers, e-commerce providers, advertising networks (including social networks), and entities involved in a potential or actual acquisition of or merger with the Company|
|Professional or employment-related information||Our affiliated companies, distributors, licensees, other Company business associates, service providers, and advertising networks (including social networks)|
|Inferences drawn from any of the information identified above||Our affiliated companies, distributors, licensees, other Company business associates, and service providers|
Your Rights under the CCPA
Subject to certain legal limitations and applicable exceptions, California residents may exercise the following rights.
- Right to Know. You have the right to request that we disclose to you the categories of Personal Information we have collected about you in the preceding 12 months, the categories of sources from which we collected the Personal Information, the purposes for collecting the Personal Information, and the categories of third parties with whom we have shared or sold your Personal Information. You may also request information about the specific pieces of Personal Information we have collected about you.
- Right to Delete. You have the right to request that we delete your Personal Information that we have collected from you.
- Right to Opt Out. You have the right to opt out of the sale of your Personal Information.
How to Exercise Your Rights
If you have questions about our privacy policies or practices or would like to exercise your rights under the CCPA, you may contact us by either:
- emailing us at email@example.com;
- calling us at (855) 237-8950; or
- for requests to opt out, visiting our “Do Not Sell My Personal Information (California)” website, here.
- writing us at:
2500 Northwinds Parkway, Suite 500
Alpharetta, Georgia 30009
Attn: General Counsel
You may also designate an authorized agent to exercise these rights on your behalf by following the process described in “Authorized Agents,” below.
You may request access to your Personal Information twice in any 12-month period, measured from the date we receive your first request. If you submit a request to obtain your Personal Information more than twice in any 12-month period, we will either: (i) proceed with honoring your request; or (ii) deny your request in writing.
In accordance with applicable law, you have the right not to receive discriminatory treatment from us as a result of your exercising these rights.
In order for you to exercise your CCPA rights, we will need to obtain information to locate you in our records, verify that you are a California resident and to verify your identity. For a report of the specific Personal Information we have processed about you, you must provide us with three of the following in order that we may verify your identity:
- full name;
- email address;
- residential or business address; or
- mobile, residential or business telephone number.
You also must provide us with a signed declaration, under penalty of perjury, that you are who you say you are. For a report of the categories of Personal Information we have processed about you, or for a request to delete your Personal Information or opt out of the sale of your Personal Information, you must provide us with two of the above-referenced pieces of personal information in order that we may verify your identity (example, full name and email address).
To the extent reasonably possible, we will use our existing account authentication practices to verify your identity. Where necessary, we may request additional information about you so that we can verify your identity. Where we did not already hold that information, we will use it only for the purpose of verifying your identity and to process your request. If you are submitting a request on behalf of a household, we will need to verify each member of the household in the manner set forth in this section.
You may use an authorized agent to exercise your CCPA rights on your behalf. Authorized agents may demonstrate that the agent has authority to exercise rights on the requesting California resident’s behalf by writing our Head of Information Technology at the street address identified above or by emailing us at the email address identified above. At a minimum, we will require evidence of the agent’s identity via driver’s license or passport page, and at least one of the following documents evidencing proof of your legal authority to act on behalf of the individual who is the subject of the request:
- Written authorization signed by the California resident;
- Certified copy of a Power of Attorney granted under the California Probate Code; or
- With respect to requests made on behalf of a minor, written evidence of parental responsibility.
Whenever you interact with us on behalf of another individual or entity, such as by providing or accessing Personal Information about another individual, you represent that your interactions and exchanges comply with applicable data privacy laws. You shall have sole responsibility for any violation of applicable laws as a result of a failure to obtain any necessary consent from such individual.
We will respond to Requests to Delete and Requests to Know within 45 calendar days, unless we need more time, in which case we will notify you and may take up to 90 calendar days total to respond to your request. We will process a Request to Opt Out within 15 business days.
California Shine the Light Law
California residents may opt out of our sharing your Personal Information with third parties for the third parties’ direct marketing purposes. Please contact us at firstname.lastname@example.org if you would like to do so.
Your Europe Privacy Rights
This section applies to individuals located in the EEA, the UK or in Switzerland and outlines additional information about your rights and choices regarding our processing of your Personal Information under the GDPR or equivalent laws in Switzerland and the UK.
A. Legal basis
We collect and process personal data about you only where we have a legal basis for doing so under applicable data protection laws. Our legal bases include processing personal data as follows:
- With your consent: Where appropriate or legally required, we collect and use personal data about you subject to your consent (e.g., where legally required for direct marketing activities).
- Performance or contract: We collect and use personal data about you to contract with you or to perform a contract that you have with us.
- To protect our legitimate interests: We process personal data for our legitimate interests such as to improve our website or software; deliver content; optimize your experience; market our Services; provide appropriate security; and to protect you from data breaches.
- Where necessary for compliance with laws: We may process personal data about you: (1) as required by law, such as to comply with a subpoena or similar legal process; (2) when we believe in good faith that disclosure is necessary to protect our rights or property, to protect your health and safety or the health and safety of others; (3) to investigate fraud or respond to a government request; or (4) if we are involved in a merger, acquisition, or sale of all or a portion of our assets.
B. Data Subject Rights
You have certain rights related to the Personal Information we hold about you. Some of these rights may be subject to limitations and qualifications including (1) where fulfilling your request would adversely affect other individuals, company trade secrets or intellectual property; (2) where there are overriding public interest reasons; or (3) where we are required by law to retain your personal data.
- Right of Access: You have the right to access personal data held by us.
- Right to Rectification: You have the right to rectify personal data that is inaccurate or incomplete.
- Right to Data Portability: You have the right to request a copy of certain personal data we hold about you in a structured, machine-readable format, and to ask us to share this information with another entity.
- Right to Erasure: You have the right to have personal data deleted where: (1) you believe that it is no longer necessary for us to hold your personal data; (2) we are processing your personal data based on legitimate interests and you object to such processing and we cannot demonstrate an overriding legitimate ground for the processing; (3) you have provided your personal data to us with your consent and you wish to withdraw your consent and there is no other ground under which we can process your personal data; or (4) where you believe the personal data we hold about you is being unlawfully processed by us.
- Right to Restrict Processing: You have the right to ask us to restrict (stop any active) processing of your personal data where: (1) you believe the personal data we hold about you is inaccurate and while we verify accuracy; (2) we want to erase your personal data as the processing is unlawful, but you want us to continue to store it; (3) we no longer need your personal data for our processing, but you require us to retain the data for the establishment, exercise, or defense of legal claims; or (4) you have objected to us processing your personal data based on our legitimate interests and we are considering your objection.
- Right to Object: You can object to our processing of your personal data based on our legitimate interests. We will no longer process your personal data unless we can demonstrate an overriding legitimate purpose.
- Objection to Direct Marketing, Automated Decision Making, and Profiling: You have the right to object to our processing of personal data for direct marketing communications, and profiling related to direct marketing. We will stop processing the personal data for that purpose.
- Automated Profiling: In the event that we conduct automated decision making that has a legal or other significant impact we will tell you about this and you have the right to challenge such decisions and request that it is reviewed by a human.
- Withdrawal of Consent: Where the processing of your personal data by us is based on consent, you have the right to withdraw that consent without detriment at any time by contacting us as set out in the Contact Details section.
C. Updating Your Details
If you would like to update the details that we hold about you or to change any of your preferences relating to the way in which we may use your information for direct marketing, then please contact us as set out in the Contact Details section.
D. Data Retention
We have a system of retention periods in place to ensure that your information is only stored whilst it is required for the relevant purposes or to meet legal requirements. If your information is no longer required, we will ensure it is disposed of or deleted in a secure manner.
For further information about how long we store your personal data, please contact us as set out in the Contact Details section.
Exercising Your Rights
If you would like to exercise the rights set forth above, please contact us as set out in the Contact Details section. Before we respond to requests for personal data, we will require that you verify your identity or the identity of any data subject for whom you are requesting personal data.
We will fulfil your request within one month of receipt unless an exception applies. If you have concerns unresolved by us, you may also address any grievance directly with the relevant Supervisory Authority or the ICO for UK-based individuals.
We will fulfil your request within one month of receipt unless an exception applies. If you have concerns unresolved by us, you may also address any grievance directly with the relevant Supervisory Authority or the ICO for UK-based individuals.
If you are dissatisfied with our handling of any complaint you also have the right to raise concerns with The UK Information Commissioner: https://ico.org.uk or one of the EU regulatory bodies for data protection. Our largest office within the EU is Tensar International GmbH at Brühler Str. 7, 53119, Bonn (T. +49 (0) 228 91392-0).
Tensar+ Sub-Processing Schedule
NATURE OF PROCESSING
TYPE OF PERSONAL INFORMATION
CATEGORIES OF DATA SUBJECTS
DATA STORAGE LOCATIONS
10800 NE 8th St, Ste 700, Bellevue, WA 98004, USA
|User authentication for access to Company websites||Name, email, Company, website password||Company website visitors and users||USA||Standard Contractual Clauses|
25 First St, 2nd Floor, Cambridge, MA 02141, USA
|Customer relationship management and marketing||Identifiers, job title, company name, login data, user privileges, login time, first name, last name, professional phone number, professional email, IP address, signup data, aggregated level data||(i) Company website visitors/users|
(ii) Tensar+ customers and prospects of the Company
|USA||Standard Contractual Clauses|
One Microsoft Way, Redmond, WA 98052, USA
|Hosting of data||Users of Tensar+ only: first name, last name, professional phone number, professional email, IP address, company name||Tensar+ customers and prospects of the Company||USA||Standard Contractual Clauses|
Effective Date: July 13, 2022
Version Number: 1