GDPR FAQ

William Frick & Company (the “Controller”) collects personal data from customers, partners, data subjects and other individuals including individuals interested in receiving more information about products offered by William Frick & Company. IP address, browser, screen resolution, device type, pages visited, referral source, date/timestamp, name, email, account information, company name, address(es), phone number, any information submitted about product interest and all order information may constitute protected “personal data” as that term is defined in the E.U. General Data Protection Regulation (“GDPR”).
The following disclosures concerning the Controller’s compliance with GDPR are presented for informational and compliance purposes only. Nothing in these disclosures constitutes a representation that any particular data or service is governed or subject to GDPR, nor do these disclosures represent or constitute any contract or undertaking with any customer, partner or data subject.

Effective Date of GDPR
GDPR is set to take effect on May 25, 2018. On and after that date, the Controller will comply with GDPR to the extent applicable.

Utilization of Data
The Controller utilizes personal data including the information provided by you to market products, and provide notifications to you in areas in which you have indicated interest. The Controller processes this data to notify you of resources and offers. The Controller does not sell or make this data available to other parties.

Bases for the Processing of Data
Where you have entered into an agreement with the Controller, or purchased a good or service from the Controller, the Controller requires this data as a condition of the contract between you and the Controller. In other circumstances, the Controller may process data because it has a legitimate interest in marketing or apprising you of offers or services, or because you have consented to receive such offers and services.

Recipients of Personal Data
Recipients of personal data may include marketing automation software, customer relationship management software, visitor analytics, online advertisers, live chat site search, a website hosting provider, the website shopping cart and a third party technology service provider. All employees of the Controller who receive or review personal data have received training concerning maintaining the confidentiality of such data and committed themselves to confidentiality. Where appropriate, the Controller will enter into written agreements governing the processing and confidentiality of personal data by third parties.

Storage of Data
We will retain personal data for as long as it is needed or permitted in light of the purposes for which it was obtained. The criteria used to determine our retention periods include: (i) the length of time we have an ongoing relationship with you; (ii) whether there is a legal obligation to which we are subject; and (iii) whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations).

Your Rights Under GDPR
If the GDPR applies to retention of your personal data, you have several rights including (i) the right to request access, rectification or erasure of your data, (ii) the right to lodge a complaint with the appropriate European Union supervisory authority, and (iii) to the extent processing of data is based on consent, you have the right to withdraw your consent at any time.

Transfer of Data to United States
To the extent applicable, for transfers from the EEA to countries not considered adequate by the European Commission, the Controller has put in place adequate measures, such as the standard contractual clauses adopted by the European Commission to protect personal data. You may obtain a copy of these measures by following this link: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_en. You hereby acknowledge that you are transferring personal data to the United States.

Contact Information
Should you have any questions or require any additional information, please contact gdpr@fricknet.com.