 |
|
AMERICAN STANDARD COMPANIES, INC.
PRIVACY POLICY
American Standard Companies, Inc. ("American Standard") respects
individual privacy and values the confidence of its customers, employees,
vendors, consumers, business partners and others. American Standard strives to
collect, use and disclose Personal information in a manner consistent with the
laws of the countries in which it does business, and has a tradition of
upholding the highest ethical standards in its business practices. American
Standard abides by the Safe Harbor Principles developed by the U.S. Department
of Commerce and the European Commission and the Frequently Asked Questions
(FAQs) issued by the Department of Commerce on July 21, 2000. This Safe Harbor
Privacy Policy (the "Policy") sets forth the privacy principles that American
Standard follows with respect to transfers of Personal information anywhere in
the world, including transfers from the European Economic Area (EEA) (which
includes the twenty-five member states of the European Union (EU) plus
Iceland, Liechtenstein and Norway to the United
States.
I. SAFE HARBOR
The United States Department of Commerce and the European Commission have
agreed on a set of data protection principles and frequently asked questions
(the "Safe Harbor Principles") to enable US companies to satisfy the requirement
under European Union law that adequate protection be given to Personal
information transferred from the EU to the United States.
The EEA also has recognized the US Safe Harbor as providing adequate data
protection (OJ L 45, 15.2.2001, p.47). Consistent with its commitment to protect
Personal privacy, American Standard adheres to the Safe Harbor
Principles.
American Standard has a Chief Privacy Officer who is responsible for
American Standard's compliance with and enforcement of this Policy. American
Standard also has a Global Director of Data Protection who assists in ensuring
compliance with this Policy and data security issues. American Standard educates
its employees concerning compliance with this Policy and has self-assessment
procedures in place to assure compliance. American Standard's Chief Privacy
Officer Barbara A. Sellinger, Global Director of Data Protection William H.
Murray, and Corporate Legal Team are available to any of its valued employees,
customers, vendors, business partners or others who may have questions
concerning this Policy or data security practices. Relevant contact information
is provided herein.
II. SCOPE
This Policy applies to all Personal information received by American
Standard in any format including electronic, paper or verbal. American Standard
collects and processes Personal information concerning current and former
employees and their respective family members, as well as applicants for
employment through its Internet websites, its intranet site, electronic mail and
manually. American Standard is the sole owner of information it collects from
current and former employees, applicants for employment, customers, vendors and
others. American Standard will not sell or share this information with third
parties in ways different than what is disclosed in this Privacy Policy. On a
global basis, American Standard will, and will cause its affiliates to,
establish and maintain business procedures that are consistent with this
Policy.
Personal information collected by American Standard from employees and
applicants for employment is maintained at its corporate offices in Piscataway, New Jersey
in the United States as well as the local office of the
employee or applicant. American Standard collects Personal information for,
among other things, legitimate human resource business reasons such as payroll
administration; filling employment positions; administration and operations of
its benefit programs; meeting governmental reporting requirements; security,
health and safety management; performance management; company network access;
and authentication. American Standard does not request or gather information
regarding political opinions, religion, philosophy or sexual preference. To the
extent American Standard maintains information on an individual’s medical health
or ethnicity (as legally required), American Standard will protect, secure and
use that information in a manner consistent with this Policy and any applicable
law.
Personal information collected by American Standard from prospective
customers, consumers, vendors, business partners and others may be maintained at
its corporate offices in Piscataway, New Jersey or at other American Standard facilities.
American Standard collects Personal information for, among other things,
legitimate business reasons such as customer service; product, warranty and
claims administration; meeting governmental reporting and records requirements;
maintenance of accurate accounts payable and receivable records; internal
marketing research; safety and performance management; financial and sales data;
and contact information. All Personal information collected by American Standard
will be used for legitimate business purposes consistent with this
Policy.
III. DEFINITIONS
For purposes of this Policy, the following definitions shall
apply:
- "Agent" means any third party that uses Personal information provided by
American Standard to perform tasks on behalf of or at the instruction of
American Standard.
- "American Standard" means American Standard Companies, Inc., its
predecessors, successors, subsidiaries, divisions and groups.
- "Personal information" means any information or set of information that
identifies or could be used by or on behalf of American Standard to identify an
individual. Personal information does not include information that is encoded or
anonymized, or publicly available information that has not been combined with
non-public Personal information.
- "Sensitive Personal information" means Personal information that reveals
race, ethnic origin, trade union membership, or that concerns health. In
addition, American Standard will treat as sensitive Personal information any
information received from a third party where that third party treats and
identifies the information as sensitive.
IV. PRIVACY PRINCIPLES
The privacy principles in this Policy are based on the seven Safe Harbor
Principles.
(1) NOTICE: Where American Standard collects Personal information
directly from individuals, it will inform them about the purposes for which it
collects and uses Personal information about them, the types of non-agent third
parties to which American Standard discloses that information, and the choices
and means, if any, American Standard offers individuals for limiting the use and
disclosure of their Personal information. Notice will be provided in clear and
conspicuous language when individuals are first asked to provide Personal
information to American Standard, or as soon as practicable thereafter, and in
any event before American Standard uses the information for a purpose other than
that for which it was originally collected. American Standard may disclose
Personal information if required to do so by law or to protect and defend the
rights or property of American Standard.
(2) CHOICE: American Standard will offer individuals the opportunity to
choose (opt-out) whether their Personal information is (a) to be disclosed to a
non-agent third party, or (b) to be used for a purpose other than the purpose
for which it was originally collected or subsequently authorized by the
individual.
For sensitive Personal information, American Standard will give
individuals the opportunity to affirmatively and explicitly (opt-in) consent to
the disclosure of the information to a non-agent third party or the use of the
information for a purpose other than the purpose for which it was originally
collected or subsequently authorized by the individual.
American Standard will provide individuals with reasonable mechanisms to
exercise their choices should requisite circumstances arise.
(3) DATA INTEGRITY: American Standard will use Personal information only
in ways that are compatible with the purposes for which it was collected or
subsequently authorized by the individual. American Standard will take
reasonable steps to ensure that Personal information is relevant to its intended
use, accurate, complete and current.
(4) TRANSFERS TO AGENTS: American Standard will obtain assurances from
its Agents that they will safeguard Personal information consistently with this
Policy. Examples of appropriate assurances that may be provided by Agents
include: a contract obligating the Agent to provide at least the same level of
protection as is required by the relevant Safe Harbor Principles, being subject
to EU Directive 95/46/EC (the EU Data Protection Directive), Safe Harbor
certification by the Agent, or being subject to another European Commission
adequacy finding (e.g., companies located in Switzerland). Where American
Standard has knowledge that an Agent is using or disclosing Personal information
in a manner contrary to this Policy, American Standard will take reasonable
steps to prevent or stop the use or disclosure. American Standard holds it
Agents accountable for maintaining the trust our employees and customers place
in the company.
(5) ACCESS AND CORRECTION: Upon request, American Standard will grant
individuals reasonable access to Personal information that it holds about them.
In addition, American Standard will take reasonable steps to permit individuals
to correct, amend or delete information that is demonstrated to be inaccurate or
incomplete. Any employees that desire to review or update their Personal
information can do so by contacting their local Human Resources
Representative.
(6) SECURITY: American Standard will take reasonable precautions to
protect Personal information in its possession from loss, misuse and
unauthorized access, disclosure, alteration and destruction. American Standard
protects data in many ways. Physical security is designed to prevent
unauthorized access to database equipment and hard copies of sensitive Personal
information. Electronic security measures continuously monitor access to our
servers and provide protection from hacking or other unauthorized access from
remote locations. This protection includes the use of firewalls, restricted
access and encryption technology. American Standard limits access to Personal
information and data to those persons in American Standard's organization, or as
agents of American Standard, that have a specific business purpose for
maintaining and processing such Personal information and data. Individuals who
have been granted access to Personal information are aware of their
responsibilities to protect the security, confidentiality and integrity of that
information and have been provided training and instruction on how to do
so.
(7) ENFORCEMENT: American Standard will conduct compliance audits of its
relevant privacy practices to verify adherence to this Policy and the US
Department of Commerce Safe Harbor Principles. Any employee that American
Standard determines is in violation of this Policy will be subject to
disciplinary action up to and including termination of employment.
V. DISPUTE RESOLUTION
Any questions or concerns regarding the use or disclosure of Personal
information should be directed to the American Standard Privacy Office at the
address given below. American Standard will investigate and attempt to resolve
complaints and disputes regarding use and disclosure of Personal information in
accordance with the principles contained in this Policy. For complaints that
cannot be resolved between American Standard and the complainant, American
Standard has agreed to participate in the dispute resolution procedures of the
panel established by the European data protection authorities to resolve
disputes pursuant to the Safe Harbor Principles.
VI. INTERNET PRIVACY
American Standard sees the Internet, intranets and the use of other
technologies as valuable tools for communicating and interacting with consumers,
employees, vendors, business partners and others. American Standard recognizes
the importance of maintaining the privacy of Personal information collected
through websites that it operates. American Standard's sole purpose for
operating its websites is to provide information concerning products and
services to the public. In general, visitors can reach American Standard on the
Web without revealing any Personal information. Visitors on the Web may elect to
voluntarily provide Personal information via American Standard websites but are
not required to do so. American Standard collects information from visitors to
the websites who voluntarily provide Personal information by filling out and
submitting online questionnaires concerning feedback on the website, requesting
information on products or services, or seeking employment. The Personal
information voluntarily provided by website users is contact information limited
to the user's name, home and/or business address, phone numbers and email
address. American Standard collects this information so it may answer questions
and forward requested information. American Standard does not sell or share this
information with non-agent third parties.
American Standard may also collect anonymous information concerning
website users through the use of "cookies" in order to provide better customer
service. "Cookies" are small files that websites place on users’ computers to
identify the user and enhance the website experience. None of this information
is reviewed at an individual level. Visitors may set their browsers to provide
notice before they receive a cookie, giving the opportunity to decide whether to
accept the cookie. Visitors can also set their browsers to turn off cookies. If
visitors do so, however, some areas of American Standard websites may not
function properly.
Few, if any, of American Standard's websites are directed toward
children. Nevertheless, American Standard is committed to complying with
applicable laws and requirements, such as the United States'
Children's Online Privacy Protection Act ("COPPA").
American Standard website users have the option to request that American
Standard not use information previously provided, correct information previously
provided, or remove information previously provided to American Standard. Those
that would like to correct or suppress information they have provided to
American Standard should forward such inquiries to:
American Standard Companies Privacy Inquiries
One Centennial Avenue
Piscataway, New Jersey 08855-6820
Attention: William H. Murray, Global Director of Data Protection
The inquiries should include the individual's name, address, and other
relevant contact information (phone number, email address). American Standard
will use all reasonable efforts to honor such requests as quickly as
possible.
American Standard websites may contain links to other "non-American
Standard" websites. American Standard assumes no responsibility for the content
or the privacy policies and practices on those websites. American Standard
encourages all users to read the privacy statements of those sites; their
privacy practices may differ from those of American Standard.
VII. CHANGES TO THIS SAFE HARBOR PRIVACY POLICY
The practices described in this Policy are current Personal data
protection policies as of June 18, 2004. American Standard reserves the right to
modify or amend this Policy at any time consistent with the requirements of the
Safe Harbor Principles. Appropriate public notice will be given concerning such
amendments.
|
|
|
|
