Last Updated: December 5, 2023
1. INFORMATION WE COLLECT
We collect several categories of information from a variety of sources while conducting our business, as listed below, including personal information. “personal information” is generally any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular resident or household in the applicable jurisdiction, or as defined under applicable data protection laws and regulations. To the extent permitted by applicable data protection laws and regulations, the term “personal information” may exclude information that has been deidentified, pseudonymized, aggregated or anonymized.
1.1. Interactions With the Sites and With Us. When you visit a Site, you may choose to provide certain personal information. This information may include your name, email address, phone number, picture, postal address, birthdate, gender, and other identifying information. We collect personal information when you register interest with us, make an order, register for a warranty, contact our support centers, contact us for information, sign up for newsletters and updates, or open an account. In most cases, you provide this information to us directly; in other cases, your employer or an organization you represent may provide this information, or it may be provided by a vendor with whom you have contracted. You may also provide personal information when you meet us or our partners in person at events and other locations. We also collect contact information of people who communicate with Keter via phone, email, messenger services or other social media platforms.
1.2. Information Associated With Our Service Providers. We collect personal information and other information about companies and individuals associated with service providers, suppliers and contractors that we engage, such as name, address, email address, telephone number, company name and title.
1.3. Job Applications and Employees.
(a) We collect personal information and other information relating to employment candidates, including name, address, email address, telephone number, resume information, notes on meetings, standardized tests, reports, references, interviewer impressions and other industry standard data, as well as data made publicly available or available to us on social networks. We collect personal information and other information related to our employees and independent contractors, such as name, address, email address, telephone number, and other information that is customary or necessary to administer the employment or engagement relationship.
(b) If you are an employment candidate, we may from time to time give you the option to engage in SMS text conversations about your job application. By participating, you also understand that message frequency may vary depending on the status of your job application, and that message and data rates may apply. Please consult your carrier for further information on applicable rates and fees. Carriers are not liable for delayed or undelivered messages. Reply STOP to cancel and HELP for help. By opting-in to receiving SMS text messages about your job application, you acknowledge and agree that your consent data, mobile number, and personal information will be collected and stored solely for the purpose of providing you with updates and information related to your job application. No mobile information will be shared with third parties/affiliates for marketing/promotional purposes. All the above categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.
1.4. Automatically Collected Information. When you visit the Sites, we may collect technical and clickstream information such as your Internet Protocol (IP) address, your uniform resource locators (URL), the domain name of your Internet service provider, the operating system of your browsing device, type of browser, browser plug-in types and versions, access dates and times, hardware and software information, mobile device identifier or mobile advertising ID, device event information, cookie data, screen resolution, Flash version, time zone setting, which pages you visit and how long you spend on each page, methods used to browse away from a page, and your geographic location. See Section 4 for information about cookies and other tracking technologies and your options for opting out.
1.5. Social Media and Other Sites. In some cases you may be able to access the Sites or our services through login credentials of a designated third party website or service (each a “Third Party Account”), such as Facebook. Doing so will enable you to link your Keter account and your Third Party Account. If you choose this option, then you will be required to approve the connection as well as the provision of information (which may include personal information and other information, such as your profile picture, gender, birthdate, headline, social media handle, summary that appears in the profile, friends’ lists, previous positions and organizations, etc.), that we obtain from your Third Party Account. Any data submitted to any Third Party Account, even on and through Keter services or the Sites, is managed directly by such third party and is not the responsibility of Keter. The Third Party Account may connect your visit to the Sites with your personal information.
1.6. Other Information. Keter may also collect Personal Information through the use of CCTV cameras. This may consist of video images of you in the public spaces at Keter locations and third party locations where Keter may sponsor or participate in an event, as well as records of your entrances and exits of the Keter sites, buildings and office floors. It also includes identity verification systems and data. We may not always be aware of the nature of the information collected through our services (for example, through our CCTV systems), and such information may inadvertently include sensitive or special categories of personal information, but we do not knowingly or use collect such data about our customers, members, site visitors etc. We may also obtain personal information about you from third parties, including entities that direct you to or are accessible via the Sites, and business partners.
You are not required to provide any Personal Information to Keter; however, we require certain information in order to perform contracts, such as a sale or purchase, or to provide services and products. If you choose not to provide us with certain information, we may not be able to provide you with some or all of the services or fulfill your order for products.
2. PURPOSES AND USES OF PERSONAL INFORMATION
2.1. Operating, Administering and Improving Our Sites and Services.
We use the information we collect or receive for the following purposes, or as otherwise described at the time of collection:
- Carrying out our obligations arising from any contracts entered into between us and you, or us and your employer or organization;
- Processing which is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract;
- Providing you with information, products and services that you request from Keter;
- Administering your account with Keter, including to identify you and authenticate your identity;
- Verifying and carrying out financial transactions in relation to payments you make in connection with products and services, as further described in Section 3.4 (Payment Providers) below;
- Notifying you about changes to our service and products;
- Providing you with technical assistance and other related information about our services and products;
- Replying to your queries and troubleshooting problems;
- Administering sweepstakes, contests and surveys;
- Analyzing transactions and communications for fraud and crime prevention and to protect our staff, property, site visitors and third parties;
- For security purposes and to identify and authenticate your access to our facilities and services;
- Compliance and audit purposes, such as meeting our reporting obligations in our various jurisdictions, and for crime prevention and prosecution;
- If necessary, we will use personal information to enforce our terms, policies and legal agreements, to comply with court orders and warrants and assist law enforcement agencies as required by law, to collect debts, to prevent fraud, infringements, identity thefts and any other service misuse, to comply with our legal obligations and to take action in any legal dispute and proceeding;
- To detect, identify, investigate, and deter fraudulent, harmful, unauthorized, unethical or illegal activity or prevent harm.
- Direct marketing. We may send you direct marketing communications, by email or otherwise, where and to the extent permitted by law. See “ Rights and Choices” in Section 4 below for information on how to stop receiving direct marketing communications.
- Understanding your needs and interests, and personalizing your experience with the Sites and our communications.
- Soliciting feedback in connection with your use of the services and the products purchased.
- Tracking and analyzing use of the Sites, facilities and services to enable us to analyze, improve and optimize them.
3. SHARING PERSONAL INFORMATION WITH THIRD PARTIES
Your Personal Information and other information may be shared with others as follows:
3.1. Affiliated Entities. We may share information with our affiliates and subsidiaries from time to time (whether wholly or partially owned by Keter) (“Affiliates”), which may be located in the European Union, Israel, Canada and elsewhere, to manage our business more effectively and for such affiliates’ and subsidiaries’ own marketing and other purposes.
3.2. Third Parties and Non-Marketing Purposes. We may share information with third parties in a variety of circumstances for non-marketing purposes. We take steps to ensure that these third parties use personal information only to the extent necessary to perform their functions. These third parties include business partners, service providers, suppliers, agents and sub-contractors. They assist us in providing the products we offer, processing transactions, fulfilling requests for information, receiving and sending communications, analyzing data, providing IT and other support services or in other tasks. These third parties also include analytics and search engine providers that assist us in the improvement and optimization of our Sites and our marketing. They also include service providers who may help prevent fraud, protect Keter, its staff and its property, and assert our rights.
We periodically add and remove third party providers. At present, third party providers to whom we make available or transfer information include entities engaged in the following types of services, among others:
- Website analytics
- Digital marketing agencies
- Document management and sharing services
- Customer ticketing and support
- Inventory suppliers
- Payment service providers (as further described in Section 3.4 (Payment Providers))
- Credit risk reduction
- Logistics professionals
- Gift card suppliers
- Delivery and freight companies
- Professional service providers who provide support services to us, such as marketing companies, including email providers and mobile marketing providers, and consultants
- On-site and cloud-based database services
- Vendor and customer interface
- CRM software
- ERP software
- Data security, data backup, and data access control systems
- Project management systems
- Call center systems
- Customer service providers for Keter products
- Recruiting and applicant management software and partners
- Our lawyers, accountants, and advisors
- Other standard business software providers and partners
4. COOKIES AND OTHER TRACKING TECHNOLOGIES
4.1. Nature and purpose of cookies and other tracking technologies. When you access or use our Sites, we use, and may allow third parties to use, cookies and other tracking technologies such as web beacons and pixels, which collect and/or store certain information about or on your browsing device, as further described under “Automatically Collected Information” above. We do not place non-necessary cookies without your consent. Cookies identify the device from which you connect and in some cases could be used to identify you. Different cookies that we use are kept for different periods: Session cookies are used to keep track of your activities online in a given browsing session; these cookies generally expire when the browser is closed but may be retained for a period on your device. Permanent cookies remain in operation even when you have closed the browser. Some cookies are necessary as they are required for the operation of the Sites, such as cookies that enable you to login to secure areas. You cannot opt-out of necessary cookies; however, we will not place non-necessary cookies on your device without your consent. You can consent to cookies through the cookie preference tool available on some of our Sites, and you can withdraw consent using the same tool. The cookie preference tool is device and browser specific. If you delete or clear cookies or change devices or browsers, you will need to reset your cookie preferences using the tool. In addition, you may use your browser settings to delete and reject cookies. However, erasing or not consenting to some types of cookies, through the tool or your browser settings, may limit your experience on the Sites and the services we are able to offer. Non-necessary cookies include functional cookies which are used to recognize you when you return to our Sites, and enable us and our third party partners to personalize content to your preferences.
4.4. Do Not Track Signals. Some browsers have a “do not track” feature that lets you tell websites that you do not want to have your online activities tracked. These features are not yet uniform, so our Sites are not currently designed to respond to or support those signals.
5. RIGHTS AND CHOICES
5.1. Opt-Out of Marketing and/or Sharing with Affiliates and Third Parties. If you wish to opt-out of receiving any marketing solicitations from us, and/or from our sharing your Personal Information with Affiliates and/or third parties for their own marketing purposes, please contact us at the email or postal address listed in Section 12. Even if you opt-out, we may still use and share the information we collect for non-marketing purposes.
5.2. Unsubscribe from Emails. Any marketing emails we send will include an automated way for you to opt out (unsubscribe) from that marketing email distribution sent by us. To unsubscribe, please follow the instructions in the email you receive. You may still receive non-marketing emails for us, for example communications about orders you have placed with us or responses to your inquiries.
5.3. Opt-Out of Online Tracking. See Section 4 for instructions on how to withdraw consent for non-necessary cookies, including cookies used for third-party advertising, if you previously consented. Please also see Section 4 for how to opt-out of tailored advertising from Companies who participate in the Network Advertising Initiative or the Digital Advertising Alliance.
5.4. Supplemental Notice to Residents of California, Virginia, Colorado, Connecticut, Utah And Nevada.
Please note that for Keter employee and candidate information-related requests, the Keter employee or candidate privacy notice (which is separately provided) governs such information.
5.4.2. Definitions of key terms.
Under State Privacy Laws, subject to certain exceptions, “personal information” is generally any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular resident or household in the applicable state.
A “Sale” of personal information under State Privacy Laws such as CCPA and VCDPA may occur any time a business sells or makes available any personal information to a third party for monetary or other valuable consideration.
A “Share” of personal information under the CPRA generally means disclosing, making available or communicating personal information by a business to a third party for cross-context behavioral advertising, whether or not for monetary or other valuable consideration, including transactions between a business and a third party for cross-context behavioral advertising for the benefit of a business in which no money is exchanged.
“Cross-context behavioral advertising” means the targeting of advertising to a consumer based on the consumer’s personal information obtained from the consumer’s activity across businesses, distinctly-branded websites, applications, or services, other than the business, distinctly-branded website, application, or service with which the consumer intentionally interacts.
“Sensitive information” under State Privacy Laws is generally defined as personal information that reveals sensitive information about a consumer, such as social security, driver’s license, state identification card or passport numbers, account log-in, financial account, debit card or credit card numbers in combination with any required security or access code, password or credentials allowing access to an account, precise geolocation, data revealing racial or ethnic origin, religious beliefs, physical or mental health diagnosis, sexual orientation, or citizen or immigrant status, as well as processing of genetic or biometric data for identification, and personal data collected from a known child.
5.4.3. Rights under applicable laws. Depending on where you reside, you may have additional legal rights with respect to your information under State Privacy Laws, beyond those described in Section 4 above. These rights are described below. While some of these rights apply generally, certain rights apply in limited cases. Consistent with State Privacy Laws, this Supplemental Notice provides a way to exercise such rights for residents of the above states. This section does not apply to any matters exempted from State Privacy Laws during the period of exemption, nor to matters covered by an applicable law prior to the relevant portion of the applicable State Privacy Laws going into effect.
Right to Know
You may have the right, depending on your jurisdiction, to request the following about the personal information we have collected about you during the past 12 months:
- The categories and specific pieces of personal information we have collected about you;
- The categories of sources from which we collected the personal information;
- The business or commercial purpose for which we collected the personal information;
- The categories of third parties to whom we Sold or with whom we Shared the personal information;
- The categories of personal information about you that we disclosed for a business purpose, and the categories of third parties to whom we disclosed that information for a business purpose;
- The specific pieces of personal information about you that we collected, disclosed to third parties for a business purposes, Sold to and/or (if you reside in California) Shared with, third parties;
- The right to receive requested information in a readily-usable format if provided electronically; and
- The right to update or correct any personal information which is out of date or incorrect.
Right of Deletion
You have the right to ask us to delete the personal information we have collected from you, subject to exceptions the law provides.
For example, to the extent permitted by State Privacy Laws, we may deny a deletion request if retaining the information is necessary for us or our service provider(s) to: (a) complete the transaction for which we collected the Personal Information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you; (b) detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities; (c) debug products to identify and repair errors that impair existing intended functionality; (d) protect our legal interests, to defend our rights in a case of potential, threatened, or actual litigation, and to enforce our rights; (e) comply with a legal obligation and/or (f) fulfill internal and lawful uses that are compatible with the context in which you provided the information.
Right of Non-Discrimination
You have the right to not be discriminated against if you exercise these privacy rights. We will not discriminate against you, deny, charge different prices for, or provide a different quality of goods or services if you choose to exercise these rights.
Right to Opt-Out of Sales and/or Sharing of Personal Information
Under certain State Privacy Laws, you have the right to opt of the Sales (and/or Sharing, if you reside in California) of your personal information to third parties.
Right to Limit Use & Disclosure of Sensitive Personal Information
Other than to the limited extent described in Section 1.6, we do not collect, use, or disclose information we believe to be sensitive under State Privacy Laws.
Notice at Collection
At or before the point of collection, notice must be provided to the individual of the categories of personal information collected and the purposes for which such information is used.
Exceptions to These Rights
The law provides for certain exceptions to the rights described above. We reserve the right to avail ourselves of these exceptions where applicable.
5.4.4. How to Exercise Your Rights. If you live in a relevant jurisdiction and would like to send us a request to exercise one of your above rights, you may do so by visiting our Do Not Sell or Share My Personal Information link on our Sites or calling us toll free at 1-888-374-4262.
You may designate an authorized agent to make a request on your behalf as permitted under law, though before we process that request, we will require that you provide the authorized agent written permission to do so and verify your identity directly with us.
To help protect your privacy and maintain security, we may take steps where required to verify your identity before granting you access to your personal information or complying with your request. We may not be able to respond to your request if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to you.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
5.4.5. Notice of Categories of Personal Information: Certain terms used in this section have the meanings given to them in the CCPA, as amended by the CPRA. The information reflects our current practices, and our practices during the past 12 months. We collect the following categories of personal information, and may have collected any or all of this information in the preceding 12 months: (a) identifiers such as name, postal address, email address, account name, social security number, driver’s license number and passport number; (b) categories described in the CCPA, such as telephone number, insurance policy number, education, employment, bank, credit card number or other financial information and medical information; (c) characteristics of protected classifications under California or federal law, such as race, national origin, age over 40, disabilities, sex, marital status and military status; (d) commercial information, including records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies; (e) biometric information; (f) internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding a consumer’s interaction with an internet web site, application, or advertisement; (g) geolocation data; (h) audio, electronic, visual, thermal, olfactory, or similar information; (i) professional or employment-related information; (j) education information, defined as information that is not publicly available personally identifiable information (as defined in 20 U.S.C. § 1232g, 34 C.F.R. Part 99); and (k) inferences drawn from any of the information identified above to create a profile about a person reflecting the person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
5.4.7. Notice of Financial Incentives. We may offer you a program, benefit or other offering related to the collection of Personal Information, which may be considered a financial incentive under applicable State Privacy Laws. If you wish to withdraw from the benefit, please contact us at the email or postal address listed in Section 12. We will not reduce the value of any incentive you previously received from us if you do so, or discriminate against you if you exercise such rights after signing up for the benefit. Each financial incentive related to submission and use of Personal Information is based upon our reasonable but sole determination of the estimated value of such information, which takes into consideration, without limitation, estimates regarding the anticipated revenue generated from such information, the anticipated expenses which might be incurred in the collection, storage, and use of such information in the operation of our business, and other relevant factors related to the estimated value of such information to our business, as permitted under applicable State Privacy Laws. You will be notified of the Personal Information you are required to submit at the time you sign up for the incentive. For example, we may offer a one-time ten percent discount code if you provide your email address and sign up to receive our newsletter. The use of the discount code is subject to terms and conditions displayed in our Terms of Sale. You may unsubscribe from the newsletter for any reason by contacting us at the email or postal address listed in Section 12, or using the unsubscribe option at the bottom of the newsletter email. Even if you unsubscribe, you can still use the discount code (subject to its terms and conditions) and exercise your rights as described above.
5.4.8. CCPA Metrics for 2022
Pursuant to CCPA Regulation 999.317(g), Keter informs you of the following metrics with respect to the year 2022.
a. In 2022, the number of requests to know that Keter received, complied with in whole or in part, or denied: 0 received.
b. In 2022, the number of requests to delete that Keter received, complied with in whole or in part, or denied: 4 received, 4 complied with, and 0 denied.
c. In 2022, the median number of days within which Keter substantively responded to requests to know, requests to delete, and requests to opt-out: approx. 14 days
5.5. California “Shine the Light” law. The California “Shine the Light” law requires some businesses to respond to requests from California customers about the disclosure of certain personal information to third parties for third party marketing purposes. Alternately, such businesses may adopt a policy of not disclosing such personal information to third parties for marketing purposes if a California customer has opted-out of such information sharing. We have adopted an opt-out policy. In order to opt-out, please contact us at the email or postal address listed in Section 12. In addition, see the instructions above regarding the Sale or Sharing of Personal Information.
6. DATA RETENTION
We retain Personal Information in accordance with our data retention policy, as long as required to provide the services and as necessary to comply with our legal and other obligations, to resolve disputes and to enforce agreements. We also retain Personal Information to meet any audit, compliance and business best-practices.
7. SECURITY AND STORAGE OF INFORMATION
Keter implements, enforces and maintains security measures, technologies and policies to prevent the unauthorized or accidental access to or destruction, loss, modification, use or disclosure of Personal Information. Where appropriate or necessary in light of the nature of the data in question and the risks to data subjects, we may encrypt data. Note however, that no data security measures are perfect or impenetrable, and we cannot guarantee that unauthorized access, leaks, viruses and other data security breaches will never occur. Similarly, we cannot guarantee the privacy of information you transmit over the Internet or that may be collected in transit by others, including contractors that provide services to us.
8. UNITED STATES POLICY
You must be at least 18 years old, or the age of majority to enter into a contract, whichever is older, to use our Sites. If you are under that age, do not register or attempt to register for any of the Keter services or send any information about yourself to us. If we learn that we have collected or have been sent Personal Information from a minor, we will delete that Personal Information as soon as reasonably practicable without any liability to Keter. If you believe that we might have collected or been sent information from a minor, please contact us at email@example.com.
10. OTHER WEBSITES AND LINKS
Our Sites may contain links to other websites. We are not responsible for the information collection or privacy practices of other websites. You should consult the privacy policies of other sites before you visit those sites or provide any information to those sites.
12. CONTACTING US