We at Simpson Manufacturing Company, Inc. and its affiliated entities (together, “Simpson”) value the trust of our customers and employees. In handling their Personal Information, we strive to maintain our core values of fairness, high ethical standards, and honesty. The following Privacy Principles set forth our approach to the processing of Personal Information, and they shape the policies and procedures that form our global privacy compliance program.
These Principles apply to all domestic and international branches, employees, and subsidiaries of Simpson Manufacturing Co., Inc.
For the purposes of these Privacy Principles, “Personal Information” refers to any information that identifies an individual or relates to an identifiable individual, such as name, email address, or other information associated with a particular individual. Personal Information may relate to any individual, including Simpson customers, employees, and vendors. “Processing” refers to collection, use, copying, modification, transfer, disclosure, or any other activity performed on Personal Information.
Collection and Use
We seek to collect only Personal Information that is reasonably necessary to accomplish legitimate business purposes, and to use that Personal Information in a manner consistent with those purposes.
Transparency and Notice
We share information about our privacy practices with individuals whose Personal Information we process, consistent with applicable law. For example, we post privacy policies on our websites to inform users about our privacy practices, and we may provide employee data protection notices to employees in certain countries to address local legal requirements. We seek to provide this information in a clear and easy to understand manner.
This information may include, for example:
- the types of Personal Information collected,
- how the Personal Information may be used,
- the types of third parties to which the Personal Information may be disclosed,
- the transfer of Personal Information to other countries, including the United States,
- any rights and choices that the individual may have with respect to his or her Personal Information; and
- how to submit any privacy-related inquiries or concerns to us.
Where appropriate, we offer individuals choices regarding the processing of their Personal Information. In particular, we offer choices regarding the use or sharing of Personal Information for marketing purposes. Depending on applicable law, the sensitivity of the Personal Information, and reasonable expectations, choice may be in the form of explicit consent (opt-in) or implied consent (opt-out). We seek to provide individuals with clear and simple methods to exercise their choices, and to modify their choices and withdraw their consent where applicable.
Access and Correction
We provide reasonable opportunities for individuals to review and correct the Personal Information that we maintain about them, consistent with applicable law.
We may share Personal Information with other Simpson companies, with service providers that perform services for us, or with other third parties as required or permitted by applicable law. We take steps to ensure that Personal Information is only disclosed to third parties for legitimate business reasons, and we require third-party service providers to safeguard the Personal Information that Simpson entrusts to them. We also take measures to comply with applicable laws regarding the cross-border transfer of Personal Information.
We maintain administrative, technical, and physical security measures that are designed to protect Personal Information against loss, misuse, or unauthorized access, disclosure, alteration, or destruction. We require our employees to comply with Simpson’s security policies and procedures.
Simpson may be required to notify individuals or regulators if the security of certain Personal Information has been compromised. Any employee who becomes aware of a possible security incident should immediately report the concern to:
Simpson’s Data Security Lead: DataPrivacy_Simpson@strongtie.com
Primary Security Manager: InfoSec@strongtie.com
Integrity, Retention, and Disposal
We take reasonable steps to make sure the Personal Information we use is accurate, relevant, complete, and up to date for the purposes for which it is to be used. We retain and dispose of Personal Information consistent with applicable laws and company policies. When disposing of Personal Information, we require employees to use secure methods designed to make the Personal Information unreadable and unusable (such as shredding or degaussing)
Accountability and Compliance
We maintain a global privacy program to support compliance with these Privacy Principles. For additional information about our global privacy program, or to address any questions or concerns, please consult:
Director, Global Compliance: Compliance@strongtie.com
5. Associated Documents:
- IT End User Policy
- IT Security Policy
- Interaffiliate Data Processing and Transfer Agreement