Effective Date: 15 March 2019
We use information to handle orders placed by customer and we use anonymous data to improve the website experience and online marketing communication.
Types of (Personal) Data
Personal data are facts or information that can be linked to an individual natural person (‘Personal Data’). We may proces the following Personal Data:
• Email address
• Purchase Information
• Location Data
• Usage Data
Usage data (“Usage Data”), which is data that tells us how our Websites are accessed and used. Usage Data may include your:
• Computer’s Internet Protocol address (e.g. IP address)
• Browser type
• Browser version
• Our Website pages that you visit
• Time and date of your visit
• Time spent on those pages, unique device identifiers
Sometimes Usage Data is also Personal Data because it may let us know who you are.
Location data (“Location Data”), which is data about where you are located. We will only use and store Location Data if we have your explicit permission thereto.
We may also process your Personal Data via cookies. Cookies are files with small amounts of data which sometimes include an anonymous unique identifier (“Cookies”). Cookies are sent to your browser from a website and stored on your device.
Strictly necessary Cookies
Strictly necessary Cookies are Cookies that are essential for you as a Website visitor. Without Cookies, it would not be possible for you to navigate around the Gibson Website and to use the different features, for example to add a product to your shopping basket.
Functional Cookies are Cookies that enable you to customize the Website to your needs and preferences. If you choose to return to the Website at another given time, the functional Cookies will recognize that you visited the site before and the Website settings shall be adjusted in line with your needs.
Analytical Cookies, also referred to as “Performance Cookies”
Analytical Cookies are necessary to help us provide you with a better user experience, as the information we receive via the placement of analytical Cookies enables us to optimize our services, as well as our Website features and performance. Consent is not required for the placement of analytical Cookies, if these analytical Cookies are anonymized, meaning that the IP-address must be anonymized.
If the analytical Cookies are not anonymized we will ask for consent prior to the placement of non-anonymized analytical Cookies.
Advertising or Targeting Cookies
Advertising or Targeting Cookies allows our business partners to provide you with customized advertising. These Cookies can be placed by third party advertising network or by Gibson’s Website operator. We will only place advertising Cookies after receiving your consent.
You are not legally or contractually obliged to make your Personal Data available to us. However, it is possible that certain functions of our websites depend on the availability of Personal Data. If you do not make available Personal Data in these cases, this may result in functions not being available or only being available to a limited extent. For example, if you’d like to allow us to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you, you will need to provide your Personal Data and provide us with your consent to process it.
Processing of Personal Data
Now that you know what types of Personal Data we may be getting from you, you’re probably curious as to what we do with it. We use your Personal Data to:
|Purpose of Processing||Legal Basis for the purpose of processing|
|provide our products and/or services to you, including customer support||Performance of a contract, legitimate interest|
|fulfill and/or execute an (employment) agreement||Performance of a contract, legitimate interest|
|execute marketing and related activities||Consent, legitimate interest|
|provide you with news, special offers and general information about other
goods, services and events which we offer that are similar to those that you have already purchased or enquired about or to notify you about changes to our services
|Consent, legitimate interest|
|detect, prevent and address technical issues and to analyze and optimize (the use of) our Website and associated technologies||Legitimate interest|
|perform market research||Legitimate interest|
|comply with relevant laws and regulations||Compliance with legal obligations, legitimate interest|
Legitimate interests of Gibson Brands, Inc. are, inter alia, improving and providing our products, services and Websites and informing you about the use of (new) products and services, marketing and sales activities.
If and in so far as Gibson Brands, Inc. relies on the legitimate interest legal basis, Gibson Brands, Inc. has undertaken a balancing test between the legitimate interests pursued by us as a controller and your interests and fundamental rights and freedoms, which require protection of Personal Data, to justify our reliance on this legal basis.
Disclosure of Personal Data
Sometimes we may need to disclose your Personal Data without your consent, for example when we have the good faith belief that such action is necessary to:
• Comply with a legal obligation
• Protect and defend the rights or property of Gibson Brands, Inc.
• Prevent or investigate possible wrongdoing in connection with our services
• Protect the personal safety of users of our services or the public
• Protect against legal liability
We will retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your Personal Data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.
Gibson Brands, Inc. also retains Usage Data for internal analysis purposes.
Personal Data that is no longer needed after the expiration of legal or business process-related periods will be deleted. Please note that there may be circumstances in which we are required to retain your Personal Data in order to meet our legal obligations. After expiry of such a retention period, we will destroy or anonymize all Personal Data.
Transfer of Data
We may transfer your information, including Personal Data, outside of your state, province, country or other governmental jurisdiction. In some of these areas, the data protection laws may differ from those from your jurisdiction and you may not have the same level of protection.
If you are located outside the United States and choose to provide information to us, please note that we will transfer the data, including Personal Data, to the United States and process it there. Your explicit consent when accessing the website represents your agreement to that transfer.
If you click on a link to a third party website, please remember that from the point of the European Union “EU”, the third party may not have an adequate level of protection for processing of Personal Data according to EU standards.
Security of Data
Remember that no method of transmission over the internet, or method of electronic storage is 100% secure. While we continue to strive to use commercially acceptable means to protect your Personal Data, no one can guarantee its absolute security. However, we are constantly improving our security measures in line with technological developments.
“Do Not Track” Signals
Some browsers have a “do not track” feature that lets you tell websites that you do not want to have your online activities tracked. At this time, we do not respond to browser “do not track” signals.
Managing Your Data
Gibson Brands, Inc. allows you to correct, amend, delete, or limit the use of your Personal Data. If you have consented to the processing of your Personal Data by us, you have the right to revoke your consent at any time. If you wish to be informed what Personal Data we hold about you and if you want it to be removed from our systems, please contact us.
You always have the following rights regarding your Personal Data:
The right to access, update or to delete the information we have on you. Whenever made possible, you can access, update or request deletion of your Personal Data directly within your account settings section. If you are unable to perform these actions yourself, please contact us to assist you.
The right to correct. You have the right to have your information corrected if that information is inaccurate or incomplete.
The right to object. You have the right to object to our processing of your Personal Data.
The right of restriction. You have the right to request that we restrict the processing of your Personal Data or specific aspects of your Personal Data.
The right to data portability. You have the right to be provided with a copy of the information we have on you in a structured, machine-readable and commonly used format.
The right to withdraw consent. You have the right to withdraw your consent at any time regarding the collection and processing of your Personal Data.
Please note that we may ask you to verify your identity before responding to such requests.
If you are a resident/citizen of the EU, you additionally have the right to complain to a Data Protection Authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority in the European Economic Area (EEA).
We may employ third party companies and individuals to facilitate our services, such as our websites (“Service Providers”), to provide the services on our behalf, to perform service-related services or to assist us in analyzing how the services are used. We contractually make sure that these third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
The specific third-party services we use include:
• Google Analytics
Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our websites. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network.
For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: http://www.google.com/intl/en/policies/privacy/
We may provide paid products and/or services within our websites. In that case, we use third-party services for payment processing (e.g. payment processors). Gibson Brands, Inc. will not store or collect your payment card details. That information is provided directly to our third-party payment processors. Their use of your personal information is governed by their privacy policies. However, all payment processors that are used adhere to the standards set by PCI-DSS, requirements which help ensure the secure handling of payment information.
The payment processors we work with are:
Big Commerce is an online provider of ecommerce software and platforms.
MailChimp is a marketing automation platform and an email marketing service.
Links to Other Sites
Our services do not address anyone under the age of 18 (“Children”). We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from Children without verification of parental consent, we will take steps to remove that information.
Controller within the meaning of the General Data Protection Regulation (“GDPR”) is:
Gibson Brands, Inc.
309 Plus Park Blvd
Nashville, TN 37217
By email: email@example.com
By visiting this page on our website: http://www.gibson.com/Support.aspx
By phone number: 1-800-444-2766
In the EU :
Gibson Europe BV
Kamerlingh Onnesweg 2
4131 PK VIANEN
Telephone number: +31 88 023 1000