GS1 US Privacy Policy

OVERVIEW

WE DESCRIBE OUR PRIVACY PRACTICES RELATING TO THE SITES IN THIS PRIVACY POLICY. THIS OVERVIEW HIGHLIGHTS SOME KEY POINTS REGARDING DATA USAGE AND THIRD PARTIES WHO MAY COLLECT OR HAVE ACCESS TO INFORMATION, BUT PLEASE REVIEW OUR PRIVACY POLICY IN ITS ENTIRETY.

WE USE YOUR PERSONAL INFORMATION IN CONNECTION WITH YOUR RELATIONSHIP WITH GS1 US AND FOR COMPLETING YOUR TRANSACTIONS WITH GS1 US AND RELATED ENTITIES. CLICK HERE FOR THE FULL DESCRIPTION OF THE INFORMATION WE COLLECT AND CLICK HERE FOR THE DESCRIPTION OF HOW WE USE IT. PLEASE REMEMBER THAT IF YOU PARTICIPATE IN FORUMS AND OTHER SOCIAL NETWORKING FEATURES ON THE SITES, YOUR INFORMATION MAY BE MADE PUBLIC. WE DO NOT SHARE INDIVIDUAL PERSONAL INFORMATION WITH NON-AFFILIATED THIRD PARTIES FOR THEIR MARKETING PURPOSES WITHOUT GIVING YOU THE OPPORTUNITY TO CONSENT, BUT WE MAY SHARE YOUR PERSONAL INFORMATION AND CORPORATE ENTITY INFORMATION YOU PROVIDE WITH GS1 US AFFILIATES AND MEMBER COMPANIES FOR THEIR MARKETING PURPOSES, SUBJECT TO YOUR RIGHT TO OPT-OUT IN SECTION 7 BELOW. CLICK HERE FOR MORE DETAILS REGARDING WHEN WE MAY SHARE INFORMATION WITH THIRD PARTIES.

1. INFORMATION WE COLLECT ON OUR SITES

Information You Provide To Us

When you use our Services, we may ask you to provide information that could reasonably be used to contact you or to identify you personally (such as first and last name, e-mail address, telephone number or credit card information) (“Personal Information”). Personal Information does not include corporate information, which relates to an organization but not to an individual (such as a corporate name, corporate address or general corporate phone number). In addition to Personal Information and corporate information, we may also ask you to provide other information about yourself, such as demographic information (zip code, preferences, etc.) or certain information about your preferences and interests. If we combine demographic or other information we collect about you with your Personal Information we collect, we will treat the combined information as Personal Information consistent with this Privacy Policy.

Note that the Services are directed to a general audience. Accordingly, we do not knowingly collect any Personal Information from children younger than the age of eighteen (18) and we will delete any Personal Information collected that we later determine to be from a user younger than the age of eighteen (18). In the event that we become aware that we have collected personal information from any child, we will dispose of that information in accordance with the Children’s Online Privacy Protection Act (“COPPA”) and other applicable laws and regulations. If you are a parent or guardian and you believe that your child under the age of eighteen (18) has provided us with personal information without COPPA-required consent, please contact us at legal@gs1us.org.

Please note that information submitted to the Services via a “contact us” or other similar function may not receive a response. We will not use the information you provide us via the “contact us” tool to contact you for unrelated marketing purposes unless we disclose otherwise.

Information We Collect Automatically As You Access and Use the Services

In addition to any Personal Information or other information that you choose to submit to us, whenever you visit, use, or interact with the Services or GS1 US content, GS1 US, as well as any third-party advertisers and/or service providers, may use a variety of technologies that automatically (or passively) collect information about how the Services and content are accessed and used (“Usage Information”).

This Usage Information may include:

• your IP address or other unique identifier is a number that is automatically assigned to your computer, mobile device, tablet or other device (collectively, “Device”) used by you to access the Services, and our computers identify your Device by it;
• your Device functionality (including browser type, operating system, hardware, mobile network information);
• the areas or content within our Services that you visit and your activities there, including remembering you and your preferences;
• your Device location;
• your Device characteristics; and
• certain other Device data, including the time of day, the URL that referred you to our Services, among other information.

Some mobile service providers may also provide us or our third-party service providers with information regarding the physical location of the Device used to access the Services. A few of the methods and technologies that may be used on the Services to collect Usage Information include, without limitation, the following (and subsequent technology and methods hereafter developed):

• Cookies. A cookie is a data file placed on a Device when it is used to visit the Services. A Flash cookie is a data file placed on a Device via the Adobe Flash plug-in that may be built-into or downloaded by you to your Device. Cookies and Flash cookies may be used for many purposes, including, without limitation, remembering you and your preferences and tracking your visits to our web pages. If you choose to disable cookies or Flash cookies on your Device, some features of the Services may not function properly.
• Web Beacons. Small graphic images or other web programming code called web beacons, (also known as “1x1 GIFs” or “clear GIFs”) may be included in our Services and e-mail messages. Web beacons may be invisible to you, but any electronic image or other web programming code inserted into a web page or e-mail can act as a web beacon. Web beacons or similar technologies may be used for a number of purposes, including, without limitation, to count visitors to the Services, to monitor how users navigate the Services, to count how many e-mails that were sent were actually opened or to determine whether content sent was actually viewed.
• Embedded Scripts. An embedded script is programming code that is designed to collect information about your interactions with the Services, such as the links you click on. The code is temporarily downloaded onto your Device from our server or a third party service provider, is active only while you are connected to the Services, and is deactivated or deleted thereafter.
• Browser Fingerprinting. Collection and analysis of information from your Device, such as, without limitation, your operating system, plug-ins, system fonts and other data, for purposes of identification.
• ETag, or entity tag. A feature of the cache in browsers. It is an opaque identifier assigned by a web server to a specific version of a resource found at a URL. If the resource content at that URL ever changes, a new and different ETag is assigned. ETag tracking may generate unique tracking values even where the consumer blocks HTTP, Flash, and/or HTML5 cookies.
• Recognition Technologies. Technologies, including application of statistical probability to data sets, which attempt to recognize or make assumptions about users and devices (e.g., that a user of multiple devices is the same user).

We may use tracking technologies for a variety of purposes, including:

• Strictly Necessary. We may use cookies or other tracking technologies that we consider are strictly necessary to allow you to use and access our Services, including cookies required to prevent fraudulent activity, improve security or allow you to make use of shopping cart functionality.
• Performance-Related. We may use cookies or other tracking technologies that are useful in order to assess the performance of the Services, including as part of our analytic practices or otherwise to improve our Services.
• Functionality-Related. We may use cookies or other tracking technologies that are required to offer you enhanced functionality when accessing the Services, including identifying you when you use our Services or keeping track of your specified preferences, including in terms of the presentation of content on our Services.
• Targeting-Related. We may use tracking technologies to deliver content, including ads relevant to your interests on our Services and third-party services based on how you interact with our advertisements and/or content. This includes using tracking technologies to understand the usefulness to you of the content and ads that have been delivered to you.
• Our Services use various analytics tools in order to maintain and improve our web-based services, including Google Analytics. Google Analytics may automatically collect personal data about you, such as your IP address, in order to track and report website traffic, including across multiple devices and sessions. Google uses the collected data to monitor and analyze the use of our Services and Services For more information on Google’s privacy practices, please visit the Google Privacy Terms web page. You may exercise choices regarding the use of cookies from Google Analytics by going to https://tools.google.com/dlpage/gaoptout or downloading the Google Analytics Opt-out Browser Add-on.
• We also partner with third-party advertisers and/or service providers such as TapClicks, Google Ads, Microsoft Bing, LinkedIn Ads, LinkedIn Analytics, Optimizely, and Marketo to monitor and analyze the use of our Services and to serve interest-based advertising and content on their respective third-party platforms that may be based on your preferences, location, and/or interests.  In order to render these services, these third parties may collect your Personal Information and other data.
• Your browser or device may include “Do Not Track” functionality. At this time, the Services do not respond to browser “Do Not Track” signals. 
• Further, our use of third party tracking technologies may include the collection of information about your online activities over time and across third-party websites or online services and Devices.

Rapid Record Tool

We offer the Rapid Record Tool to certain GS1 US members and customers. Our provision of the Rapid Record Tool involves us collecting certain Personal Information, including your first and last name, e-mail address, and telephone number, from or on behalf of GS1 US members and customers. Our collection of Personal Information through our provision of the Rapid Record Tool is in our capacity as a processor or service provider to GS1 US members and customers.

More information about the Rapid Record Tool can be found in the Rapid Record Tool Terms of Service.

Information We Collect from Others

We may collect Personal Information via our service providers, including communications and analytics providers. For example, we may collect Personal Information if you use a chatbot on our Services, including those  provided by third-party service providers such as Twilio.

We may also collect Personal Information from social media and other content platforms, such as Facebook, X, and Instagram, if you interact with us on these platforms.

Interactions with Third-Party Services

The Services may include functionality that allows certain kinds of interactions between the Services and a third-party web site or application, including websites operated by advertisers, licensors, licensees, and certain other third parties who may have business relationships with GS1 US.

The use of this functionality may involve the third-party operator providing certain information, including Personal Information, to us, and vice versa. For example, if you click on social media icons on the Services (such as for Facebook, X, Linkedin, or Instagram), those actions may be associated with, and we may have access to, your Personal Information you provided on those third-party sites or applications. If so, we will then treat it as Personal Information under this Privacy Policy, since we are collecting it as a result of your accessing of and interaction on our Services.

We may also exchange certain information, including Personal Information, with our affiliate marketing partners who provide referral services to us, including, for example, if you follow links to our Services from a partner’s site or service. 

In addition, we may provide third-party sites’ interfaces or links on the Services to facilitate your sending a communication from the Services. For example, we may use third parties to facilitate emails, tweets or Facebook postings. These third parties may retain any information used or provided in any such communications or other activities and these third parties’ practices are not subject to our Privacy Policy. GS1 US may not control or have access to your communications through these third parties.

Further, when you use third-party sites or services, you are using their services and not our services and they, not we, are responsible for their practices. You should review the applicable third-party privacy policies before using such third-party tools on our Services.

California /Delaware Do Not Track Disclosures

Various third parties are developing or have developed signals or other mechanisms for the expression of consumer choice regarding the collection of information about an individual consumer’s online activities over time and across third-party websites or online services (e.g., browser do not track signals). Currently, we do not monitor or take any action with respect to these signals or other mechanisms.

2. HOW WE USE INFORMATION WE COLLECTED

GS1 US may use information collected through our Services, including Personal Information, in order to: (1) provide our Services; (2) allow you to participate in features we offer; (3) process a transaction you initiate such as to send you newsletters or provide you with promotional materials on our behalf, including to let you know about new products, services and upcoming events; (4) process your registration or maintain your account, including, at times, verifying that the information you provide is active and valid; (5) provide you with information, products or services that you have requested or agreed to receive and provide our affiliates and member organizations with information relating thereto; (6) tailor content, advertisements, marketing materials and offers we display or send/serve to you; (7) improve the Services; (8) facilitate your job search via the Services and prepare related governmental and internal statistics reports; (9) contact you with regard to your use of the Services, your account, and, in our discretion, changes to the Services and/or any GS1 US policy; (10) provide member support; (11) for purposes disclosed at the time you provide your Personal Information, as otherwise set forth in this Privacy Policy, or otherwise with your consent; (12) for internal business purposes; (13) perform internal analytics; (14) for systems and data security; (15) comply with legal obligations, including responding to subpoenas, court orders, or legal process and to establish or exercise our legal rights or defenses against legal claims; and (16) evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, where as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Information held by us about the users of our Services is among the assets transferred. . If you use the Services to send a friend an invitation to participate in the Services or send other GS1 US-related communications, the information you provide (typically, names and e-mail addresses) is used to facilitate the communication on your behalf, and is not subsequently used for marketing purposes unless we obtain consent from that person or we explicitly say otherwise. Please be aware that when you use any send-to-a-friend functionality on our Services, your e-mail address may be included in the communication sent to your friend.

If you and your company are engaged with certain GS1 US products, services, trainings, and events – such as GS1 US’s advisory and consulting services –  we may send you marketing and other promotional email correspondence. If you receive a marketing communication from us by e-mail, and you later decide you want to opt-out from receiving future commercial e-mails, you may opt-out by following the opt-out instructions provided to you in that e-mail. Please note that we reserve the right to send you certain communications relating to the transactions you initiate, your account or your use of the Services and these transactional account messages may be unaffected if you choose to opt-out from marketing communications.

3. WITH WHOM WE MAY SHARE INFORMATION

We may share non-Personal Information, such as aggregated user statistics and other Usage Information, with third parties. GS1 US does not share your Personal Information with third parties for their marketing purposes without giving you the opportunity to consent. However, we may share certain information, including Personal Information and corporate information with GS1 US affiliates and member companies for use by them for their direct marketing purposes, subject to your right to opt-out in Section 7 below. In addition, we may share non-Personal Information, such as aggregate user statistics, demographic information, and Usage Information with third parties. We may also share your information, including, Personal Information, as disclosed at the time you provide your information, as set forth in this Privacy Policy and in the following circumstances:

Third Parties Providing Services on Our Behalf. We may from time to time employ third parties to perform services on our behalf or on behalf of the Services, such as: (i) hosting our Services, (ii) designing and/or operating the Services’ features, (iii) tracking the Services’ activities and analytics; (iv) enabling us to send you e-mails and other communications, (v) fulfilling and processing orders for products or services, and (vi) assisting with promotions, conferences, surveys or performing other administrative services. We may provide these third parties access to user information in order for them to complete a requested transaction or otherwise perform services for you or for GS1 US.

For example, if you use a chatbot on our Services, the information provided may be recorded and stored by our third-party service providers, such as Twilio, on our behalf.  Additionally, we may disclose Personal Information to third-party platform providers who assist us in serving advertising regarding the Services to others who may be interested. We also part with third party analytics and advertising providers who use cookies and similar technologies to serve interest-based advertising and content on their respective third-party platforms that may be based on your preferences, location and/or interests.

When You Agree to Have Your Personal Information Shared. There may be times on our Services when we give you the chance to opt-in or opt-out of receiving information and/or marketing offers from another party or to otherwise consent to the sharing of your information with a third party. If you agree to have your Personal Information shared, your Personal Information will be disclosed to the third party and the Personal Information you disclose will be subject to the privacy policy and business practices of that third party. Therefore, you should review the privacy policies and practices of such third parties prior to agreeing to receive such information from them. If you later decide that you no longer want to receive communication from a third party, you will need to contact that third party directly.

Sweepstakes, Contests and Promotions. We may offer sweepstakes, contests and other promotions (each, a “Promotion”) through the Site or elsewhere that may require registration. If you choose to enter or otherwise participate in a Promotion, your Personal Information may be disclosed to third parties in connection with the administration of such Promotion, such as in connection with winner selection, prize fulfillment, and as required by law, such as on a winners list. By entering a Promotion, you are agreeing to the official rules that govern that Promotion, which may contain specific requirements of you, including, except where prohibited by law, allowing the sponsor and/or other parties to use your name, voice and/or likeness in advertising or marketing materials.

Business Transfers. We may share your information and data, including, without limitation, Personal Information and corporate information with other entities affiliated with us for internal reasons, primarily for business and operational purposes. GS1 US or any of its assets, including the Services, may be sold, or other transactions may occur in which your Personal Information is one of the business assets for the transaction. In such a case, your Personal Information may be one of the business assets we transfer to a subsequent owner, co-owner or operator of the Services or applicable database. Hence, GS1 US reserves the right to disclose and transfer user information, including Personal Information in connection with a corporate merger, consolidation, restructuring, the sale of certain of GS1 US’s stock and/or assets, or other corporate change, including, without limitation, during the course of any due diligence process. Further, we may use IP address or other unique identifiers to identify users, and may do so in cooperation with third parties such as copyright owners, internet service providers, wireless service providers and/or law enforcement agencies, including disclosing such information to third parties, all in our discretion, subject to applicable law. Such disclosures may be carried out without notice to you.

Agency Reporting, Legal Protections and Law Enforcement. GS1 US may access, use, preserve, transfer and disclose your information, including Personal Information and Usage Information to third parties: (i) to satisfy its obligations to state and federal government agencies such as the FDA; (ii) to satisfy any applicable law, regulation, subpoenas, governmental requests or legal process if in our good faith opinion such is required or permitted by law; (iii) to protect and/or defend the Terms of Use or other policies applicable to the Services, including investigation of potential violations thereof; (iv) to protect the safety, rights, property or security of GS1 US or any third party; and/or (v) to detect, prevent or otherwise address fraud, security or technical issues. Without limiting the generality of the foregoing, we may use IP address or other unique identifiers, to identify users, and may do so in cooperation with third parties such as copyright owners, Internet service providers, wireless service providers and/or law enforcement agencies, including disclosing such information to third parties, all in our discretion. Such disclosures may be carried out without notice to you and without offering an opportunity for you to opt-out.

EEOC / Affirmative Action Reporting. Please note that if you apply for a job with GS1 US, then in conjunction with laws and regulations enforced by the Equal Employment Opportunity Commission (“EEOC”), the Office of Federal Contract Compliance Programs (“OFCCP”) and similar state and local regulatory agencies, we may ask you to provide us with self-identifying information (such as veteran status, gender and ethnicity). Providing such self-identifying information is voluntary, but if you do provide us with such information, we may submit that information to the EEOC, the OFCCP and similar state and local regulatory agencies for business-related purposes, including, without limitation, responding to information requests, fulfilling regulatory reporting requirements and defending against employment-related complaints.

Registry information.  We may share your company name and identifier with our fellow GS1 member organizations and other third-party platform partners to use and display on their platforms, which may be available for access by users of those platforms. While this information is not intended to include Personal Information, there may be in rare cases in which your company name is also the name of an individual and could arguably be regarded as constituting Personal Information but is not intended to be used as such.  In all cases, such Personal Information will be shared with GS1 member organizations and our third-party platform partners for those limited purposes and consistent with your consent and the context in which you provided it.

4. INFORMATION YOU DISCLOSE PUBLICLY ON OUR SITES

Our Services may offer message boards, chat rooms and other public areas (collectively, “Community Forums”) where you can engage in social networking, interact with others, as well as have the opportunity to submit photographs, writings, music, video, audio recordings, computer graphics, pictures, data, questions, comments, suggestions or other content, including Personal Information (collectively, “User Submissions”). To participate in certain Community Forums, you may be asked to select a username, screen name or member name and password.

Note that anything you post to a Community Forum is public – others will have access to your User Submissions and may use it or share it with third parties. Information you choose to post or make available in the Community Forums may be viewed, collected and used by others. If you choose to voluntarily disclose User Submissions, the protections of this Privacy Policy will not cover such disclosure of information. Think carefully before you post and use caution before disclosing any Personal Information. We are not responsible for the accuracy, use or misuse of any content or information that you disclose or receive through the Services.

User Submissions may be published online or offline in any media or format (currently existing or hereafter developed). We may also publish your name, voice, likeness and other Personal Information with your User Submissions, and GS1 US may use the content, or any portion of the content, for advertising, marketing, publicity and promotional activities. For full terms and conditions regarding User Submissions you submit to the Services, please review our Terms of Use.

5. INFORMATION WE RECEIVE FROM THIRD PARTIES

GS1 US may receive information about you from third parties. For example, if you are on another web site and you opt-in to receive information from GS1 US, that web site will forward to us your e-mail address and other information about you so that we may contact you as requested. You may also choose to participate in a third party application or feature (such as a Facebook application or a similar application or feature on a third party web site) through which you allow us to collect (or the third party to share) information about you, including Personal Information. The third party may allow you to remove the application or feature, in which case we will no longer collect information about you through the application or feature, but we may retain the information previously collected; provided, however, if you are located or a resident of the EU, please see Section 12 below on our retention of your information. In addition, we may receive information about you if other users of a third party web site give us access to their profiles and you are one of their “connections” or information about you is otherwise accessible through your “connections” web page, profile page, or similar page on a social networking or other third party web site or interactive service. And, if you choose to “like” content on our Services or to otherwise post information from or via our Services to a third party web site, feature or application, that information will become public and the third party web site may have access to information about you and your use of our Services.

We may also supplement the information we collect about you through the Services with outside records from third parties in order to enhance our ability to serve you, to tailor our content to you and to offer you opportunities to purchase products or services that we believe may be of interest to you. We may combine the information we receive from these third parties with information we collect through the Services. In those cases, we will apply this Privacy Policy to any Personal Information received, unless we have disclosed otherwise.

6. AD SERVING AND TRAFFIC MEASUREMENT SERVICES WE MAY USE; HOW TO “OPT OUT” OF RECEIVING ADVERTISING RELEVANT TO YOU

GS1 US may use third party network advertisers, ad exchanges and similar vendors to serve our advertisements across the Internet and we may use third party analytics service providers to evaluate and provide us and/or third parties with information about the use of these ads on third party sites and viewing of our ads and our content. Network advertisers are third parties that display advertisements, which may be based on your visits to the Services and other locations across the Internet and mobile media you have visited (“Behavioral Ads”). Behavioral Ads enable us to target advertisements to you for products and services in which we believe you might be interested. If you object to receiving Behavioral Ads from us on third party sites, you can learn more about your ability to limit Behavioral Ads below. Our third party ad network and exchange providers, the advertisers, the sponsors and/or traffic measurement services may themselves set and access their own cookies, web beacons and other tracking technologies on your Device and track certain behavioral Usage Information regarding users of your Device via a unique identifier. Note that any images (or any other parts of a web page) served by third parties in association with third party cookies may serve as web beacons, which enable third parties to carry out the previously described activities. Third party cookies and web beacons are governed by each third party’s specific privacy policy, not this one. With regard to advertisements, we and our network advertisers may target advertisements for products and services in which you might be interested based on your visits to both the Services and other web sites. These third party technologies may be set to, among other things: (a) help deliver advertisements to you that you might be interested in; (b) prevent you from seeing the same advertisements; and (c) understand the usefulness of the advertisements that have been delivered to you. You acknowledge and agree that associated technology may access and use your Device and may set or change settings on your Device in connection with the associated operations. Note that any images (or any other parts of content) served by third parties in association with third-party ads or other content may serve as web beacons, which enable third parties to carry out the previously described activities. We may share Usage Information about visitors to the Services with third party advertising companies for the same purposes. By using the Services, you further agree that GS1 US may change, alter, or modify the settings or configurations on your Internet Device in order to allow for or optimize your use of the Services. We may use a variety of companies to serve advertisements.

Statements regarding our practices do not apply to the methods for collecting information used by these third parties or the use of the information that such third parties collect. The relevant third party’s terms of service, privacy policy, permissions, notices and choices should be reviewed regarding their collection, storage and sharing practices. We make no representations regarding the policies or practices of third party advertisers or advertising networks or exchanges or related third parties.

We and third-party vendors, including Google, use first-party cookies (such as the Google Analytics cookie) and third-party cookies (such as a DoubleClick cookie) together to report how your ad impressions, other uses of ad services, and interactions with these ad impressions and ad services are related to visits to our Services. Google’s use of the DoubleClick cookie enables it and its partners to serve ads based on your visit to our Services and/or other sites and online services. To learn more about how to opt out of Google’s use of first-party cookies, click here. To learn more about how to opt out of DoubleClick’s use of cookies, visit the DoubleClick opt-out page, here.

Further, while sites use a variety of companies to serve advertisements, you may also wish to visit http://www.networkadvertising.org/optout_nonppii.asp, which provides information regarding this practice by Network Advertising Initiative (“NAI”) members, and your choices regarding having this information used by these companies, including the “opt-out” procedures of NAI members. Opting out of one or more NAI members only means that those NAI members no longer will be allowed under their own rules to deliver Behavioral Ads to you, but does not mean you will no longer receive any targeted content and/or ads. Also, if your browsers are configured to reject cookies when you visit this opt-out page, or you subsequently erase your cookies, use a different Device or change web browsers, your NAI opt-out may not, or may no longer, be effective. You may also opt-out of receiving Behavioral Ads on participating sites and services by visiting the Digital Advertising Alliance (“DAA”) website at http://www.aboutads.info/choices/#completed. Similar limitations may apply to the DAA opt-out. We are not responsible for effectiveness of or compliance with any third parties’ opt-out options or programs.

7. UPDATING YOUR INFORMATION AND OPTING-OUT FROM SHARING YOUR INFORMATION

GS1 US may provide web pages or other mechanisms through the Services which you can correct or update some of the Personal Information you have provided to us, including, without limitation, through registration with the Services. You can also contact Member Support to update your information at +1 937.435.3870.

If you have consented to have your information shared with third parties for their marketing purposes and you later decide you want to opt-out from future sharing or if you decide you do not want your information shared with GS1 US affiliates or member companies in the future, you can do so by either using the web pages or mechanisms on the Site (if and when they become available), or by calling us at +1 937.435.3870 or emailing legal@gs1us.org.

If you receive a marketing communication from us by e-mail, and you later decide you want to opt-out from receiving future commercial e-mails, you may opt-out by following the opt-out instructions provided to you in that e-mail. Please note that we reserve the right to send you certain communications relating to the transactions you initiate, your account or your use of the Services and these transactional account messages may be unaffected if you choose to opt-out from marketing communications.

In accordance with our routine record keeping, we may delete certain records that contain Personal Information you have submitted through the Services. We are under no obligation to store such Personal Information indefinitely and disclaim any liability arising out of, or related to, the destruction of such Personal Information. In addition, you should be aware that it is not always possible to completely remove or delete all of your information from our databases without some residual data because of backups and other reasons. Also, if you have made any public postings on a social networking feature, such as in a Community Forum or other community sections of the Services, these communications may not generally be removed.

8. SECURITY

We incorporate commercially reasonable safeguards to help protect and secure your Personal Information. However, no electronic data transmission or storage of information can be guaranteed to be 100% secure. Please note that we cannot ensure or warrant the security of any information you transmit to us, and you use the Services and provide us with your information at your own risk.

9. THIRD PARTY CONTENT, LINKS TO OTHER WEB SITES AND OTHER WEB SITES THAT DISPLAY OR CONTAIN GS1 US CONTENT

When you are on the Services you may see certain content, which may be delivered by a non-affiliated third party, and you may be directed to other content, web sites or other online services that are operated and controlled by third parties that are beyond our control. This includes links from advertisers, sponsors and partners that may use our logo(s) as part of a co-branding agreement and other links off or our Site. In addition, GS1 US widgets or other GS1 US content may be included on web pages and web sites that are not associated with GS1 US and over which we have no control. These third parties may send their own cookies and similar tracking technologies to your Device, they may independently collect data or solicit Personal Information and may or may not have their own published privacy policies. GS1 US is not responsible for the data collection and privacy practices employed by any third party or their sites or apps and they may be tracking you across multiple online services and may be sharing the results of that tracking with us and/or others. These third parties may have their own terms of service, privacy policies or other policies and ask you to agree to the same. Be sure to review any available policies before submitting any Personal  Information to a third-party online service or otherwise interacting with it and exercise caution in connection with these services.

10. CONSENT TO TRANSFER

The Services are operated in the United States. If you are located in the Mexico, Canada or elsewhere outside of the United States, please be aware that information we collect will be transferred to and processed in the United States. The data protection laws in the United States may differ from those of the country in which you are located, and your Personal Information may be subject to access requests from governments, courts, or law enforcement in the United States according to laws of the United States for any legitimate purpose, including governmental or regulatory use, or for satisfying any governmental or regulatory reporting requirements. By using the Services, or providing us with any information, you consent to this transfer, processing and storage of your information in the United States, a jurisdiction in which the privacy laws may not be as comprehensive as those in the country where you reside and/or are a citizen; provided, however, if you are located or a resident of the EU, please review Section 12 below as we process your data consistent with the requirements of the GDPR and UK GDPR (defined below).

To the extent we collect Personal Information about individuals located in the EU or UK and such collection involves sharing Personal Information to or from affiliated entities, service providers or other third parties described in this Privacy Policy, GS1 US will require such affiliated entities, service providers, or other third parties to take, in accordance with applicable legislation, contractual, organizational and technical measures designed to ensure an adequate level of protection of your Personal Information, such as the use of Standard Contractual Clauses approved by the European Commission.

11. NOTIFICATION OF CHANGES;  PRIVACY QUESTIONS

GS1 US reserves the right to update this Privacy Policy at any time, without prior notice to you, and any changes will become effective immediately upon posting. GS1 US will use your Personal Information in a manner consistent with the Privacy Policy in effect at the time you submitted the information. If you have any questions or concerns about this Privacy Policy, you may contact us at legal@gs1us.org.

12. SUPPLEMENTAL PRIVACY NOTICE FOR RESIDENTS OF THE EU AND EEA

This Supplemental Privacy Notice applies to any information relating to an identified or identifiable natural person that we collect or receive from individuals located in the European Economic Area (“EEA”) or the United Kingdom (“UK”) (hereafter, “Personal Data”) and provides information as relates to such individuals’ rights, and GS1 US’s responsibilities, under the EU General Data Protection Regulation (“GDPR”), UK General Data Protection Regulation (“UK GDPR”), and related laws, regulations, and guidance from the European Union, its member states, and/or the UK.

European and UK law provides individuals located in Europe with rights to receive certain disclosures regarding the collection, use, and sharing of Personal Data, as well as rights to be informed, to access, to rectification, to erasure, to restrict processing, to data portability, and to object with respect to collected Personal Data. 

Collection, use, and sharing of Personal Data

GS1 US’s collection of Personal Data about EU/UK-based individuals is limited to the collection of Personal Data about employees, contractors, and other representatives of its enterprise customers or potential enterprise customers in the context of inquiring about or providing GS1 US products and services to those customers. This may include, to the extent it may constitute Personal Data:

·       First and last name

·       Business email address

·       Business telephone number

·       Business address

·       Business name and website

·       User name and account credentials

GS1 US uses this personal data for various purposes related to the provision of its products and services, and in some instances, to promote or provide information to individuals who may be interested in receiving those products and services.  GS1 US may also share this Personal Data with GS1 Global for certain limited purposes, such as disaster recovery purposes. 

GS1 US may also share your company name and identifier with our with our fellow GS1 member organizations and other third party platform partners to use and display on their platforms. In rare cases in which your company name may contain or constitute Personal Data, such Personal Data will be shared for those limited purposes and consistent with the context in which you provided it.  

Legal Basis for Processing European/UK personal data

GS1 US may processes the Personal Data of European/UK users based on one (1) or more of the legal bases below:

• Legitimate Interest. We may process your Personal Data as required to pursue our legitimate business interests, provided our legitimate interests are not overridden by your rights and interests. For example, we may process your Personal Data to provide our customers with requested products and services; to manage, develop and improve our products and services; support our customers and sales operations; protect our staff and assets; communicate information that supplements our products and services; and ensure compliance with laws and regulations.
• Performance of an agreement. We may process your Personal Data to enter into agreements with you or to fulfil our obligations under agreements with you or your organization. This may include delivering and managing our products and services or allowing customers to use our products, services and supporting tools.
• Legal obligation. We may process your Personal Data to comply with applicable laws and regulations, establish or exercise our legal rights. For example, in connection with legal claims, compliance, regulatory and investigative purposes.
• Consent. In some instances, we may process your Personal Data based on your consent. This is most common where we cannot rely on an alternative legal basis or we are required by law to ask for your consent in the context of some of our sales and marketing activities, online data collection tools, or surveys. Where the processing of your Personal Data by us, is based on consent, you have the right to withdraw that consent without detriment at any time by contacting us at legal@gs1us.org.

Data Retention Period

We retain transaction data and other Personal Data for a period of time that is necessary to fulfill a legitimate business purpose and deleting or de-identifying the information thereafter, except where longer retention periods are required by law. We retain unsubscribe requests permanently to comply with our obligation to refrain from sending marketing emails after receipt of an opt-out request.

The criteria used to determine our retention periods include:  (i) the length of time we have an ongoing relationship with you; (ii) whether there is a legal obligation to which we are subject; and (iii) whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations).

Your Rights under the GDPR

You have the following rights under certain circumstances:

• Request access or copies of the Personal Data GS1 US processes about you;
• Correct or rectify your Personal Data, if inaccurate or incomplete;
• Delete your Personal Data, unless an exception applies. For example, we may need to keep your Personal Data to comply with our legal obligations;
• Restrict the processing of your Personal Data, in certain circumstances. For example, if you contest the accuracy of your Personal Data, you may request that we restrict the processing of your Personal Data for the time it takes us to verify the accuracy of the data;
• Data portability, in certain circumstances. In order to deliver our products and services, however, we cannot transmit your Personal Data to another organization; and
• Object to processing of your Personal Data, in certain circumstances. For example, you may object to direct marketing including the use of your Personal Data for direct marketing profiling or where we process your Personal Data because we have legitimate interest in doing so.

These rights may be limited in some situations where we can demonstrate that GS1 US has a legal obligation or legitimate interest to process your Personal Data.

To exercise your rights explained above, please contact us by email at legal@gs1us.org, with details of your request.

You may also have the right to lodge a complaint about our data collection and processing actions with the appropriate supervisory authority.  If you are in the European Economic Area, you can view the contact information for your data protection authority here.  If you are in the United Kingdom, please visit https://ico.org.uk/make-a-complaint/.