PRIVACY POLICY

 

1.0 PURPOSE

BDA’s Privacy Policy, effective July 1, 2004, explains how we may collect information from customers that order merchandise with BDA, both online and through an account or customer-service representative. Customer information means personally identifiable information about individuals including credit cards, billing data, or other personally identifiable information. Information collected is in accordance with General Data Protection Regulation, PCI DSS, and other governing privacy policies.

Need to make a privacy information request?

CCPA Request
GDPR Request

 

2.0 SCOPE

This policy applies to all BDA customers and is presented on each of our web stores.

 

3.0 POLICY

When you conduct business with BDA, we may collect the following information in order to service your accounts and better respond to your needs. The information may contain, but is not limited to:

Order information: Information that you provide to us online in orders and other forms. Examples include your name, address, telephone number, products ordered and payment information.

Transaction and experience information: Information about your online transactions, as well as information about our online communications with you. Examples include your activity on the Web site, such as collecting information on product information reviewed.

Cookies, Social Media Widgets, and Applications: Some of our websites may also collect information online through Cookies, Social Media Widgets, and other applications for usage analytics. The most common are Cookies, which are pieces of information stored directly on the computer you are using. Cookies can contain a variety of information, such as a simple count of how often you visit a Web site or information that allows customization of a Web site for your use. The use of Cookies depends on our clients’ specific privacy policies. Generally, our web sites use Cookies to display information more effectively to you and to gather data about the usage of our Web site. For example, we use a cookie to limit the number of times you may receive a survey. Any time a cookie is used; personal information is encrypted for our use only and protected from third party access. Each website that uses cookies or other analytics tools will disclose that information on the privacy policy listed on the website.

Minors: BDA does not knowingly collect or solicit any information from anyone under the age of 13, or knowingly allow such persons to register an account on our websites or become customers. In the event that we learn that we have collected personal data from a child under age 13 without appropriate permission from their parents or legal guardian, we will delete that information as quickly as possible. If you believe that BDA might have information from a minor under the age of 13, please contact us at the postal address provided below. Requests will not be accepted by phone or email.

BDA World Headquarters
Attn: Web Policy & Consent Compliance
15525 Woodinville-Redmond RD. NE.
Woodinville, WA 98072
dpo@bdainc.com

BDA does not sell or share customer information collected from customers with marketers or outside entities who may want to offer you their own products and services. We may share customer information we collect from you online with companies that work for us. All companies that act on our behalf are contractually obligated to keep the information we provide to them confidential and to use the customer information we share only to provide the services we ask them to perform for you and us.

We also may share customer information we collect about you online when required or permitted by law, trying to protect against or prevent actual or potential fraud, or investigating fraud that has already taken place. For example, customer information may be disclosed to a collection agency, in the event of a delinquency. Customer information may also be disclosed to companies that process your requests for products.

Your personally identifiable information is kept secure and stored in encrypted databases. Only authorized personnel who are bound by our security and confidentiality policies have access to this information. All emails and other electronic communication from our sites allow for opt-in or opt-out. Please do not email credit card or related information to us unless it is encrypted as we will not accept those emails.

Keeping your account information accurate and up to date is very important. If you want to update this information, please contact customer service by calling 425.492.6111 or the client-specific phone number we’ve provided under separate cover. You may also contact us via email at dpo@bdainc.com.

BDA reserves the right to make changes to this policy. Any changes to this policy will be posted.

 

4.0 RESPONSIBILITY

The Sr. Director Infrastructure and Applications is is responsible for leading privacy and compliance activities that bring BDA into compliance with the PCI Data Security Standards and other applicable regulations, most notably RCW 19.255.010, Privacy Incident Response, Notification, and Reporting
Procedures for Personally Identifiable Information (PII).

 

5.0 RELATED DOCUMENTS

ITP001 BDA Information Security Policy, Policy # 201108003
BDA Logical Access Policy, Policy # 201108001

 

6.0 COMPLIANCE

PCI DSS Requirements 7 and 8
GDPR Reg 05/28/18 Where Applicable

 

7.0 POLICY HISTORY

Initial Effective Date: 07/01/2004
Revision Date: 06/13/2019
Review Date: 08/31/2019