UNITED STATES SUPPLEMENTAL PRIVACY STATEMENT FOR RESIDENTS OF CALIFORNIA, COLORADO, CONNECTICUT, UTAH, AND VIRGINIA
- Introduction
- Purposes for collecting, processing, disclosing, and sharing personal information
- Purposes for collecting, processing, and disclosing sensitive personal information
- Personal information sales and sharing
- Personal information disclosure
- Retention of personal information
- Sources of personal information
- Privacy rights and requests
- How to exercise your privacy rights
- De-identified information
- How to contact us
- Changes to this supplement
effective date: April 17, 2024
To print this Supplement, please click Print
INTRODUCTION
Dion & Sons, Inc and its wholly owned subsidiaries (together, “Dion & Sons”) are committed to protecting your privacy. This Supplemental Privacy Statement (the “Supplement”) supplements our Dion and Sons Privacy Statement and describes how we collect, use, and disclose personal information relating to California, Colorado, Connecticut, Utah, and Virginia residents, including when they use the Dion & Sons websites (the “Sites”) and our mobile applications (the “Apps,” collectively with the Sites, the “Services”). For purposes of this Supplement, “personal information” is information that identifies you as an individual or relates to an identifiable individual.
This Supplement does not address our handling of personal information relating to current and former employees, job applicants, contractors, and similar individuals. For California residents, you can find additional information regarding our handling of such personal information by visiting the relevant California notice posted on our careers page or emailing us.
COLLECTION, PROCESSING, DISCLOSURE, AND SHARING OF PERSONAL INFORMATION
The following chart details the categories of personal information we collect and process, as well as the categories of personal information we disclose to third parties for our operational business purposes, including within the 12 months preceding the date this Supplement was last updated. The chart also details the categories of personal information that we “share” for purposes of cross-contextual behavioral or targeted advertising, including within the 12 months preceding the date this Supplement was last updated.
We do not “sell” personal information, as defined under applicable law. We do disclose personal information in certain instances for our marketing purposes. For example, we may engage third parties to help us deliver interest-based advertisements to you and may make use of third-party tracking technologies or other online marketing services. These activities may be considered targeted advertising or “sharing” for purposes of cross-contextual behavioral advertising under applicable law.
Categories of Personal Information | Disclosed to Which Categories of Third Parties for Business Purposes (See the chart below for a description of each category of third party) | Shared with Which Categories of Third Parties for Cross-Contextual Behavioral or Targeted Advertising | Processing Purposes (See the chart below for a description of each Processing Purpose) |
---|---|---|---|
Identifiers, such as: – Contact information: name, postal address, email address, telephone number, information regarding contest entries, event registration, and rewards or loyalty program participation. – Government-issued ID: state and national identification numbers – Unique personal identifiers: IP address, cookies, online identifiers and device numbers that can reasonably be linked or associated with a particular consumer, information used to create your accounts through the Services (such as username and password) | – Internal parties and external business partners – Service providers – Select corporate, promotional, rewards or loyalty partners – Transactional partners – Third parties in connection with acquisitions or divestitures – Other users on collaborative Sites – Government and regulatory authorities | Ad networks; social media platforms | – Operate, evaluate and improve our business – Prevent fraudulent or other criminal activity – Respond to your request for information, order, or support – Administer the Sites and Services – Administer or fulfil a rewards or loyalty program or similar offer – Meet legal, regulatory, and compliance obligations – Conduct marketing – Manage site visits and securing persons and property – Note: We use Government-issued ID only to meet legal, regulatory, and compliance obligations or for security purposes. |
Personal information covered by the California customer records law, such as: – Contact Information: name, postal address, email address, telephone number – Government-issued ID: state and national identification numbers – Financial Information: financial account number and other payment and financial information | – Internal parties and external business partners – Service providers – Select corporate, promotional, rewards or loyalty partners – Transactional partners – Third parties in connection with acquisitions or divestitures – Other users on collaborative Sites – Government and regulatory authorities | None | – Operate, evaluate and improve our business – Prevent fraudulent or other criminal activity – Respond to your request for information, order, or support – Administer the Sites and Services – Administer or fulfil a rewards or loyalty program or similar offer – Meet legal, regulatory, and compliance obligations – Conduct marketing – Manage site visits and securing persons and property – Note: We use Government-issued ID only to meet legal, regulatory, and compliance obligations or for security purposes. |
Protected Class Information, such as characteristics of protected classifications under California or federal law, such as biographical, demographic, and professional information (including date of birth, age, gender), and information regarding your ethnicity, nationality and country of residence that allows us to comply with government reporting requirements, support diversity initiatives, or determine your eligibility under export control regulations to receive information about certain technologies | – Internal parties and external business partners – Service providers – Select corporate, promotional, rewards or loyalty partners – Transactional partners – Third parties in connection with acquisitions or divestitures – Government and regulatory authorities | None | – Operate, evaluate and improve our business – Prevent fraudulent or other criminal activity – Respond to your request for information, order, or support – Administer the Sites and Services – Administer or fulfil a rewards or loyalty program or similar offer – Meet legal, regulatory, and compliance obligations |
Commercial Information, such as transaction information and purchase history, including purchases considered, consuming histories or tendencies, your inquiries about, feedback on and orders for our products and services | – Internal parties and external business partners – Service providers – Select corporate, promotional, rewards or loyalty partners – Transactional partners – Third parties in connection with acquisitions or divestitures – Other users on collaborative Sites – Government and regulatory authorities | None | – Operate, evaluate and improve our business – Prevent fraudulent or other criminal activity – Respond to your request for information, order, or support – Administer the Sites and Services – Administer or fulfil a rewards or loyalty program or similar offer – Meet legal, regulatory, and compliance obligations – Conduct marketing |
Biometric Information, such as imagery of your fingerprint, face, and voice recordings, from which an identifier template, such as a face print, a minutiae template or a voiceprint can be extracted | Internal parties and external business partnersService providersGovernment and regulatory authorities | None | – Operate, evaluate and improve our business – Prevent fraudulent or other criminal activity – Respond to your request for information, order, or support – Administer the Sites and Services – Meet legal, regulatory, and compliance obligations – Manage site visits and securing persons and property |
Internet or network activity information, such as information about your devices, browsing actions and usage patterns, including across online channels and third-party websites that we obtain through the use of cookies, web beacons and similar technologies | – Internal parties and external business partners – Service providers – Select corporate, promotional, rewards or loyalty partners – Transactional partners – Third parties in connection with acquisitions or divestitures – Government and regulatory authorities | Ad networks; social media platforms | – Operate, evaluate and improve our business – Prevent fraudulent or other criminal activity – Respond to your request for information, order, or support – Administer the Sites and Services – Administer or fulfill a rewards or loyalty program or similar offer – Meet legal, regulatory, and compliance obligations – Conduct marketing |
Geolocation Data, such as the site, time, and date of purchases or data derived from your IP address, country and zip code. We may also collect the precise geolocation of your mobile device where we have provided notice and obtained your consent, where required under applicable law. | – Internal parties and external business partners – Service providers – Select corporate, promotional, rewards or loyalty partners – Transactional partners – Third parties in connection with acquisitions or divestitures – Government and regulatory authorities | Ad networks; social media platforms | – Operate, evaluate and improve our business – Prevent fraudulent or other criminal activity – Respond to your request for information, order, or support – Administer the Sites and Services – Administer or fulfill a rewards or loyalty program or similar offer – Meet legal, regulatory, and compliance obligations – Conduct marketing – Manage site visits and securing persons and property |
Audio/Video Data, Audio, electronic, visual, thermal, and similar information, such as video or audio recordings of company conference calls or customer service calls, and security footage and video recordings captured at our facilities or company events. At certain Dion & Sons retail stations, we may use dedicated cameras and/or process video footage during a limited retention window to generate de-identified information regarding retail traffic, consumer behavior, aisle traffic, and purchasing patterns. Thermal images may be captured in connection with certain company operations or company demonstrations of related technology for public audiences. | – Internal parties and external business partners – Service providers – Third parties in connection with acquisitions or divestitures – Government and regulatory authorities | None | – Operate, evaluate and improve our business – Prevent fraudulent or other criminal activity – Respond to your request for information, order, or support – Administer the Sites and Services – Administer or fulfill a rewards or loyalty program or similar offer – Meet legal, regulatory, and compliance obligations – Conduct marketing – Manage site visits and securing persons and property |
Employment Information. Professional or employment-related information, such as business contact information, job title, and current employer | – nternal parties and external business partners – Service providers – Select corporate, promotional, rewards or loyalty partners – Transactional partners – Third parties in connection with acquisitions or divestitures – Other users on collaborative Sites – Government and regulatory authorities | None | – Operate, evaluate and improve our business – Prevent fraudulent or other criminal activity – Respond to your request for information, order, or support – Administer the Sites and Services – Administer or fulfill a rewards or loyalty program or similar offer – Meet legal, regulatory, and compliance obligations – Conduct marketing – Manage site visits and securing persons and property |
Inferences drawn from any of the personal information listed above to create a profile about, for example, an individual’s preferences or characteristics. | – Internal parties and external business partners – Service providers – Third parties in connection with acquisitions or divestitures – Government and regulatory authorities | None | – Operate, evaluate and improve our business – Prevent fraudulent or other criminal activity – Respond to your request for information, order, or support – Administer the Sites and Services – Administer or fulfill a rewards or loyalty program or similar offer – Conduct marketing |
Sensitive Personal Information – Government-issued IDs: Personal information that reveals an individual’s state or national identification number – Account login and payment information: Account log-in in combination with any required security or access code, password, or credentials allowing access to an account – Precise/specific geolocation information – Racial or ethnic origin, data revealing citizenship – Biometric information used for the purpose of uniquely identifying an individual. – The contents of mail, email, and text messages unless Dion & Sons is the intended recipient of the communication. | – Internal parties and external business partners – Service providers – Transactional partners – Third parties in connection with acquisitions or divestitures – Government and regulatory authorities | None | Please see the section below, entitled “purposes for collecting, processing, and disclosing sensitive personal information.” |
PURPOSES FOR COLLECTING, PROCESSING, DISCLOSING, AND SHARING PERSONAL INFORMATION
We collect, process, disclose, and share personal information to operate, manage, and maintain our business, and to provide our products and services, including for the following purposes:
Purpose | Examples of Processing Activities |
---|---|
Operate, evaluate and improve our business | We may use the personal information we collect about you to administer, enhance and improve our products and services, develop new products, services, sites, and apps, manage our communications and customer relationships, and perform accounting, auditing, billing, reconciliation, collection and similar activities. |
Prevent fraudulent or other criminal activity | We may use the personal information we collect about you to verify your identity, protect against and prevent fraud and other unlawful activity, unauthorized transactions, claims and other liabilities, for safety and security purposes, and to manage risk exposure and quality. |
Respond to your request for information, order, or support | When you contact us, we collect information necessary to respond to your request, grant you access to a product or service, and provide you with support. For instance, we may collect your name and contact information, payment and partner rewards program account number and/or rewards or loyalty program eligibility information, and details about the fulfillment delivery and invoicing of your order, and we may include client satisfaction survey information. We may retain such information for administrative purposes, to defend our rights, and to manage our relationship with you. |
Administer the Sites and Services | When entering one of our Sites, or using another of the Services, we will record information necessary to provide you with access, for the operation of the Services and for us to comply with security and legal requirements in relation to operating our site, such as passwords, IP address and browser settings. We also collect information about your activities during your visit in order to personalize your experience, such as recording your preferences and settings, and to collect statistics to help us improve and further develop our Services, as well as other products and services. |
Administer or fulfil a rewards or loyalty program or similar offer | When you enroll in one of our rewards or loyalty programs, or participate in a similar contest, promotion, survey or offer, we may collect information in order to administer or fulfill such program or offer. |
Meet legal, regulatory, and compliance obligations | We may use personal information we collect about you to conduct investigations and comply with and enforce applicable legal requirements, relevant industry standards, contractual obligations and our policies and terms. |
Conduct marketing | When you register for an event, we may collect information in connection with the event organization and during an event, such as your participation in sessions and survey results. We may combine the personal information we collect to develop aggregate analysis and business intelligence for conducting our business and for marketing and personalization purposes. |
Manage site visits and securing persons and property | We may register individuals visiting our sites and locations (name, identification and contact information) and use camera supervision for reasons of security and safety of persons and belongings, as well as for regulatory purposes. |
PURPOSES FOR COLLECTING, PROCESSING, AND DISCLOSING SENSITIVE PERSONAL INFORMATION
Subject to your consent where required by applicable law, we collect, process, and disclose sensitive personal information for purposes of: providing goods or services as requested; ensuring safety, security, and integrity; countering wrongful or unlawful actions; short-term transient use such as displaying first-party, non-personalized advertising; performing services for our business, including maintaining and servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing analytic services, providing storage, or providing similar services on behalf of our business; activities relating to quality and safety control or product improvement; and other collection and processing that is not for the purpose of inferring characteristics about an individual. We do not use sensitive personal information beyond these purposes.
PERSONAL INFORMATION SALES AND SHARING
Categories of Third Parties and Purposes for Sharing: We do not sell your personal information for monetary profit. However, we do engage in certain information disclosure activities that may be considered “sharing” under California Law. For instance, Dion & Sons engages third parties to help us deliver internet-based advertisements to you and may make use of third-party tracking technologies or other online marketing services. We do not knowingly share the personal information of consumers under 16 years of age. In the preceding twelve (12) months, we have shared the following personal information:
Category | Business or Commercial Purpose | Categories of Third Parties to Whom Personal Information was Disclosed That May be Considered a “Sharing” Under California Law |
---|---|---|
Identifiers | To provide you with personal advertising and content | Advertisers and advertising networks |
Geolocation Information | To provide you with personal advertising and content | Advertisers and advertising networks |
Internet or other similar network activity | To provide you with personal advertising and content | Advertisers and advertising networks |
You may opt-out of such disclosures of your personal data to third parties and relating to your use of specific Dion & Sons websites by choosing the “Do not share my personal information” button in the cookie banner for the specific company websites you may visit OR (where you have previously opted to accept all cookies on one of our sites) by updating your cookie preferences by navigating to the floating “cookie icon” appearing in your browser or, alternatively, clicking the “Manage Cookies Preferences” link at the bottom of the applicable company webpages you visit, depending on the site.
PERSONAL INFORMATION DISCLOSURE
We disclose personal information to the following categories of third parties:
Category of Third Party | Description |
---|---|
Internal parties and external business partners | We may disclose personal information to our subsidiaries, affiliates, joint venture partners, and, where appropriate, with selected partners for a business purpose such as providing you with products or services, facilitating your transactions, or fulfilling your requests. |
Service providers | Dion & Sons contracts with other companies to provide services on our behalf, including, but not limited to, hosting the Services, sending out information, processing transactions, analyzing our Sites and administering and fulfilling our loyalty and rewards programs. |
Select corporate, promotional, rewards or loyalty partners | Dion & Sons may offer sweepstakes, contests, promotions, rewards or loyalty programs (each, an “Offer”) that provide eligible members with certain awards and specifical benefits. By participating in an Offer, you agree to the terms, conditions, and/or official rules that govern that Offer. If you choose to participate in an Offer, personal information may be disclosed to third parties, including select partners, in connection with the administration of the Offer, including, without limitation, tracking and redemption of rewards and as may be required by applicable law. Please be advised that the third party’s own privacy policy may apply to its use of your personal information pursuant to your enrollment and participation in an Offer. |
Transactional partners | In connection with certain transactions, we may disclose personal information to financial institutions, government entities, and shipping companies or postal services involved in fulfilling the transaction. |
Third parties in connection with acquisitions or divestitures | Circumstances may arise where for strategic or other business reasons Dion & Sons decides to sell, buy, merge, or otherwise reorganize particular businesses. Such a transaction may involve the disclosure of personal information to prospective or actual purchasers. |
Other users on collaborative Sites | Some of our Sites promote collaboration among registered users with respect to a particular area or topic. On those Sites, we may disclose your username to other participants to label comments or suggestions that you make as yours. |
Government and regulatory authorities | We may disclose personal information to authorities if required to do so by law, regulation, subpoena, court order, warrant or similar legal process or in the good-faith belief that such action is necessary to protect and defend our rights or property, or in urgent circumstances to protect the personal safety of any individual. |
RETENTION OF PERSONAL INFORMATION
We retain personal information, including sensitive personal information, for as long as needed or permitted in light of the purposes for which it was collected. When determining the retention period, we take into account various criteria, including: the length of time we have an ongoing relationship with you and provide the Services to you; the legitimate business purposes for which we collect and process personal information as described in this Supplement and the Dion & Sons Privacy Statement, including retention of information related to the defense and pursuit of legal claims; and whether we are subject to a legal obligation that requires us to retain records.
SOURCES OF PERSONAL INFORMATION
We collect personal information directly from you, automatically from your device, and from third-party sources, including publicly available websites (such as LinkedIn), our business partners, and marketing companies.
PRIVACY RIGHTS AND REQUESTS
You may, subject to applicable law, make the following requests:
- To know whether we process personal information about you, and to access such personal information. If you are a California resident, you may also request that we disclose to you the following information:
- The categories of personal information we collected about you and the categories of sources from which we collected such personal information;
- The business or commercial purpose for collecting or ”sharing” personal information about you;
- The categories of personal information about you that we “shared” and the categories of third parties with whom we “shared” such personal information; and
- The categories of personal information about you that we otherwise disclosed, and the categories of third parties to whom we disclosed such personal information.
- To correct inaccuracies in personal information about you.
- To have personal information about you deleted.
- To receive the specific pieces of personal information about you, including a copy of such information in a portable format.
- To opt out of targeted advertising, including the “sharing” of personal information about you for cross-contextual behavioral advertising.
You have the right not to be unlawfully discriminated against for exercising your privacy rights.
HOW TO EXERCISE YOUR PRIVACY RIGHTS
You can submit a request by calling (toll free) +1 844 338 3905 or submitting a request through our online webform. We will verify and respond to your request consistent with applicable law, taking into account the type and sensitivity of the personal information subject to the request. We may decline to honor your request where an exception applies. We may need to request information from you to verify a request, in order to verify your identity and protect against fraudulent requests. For example, we may ask for your phone number and email address to confirm your request and your state of residency to determine the requirements applicable to your specific request. If you maintain a password-protected account with us, we may verify your identity through our existing authentication practices for your account and require you to re-authenticate yourself before disclosing or deleting your personal information. You may make a request on behalf of a child who is under 13 years old if you are the child’s parent or legal guardian. If you make a request to delete, we may ask you to confirm your request before we delete your personal information.
We do not sell personal information (including sensitive personal information), as defined under applicable law. We have not engaged in such activity in the 12 months preceding the date this Supplement was last updated. Without limiting the foregoing, we do not sell or knowingly “share” personal information (including sensitive personal information) of minors under 16 years of age.
To request to opt out of any future “sharing” of your personal information for purposes of cross-contextual behavioral advertising, or any future processing for purposes of targeted advertising, you may click Manage Cookie Preferences
We also process opt-out preference signals, such as the Global Privacy Control. These signals set your opt-out preferences only for the particular browser or device you are using. For information about how to use the Global Privacy Control, please visit https://globalprivacycontrol.org/.
Appeal process
If you are a Colorado, Connecticut, or Virginia resident and we refuse to take action on your request, you may appeal this refusal within a reasonable period after you have received notice of the refusal. You may file an appeal by calling (toll free) +1 844 338 3905 or submitting a request through our online webform.
Authorized agents
If you would like your agent to make a request on your behalf to the extent permitted under applicable law, the agent may use the submission methods noted above under “privacy rights and requests.” We will process the agent’s request consistent with applicable law. As part of our verification process, we may request that the agent provide, as applicable, proof concerning their status as an authorized agent. In addition, we may require that you verify your identity as described in the “privacy rights and requests” section or confirm that you provided the agent permission to submit the request.
DE-IDENTIFIED INFORMATION
Where we maintain or use de-identified information, we will continue to maintain and use the de-identified information only in a de-identified fashion and will not attempt to re-identify the information.
FANDL.COM ECOMMERCE PRIVACY POLICY (SUPPLEMENT TO CORPORATE PRIVACY POLICY)
DATA COLLECTION AND TRANSPARENCY
At Dion & Sons e-commerce store, FandL.com, safeguarding your data is our utmost priority. Here’s a comprehensive overview of how we handle your information:
Information We Collect:
- We gather essential personal details, including shipping addresses, phone numbers, and email addresses.
- Additionally, we may retain stored credit card information, purchase history, and ad interactions.
Data Utilization:
- Your data serves critical purposes:
- Processing orders and ensuring seamless purchases.
- Providing responsive customer support.
- Enhancing our services and customizing recommendations based on your preferences.
3. Secure Data Storage:
- Rest assured, your information resides securely on our servers.
- We adhere to industry-standard security protocols to prevent unauthorized access.
LEGAL COMPLIANCE
Our commitment extends to compliance with relevant privacy laws and regulations:
1. California Consumer Privacy Act (CCPA):
- If you’re in California, we transparently disclose the data we collect and empower you to request deletion.
2. California Privacy Rights Act (CPRA):
- The CPRA augments the CCPA, granting additional rights to control data usage and rectify inaccuracies.
TRUST AND ASSURANCE
We want your shopping experience at Fandl.com to inspire confidence:
1. Transparency Fosters Trust:
- Our privacy policy exemplifies our commitment to transparent data handling.
- We uphold ethical practices and refrain from any clandestine use of your information.
2. Sound Business Practice:
- Beyond regulatory compliance, maintaining a privacy policy is sound business practice.
- It underscores our respect for your privacy and underscores our dedication to data protection.
Should you have any further inquiries, please contact us.
HOW TO CONTACT US
If you have questions regarding our handling of personal information for residents of California, Colorado, Connecticut, Utah, or Virginia more generally, please contact us by email, or by mail at:
Dion & Sons, Inc
Attn. Global Privacy Office
1543 West 16th Street
Long Beach, CA. 90813
CHANGES TO THIS SUPPLEMENT
Dion & Sons may occasionally change or update this Supplement. When we do, we will post the revised Supplement on this page with a new “last updated” date.