Privacy Policy
Last Updated: September 22nd, 2022
This Privacy Policy applies to EGR and its affiliated entities (“EGR,” “we,” “us,” and “our”). We take your privacy seriously and this Privacy Policy explains (1) what personal information we collect; (2) how we share that personal information; (3) how we use that personal information; and (4) the choices you have regarding the treatment of your personal information when you use our Site at www.egrusa.com (the “Site”).
Our Terms and Conditions of Use (“Terms”) https://egrusa.com/terms-and-conditions govern this Privacy Policy. In the event that there is a conflict between the Terms and this Privacy Policy, the Terms shall govern. If you visit or shop at the Site, you accept and agree to be bound by our Terms and this Privacy Policy. Please read them carefully. If you do not agree, please do not visit or use the Site.
We reserve the right to amend or update this Privacy Policy from time to time. When we update this Privacy Policy we will update the Last Updated date at the top of this Privacy Policy. If changes are made to any part requiring your consent you will be asked to restate or change your consent(s). If changes are made to any part not requiring your consent, the Privacy Policy is considered applicable upon publication. In this case by continuing to access or make use of our Site, products and services after changes to the Privacy Policy are made, you acknowledge that you have been informed and agree to the Privacy Policy.
1. Personal Information Collected
When you visit the Site, we collect certain information about your device, your interaction with the Site, and information necessary to process your purchases. We may also collect additional information if you contact us for customer support. In this Privacy Policy, we refer to any information that can uniquely identify an individual (including the information below) as “Personal Information” or “Personal Data”. See the list below for more information about what Personal Information we collect and why.
DEVICE INFORMATION
- Examples of Personal Information collected: version of web browser, IP address, time zone, cookie information, what sites or products you view, search terms, and how you interact with the Site.
- Purpose of collection: to load the Site accurately for you, and to perform analytics on Site usage to optimize our Site.
- Source of collection: Collected automatically when you access our Site using cookies, log files, web beacons, tags, or pixels.
- Disclosure for a business purpose: shared with our processor BigCommerce.
ORDER INFORMATION
- Examples of Personal Information collected: name, billing address, shipping address, payment information (including credit card/debit numbers, email address, and phone numbers).
- Purpose of collection: to provide products or services to you to fulfill our contract, to process your payment information, arrange for shipping, and provide you with invoices and/or order confirmations, communicate with you, screen our orders for potential risk or fraud, and when in line with the preferences you have shared with us, provide you with information or advertising relating to our products or services.
- Source of collection: collected from you.
- Disclosure for a business purpose: shared with our processor BigCommerce.
CUSTOMER SUPPORT INFORMATION
The Site is not intended for individuals under the age of 18. We do not intentionally collect Personal Information from children. If you are the parent or guardian and believe your child has provided us with Personal Information, please contact us at the address below to request deletion. See further details in Section 4 below.
MINORS
2. Personal Information Shared
We share your Personal Information with service providers to help us provide our services and fulfill our contracts with you, as described above. For example:
- We use BigCommerce to power our online store. You can read more about how BigCommerce uses your Personal Information here: https://www.bigcommerce.com/privacy/
- We may share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect our rights.
MINORS
As described above, we use your Personal Information to provide you with targeted advertisements or marketing communications we believe may be of interest to you. For example:
- We use Google Analytics to help us understand how our customers use the Site.
You can read more about how Google uses your Personal Information here:
https://policies.google.com/privacy?hl=en.
You can also opt-out of Google Analytics here:
https://tools.google.com/dlpage/gaoptout. - We share information about your use of the Site, your purchases, and your interaction with our ads on other websites with our advertising partners. We collect and share some of this information directly with our advertising partners, and in some cases through the use of cookies or other similar technologies (which you may consent to, depending on your location).
For more information about how targeted advertising works, you can visit the Network Advertising Initiative's (“NAI”) educational page at http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.
You can opt out of targeted advertising by:
- FACEBOOK - https://www.facebook.com/settings/?tab=ads
- GOOGLE - https://www.google.com/settings/ads/anonymous
- BING - https://advertise.bingads.microsoft.com/en-us/resources/policies/personalized-ads
Additionally, you can opt out of some of these services by visiting the Digital Advertising Alliance's opt-out portal at: http://optout.aboutads.info/.
3. User of Personal Information
We use your Personal Information to provide our services to you, which includes: offering products for sale, processing payments, shipping and fulfillment of your order, and keeping you up to date on new products, services, offers, new applications and/or product notifications to consumers.
LAWFUL BASIS
Pursuant to the General Data Protection Regulation (“GDPR”), if you are a resident of the European Economic Area (“EEA”), we process your personal information under the following lawful bases:
- Your consent;
- The performance of the contract between you and the Site;
- Compliance with our legal obligations;
- To protect your vital interests;
- To perform a task carried out in the public interest;
- For our legitimate interests, which do not override your fundamental rights and freedoms.
RETENTION
When you place an order through the Site, we will retain your Personal Information for our records unless and until you ask us to erase this information under applicable data protection laws. However, unless otherwise required by applicable data protection laws, this period will last for no longer than 10 years from the collection of your personal data, or 10 years following your latest use of the Site, whichever period is the longest. Notwithstanding the aforesaid, your personal data will be stored for as long as may be necessary for legal establishment, exercise or defense of legal claims. For more information on your right of erasure, please see the 'Your Rights Regarding Your Personal Information' section below.
AUTOMATIC DECISION-MAKING
If you are a resident of the European Economic Area, you have the right to object to processing based solely on automated decision-making (which includes profiling), when that decision-making has a legal effect on you or otherwise significantly affects you.
We DO NOT engage in fully automated decision-making that has a legal or otherwise significant effect using customer data.
Our processor BigCommerce uses limited automated decision-making to prevent fraud that does not have a legal or otherwise significant effect on you.
Services that include elements of automated decision-making include:
- Temporary deny list of IP addresses associated with repeated failed transactions. This denylist persists for a small number of hours.
- Temporary deny list of credit cards associated with listed IP addresses. This list persists for a small number of days.
COOKIES
A cookie is a small amount of information that's downloaded to your computer or device when you visit our Site. We use a number of different cookies, including functional, performance, advertising, and social media or content cookies. Cookies make your browsing experience better by allowing the Site to remember your actions and preferences (such as login and region selection). This means you don't have to re-enter this information each time you return to the site or browse from one page to another. Cookies also provide information on how people use the Site, for instance whether it's their first time visiting or if they are a frequent visitor.
We use the following cookies to optimize your experience on our Site and to provide our services.
COOKIES NECESSARY FOR THE FUNCTIONING OF THE STORE
Name | Function |
---|---|
_ab | Used in connection with access to admin |
_secure_session_id | Used in connection with navigation through a storefront |
cart | Used in connection with shopping cart |
cart_sig | Used in connection with checkout |
cart_ts | Used in connection with checkout |
checkout_token | Used in connection with checkout |
secret | Used in connection with checkout |
secure_customer_sig | Used in connection with customer login |
storefront_digest | Used in connection with customer login |
REPORTING AND ANALYTICS
Name | Function |
---|---|
_tracking_consent | Tracking preferences |
_landing_page | Track landing pages |
_orig_referrer | Track landing pages |
The length of time that a cookie remains on your computer or mobile device depends on whether it is a “persistent” or “session” cookie. Session cookies last until you stop browsing and persistent cookies last until they expire or are deleted. Most of the cookies we use are persistent and will expire between 30 minutes and two years from the date they are downloaded to your device.
THIRD PARTIES
We share your Personal Information to the extent necessary with (a) IT and cloud providers for IT and hosting purposes, (b) payment handling companies for processing your payment, and (c) packaging and shipping companies for packaging, shipping and receipt of returned products.
By using this Site and by providing your consent you acknowledge that your Personal Information can be shared as described above.
4. Your Rights Regarding Your Personal Information
We use your Personal Information to provide our services to you, which includes: offering this Site, products for sale, processing payments, shipping and fulfillment of your order, and keeping you up to date on new products, services, and offers. You can control and manage cookies in various ways. Please keep in mind that removing or blocking cookies can negatively impact your user experience and parts of our Site may no longer be fully accessible. Most browsers automatically accept cookies, but you can choose whether or not to accept cookies through your browser controls, often found in your browser's “Tools” or “Preferences” menu. For more information on how to modify your browser settings or how to block, manage or filter cookies can be found in your browser's help file or through such sites as www.allaboutcookies.org. Additionally, please note that blocking cookies may not completely prevent how we share information with third parties such as our advertising partners. To exercise your rights or opt-out of certain uses of your information by these parties, please follow the instructions in the “Behavioral Advertising” Section 2 above.
Do Not Track
Please note that because there is no consistent industry understanding of how to respond to “Do Not Track” signals, we do not alter our data collection and usage practices when we detect such a signal from your browser.
How do I withdraw my consent?
You can withdraw your consent(s), at any time. You can withdraw your consents to the basic functionality of this Site and the Personalized Notification Services by going to Section 5 “Contact” section in on this Privacy Policy to notify us. We will comply with your request when we receive your notification, but please note that this will not affect the lawfulness of any processing that has taken place prior to us receiving such notice.
Children's Privacy
Consistent with the Children's Online Privacy Protection Act of 1998, we will never knowingly request personally identifiable information from anyone under the age of 18 without prior verifiable parental consent. If we become aware that a user is under the age of 18 and has registered with EGR without prior verifiable parental consent, we will remove his or her personally identifiable information from our files. Please note that we nevertheless maintain a record of that person's name and address in a "do not register" file to avoid subsequent registration by a child under the age of 18. By using this Site you agree and acknowledge that you are over 18 years old. Children under the age of 18 years are expressly prohibited from submitting or providing any personal information on the Site.
California Consumer Privacy Act
Please see our supplemental Privacy Policy for our California consumers below.
Nevada Privacy Act
Nevada consumers can request that we do not sell any covered information that we have collected or will collect by emailing https://egrusa.com/contact. Please include name, address, and email in the request. Expect a reply within 60 days after sending a verified request.
5. Contact
The entity responsible for the processing of your personal data, i.e., the data controller is:
EGR
4000 E. Greystone Drive
Ontario, CA 91761
https://egrusa.com/contact
(800) 757-7075
If you have any questions or concerns in relation to protection of your personal data, you are always welcome to contact our Data Protection Officer (DPO) using the above contact details.
If you are not satisfied with our response to your complaint, you have the right to lodge your complaint with the relevant data protection authority. You can contact your local data protection authority, or our supervisory authority here https://egrusa.com/contact
California Consumer Privacy Act
This privacy notice for California consumers supplements the information contained in the EGR Privacy Policy and Terms and Conditions of Use and applies solely to California consumers. We adopt this notice to comply with the California Consumer Privacy Act of 2018 ("CCPA"). Terms defined in the CCPA will have the same meaning here.
Categories of Information Collected
The list below shows the categories of personal information we have collected over the last twelve (12) months. It also shows the categories of personal information disclosed for a business purpose over the last twelve (12) months.
Category A — Identifiers.
Examples: Name, alias, postal address, Internet Protocol address, email address.
Category B — Categories described in Cal. Civ. Code 1798.80(e).
Examples: Name, address, telephone number, credit/debit card number.
Category F — Internet or other similar network activity.
Examples: Information on a consumer's interaction with the Site, and browser information.
Category G — Geolocation data.
Example: Internet Protocol address
Sources of Personal Information
- Directly from personal information submitted. Examples of this include placing an order, entering the guest checkout, creating an account, signing up for the newsletter, joining a contest/promotion, or signing up for product updates.
Purpose of Collection
EGR uses or discloses personal information to service providers for one or more of the following business purposes:
- To fill the direct reason the information was collected.
- Performing services, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing advertising or marketing services, providing analytic services, or providing similar services on behalf of the business or service provider.
- Improve our services.
- As otherwise described during collection of personal information.
- Auditing related to a current interaction with the consumer and concurrent transactions, including, but not limited to, counting and verifying ad impressions, and auditing compliance with this specification and other standards.
- Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity.
- Debugging to identify and repair errors that impair existing intended functionality.
- Short-term, transient use, where personal information is not disclosed to another third party and is not used to build a profile about a consumer or otherwise alter an individual consumer's experience outside the current interaction, including, but not limited to, the contextual customization of ads shown as part of the same interaction.
- Undertaking activities to verify or maintain the quality or safety of a service or device that is owned, manufactured, manufactured for, or controlled by the business, and to improve, upgrade, or enhance the service or device that is owned, manufactured, manufactured for, or controlled by the business.
Personal Information Sold
EGR does not sell any California consumers' personal information.
California Consumer Rights:
A consumer shall have the right to request that a business that collects personal information about the consumer disclose to the consumer the following:
- The categories of personal information it has collected about that consumer.
- The categories of sources from which the personal information is collected.
- The business or commercial purpose for collecting or selling personal information.
- The categories of third parties with whom the business shares personal information.
- The specific pieces of personal information it has collected about that consumer.
- A consumer shall have the right to request that a business that sells the consumer's personal information, or that discloses it for a business purpose, disclose to that consumer:
- The categories of personal information that the business collected about the consumer.
- The categories of personal information that the business sold about the consumer and the categories of third parties to whom the personal information was sold, by category or categories of personal information for each third party to whom the personal information was sold.
- The categories of personal information that the business disclosed about the consumer for a business purpose.
- A consumer shall have the right to request that a business delete any personal information about the consumer that the business has collected from the consumer. Note: A business or a service provider shall not be required to comply with a consumer's request to delete if it is necessary for the business in order to:
- Complete transactions, provide a good or service requested by the consumer, or reasonably anticipated within the context of a business's ongoing business relationship with the consumer, or otherwise perform a contract between the business and the consumer.
- Detect security incidents, protect against malicious, deceptive, fraudulent or illegal activity; or prosecute those responsible for that activity.
- Debug to identify and repair errors that impair existing intended functionality.
- Exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law.
- Comply with the California Electronic Communications Privacy Act, specifically Chapter 3.6 (commencing with Section 1546) of Title 12 of Part 2 of the Penal Code.
- To enable solely internal uses that are reasonably aligned with the expectations of the consumer based on the consumer's relationship with the business.
- Comply with a legal obligation.
- Otherwise use the consumer's personal information, internally, in a lawful manner that is compatible with the context in which the consumer provided the information.
Exercising CCPA Rights
In order to exercise any of the above rights from the CCPA please email EGR from https://egrusa.com/contact or call (800) 757-7075 and let us know that you are making a California consumer rights request.
- Make sure to provide enough information to allow us to verify you are the person about whom we have collected personal information.
- Describe the request in detail so we can properly respond to it.
Please note: A business shall not discriminate against a consumer because the consumer exercised any of the consumer's rights.
Children's Privacy
Consistent with the California provision of the Children's Online Privacy Protection Act of 1998, we will never knowingly request personally identifiable information from anyone under the age of 18 without prior verifiable parental consent. If we become aware that a user is under the age of 18 and has registered with EGR without prior verifiable parental consent, we will remove his or her personally identifiable information from our files. Please note that we nevertheless maintain a record of that person's name and address in a "do not register" file to avoid subsequent registration by a child under the age of 18. By using this Site, you agree to respond truthfully and accurately about your age. Children under the age of 18 years are expressly prohibited from submitting or providing any personal information on the site.
Severability, Amendment, Contact Us
The provisions of this privacy notice are severable. If any provision of this notice or its application is held invalid, that invalidity shall not affect other provisions or applications that can be given effect without the invalid provision or application.
We reserve the right to amend this Privacy Notice at any time. The date this notice went into effect and the date of last updated display on the top of the page.
If you have any comments or questions about this notice, please contact us at: https://egrusa.com/contact