Briggs & Stratton, LLC DPF Privacy Policy
Last Updated 11/17/23
Briggs & Stratton, LLC and Bucephalus Buyer, LLC, (collectively, the “Company”) complies with the EU-U.S. Data Privacy Framework (the “EU-U.S. DPF”), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (the “Swiss-U.S. DPF”) as set forth by the U.S. Department of Commerce. The Company has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF, from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF, and to the Swiss-U.S. Data Privacy Framework Principles with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF (collectively, the “DPF Principles”). The type of personal data received by Company may include, but is not limited to: Company website users; product users or consumers; business contacts, e.g., contacts at dealers and distributors of Company products; and vendors.
Personal data of employees, independent contractors, and applicants located in the EU, UK and Switzerland (collectively, “HR Data”) is transferred to the Company subject to the controller-to-controller Standard Contractual Clauses (Set II) (“EU SCCs”), the UK Addendum to the EU SCCs, and the Swiss adoption of the EU SCCs. HR Data s not covered by this Policy. For purposes of this Policy, “Personal Data” means any information received by the Company from the EU, UK or Switzerland, recorded in any form, which relates to a natural person who is identified in, or identifiable based on, the Personal Data received, but excludes HR Data.
More information about the Data Privacy Framework program, as well as the Company’s certification is available at www.dataprivacyframework.gov/. If there is any conflict between the terms in this DPF Privacy Policy (the “Policy”) and the DPF Principles, the Principles shall govern.
The Company’s Collection And Use Of Personal Data
The Company receives Personal Data about individuals in the EU and Switzerland, including: vendors; product users or consumers; business contacts, e.g., contacts at dealers and distributors of Briggs & Stratton, LLC products; and users of the Company’s website. The Company collects Personal Data from vendors including names and business contact information for purposes including vendor tracking and paying for products and services. Personal Data collected by the Company from business contacts includes name, company name, job title, and business contact information. The Company uses this Personal Data for marketing, advertising, business development, client/customer tracking, and client/customer analysis. The Company’s collection and use of Personal Data from business contacts who use the Company’s Power Portal website is described the Power Portal’s privacy policy. The Company also receives the Personal Data of EU and Swiss product users and consumers from its EU and Swiss business contacts, including name, address, and Company products purchased for purposes including tracking product registrations and warranties and marketing and advertising.
In addition, the Company receives Personal Data from users of the Company’s website as described in the website privacy policy and uses that Personal Data for the purposes described in that policy.
The Company’s Disclosure Of Personal Data
The Company may disclose the Personal Data of individuals located in the EU, UK and Switzerland, subject to written agreement, to authorized service providers who provide services related to the purposes for which the Company collects that Personal Data. For example, the Company stores business contact information in a customer relationship management (CRM) database provided by an authorized service provider located in the United States. On occasion, for purposes of managing product lines and other business interests, Briggs & Stratton’s affiliated companies located outside of the U.S., EU, UK and Switzerland may access business contact and product user Personal Data. In addition, the Company may disclose the Personal Data of website visitors to other third parties as described in the website privacy policy referenced above. The Company may be liable for the onward transfer of Personal Data to third parties. Pursuant to the DPF Principles, the Company remains liable for the transfer of personal data to third parties acting as our agents unless we can prove we were not a party to the events giving rise to the damage.
The Company may be required to disclose, and may disclose, Personal Data in response to lawful requests by public authorities, including for the purpose of meeting national security or law enforcement requirements.
Choices For Limiting The Use And Disclosure Of Personal Data
The Company will provide the opportunity for individuals to opt out from: (a) the disclosure of their Personal Data to a non-agent third party; and (b) the use of their Personal Data for purpose(s) that are materially different from the purpose(s) for which the Personal Data was originally collected or subsequently authorized by the individual. The Company will provide individuals with clear, conspicuous and readily available mechanisms to exercise their choices regarding Personal Data should such circumstances arise. Individuals who wish to limit the use or disclosure of their Personal Data as described in this Policy should submit their requests to privacy@basco.com.
Individuals’ Right To Access Their Personal Data
Upon request, the Company will grant individuals access to their Personal Data. Individuals who wish to exercise these rights can do so by contacting privacy@basco.com. If such Personal Data is inaccurate or processed in violation of the DPF Principles, individuals may also request that Personal Data be corrected, amended, or deleted. For security purposes, the Company may require verification of the requester’s identity before providing access to Personal Data. In addition, applicants can access their Personal Data through their accounts on the Company’s career portal.
More Information And What To Do If You Have a Complaint
In compliance with the DPF Principles, the Company commits to resolve complaints about our collection or use of your Personal Data transferred to the U.S. pursuant to the Principles. EU, UK, and Swiss individuals with inquiries or complaints should first contact privacy@basco.com.
The Company has further committed to refer unresolved DPF Principles-related complaints to a U.S.-based independent recourse mechanism, Data Privacy Framework Services, operated by BBB National Programs. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://bbbprograms.org/programs/all-programs/dpf-consumers/ProcessForConsumers for more information and to file a complaint. This service is provided free of charge to you.
If your DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See https://www.dataprivacyframework.gov/framework-article/ANNEX-I-introduction. The Federal Trade Commission has jurisdiction over the Company’s compliance with the EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and Swiss-U.S. DPF.
Effective Date: October 10, 2023