This Privacy Policy applies to websites, applications, stores and Services (as defined below) operated by or on behalf of SRAM, LLC and its subsidiaries and affiliates worldwide (collectively “we”, “us” or “our”). The purpose of this Policy is to tell users of the Services what information we collect, how it is used, where it is used, and how to contact us with privacy inquiries. Your use of the Services is also subject to our Terms of Use.

We are committed to safeguarding your privacy and ensuring that your personal data is protected. This Policy applies to personal data processed by us in connection with the Services. This includes information collected when you make a purchase through our stores, participate in a forum on our site, register for contests or other promotional opportunities provided by us, answer surveys, and register for electronic newsletters or other membership services. This also includes information collected from our physical products, such as when you connect to bike components using our site or applications, upload bike ride data on our servers, use our analysis tools for your bike data, and otherwise interact with bike data on our software.

This Privacy Policy also applies to our targeted content, including online offers and advertisements for products and services, which we (or a service provider acting on our behalf) may send to you on third party websites, platforms and applications (“Third Party Sites”) based on your use of the internet. These Third Party Sites may have their own privacy policies and terms and conditions. We are not responsible for the content, privacy policies, or practices of those websites. We encourage you to read them before using those Third Party Sites.

 

 1. Who is Responsible for what happens with your data?

We are responsible for processing of your personal data through the Services. You can contact the Data Protection Officer via mail, by phone or by email if you have any questions, as described below.

 

2. Who is the Data Protection Officer?

The Data Protection Officer of SRAM, LLC is Sarah Fanto. You can contact her by email, by mail or by telephone, as follows:

Data Protection Officer

SRAM, LLC

1000 W Fulton Market, Floor 4, Chicago, Illinois 60607, USA

Email: DPO@sram.com

Telephone: +1-312-664-3002

 

 3. When Do we ask for your consent?

By using our websites or applications, you acknowledge that we are processing your personal data in accordance with this Privacy Policy. If you do not wish that we process your personal data in this way, please do not use our websites or applications or otherwise provide us with your personal data.

We process your data to provide the Services. In certain instances, we only process your data if you have consented, for example in certain cases where we process your personal data for marketing purposes, use cookies or process your sensitive data. Where we process your data on the basis of your consent, we will ask for your consent explicitly but, in some cases and only where permitted by applicable law, we may infer in a transparent manner consent from your actions. We may also ask you to provide additional consent if we need to use your personal data for purposes not covered by this Privacy Policy or before sharing your personal data with the SRAM, LLC group of companies or relevant subsidiaries of SRAM, LLC for the purposes of marketing. 

 

 4. WHAT HAPPENS IF OUR CUSTOMER IS A CHILD?

The Services, including our websites and applications, are not intended for children under 16 years of age. No one under age 16 may provide any information to us or on the Services. We do not knowingly collect personal data from children under 16. If you are under 16, do not use or provide any information on or through any of the Services or their features/registration, make any purchases through the Services, use any of the forums or interactive or public comment features of the Services or provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or user name you may use. If we learn we have collected or received personal data from a child under 16 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 16, please contact the Data Protection Officer at:

Data Protection Officer

SRAM, LLC

1000 W Fulton Market, Floor 4, Chicago, Illinois 60607, USA

Email: DPO@sram.com

Telephone: +1-312-664-3002

 

 5. for which purposes do we Process your personal data?

We process information, including Personal Data that you provide to us when you use the Services. Personal Data means information that can directly or indirectly identify you or other individuals (“Personal Data”). References to Personal Data shall be deemed to include “personal data” as defined in the GDPR. This typically includes information such as your name, address, email address, and telephone number, but can also include other information such as IP address, shopping habits, information about health, information about your lifestyle or preferences such as your hobbies and interests. Please see details in the following paragraphs.

We collect your Personal Data directly when you provide us with Personal Data so that you can register as a customer for our online shop, subscribe to our newsletter or other membership services, receive information or mailings, use our applications, buy a product from us, complete a survey, make a comment or enquiry or contact our customer services, and register for contests and other promotional opportunities.

We may also receive Personal Data about you from other sources, including information from commercially available sources, such as public databases and data aggregators, and information from third parties. For example, if you interact with a third party platform service when using our apps or websites, such as using a third party service to log-in to your user or customer account (e.g., Facebook Login or Google Sign-In), or if you share content from our app or websites through a third party social media platform service, we may receive Personal Data about you, such as information from your public profile, if the third party service and your account settings with such service allow such sharing. The information we receive will depend on the policies and your account settings with the third party service. 

You should exercise caution and look at the privacy statement for the third party platform services you use.

In more detail, we process the following categories of Personal Data for the following purposes (collectively, such activities are the “Services”):

 

5.1  Surfing on our website, using our applications

Which Personal Data do we collect about you? - For this purpose we process the following Personal Data: information about the type of browser you use, details of the web pages you have viewed, your IP and device address, your Cookie ID, application ID or other passive ID information, hyperlinks or application pages that you have clicked, your user name, profile picture, gender, networks and any other information you choose to share when using Third Party Sites (such as when you use the “Like” functionality on Facebook), the websites you visited before arriving at our relevant websites and information collected by cookies or similar tracking devices.

What is the Purpose of Processing your Personal Data? - We (and third party service providers acting on our behalf or on their own behalf) use cookies and similar technologies to process data about you when you visit our relevant websites or use our application to create aggregate trend reports, find out how customers arrive at a website, how they use apps; the responses to a marketing campaign, what are the most effective marketing channels and messages, etc. Cookies are files that store information on your computer hard drive or browser that mean that we can recognise that you have visited us before. We use cookies and similar technologies (like
Google Analytics, Facebook Pixel, Hotjar, and other tools) to improve our products and your experience on our websites by evaluating the use of our websites, products and services and understand your browsing and shopping habits, analysing the effectiveness of our advertisements, personalizing your website experience as well as evaluating (anonymously and in the aggregate) statistics on website activity, such as what time you visited it, whether you’ve visited it before and what website referred you to it, reviewing the products that you have searched online and ended up purchasing them in store, making our websites and applications easier to use and to better tailor our websites, applications and our products to your interests and needs, identifying that you have visited our websites or used our applications but did not purchase a product or service, collecting information about your device and linking this to your Personal Data so as to ensure that our websites and applications present the best web experience for you and supplementing the Personal Data that you provide to us with other information that we hold or that we may receive from commercially available sources, such as public databases and data aggregators, and third parties.  You can learn more information on the Cookies used in our Cookie Policy.

How long do we store your Personal Data? – We store your Personal Data for up to three years after you provide it to us, unless we are required by the law to store it for a longer period.

What is the Basis for Processing your Personal Data? - Your consent and our legitimate interests in the transmission of Personal Data within a group of undertakings for internal administrative purposes and processing for the purposes of ensuring network and information security, including preventing unauthorised access to electronic communications networks and stopping damage to computer and electronic communication systems.

Additional Comments: It is always possible for you to visit our websites without disclosing your Personal Data. This requires that you have disabled cookies on your browser. You can opt out of the processing of such information via our Cookie Consent Tool.  Please note, however, that without cookies you may not be able to use all of the features of our websites or online services.

 

5.2 Contact with you

Which Personal Data do we collect about you? - For this purpose we process the following Personal Data: identifiers such as a real name, alias, postal address, unique personal identifier, online identifier Internet Protocol address, email address, or other similar identifiers.

What is the Purpose of Processing your Personal Data? - We process your Personal Data whenever you contact us and respond to your inquiries and comments. We process your Personal Data that you enter when registering for our online store or loyalty programs or placing an order or that you subsequently update or amend in your user account. We process Personal Data to provide you with our products or services that you request from us, including responding to your inquiries or comments and sending you products or samples that you have requested. We look at the products you buy at our online store and that you have viewed on the Services. 

How long do we store your Personal Data? – We store your Personal Data for up to three years after you provide it to us, unless we are required by the law to store it for a longer period.

What is the Basis for Processing your Personal Data? - Performance of the contract with you, or in order to take steps at your request prior to entering into a contract (i.e. fulfill your contact request), and as applicable (such as a scenario in which you provide to us Personal Data that is considered sensitive (e.g. information on your health or ethnic origin) or otherwise authorize specific contact), your consent.

 

5.3 Conducting business with you, including processing, fulfilling, and following up on online, telephone and in-person purchases and customer service requests 

Which Personal Data do we collect about you? For this purpose we process the following Personal Data: name, signature, social security number, physical characteristics or description, address, email address, telephone number, bank account number, credit card number, debit card number, or any other financial information;

What is the Purpose of Processing your Personal Data? We process your Personal Data to take and fill orders for products or services, to facilitate delivery or provision thereof, to respond to inquiries with respect to products and services you order, to respond to warranty, refunds or other claims, and to monitor and enhance our logistics operations.

How long do we store your Personal Data? We store your Personal Data for up to twelve years after you provide it to us, unless we are required by the law to store it for a longer period.

What is the Basis for Processing your Personal Data? Performance of the contract with you, or in order to take steps at your request prior to entering into a contract, and our legitimate interests in the transmission of Personal Data within a group of undertakings for internal administrative purposes, including client data and, where applicable, your consent.

 

5.4 Creating and maintaining user and customer accounts 

Which Personal Data do we collect about you? For this purpose we process some or all of the following Personal Data, depending on the status of your account and the Services of which you make use: (i) identifiers such as a real name, alias, postal address, unique personal identifier, online identifier Internet Protocol address, email address, account name, date of birth and/or age, or other similar identifiers; (ii) physical characteristics or description, sex/gender, address, telephone number; (iii) commercial information, including credit card information, payment details, product preference, records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies; (iv) biometric information; (v) internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding your interaction with our websites, applications, or advertisements; and (vi) geolocation data, including information from GPS on smartphones or other devices where the chip in the device needs to provide location data in order to pick up satellite information; and (v) product usage history and performance detail, including device data (including the hardware model, operating system version, advertising identifier, unique application identifiers, unique device identifiers, browser type, language, wireless network, and mobile network information) and log files/actions within apps for product use analysis, product performance, enhancement and product development of bikes and bike components that you connect to our site or applications or otherwise interact with on our software. 

What is the Purpose of Processing your Personal Data?
To maintain and provide services relating to individual user and customer accounts, including purchase history, product registration, performance data, provide personalized service and communications, direct marketing and targeted advertising services. 

How long do we store your Personal Data? We store your Personal Data for up to five years after you stop interacting with your account, unless we are required by the law to store it for a longer period.

What is the Basis for Processing your Personal Data? Yourconsent, and our legitimate interests in the transmission of personal data within a group of undertakings for internal administrative purposes, including client data.

 

5.5 Suggestion of our products and services which may be of interest for you; marketing communication

Which Personal Data do we collect about you? For this purpose we process the following Personal Data: identifiers such as a real name, alias, postal address, unique personal identifier, online identifier Internet Protocol address, email address, telephone number, account name, date of birth and/or age, or other similar identifiers, physical characteristics or description, sex/gender, commercial information, including credit card information, payment details, product preference, records of products or services purchased, obtained, or considered, and other purchasing or consuming histories or tendencies, internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding your interaction with our websites, applications, or advertisements, and your product usage history and performance detail.

What is the Purpose of Processing your Personal Data? To provide relevant information to customers and users relating to our products and services based both on customer history and user activity.  

How long do we store your Personal Data? We store your Personal Data for up to twelve years after you provide it to us, unless we are required by the law to store it for a longer period.

What is the Basis for Processing your Personal Data? Our legitimate interests in pursuing direct marketing services to you, and where applicable, your consent.

Additional Comments: You can opt out of receiving such communications from us directly from the communications we send you.

 

5.6 Competitions, sweepstakes, promotions, contests and games

Which Personal Data do we collect about you? For this purpose we process the following Personal Data: identifiers such as a real name, alias, postal address, unique personal identifier, online identifier Internet Protocol address, email address, telephone number, account name, date of birth and/or age, or other similar identifiers, physical characteristics or description, and your sex/gender. 

What is the Purpose of Processing your Personal Data? To inform you about our contests and promotions, to facilitate your participation therein and to fulfil any of our obligations thereunder.

How long do we store your Personal Data? We store your Personal Data for up to three years after you provide it to us, unless we are required by the law to store it for a longer period.

What is the Basis for Processing your Personal Data? Your consent.

 

5.7 Fraud prevention.

Which Personal Data do we collect about you? For this purpose we process the following Personal Data: (i) identifiers such as a real name, alias, postal address, unique personal identifier, online identifier Internet Protocol address, email address, account name, social security number, driver’s license number, passport number, date of birth and/or age, or other similar identifiers; (ii) name, signature, social security number, physical characteristics or description, sex/gender, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information; (iii) commercial information, including credit card information, payment details, product preference, records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. 

What is the Purpose of Processing your Personal Data? To identify and prevent potential fraudulent acts in connection with the use of our Services, including to check identities when purchases are deemed as potentially fraudulent, to confirm warranty or other claims or for insurance purposes.

How long do we store your Personal Data? We store your Personal Data for up to ten years after you provide it to us, unless we are required by the law to store it for a longer period.

What is the Basis for Processing your Personal Data? Our legitimate interests in preventing fraud and in reporting possible criminal acts or threats to public security to a competent authority.

 

5.8 Process employment applications.

Which Personal Data do we collect about you? For this purpose we process the following Personal Data: identifiers such as a real name, alias, postal address, unique personal identifier, online identifier Internet Protocol address, email address, telephone number, account name, date of birth and/or age, or other similar identifiers, physical characteristics or description, your sex/gender, professional or employment-related information, including work experience, job titles, company names and dates of employment, education and education degree(s) and related information.

What is the Purpose of Processing your Personal Data? To facilitate applications for employment, conduct background checks, complete hiring, administer compensation and benefits, monitor employee performance and to otherwise manage employment relationship and interaction between employees.

How long do we store your Personal Data? We store your Personal Data for up to ten years if your application does not result in employment and we store your Personal Data permanently if you are hired as a SRAM employee, unless we are required by the law to store it for a different period.

What is the Basis for Processing your Personal Data? Our legitimate interests in the transmission of personal data within a group of undertakings for internal administrative purposes, including employee data, and where applicable, your consent.

 

5.9 Product development, engineering, performance, and enhancement

Which Personal Data do we collect about you? For this purpose we process the following Personal Data: (i) identifiers such as a real name, alias, postal address, unique personal identifier, online identifier Internet Protocol address, email address, account name, social security number, driver’s license number, passport number, date of birth and/or age, or other similar identifiers; (ii) records of products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies; (iii) biometric information; (iv) geolocation data, including information from GPS on smartphones or other devices where the chip in the device needs to provide location data in order to pick up satellite information; and (v) product usage history and performance detail, including device data (including the hardware model, operating system version, advertising identifier, unique application identifiers, unique device identifiers, browser type, language, wireless network, and mobile network information) and log files/actions within apps for product use analysis, product performance, enhancement and product development.

What is the Purpose of Processing your Personal Data? To learn about the usage, and improve the performance and features, of our products and services, and improve research and product development.

How long do we store your Personal Data? We store your Personal Data for up to seven years after you provide it to us, unless we are required by the law to store it for a longer period.

What is the Basis for Processing your Personal Data? Our legitimate interests in processing data collected from our services or products in order to deliver services, to design our products and services and to continuously improve them, and where applicable, your consent.

 

5.10 Information, system, network and cyber security

Which Personal Data do we collect about you? For this purpose we process the following Personal Data: internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding your interaction with our websites, applications, products or advertisements, and product usage history and performance detail. 

What is the Purpose of Processing your Personal Data? To monitor, detect and protect our organisation, its systems, network, infrastructure, computers, information, intellectual property and other rights from unwanted security intrusion, unauthorised access, disclosure and acquisition of information, data and system breaches, hacking, industrial espionage and cyberattacks.

How long do we store your Personal Data? We store your Personal Data for up to seven years after you provide it to us, unless we are required by the law to store it for a longer period.

What is the Basis for Processing your Personal Data? Our legitimate interests in preventing unauthorized access, intrusion, misuse of company systems, networks, computers and information, including prevention of personal data breaches and cyber-attacks, piracy and malware prevention, IP rights protection and IP theft prevention and website security.

 

5.11 General Corporate Operations and Due Diligence

Which Personal Data do we collect about you? For this purpose we process the following Personal Data: (i) identifiers such as a real name, alias, postal address, unique personal identifier, online identifier Internet Protocol address, email address, account name, social security number, driver’s license number, passport number, date of birth and/or age, or other similar identifiers; (ii) name, signature, social security number, physical characteristics or description, sex/gender, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information; commercial information, including credit card information, payment details, product preference, records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies; (iii) internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding your interaction with our websites, applications, or advertisements; and (iv) product usage history and performance detail. 

What is the Purpose of Processing your Personal Data? To develop or operate financial/credit/conduct and risk models, conduct internal analysis of customers, plan strategy and growth, collate reporting and management information to support business reporting, sharing information with other members of the corporate group, conduct back-office operations, monitoring physical access to offices, visitors and CCTV operations in reception and any other restricted areas, producing aggregate analytics, business intelligence, managing third party relationships (vendors, suppliers, media, business partners) and processing identifiable data for the purpose of anonymising/de-identifying/re-identifying it for the purposes of using the anonymised data for other purposes (product improvement, analytics, etc.).

How long do we store your Personal Data? We store your Personal Data for up to three years after you provide it to us, unless we are required by the law to store it for a longer period.

What is the Basis for Processing your Personal Data? Our legitimate interests in the day-to-day operation of our business and planning for strategic growth, including management of customer, client, vendor and other relationships, sharing intelligence with internal stakeholders, implementing safety procedures, and planning and allocating resources and budgeting.

 

6. who IS Receiving your personal data?

We employ other companies and people (“Third Parties”) to perform tasks on our behalf and we need to share, and may internationally transfer, your information with them to provide products or services to you. We do not sell, trade, rent or otherwise provide your Personal Data to Third Parties without prior permission from you, provided however, those Third Parties do not include our subsidiaries, affiliates, licensees, partners, hosting partners, other parties who assist us in operating the Services, or organizations providing services to support our functions, such as our mail and email processing companies, payment processing companies, and market research firms.
We may share your data in an aggregate format, as well as aggregate usage information, with Third Parties for both advertising and promotional purposes. Further, we cooperate with all law enforcement inquires, and with all Third Parties, to enforce applicable intellectual property or other legal rights.

Do Not Track (DNT) is a privacy preference that users can set in their web browsers. At this time, our website does not support DNT codes. However, except in the case of analytics cookies, remarketing and other features of Google Display Advertising described herein, our website limits tracking to the uses described above. Except in the case of analytics cookies, remarketing and other features of Google Display Advertising described herein, our website does not track your use across multiple websites other than the affiliated websites included within this Global Privacy Policy, however, other websites to which we link may. Please review their privacy policies to understand how you may be tracked.
We do not control these third parties’ tracking technologies or how they may be used. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly. Also, if you wish to opt out of interest-based advertising, please visit http://optout.aboutads.info to manage your preferences. Alternatively, if you are located in the European Union, you may visit http://www.youronlinechoices.eu/. Please note that you may continue to receive generic ads.

 

6.1 Our Service Providers

Auth0, Amazon Web Services, Google Analytics, Google Firebase, Facebook Pixel, Hotjar, Campaign Manager, Shopify, and SAP Success Factors.

 

6.2 Other Recipients (controllers)

Digital River, JP Morgan, and Bank of America.

 

6.3 Sharing your Site Usage Information

Google Analytics, Facebook Pixel, Hotjar, DoubleClick, Google Translate, GA Audiences, Facebook Connect, Facebook Custom Audiences, SumoMe, Google Tag Manager, Mixpanel, Segment, Cookie Script, Zendesk, and TypeKit by Adobe.

 

 7. WHERE DO WE TRANSFER YOUR PERSONAL DATA?

We will not transfer Personal Data relating to you to a country outside the European Economic Area (“EEA”) unless: (1) the country or recipient is covered by an adequacy decision of the European Commission under GDPR Article 45; (2) appropriate safeguards have been put in place which meet the requirements of GDPR Article 46 (for example using the European Commission’s Standard Model Clauses for transfers of Personal Data outside the EEA); or (3) one of the derogations for specific situations under GDPR Article 49 is applicable to the transfer. These include (in summary) if the transfer is necessary to perform, or to form, a contract to which we are a party; the transfer is necessary for the establishment, exercise or defense of legal claims; you have provided your explicit consent to the transfer; or the transfer is of a limited nature, and is necessary for the purpose of our compelling legitimate interests.

 

 8. HOW LONG DO WE PROCESS YOUR PERSONAL DATA?

We will store your Personal Data only until the aforementioned purposes for which we have collected or received your Personal Data is fulfilled and once our statutory obligations to preserve records have expired as further described in the Summary Record Retention Period at the end of this Policy. In addition, SRAM may retain anonymized Personal Data (data that is no longer in a form identifying or making identifiable the individual to which the Personal Data relates). 

 

 9. what are your rights?

To the extent that GDPR or other applicable data protection laws apply, you have the right to obtain from us: 

Confirmation as to whether or not we process Personal Data from you and, where that is the case, access to the Personal Data;
Rectification of inaccurate Personal Data;
Erasure of Personal Data;
Restriction of processing of Personal Data; and
Receive the Personal Data which you have provided to us and transmit those data to another data controller without hindrance.

You may exercise any of these applicable rights by contacting us at:

 Data Protection Officer

SRAM, LLC

1000 W Fulton Market, Floor 4, Chicago, Illinois 60607, USA

Email: DPO@sram.com

Telephone: +1-312-664-3002

 

We will respond to your requests in accordance with, and within the appropriate timeframe determined by, the applicable law and/or regulation governing the use of the given personal information. In most cases, we will respond to requests within one month; provided, however, if the request is complex, we may extend its response time in accordance with applicable law and regulation. Please note that we may require additional information from you in order to honor the request, such as to ensure proper authentication or to verify the SRAM, LLC entity to which the information was provided.

 

 10. Can you withdraw your CONSENT to the processing of personal data?

You may withdraw your consent to some of all of our processing of your Personal Data by contacting us at:

 Data Protection Officer

SRAM, LLC

1000 W Fulton Market, Floor 4, Chicago, Illinois 60607, USA

Email: DPO@sram.com

Telephone: +1-312-664-3002

 

We will respond to your requests in accordance with, and within the appropriate timeframe determined by, the applicable law and/or regulation governing the use of the given personal information. In most cases, we will respond to requests within one month; provided, however, if the request is complex, we may extend its response time in accordance with applicable law and regulation. Please note that we may require additional information from you in order to honor the request, such as to ensure proper authentication or to verify the SRAM, LLC entity to which the information was provided.

As set out above, you are entitled to withdraw your consent to the processing of your Personal Data but please note that if you do withdraw your consent, we may not be able to carry out our contractual obligations to you or provide you with access to all or certain parts of the Services.

 

 11. Can you complain with the APPLICABLE LEGAL authorities?

You also have the right to lodge your complaints with the applicable legal authorities, including, without limitation, the applicable European Union (“E.U.”) supervisory authority(ies) (if you are an E.U. citizen). 

 

 12. do you have to provide your personal data to UTILIZE THE SERVICES?

Typically, to use our online store or utilize the Services, you will need to provide some Personal Data. For example, orders on the online store will require a name, your shipping address, and contact information. Our Services are designed around user-specific personalization, so not all of the Services require you to provide Personal Data. If you do not log into an account or consent to cookies then you will not need to provide any Personal Data. However, you may not be able to use all of the features of the Services.

 

 13. how do we protect your personal data?

The security of all Personal Data associated with users of the Services is of great concern to us. We maintain appropriate technical and organizational measures to protect the Personal Data you provide to us against accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to your Personal Data.

Any account information you enter on the Services is password‑protected so that only you can access it. You should not divulge your password or user identification number to anyone. Unfortunately, no data transmission over the Internet can be guaranteed to be 100% secure. As a result, while we strive to protect your Personal Data, we can’t ensure or warrant the security of any information you transmit to us, and you do so at your own risk.

Our relevant websites and applications may contain links to other websites provided by third parties. We do not control these third party websites or any of the content contained on those websites. Once you have left our relevant Sites, we cannot be responsible for the protection and privacy of any information which you provide. You should exercise caution and look at the privacy statement for the website you visit. 

 

14. Your California Privacy Rights

California Civil Code Section 1798.83 permits our visitors who are California residents to request certain information regarding our disclosure of Personal Datato third parties for their direct marketing purposes. To make such a request, please contact us at: 

Data Protection Officer

SRAM, LLC

1000 W Fulton Market, Floor 4, Chicago, Illinois 60607, USA

Email: DPO@sram.com

Telephone: +1-312-664-3002

 

15. can we Change our privacy POLICY?

As we continue to provide additional services and as the privacy laws and regulations evolve, it may be necessary to revise or update this Privacy Policy. We reserve the right, at our discretion, to change, modify, add or remove portions of this Privacy Policy at any time. If we make any material changes to this Privacy Policy, including, any material changes to how we collect, use, process, and/or share your information, we will prominently post a notice of such changes on the website(s) and mobile applications covered by this Privacy Policy. To the extent required by applicable law, we will contact you with regard to changes to this Privacy Policy. 

 

16. HOW CAN YOU CONTACT US?

If you have questions about this Privacy Policy or any subject discussed herein, please feel free to contact us at one of the following:

By email at:  DPO@sram.com

By mail at:  1000 W Fulton Market, Floor 4, Chicago, Illinois 60607, USA or

By telephone at:  +1-312-664-3002.

In most cases, we will respond to requests within one month; provided, however, if the request is complex, we may extend its response time in accordance with applicable law and regulation. Please note that we may require additional information from you in order to honor the request, such as to ensure proper authentication or to verify the SRAM, LLC entity to which the information was provided.

Updated: March 29, 2019

 

- SUMMARY RETENTION PERIOD

This Summary Retention Period table lists categories of Records retained, examples of information contained in those Records, and the retention period in the absence of an approved request for deletion from an individual or a legal requirement mandating a different retention period.

Category

 

Information description

(includes but not limited to)

 

Retention Period (in absence of a deletion request or legal requirement)

Customer Data (Non-Account Member Data)

Names; Addresses; Transaction Information; Payment details; E-mail Addresses; Telephone Numbers; Purchasing history

12 years after use

Account Member Data

Names; Addresses; Transaction Information; Payment details; E-mail Addresses; Telephone Numbers; Product preference; Purchasing history; IP address; DOB’s

12 years after use

Contest, Sweepstake, or Promotion Participant Data

Names; Addresses; E-mail Addresses; Telephone Numbers; IP address; DOB’s

3 years after use

Temporary Employee Data and Employment Records

 

DOB’s; Addresses; Phone numbers; Self-reviews; Job description; Resumes; Policy acknowledgement  forms; Exit interview data

Permanent

Tax Withholding

DOB’s; Addresses; Employee eligibility forms

Permanent

Tax Records

Tax returns; Payroll tax documentation; Federal and State Form W-4; Form W-2

8-10 years after employment ceases/completion depending on the Record

Medical information

Maternity records; Disability certificates; Employee medical records; Related medical data

10 years after employment ceases/completion

Health and Safety

Accident records; Accident investigation record; Records of reportable accidents or dangerous occurrences

10 years after employment ceases/completion

HR Forms

Background Check Disclosure Release Form; Garnishments; Background check records; Appointment books

7 years after employment ceases/completion

Employee Benefits

Health/Workers Insurance documents; Pension documents; Social Insurance documents; FMLA paperwork; Contribution accounts

7-10 years after employment ceases/completion depending on the particular Record

Rewards & Recognition

Reward documents; Anniversary documents

7-10 years after employment ceases/completion depending on the Record

Employee Payroll and Salary

Payroll list; Pay slips; Documents to determine pay; Pay scales; Sick pay supplement documents; Salary, benefits, bank details, pension details

10 years after employment ceases/completion

Time and Attendance

Time sheets; Short-time working allowance lists; Shift report; Overtime lists

10 years after employment ceases/completion

Contracts and Service Agreements

Customer rebate agreements; Contracts for services; Related sub-contracts

12 years after the Record is no longer active

Unsuccessful applicants

(did not result in employment)

Name; Application correspondence; Addresses; Phone numbers

10 years after application

Product Development, Engineering, Performance, and Enhancement

Name; Address; Purchasing history; GPS data; Product usage data

7 years after use

.