Privacy Policy – HexClad Cookware EU
BLACK FRIDAY SALE IS HERE | LIFETIME WARRANTY | FREE SHIPPING

Privacy Policy

We at Brand Access LLC (“we”, “us”, “our” or “Brand Access”) value your privacy and are committed to taking care of your Personal Data, which is a responsibility that we take very seriously.

This Privacy Policy explains how we may use the Personal Data we collect when you visit our website https://hexclad.eu/ (“Website”), inquire about our products, purchase a product through our Website or subscribe to our marketing communications.   It also explains how we comply with EU legislation related to data protection (EU General Data Protection “GDPR”) and the UK data protection law (Data Protection Act 2018 (“Data Protection Act”) and what your rights are under these legal frameworks.

Brand Access is the seller of all HexClad EU Cookware and is solely responsible for all aspects of your purchase. Brand Access is the data controller of the services offered through this website.  Our registered office is at 900 High Street, Palo Alto, California 94301, United States.

1. What type of Personal Data do we collect from you?

Personal Data means any information relating to you which allows us to identify you, either directly from that data or because we combine that information with other data about you.

When you use our Website, including to create an account with us and purchase products from our Website, subscribe to our marketing communications or we interact with you in relation to our products, you may provide us with your Personal Data, or we may obtain Personal Data about you.

We may process the following Personal Data:

  • Contact details and personal identifiers: such as your name, email address, telephone number, address, shipping address, billing address, date of birth, username;
  • Purchase data: data on the products you have asked us to provide to you, such as date and time of purchase, customer number, order number, invoice number;
  • Payment data: information relating to your bank account, credit/debit card details, payment and receipt details, tax identification number, refund or credit details and details of payment transactions with you;
  • Records of your interactions with us: such as any feedback, enquiries or complaints you make, questions you have, or content of any other interactions with us;
  • Internet information: including your use of and movements through our Website, the date and time of your visit or use of our Website, passwords, personal identification numbers, IP addresses, geolocation, user names, device information such as type of browser, operating system, platform, and search engine used and other IT system identifying information.
  • Your marketing preferences: so that we know whether and how we should contact you.
    You can stop receiving our marketing communications at any time, free of charge, through the methods displayed as part of any communication such as the unsubscribe link in our emails. Or further information on this please see the section below on Direct Marketing.

2. Where do we collect your Personal Data from?

We will collect Personal Data from several sources. These include the following:

  • Directly from you: when you use our Website, order our products, provide your feedback or make a complaint, contact us by email or communicate with us directly in some other way.
  • Our website: provides us with information about how you use it and the devices that you use to connect to our Website. Like many other Websites, we use so-called “cookies”. Cookies are small text files that are stored on your device (laptop, tablet, smartphone, etc.) when you visit our Website. If you have given your consent to our use of cookies, we do so to improve the use of our Website, analyze our Website or to display advertising on our Website. You can revoke your consent to our use of cookies any time. Please find a detailed list of all cookies we use in our Cookie Policy
  • Advisors: either advisors appointed by you or advisors appointed by us such as legal advisors.
  • Publicly available sources: in individual cases, we may also obtain Personal Data from publicly available sources, such as from third party websites, or social media platforms.

If you are providing information regarding other individuals to us, it is your responsibility to ensure that you have the right to provide the information to us.

CookieSettings

3. Why do we collect your Personal Data and on what legal basis?

The table below describes the main purposes for which we process your personal data, the categories of your information involved and our lawful basis for being able to do this.

Purpose

Personal Data used

Lawful basis

So that we can provide our website to you

IP address, browser type, device ID, geolocation

We have a legitimate interest in our website working properly

To improve our website security, offer IT support and troubleshooting

IP address, date and time of your visit or use of our website, device information

We have a legitimate interest in ensuring our systems are secure

To manage your purchases and provide products to you

Name, email address, telephone number, address, shipping address, billing address, date of birth 

This is necessary to fulfil our contract with you.

To create an account with us 

Name, date of birth, email address, telephone number, address, payment data, purchase history and customer number

This is necessary to fulfil our contract with you

To invoice you and receive payments from you 

Name, email address, billing address, shipping address, telephone number, date of birth, customer number, invoice number, tax identification number, and other payment data 

This is necessary to fulfil our contract with you

Marketing products which may be of potential interest to you and offering promotions

Name, email address,  telephone number and marketing preferences 

We have a legitimate interest to provide you with information about or products including those that are the same or similar to the ones you have inquired about 

If we cannot rely on legitimate interest as our lawful basis for processing, then we will obtain consent from you

Provide you with our newsletter 

Name, email address, marketing preferences

We only send you newsletters if you gave us your consent

To deal with inquiries, and other communications from you

Name, shipping address, billing address, email address, telephone number and customer number 

This is necessary to fulfil our contract with you

To perform credit checks

Contact details and

payment information

We have a legitimate interest in ensuring we are likely to be paid for our products or services

For the purpose of complying with any legal and regulatory requirements

Contact details, invoice number and tax identification number

We have a legal obligation to comply with any legal or regulatory requirements 

Storage of records relating to you and also records relating to our business

All the personal information we collect about you

To be able to manage and fulfil our contract with you, we may have a legal and/or regulatory obligation to do so and we also have a legitimate interest to keep proper records

Some of your Personal Data may be required due to legal, contractual, or other obligations. Failure to provide this data may impact our ability to fulfil our contract with you or comply with relevant legal obligations. For other Personal Data, whilst you may not be under an obligation to provide it to us, if you do not provide it, we may not be able to properly perform our services for you. Without your Personal Data, you may be unable to complete purchases or register an account on our Website.

Providing Personal Data for marketing and newsletters is optional. Refusal to provide this data has no negative consequences but means that we cannot offer personalised marketing messages or promotional offers. If you gave us your consent for marketing purposes, you can revoke your consent or object the processing at any time by utilizing the following website: https://prighter.com/q/19550884 or by following the information in section “Contact Information”.

4. Who we share your Personal Data with?

In order to operate our Website and provide you with the products you have ordered we may need to share your Personal Data with third parties. This includes sharing your Personal Data with the company whose products you are purchasing (our “Clients”) and companies engaged by us to manage our relationship with you and provide you the services described above.

We may share your personal data with the following recipients:

  • Clients: such as the vendors whose products you are purchasing via our Website.
  • Sub-contractors: such as our marketing and service technology providers, direct marketing brokers, cloud service providers, e-commerce providers, payment providers, 3PLs, shipping companies and couriers, payment service providers and other sub-contractors.
  • Consultants and accountants: such as legal or tax consultants and accountants.
  • Government and law enforcement agencies: where we are required to do so by law or to assist with their investigations or initiatives.

We do not disclose Personal Data to anyone else except as set out above unless we have your consent, or we are legally obliged to do so. These recipients will only process your Personal Data to perform tasks and duties on our behalf and in compliance with this Privacy Policy and governing data protection laws.

5. Direct Marketing

From time to time, our Clients may contact you by email and/or SMS with information about products they believe you may be interested in.

Marketing emails and newsletters will only be sent to you based on the preferences you set when you create your account, tell us that you wish to receive marketing related messages or when you have purchased similar products from our Website previously.

You can opt out any time if you do not wish to receive any marketing messages by clicking on the unsubscribe link in any marketing email you receive to unsubscribe from future marketing communications.

6. International data transfers

In the course of our operations, it may be necessary to transfer your Personal Data to recipients located outside the European Union (EU), European Economic Area (EEA), or the United Kingdom (UK). These transfers may be to our Clients, partners or service providers who are located in regions with differing data protection laws than those in your country. When transferring your Personal Data internationally we implement appropriate safeguards to ensure the security and confidentiality of your data. These safeguards may include for example Standard Contractual Clauses (SCCs) approved by the European Commission or applicable supervisory authority.

In addition, Brand Access, LLC, as the seller of all HexClad EU Cookware, complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce.  Brand Access has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of Personal Data received from the EU and the UK in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF.  Brand Access has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of Personal Data received from Switzerland in reliance on the Swiss-U.S. DPF.  If there is any conflict between the terms in this Privacy Policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/

An individual has the possibility, under certain conditions, to invoke binding arbitration for complaints regarding DPF compliance not resolved by any of the other DPF mechanisms. For additional information: https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf?tabset-35584=2

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Brand Access, LLC commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF to the ICDR-AAA DPF IRM Service, an alternative dispute resolution provider based in the United States.  If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit https://go.adr.org/dpf_irm.html for more information or to file a complaint.  The services of ICDR-AAA DPF IRM are provided at no cost to you.

Further, Brand Access, LLC is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC), and is liable in cases of onward transfers to third parties.

If you have an unresolved complaint in connection with our certification, you may contact our independent dispute resolution provider based in the United States, ICDR. Please visit https://www.icdr.org/ for more information or to file a complaint. These services are provided to you free of charge.

7. How long do we keep Personal Data for?

Generally, we will retain your Personal Data for as long as we need it for the purposes for which it was collected. The duration for which we retain your Personal Data will differ depending on the type of information and the reason why we collected it from you. However, in some cases Personal Data may be retained on a long term basis: for example, Personal Data that we need to retain for legal purposes will normally be retained in accordance with usual commercial practice and regulatory requirements.

In addition, we may be allowed to retain Personal Data whenever you have given consent to such processing (e.g. subscription to our newsletter), as long as such consent is not withdrawn.

8. Data security

We take the security of your information very seriously and only handle Personal Data as permitted by data protection regulations. We use a variety of technical and organizational measures to help protect your Personal Data from unauthorized access, disclosure, modification, loss or destruction in accordance with applicable data protection laws.  When handling Personal Data, our employees are obliged to comply with the regulations of the EU GDPR and the Data Protection Act 2018.

9. Links to other websites

Our Website may contain links to other websites or services that are not owned or controlled by us, including links to social media platforms such as YouTube, Instagram, or X (formerly Twitter), or may redirect you off our Website.

This Privacy Policy only applies to information collected by our Website and services. We are not responsible for the privacy and security practices of those other websites or social media platforms or the information they may collect (which may include IP address). You should contact such third parties directly to determine their respective privacy policies. Links to any other websites or content do not constitute or imply an endorsement or recommendation by us of the linked website, social media platform, and/or content.

10. Your rights in relation to your Personal Data

You have the following rights in relation to your Personal Data:

Right of Access - you have the right to be informed about how we are using your Personal Data and the right to access that data that we hold about you.

Right to Erasure or "Right to be Forgotten" – you have the right to ask us to delete your Personal Data provided that there are no valid grounds for us to keep it, for example we may have to keep some or all of the Personal Data to comply with legal obligation or in respect of any legal claims.

Right to Data Portability – you have the right to receive the Personal Data you have provided to us in a digital format or in certain circumstances and where technically feasible the right to ask us to transmit the data to another organization.

Right of Rectification – you have the right to ask us to amend the Personal Data that we hold about you where you believe it is inaccurate or incomplete.

Right to Object - in certain circumstances, you have the right to object to the processing of your Personal Data and to ask us to block, erase and restrict our use of your personal data.

Automated Decision Making – we may process your Personal Data by solely automated means (without human intervention), including for profiling.  Where such processing may have a legal or similarly significant effect on you, you have the right not to remain subject to any decisions based on such automatic processing, except as otherwise provided by law.  You have the right to understand when and how automated decisions are made about you, and the factors involved and you have the right to challenge these decisions, request human intervention, express your point of view, and seek a review of the decision.

Right to Withdraw Consent or Right of Opposition if you have provided your consent to the collection, processing and transfer of your personal data, you have the right to fully or partly withdraw your consent. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose(s) to which you originally consented unless there is another legal ground for the processing.

Right of Limitation - you have the right to request the limitation of the Processing of your Personal Data, in the form of: (i) suspension of Processing or (ii) limitation of the scope of Processing to certain categories of Personal Data or purposes of Processing.

Right to complain – you have the right to complain to the supervisory authority, in addition to us.

The period for handling a request is 30 days unless it is a particularly complex request.

Once our specified retention period has expired we shall delete the relevant Personal Data. Therefore, the right to access, the right to erasure, the right to rectification and the right to data portability cannot be enforced after the expiration of such retention period.

11. Processing data in relation to children

Our services are not intended for and shall not be used by individuals under the age of 16. Brand Access does not knowingly collect Personal Data from persons under 16 or allow them to register. If it comes to our attention that we have collected or processed Personal Data from such a person, we may delete this information without notice. If you have reason to believe that this has occurred, please contact us using the following link: https://prighter.com/q/19550884

12. Changes to our data protection provisions

We may need to make changes to this Privacy Policy to ensure that it complies with current legal requirements or to implement changes to the services detailed in the Privacy Policy, e.g., when introducing new services and products. In this case, your future visits to our Website will be subject to the updated Privacy Policy.

13. Difficulty accessing our Privacy Policy

Individuals with disabilities who are unable to usefully access our Privacy Policy online may contact us to inquire how they can obtain a copy of our policy in another, more easily readable format.

14. Contact Information

If you have any questions or comments about this Privacy Policy, the ways in which we collect and use your Personal Data, or your choices and rights regarding such use please do not hesitate to contact us by:

Email at: [email protected]
Post to: 900 High Street, Palo Alto, CA 94301, United States

Data Subject Requests from EU Data Subjects according to the GDPR

We value your Data Subject Rights under EU GDPR and have therefore appointed Prighter as representative according to Art 27 EU GDPR.  We provide you with an easy way to submit a privacy related request like a request to access or erase your personal data by visiting: https://prighter.com/q/19550884

Data Subject Requests from UK Data Subjects according to the Data Protection Act

We value your Data Subject Rights under the UK GDPR and have therefore appointed Prighter as representative according to Art 27 UK GDPR.  We provide you with an easy way to submit a privacy related request like a request to access or erase your personal data by visiting: https://prighter.com/q/19550884

This Policy was last updated: July 22, 2024