California Privacy Policy
Last Updated: May, 2024
SUMMARY OF PERSONAL INFORMATION THAT WE COLLECT ABOUT YOU
For individuals who are California residents, we have adopted this Supplemental Privacy Policy (the “Supplemental Privacy Policy”) to comply with the California Consumer Privacy Act of 2018 (“CCPA”), California Privacy Rights Act (“CPRA”) and other California privacy laws, which require certain disclosures about the categories of personal information we collect, how we use them, the categories of sources from whom we collect personal information, and the third parties with whom we share it.
This Supplemental Privacy Policy, when applicable, is supplementary to, and in certain respects deviates from, the general Privacy Notice (herein, “Privacy Policy”) for LIPTON Teas and Infusions and its subsidiaries and affiliates (collectively “Company”). All undefined capitalized terms used herein shall have the same meaning as set forth in our Provacy Policy.
Depending on how you interact with the Company, we may collect the following categories of information as summarized in the table below. This Supplemental Privacy Policy describes the personal information that we collect from or about users of our websites, applications, widgets and other online and offline services (“Company Interfaces”), but does not apply to personal information we collect from employees or job applicants in their capacity as employees or job applicants. It also does not apply to personal information we collect from employees, owners, directors, officers, or contractors of businesses in the course of our provision or receipt of business-related services. If you are applying for a role with LIPTON Teas and Infusions then please see our separate Applicant Privacy Notice.
Personal information also does not include:
- Publicly available information from government records.
- De-identified or aggregated consumer information.
- Information excluded from the CCPA’s or CPRA’s scope, such as:
health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and the California Confidentiality of Medical Information Act (“CMIA”) or clinical trial data;
personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (“FRCA”), the Gramm-Leach-Bliley Act (“GLBA”) or California Financial Information Privacy Act (“FIPA”), and the Driver’s Privacy Protection Act of 1994.
Please take a moment to familiarise yourself with this Supplemental Privacy Policy and let us know if you have any questions by sending us an email or submitting a request through privacy@lipton.com
SOURCES OF PERSONAL INFORMATION COLLECTED
All of the categories of personal information we collect about you (as detailed below) come from the following types of sources:
- From you or your representatives, including through your use of our services, such as the personal data you provide us when you sign up for a newsletter, register for an account, or buy products.
- Automatically through your or your representatives activity on any Company Interface, such as certain types of personal data when you interact with us online. For example, about how you navigate around our website or communicate with our customer service teams. We use cookies and similar technologies to collect some of this personal data. To find out more about how we use cookies, and similar tracking technologies online, and how to exercise your choices about these, please see the information in our Cookie Notice.
- From third parties that interact with us in connection with the services we provide, such as from trusted partners who provide services, for instance marketing, on our behalf, or online platforms where you interact with our content. For example, we may collect information where you have interacted with our content on social media platforms by ‘liking’ one of our posts or clicking on one of our adverts, through one of our marketing cookies to which you have consented. Please note that these third parties generally also have their own privacy notices and terms. We encourage you to read them being using those websites.
CATEGORIES OF PERSONAL INFORMATION COLLECTED IN THE LAST TWELVE MONTHS
We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, household or device (“personal information”). In particular, we have collected the following categories of personal information from consumers during the twelve (12) months prior to the last update of this Supplemental Privacy Policy:
Category | Examples | Collected |
|---|---|---|
A. Identifiers. | A name, signature alias, physical characteristics or description, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number or state identification card number, passport number, telephone number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. or other similar identifiers. | YES |
B. Protected classification characteristics under California or federal law. | Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information). | YES |
C. Commercial information. | Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. | YES |
D. Biometric information. | Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data. | NO |
E. Internet or other similar network activity. | Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement. | YES |
F. Geolocation data. | Physical location or movements. | YES |
G. Sensory data. | Audio, electronic, visual, thermal, olfactory, or similar information. | NO |
H. Professional or employment-related information. | Current or past job history or performance evaluations. | NO |
I. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)). | Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. | NO |
J. Inferences drawn from other personal information. | Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. | NO |
BUSINESS/COMMERCIAL PURPOSES FOR OUR USE OF PERSONAL INFORMATION
All of the categories of personal information we collect about you (as detailed above) are used for the following purposes:
- Providing our services (for example, account servicing and maintenance, customer service, advertising and marketing, analytics, and communication about our services).
- Providing email alerts, event registrations, and other notices concerning our products or services, or other events or information that may be of interest to you.
- To review your account history.
- For our operational purposes, and the operational purposes of our service providers and integration partners.
- To carry out our obligations and enforce our rights arising from any contracts entered into between you and us.
- Improving our existing services and developing new services (e.g., by conducting research to develop new products or features).
- Detecting, protecting against, and prosecuting security incidents and fraudulent or illegal activity.
- Bug detection, error reporting, and activities to maintain the quality or safety of our services.
- Auditing consumer interactions on our site (for example, measuring page views).
- Short-term, transient use, such as customizing content that we or our service providers display on the services.
- Other uses that advance our commercial or economic interests, such as communicating with you about relevant offers.
- Such other uses that we notify you about when collecting your personal information or otherwise.
CATEGORIES OF THIRD PARTIES WITH WHOM WE HAVE SHARED PERSONAL INFORMATION IN THE LAST TWELVE MONTHS
We may disclose your personal information to a third party for a “business purpose” (as that term is defined in the CCPA). In the preceding twelve (12) months, we have disclosed the following categories of personal information for a business purpose:
Category | Specific Information Collected | Categories of Third Parties with Whom We Share Personal Information |
|---|---|---|
A. Identifiers. | Real name, postal address, email address, account name. | Third party service providers Regulator(s) or Government Authorities Acquiring company |
B. Protected classification characteristics under California or federal law. | N/A | N/A |
C. Commercial information. | Records of services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. | Third party service providers Regulator(s) or Government Authorities Acquiring company |
D. Biometric information. | N/A | N/A |
E. Internet or other similar network activity. | Information related to a user’s interaction with our website and applications. | Third party service providers Regulator(s) or Government Authorities Acquiring company |
F. Geolocation data. | Physical address location through RouteManager. | Third party service providers Regulator(s) or Government Authorities Acquiring company |
G. Sensory data. | N/A | N/A |
H. Professional or employment-related information. | N/A | N/A |
I. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)). | N/A | N/A |
J. Inferences drawn from other personal information. | Records of services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. | Third party service providers Regulator(s) or Government Authorities Acquiring company |
YOUR RIGHTS AND CHOICES
Subject to certain restrictions, California residents have the right to request that we disclose, correct and/or delete what personal information we collect about you, to delete any personal information that we collected from or maintain about you, and to opt-out of the sale of personal information about you. As a California resident, you also have the right to designate an agent to exercise these rights on your behalf. This section describes how to exercise those rights and our process for handling those requests, including our means of verifying your identity. If you would like further information regarding your legal rights under applicable law or would like to exercise any of them, please contact us please at privacy@lipton.com or by writing to us at:
Eduard van Beinumstraat 18
2Amsterdam, 7th Floor
1077 CZ AMSTERDAM
The Netherlands
Please include your reply address when you write to us.
Accessing, Correcting and Deleting Your Personal Information
- Right to request access to your personal information
California residents have the right to request that we disclose what categories of personal information that we collect, use, disclose or sell about you. You may also request the specific pieces of personal information that we have collected about you. However, we may withhold some information where the risk to you, your personal information, or our business is too great to disclose the information.
- Right to correct inaccuracies in the personal information we have about you
California residents have the right to request that we correct inaccuracies in the personal information we maintain about you. However, we may refuse to make the requested correction where we are unable to verify your identity, where the request is unfounded or excessive, where the information is publicly available or where such information is excemt from the CCPA or CPRA, as applicable. Subject to your consent, we can delete the conststed personal information as an alternative to correcting it if the deletion of such information does not negatively impact you.
- Right to request deletion of your personal information
You may also request that we delete any personal information that we have collected from/about you. However, we may retain personal information as authorized under applicable law, such as personal information required as necessary to provide our services, protect our business and systems from fraudulent activity, to debug and identify errors that impair existing functionality, as necessary for us, or others, to exercise their free speech or other rights, comply with law enforcement requests pursuant to lawful process, for scientific or historical research, for our own internal purposes reasonably related to your relationship with us, or to comply with legal obligations. We need certain types of information so that we can provide our services. If you ask us to delete it, you may no longer be able to access or use our services.
Sensitive Personal Information
We do not use Sensitive Personal Information for the purposes of inferring characteristics about consumers.
How To Exercise Your Privacy Rights
California residents may exercise their privacy rights by submitting your request to us. You may not request access to your personal information more than twice in any twelve month period.
For security purposes, we may request additional information from you to verify your identity when you request to exercise your privacy rights so we can reasonably verify you are the person about whom we collected such personal information (or that person’s authorized representative).
We endeavor to respond to a verifiable consumer request within 45 days of its receipt. If we require more time (up to an additional 45 days), we will inform you of the reason and the extension period in writing. If you have an account with us, we will deliver our written response through your account. If you do not have an account with us, we will deliver our written response by mail or electronically as you so request. Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance. We do not charge a fee to process or respond to your verifiable consumer request.
If you wish to exercise any of these rights and do not have an account with us, please contact us and we will request additional information to perform identity verification where possible.
Sales of Personal Information
California residents may opt out of the “sale” of their personal information. The Company does not and will not “sell” your personal information as we understand that term to be defined by the CCPA or CPRA and its implementing regulations.
Non-Discrimination Rights
California residents have the right to not be discriminated against for exercising their rights as described in this section. We will not discriminate against you for exercising your CCPA or CPRA rights.
Updates to The Supplemental Privacy Policy
This Supplemental Privacy Policy may be revised periodically and we will post any revised version of this Supplemental Privacy Policy on our website. We encourage you to refer back to it on a regular basis.