Effective Date: January 1, 2020
Last Modified: January 1, 2021
In connection with your use of the Services, you may provide personal information to us in various ways. The types of personal information we may obtain include:
You are not required to provide this information but, if you choose not to do so, we may not be able to offer you certain Services and related features.
When you use our Services or open our emails, we may obtain certain information by automated means, such as browser cookies, Flash cookies, web beacons, device identifiers, server logs, and other technologies. The information we obtain in this manner may include your device IP address, domain name, identifiers associated with your devices, device and operating system type and characteristics, web browser characteristics, language preferences, clickstream data, your interactions with our Services (such as the web pages you visit, links you click and features you use), the pages that led or referred you to our Services, dates and times of access to our Services, and other information about your use of our Services. We also may receive your device’s precise geolocation and other information related to your location through GPS, Bluetooth, WiFi signals and other technologies for certain purposes listed below, such as to provide you with our Services. Your device may provide you with a notification when the Services attempt to collect your precise geolocation.
A “cookie” is a text file that websites send to a visitor’s computer or other Internet-connected device to uniquely identify the visitor’s browser or to store information or settings in the browser. A “Flash cookie,” also known as a local shared object, functions like a web cookie to personalize a user’s experience on sites that use Adobe Flash Player. A “web beacon,” also known as an Internet tag, pixel tag or clear GIF, links web pages to web servers and their cookies and may be used to transmit information collected through cookies back to a web server. We and our third-party service providers may use beacons in emails to help us track response rates, identify when our emails are accessed or forwarded, and for other purposes listed below.
These technologies help us (1) remember your information so you will not have to re-enter it; (2) track and understand how you use and interact with the Services; (3) tailor the Services around your preferences; (4) measure the usability of the Services; (5) understand the effectiveness of our communications; and (6) otherwise manage and enhance the Services.
To the extent required by applicable law, we will obtain your consent before placing cookies or similar technologies on your computer. You can stop certain types of cookies from being downloaded on your computer by selecting the appropriate settings on your web browser. Most web browsers will tell you how to stop accepting new browser cookies, how to be notified when you receive a new browser cookie and how to disable existing cookies. You can find out how to do this for your particular browser by clicking “help” on your browser’s menu or by visiting www.allaboutcookies.org. Flash cookies typically cannot be controlled, deleted or disabled through your browser settings and instead must be managed through your Adobe Flash Player settings. To manage flash cookies, which we may use on certain websites from time to time, you can go to the Adobe Flash Player Support page available here. In addition, your mobile device settings may allow you to prohibit mobile app platforms (such as Apple and Google) from sharing certain information obtained by automated means with app developers and operators such as us. Our Services are not designed to respond to “do not track” signals received from browsers. Please note that without cookies or other automated tools we used to collect this type of data (such as geolocation data), you may not be able to use all the features of our Services.
Third-Party Web Analytics Services
Through our Services, we may obtain personal information about your online activities over time and across third-party apps, websites, devices and other online services. On our Services, we use third- party online analytics services, such as those of Google Analytics. The service providers that administer these analytics services use automated technologies to collect data (such as email address, IP addresses, cookies and other device identifiers) to evaluate, for example, use of our Services, to diagnose technical issues and to serve ads. To learn more about Google Analytics, please visit www.google.com/analytics/leam/privacy.html.
Online Tracking and Interest-Based Advertising
Through our Services and websites, both we and certain third parties may collect information about your online activities to provide you with advertising about products and services tailored to your individual interests. Where required by applicable law, we will obtain your consent for the processing of your personal information for direct marketing purposes. You may see our ads on other websites or mobile apps because we participate in advertising networks. Ad networks allow us to target our messaging to users considering demographic data, users’ inferred interests and browsing context. These networks track users’ online activities over time by collecting information through automated means, including through the use of browser cookies, Flash cookies, web beacons, device identifiers, server logs, web beacons and other similar technologies. The networks use this information to show ads that may be tailored to individuals’ interests, to track users’ browsers or devices across multiple websites and apps, and to build a profile of users’ online browsing and app usage activities. The information our ad networks may collect includes data about users’ visits to websites and apps that participate in the relevant ad networks, such as the pages or ads viewed and the actions taken on the websites or apps. This data collection takes place both on our Services and websites and on third-party websites and apps that participate in the ad networks. This process also helps us track the effectiveness of our marketing efforts.
To learn how to opt out of ad network interest-based advertising in the U.S., please visit www.aboutads.info/choices and http://www.networkadvertising.org/choices/. In the European Union, please visit www.youronlinechoices.eu.
For California Residents
We do not sell your personal information as the term “sell” is commonly understood to require an exchange for money. However, the California State Attorney General may issue guidance on whether the use of advertising and analytics cookies on our Website may be considered a “sale” of personal information as the term “sale” is broadly defined in the CCPA to include both monetary and other valuable consideration. Until such guidance has been issued, we continue to consider it a “sale” in order to be as transparent as possible and will comply with the restrictions of the “sale” of this information to the extent technologically feasible. This “sale” would be limited to our use of third-party advertising and analytics cookies and their use in providing you behavioral advertising and their use in understanding how people use and interact with our Services and websites.
In the preceding twelve (12) months, we have “sold” the following categories of personal information to the following categories of third parties for monetary or other valuable consideration:
Once you make an opt-out request, we will wait at least twelve (12) months before asking you to reauthorize personal information sales. However, you may change your mind and opt back into the sale of personal information at any time by adjusting your cookie preferences.
You do not need to create an account with us to exercise your opt-out rights. You may be required to provide us with additional contact information so that we may verify your request to opt-in to the sale of your personal information. We will only use personal information provided in an opt-out request to review and comply with the request.
For California Residents: We may obtain the categories of personal information listed above (in the Information We Obtain section) from the following categories of sources:
We may use or disclose the information we collect through the Services or from third parties to:
We also may use the information we obtain in other ways for which we provide specific notice at the time of collection. We may combine information we obtain about you (such as through our Services or from third parties) for the purposes described above.
For California Residents: We may have used or disclosed the personal information we collected for the business or commercial purposes listed above over the past 12 months. We will not collect additional categories of personal information or use the personal information we collected for additional purposes without providing you notice.
We also may disclose information about you (1) if we are required to do so by law or legal process (such as a court order or subpoena); (2) in response to requests by government agencies, such as law enforcement authorities; (3) to establish, exercise or defend our legal rights; (4) when we believe disclosure is necessary or appropriate to prevent physical or other harm or financial loss; (5) in connection with an investigation of suspected or actual illegal activity; (6) in the event we sell or transfer all or a portion of our business or assets (including in the event of a reorganization, dissolution or liquidation); or (7) otherwise with your consent.
Internet cookie information recipients, such as analytics and behavioral advertising services (Categories A, B, C, D, F, G, I, J, K)
To the extent provided by applicable law, you may (1) request access to the personal information we maintain about you; (2) request that we update, correct, amend, erase or restrict the information; or (3) exercise your right to data portability, by contacting us as indicated below. Depending on your location, you may have the right to file a complaint with a government regulator if you are not satisfied with our response. Where provided by law, you may withdraw any consent you previously provided to us or object at any time to the processing of your personal information on legitimate grounds relating to your particular situation, and we will apply your preferences going forward. To help protect your privacy and maintain security, we may take steps to verify your identity before granting you access to your information. To the extent permitted by applicable law, a charge may apply before we provide you with a copy of any of your personal information that we maintain.
For California Residents: As of January 1, 2020, you will receive additional rights under the California Consumer Privacy Act of 2018 (“CCPA”), as described more fully below.
Access to Specific Information and Data Portability Rights
You have the right to request that we disclose certain information about our collection, use, disclosure, and sale (if applicable) of your personal information over the past twelve (12) months. Once we receive and confirm your verifiable consumer request, we will disclose to you:
Deletion Request Rights
You have the right to request that we delete any of your personal information that we have collected or maintained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request (see Exercising Access, Data Portability, and Deletion Rights), we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.
We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to complete the transaction for which we collected the personal information, provide a good or service that you requested, or reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you, in addition to other legally permission reasons to deny such request as provided in the CCPA.
Exercising Access, Data Portability, and Deletion Rights
To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request by emailing InfoSecpolicy@aosmith.com.
Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf (an “Authorized Agent”), may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child. The verifiable consumer request must:
We are unable to fulfill your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. With few exceptions, we will only fulfill a request from your Authorized Agent if (a) you grant the Authorized Agent written permission to make a request on your behalf, (b) you or the Authorized Agent provides us notice of that written permission, and (c) we are able to verify your identity in connection with that notice and the request.
Making a verifiable consumer request does not require you to create an account with us. Please note that we are not obligated to provide information to a consumer in response to a request more than twice in a twelve (12) month period.
We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
Response Timing and Format
We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we need more time (up to 45 additional days), we will notify you in writing, and provide you with an explanation of the reason for the extension.
Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. We will deliver our written response by mail or electronically, at your option. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information to another entity without hindrance.
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:
Our Services may provide links to other online services and websites for your convenience and information, and may include third-party features such as apps, tools, widgets and plug-ins (e.g. Facebook, Google+, Instagram, LinkedIn, Pinterest, Twitter, Vimeo and YouTube buttons). These services, websites, and third-party features may operate independently from us. The privacy practices of these third parties, including details on the information they may collect about you, are subject to the privacy statements of these parties, which we strongly suggest you review. To the extent any linked online services or third-party features are not owned or controlled by us, we are not responsible for these third parties’ information practices.
We maintain administrative, technical and physical safeguards designed to protect personal information we obtain through the Services against accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure or use.
A. O. Smith Corporation
11270 West Park Place
Milwaukee, WI 53224
The entities responsible for the processing of your personal information in the EEA are:
Residents of the EEA may contact us at InfoSecpolicy@aosmith.com or at the address noted above.
In addition to the email and address above, you may also call A.O. Smith China’s 24-hour service hotline, 4008288988, or write to us at:
A.O. Smith (China) Water Heater Co., Ltd.
No. 336, Yaoxin Avenue
Nanjing Economic and Technological Development Zone, PRC