Loading

Privacy Policy

We at SupplyPro (the "Company" or "we") respect your privacy and are committed to protecting it through our compliance with this Privacy Policy.

This Privacy Policy describes the types of information we may collect from you or that you may provide when you visit the website www.SupplyPro.com or SupplySystem.SupplyPro.com or www.ustockit.com (the "Site") and our practices for collecting, using, maintaining, protecting and disclosing that information. This Privacy Policy applies only to the information we collect on this Site and through email, text or other electronic messages between you and this Site.

Please read this Privacy Policy carefully. By visiting our Site or otherwise providing SupplyPro with your personal information by any means, you accept and consent to the practices described in this Privacy Policy. If you do not agree to the terms in this Privacy Policy, please do not use this Site.

WHAT INFORMATION DO WE COLLECT?

The Site captures some information about you automatically utilizing cookies and other technologies. Examples of information of this type are your IP address, the browser you are using, the operating system you are using and the pages of the Site that you visit. Usage of a cookie is not linked to any personally identifiable information on our Site. You may change your browser settings to decline the use of cookies. This Privacy Policy does not address the use of cookies by other websites, over which we have no control.

The Site also collects information that you provide to us voluntarily. You may be asked to provide certain information about yourself, such as your name, your email address, your physical address, your phone number, company name and login credentials, in connection with activities that require registration, sign-in or subscription.

If you inquire about employment opportunities at SupplyPro, you have the option of sending to us a resume containing personal information about you and which we will use for employment evaluation purposes only. Providing this information is completely voluntary. Please do not submit sensitive personal information to us.

If you are an employee of a SupplyPro customer that uses the SupplyPort portal, the terms of your employment may require that you log into the Site and provide information about yourself and activities associated with your employment. What SupplyPro does with this information is described in this Privacy Policy; however, we encourage you to discuss with your employer its data practices and uses of that information.

If you use the SupplyMobile™ or uStockit Mobile Android applications SupplyPro will periodically access your location data, which helps us offer key features in combination with our Inventory Shelf Tags. The applications are required to collect location data to identify nearby Inventory Shelf Tags and provide them with a Device Firmware Update (DFU). Because updating a large number of devices can be a lengthy process, these services may be run in the background while the device screen is turned off. Rest assured; we do not retain nor do we share your location information with third-parties.

WHAT DO WE USE YOUR INFORMATION FOR?

We use the information we collect to: provide products and services you request; in connection with your employment; to inform you of new products and services or changes in products and services; to administer the Site; and to improve customer service (your information helps us to more effectively respond to your customer service requests and support needs).

If you decide to opt-in to our mailing list, you will receive emails that may include company news, updates, and related product or service information.

HOW DO WE PROTECT YOUR INFORMATION?

We use reasonable precautions to protect the personally identifiable information you provide to us. When you submit information to us via the Site, your information is protected in a secure environment. Because no Internet or email transmission is ever fully secure or error-free, please be careful in deciding what information you provide to us via email or the Site. As such, you assume the risk of security breaches and all consequences resulting from them. To that end, please safeguard your credentials.

DO WE USE COOKIES?

Yes. Cookies are small files that a site or its service provider transfers to your computer's hard drive through your Web browser (if you allow) that enables the sites or service providers' systems to recognize your browser and capture and remember certain information. We use cookies to compile aggregate data about Site traffic and Site interaction so that we can offer better Site experiences and tools in the future. You may disable cookies through your browser settings and continue to navigate our Site.

DO WE DISCLOSE ANY INFORMATION TO OUTSIDE PARTIES?

We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information. This does not include trusted third parties who assist us in operating our Site, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. We may also release your information when we believe it is necessary or appropriate to comply with any applicable law, regulation, legal process or governmental request, enforce our Site policies, or protect our or others' rights, property, or safety. In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses. It is possible that we might merge with or be acquired by another company or that we might dispose of some or all of our assets, in which case your personal information may be disclosed to another company as part of the transaction.

If you are an employee of a SupplyPro customer that uses the SupplySystem IS portal, information about you and your activities associated with your employment with such SupplyPro customer may be provided by SupplyPro to your employer in accordance with our contractual agreements. What SupplyPro does with this information is described in this Privacy Policy; however, we encourage you to discuss with your employer its data practices and uses of your personal information.

THIRD PARTY LINKS

Occasionally, at our discretion, we may include links to third party sites from our Site. The inclusion of any link does not imply that we endorse the products and services offered at such linked site. These third party sites have separate and independent privacy policies which we encourage you to review. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our Site and welcome any feedback about these sites.

CALIFORNIA DISCLOSURES

California residents may request an Information-Sharing Disclosure or Customer Choice Notice by sending to us a written request by email to customerservice@supplypro.com with "California Privacy Rights" in the subject line.

California Do Not Track Disclosure: Depending on the browser you are using, you may be able to choose to block third party cookies or browse in a private browsing mode. The Site can be accessed when private browsing is turned on, but your ability to use some features or areas of our Site may be limited. The information we collect is governed by this Privacy Policy.

CHILDREN'S PRIVACY

In accordance with the requirements of COPPA (Children's Online Privacy Protection Act), we do not collect any information from anyone under 13 years of age. Our Site, products and services are all directed to people who are at least 13 years old or older.

USERS OUTSIDE OF THE UNITED STATES

The Site is hosted in the United States of America. While we make every effort to honor the laws and wishes of all users, this Site is available for users located primarily in the United States of America and therefore may not recognize foreign laws. If you are a user accessing the Site from the European Union, Canada or any other region with laws or regulations governing personal data collection, use, and disclosure, that differ from the laws of the United States of America, please be advised that through your continued use of the Site, which is governed by California law, this Privacy Policy, and our Terms of Use, you are transferring your personal information to the United States of America and you expressly consent to that transfer and consent to be governed by California law for these purposes.

CHANGES TO OUR PRIVACY POLICY

We reserve the right to modify or update this Privacy Policy at any time and in our sole discretion, and any such amendments will apply to information already collected and to be collected. If we modify or update this Privacy Policy, we will post changes and updates on this Site so that you will always be aware of what information we collect, use and disclose. We encourage you to review this Privacy Policy from time to time, and especially before providing personal information to us, so you will know if the Privacy Policy has been changed or updated. The date of the last update of the Privacy Policy is indicated at the bottom of this Privacy Policy. Your continued use of the Site after any changes to our Privacy Policy indicates your agreement with the terms of the revised Privacy Policy.

EU-U.S., UK EXTENSION, AND SWISS-U.S. DATA PRIVACY FRAMEWORK

SupplyPro complies with (i) the EU-U.S. Data Privacy Framework (EU-U.S. DPF), (ii) the UK Extension to the EU-U.S. DPF, and (iii) the Swiss-U.S. Data Privacy program Framework (Swiss-U.S. DPF) (collectively, the “Data Privacy Framework” or “DPF”) as set forth by the U.S. Department of Commerce.

SupplyPro has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles with regard to the processing of personal information received from the European Union in reliance on the EU-U.S. DPF, from the UK in reliance on the UK Extension to the EU-U.S. DPF, and from Switzerland in reliance on the Swiss-U.S. DPF (collectively, the “DPF Principles”). The personal information we may collect that is subject to the DPF Principles is, as applicable, described above in the section titled “WHAT INFORMATION DO WE COLLECT?” and/or in the DATA PROCESSING ADDENDUM; the purposes for which we may collect and use personal information is described in the section above titled “WHAT DO WE USE YOUR INFORMATION FOR?” and/or in the DATA PROCESSING ADDENDUM; the third parties to which we may disclose personal information is described in the section above titled “DO WE DISCLOSE ANY INFORMATION TO OUTSIDE PARTIES?” and/or in the DATA PROCESSING ADDENDUM.

If there is any conflict between the terms in this Privacy Policy and the DPF Principles, the DPF Principles shall govern. To learn more about the DPF program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

Adherence to the DPF Principles may be limited (i) to the extent required or allowed by applicable law, rule or regulation; and/or (ii) to the extent necessary to respond to lawful requests by public authorities, including to meet national security, law enforcement, legal or governmental requirements. With respect to personal information received or transferred pursuant to the DPF, the Federal Trade Commission has jurisdiction over SupplyPro’s compliance with the Data Privacy Framework.

In compliance with the DPF, SupplyPro commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to the DPF Principles. European Union and Swiss individuals with DPF inquiries or complaints should first contact SupplyPro at:

LNery@supplypro.com
858-587-6400

SupplyPro has further committed to refer unresolved privacy complaints under the DPF Principles to an independent dispute resolution provider, Data Privacy Framework Services, operated by the BBB National Programs. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://bbbprograms.org/programs/all-programs/dpf-consumers/ProcessForConsumers for more information and to file a complaint. This service is provided free of charge to you.

If your DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. For more information on this option, please see the Data Privacy Framework website: Annex I.

With respect to personal information received or transferred pursuant to the DPF, SupplyPro is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission.

Pursuant to the DPF, EU, UK, and Swiss individuals have the right to obtain our confirmation of whether we maintain personal information relating to you in the United States. Upon request, we will provide you with access to the personal information that we hold about you. You may also correct, amend, or delete the personal information we hold about you. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States under the DPF, should direct their query to LNery@supplypro.com. If requested to remove personal information, we will respond within a reasonable timeframe. We may request specific information from you to confirm your identity in an effort to respond to your request.

To request to limit the use and disclosure of your personal information consistent with the DPF Principles, please submit a written request to LNery@supplypro.com. We may request specific information from you to confirm your identity in an effort to respond to your request.

SupplyPro's accountability for personal information that it receives in the United States under the DPF and subsequently transfers to a third party is described in the DPF Principles. In particular, SupplyPro remains responsible and liable under the DPF Principles if third party agents that it engages to process the personal information on its behalf do so in a manner inconsistent with the DPF Principles, unless SupplyPro proves that it is not responsible for the event giving rise to the damage.

DATA PROTECTION AND PRIVACY

We help our customers around the world protect the privacy and security of their customers’ data.

Helping our customers operate on a global scale includes support complying with data protection and privacy regulations including General Data Protection Regulation (GDPR) security compliance. Regardless of the regulations and policies with which you’re currently complying, it is important you evaluate the best way to meet your requirements.

SupplyPro is committed to helping you develop a strategy to achieve GDPR security compliance. This document provides information about the privacy and security of SupplyPro which can help our customers to assess our security and privacy program, including by executing the attached DATA PROCESSING ADDENDUM. It does not provide legal advice. We urge you to consult with your own legal counsel to familiarize yourself with the requirements that govern your specific situation.

WHAT IS GDPR?

The European Union (EU) introduced its previous data protection standard 20 years ago through the Data Protection Directive 95/46/EC. Since the EU requires each member state to implement a directive into national law, Europe ended up with a patchwork of different privacy laws across different countries. In addition, increasing security breaches, rapid technological developments, and globalization over the last 20 years saw new challenges for the protection of personal data come to the forefront. In an effort to address this situation, the EU developed the GDPR, which is directly applicable as law across all member states.

GENERAL DEFINITIONS

The meanings given to them in the Data Processing Addendum; available HERE.

Customer — means in the case of an individual accepting an Agreement with SupplyPro on his or her own behalf, such individual, or in the case of an individual accepting this Agreement on behalf of a company or other legal entity, the company or other legal entity for which such individual is accepting this Agreement, and Affiliates of that company or entity (for so long as they remain Affiliates) which have accepted a System Order Forms (SOF).

Affiliate — means any entity that directly or indirectly controls, is controlled by, or is under common control with the subject entity, where “control” refers to the power to direct or cause the direction of the subject entity, whether through ownership of voting securities, by contract or otherwise.

Controller — means an entity that determines the purposes and means by which the data is processed.

Data Processing Addendum (DPA) — means SupplyPro’s Data Processing Addendum as amended from time to time, available HERE.

GDPR— means General Data Protection Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), including as implemented or adopted under the laws of the United Kingdom.

Personal Data — means any personal data contained within the User Data and Third-Party User Data, which SupplyPro processes as a processor on behalf of Data Owner and/or any Third-Party Controllers (as applicable).

Processor — means a natural or legal person, public authority, agency, or other body which processes personal data on behalf of the controller.

Subprocessor — means third parties authorized under the DPA to process Personal Data in relation to the Services.

All capitalized terms included in this document and not defined herein have the meanings given to them in the Data Processing Addendum, available HERE.

WHAT IS THE DATA PROCESSING ADDENDUM?

The Data Owner has entered into an agreement with SupplyPro, under which SupplyPro, has (a) agreed to provide hardware, software and/or services to the Data Owner and (b) may process certain personal data in the course of SupplyPro’s performance of the Services on behalf of Data Owner.

Further, the Agreement may provide Data Owner with the right to resell (possibly through multiple levels) all or part of the Services to certain permitted third parties. If and as applicable, Data Owner enters into this Addendum as processor for the benefit of those further permitted third parties who act as controllers in respect of personal data processed by SupplyPro in performance of the Services on those further permitted third parties’ behalf.

This Data Protection Addendum (DPA), available HERE, including its appendices, will be effective as of the Addendum Effective Date and shall apply to the processing of Personal Data solely to the extent that European Data Protection Legislation applies to such processing.

In the course of providing the Services to Customer pursuant to the Agreement, SupplyPro may Process Personal Data on behalf of Customer and the Parties agree to comply with DPA provisions with respect to any Personal Data, each acting reasonably and in good faith.

HOW TO EXECUTE THIS DPA

The DPA is available HERE.

This DPA has been pre-signed on behalf of SupplyPro.

To complete this DPA, Customer must:

  1. Complete the information (company, name, title, date) and sign the DPA on page 8
  2. Complete the Data exporter information in ANNEX 1 A. MODULE THREE on page 24
  3. Identify the COMPETENT SUPERVISORY AUTHORITY in ANNEX 1 C. MODULE THREE on page 26
  4. Send the signed DPA to SupplyPro by email to dgilger@supplypro.com
  5. Except as otherwise expressly provided in the Agreement, this DPA will become legally binding upon receipt by SupplyPro of the validly completed DPA at the email address provided
  6. For the avoidance of doubt, signature of the DPA shall be deemed to constitute signature and acceptance of the Standard Contractual Clauses

CONTACTING US

If you have any questions regarding this Privacy Policy, you wish to update/correct your information maintained by us, or you wish to opt out of certain non-account-related communications with us, you may contact us by emailing customerservice@supplypro.com or by writing to us at:

SupplyPro
9401 Waples Street
Suite 150
San Diego, CA 92121
Please do not email us sensitive information.

Effective Date: October 10, 2023