Snap-on AutoCrib, a Division of IDSC Holdings LLC, is part of the Snap-on Incorporated group of companies (“Snap-on Group”), which processes your information. Snap-on AutoCrib, a Division of IDSC Holdings LLC is referred to as “we” in this privacy policy.

The protection of your personal information is an important concern to which we pay special attention.

This privacy policy answers frequently asked questions about the kinds of personal information we collect from you and how it is used.  

Please note, the privacy practices set forth in this privacy policy are for Snap-on AutoCrib, a Division of IDSC Holdings LLC only.  Other companies within the Snap-on Group may have websites and products that collect and use different personal information. Additionally, if you link to or otherwise visit any other websites, please review the privacy policies posted on those sites.

Should you have any questions or concerns regarding this privacy policy, please contact the data protection manager at: DataProtectionManager@snapon.com.

1.          What types of personal information do we gather?

We may collect and process, and have collected and processed in the last 12 months, a range of personal information including:

  • Identifiers:  Such as a real name, alias, postal address, telephone number, online identifier, internet protocol address, email address, account name, social security number, driver’s license number, passport number, other state or national identification number(s), your signature, physical characteristics or description, insurance policy number or other similar unique personal identifiers.

  • Commercial Information: Such as transaction and purchase information and history.

  • Financial Information: Such as your bank account number, credit card number, debit card number or any other financial information.

  • Technical and Usage Information: Such as login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and information on other technology on the devices using our websites or products; information about how you use our website, products and services, such as browsing history, search history, or other information on interactions with our websites, applications, products and services. For detailed information on the tracking technologies we use on this website, see the Cookie Section.

  • Educational or Professional/Employment-Related Information: Such as education or training history, work history and prior employers.

  • Sensory information: Such as audio, electronic, visual and similar information, such as call and video recordings.

  • We do not intend to collect personal information of Children: We do not knowingly collect personal information from children under 16.  Our website is not intended for children under 16 years of age. If you are under 16, do not use or provide any information on this website or through any of its features. If you believe we might have any information from or about a child under 16, please contact us at DataProtectionManager@snapon.com.

 

2.          What are the sources of personal information we have gathered?

We collect personal information from a variety of sources, including:

  • From You.  You may directly give us personal information when you:

    • Apply for, purchase, register or use our products and services;

    • Receive customer support;

    • Create an account on our website;

    • Subscribe to our publications;

    • Request marketing be sent to you;

    • Complete surveys;

    • Correspond with us in person at trade shows, events, or otherwise;

    • Interact with us as a potential or existing distributor or as an employee of a distributor; or

    • Give us feedback or provide us other information when you contact us;

  • From automated technologies or interactions. As you interact with our website, application, or email campaigns, we may automatically collect Technical and Usage Information (more fully described in the “What types of personal information do we gather?” Section.)  We collect this data by using cookies, server logs and other similar technologies.   For detailed information on the technologies we use on this website or in our email campaigns, see the Cookie Section.

  • From third parties or publicly available sources.  We will receive personal information from various third parties that confirmed they are authorized to share it with us or other public sources, such as:

    • Consumer reporting agencies, credit reference agencies and publicly available databases;

    • Your employer in order for you to use our products or services;

    • Our distributors;

    • Other Snap-on Group companies that you may interact with through other websites, products, services, or social media pages; or

    • Data Analytics Providers;

 

3.          How is that personal information used by us?

We may use your personal information in the following ways:

  • Business Uses, such as:

    • Register you as a new customer;

    • Register you as a user in our products or services, and provide those services;

    • Process and deliver your order, manage your subscriptions, or carry out our obligations arising from any other contracts you enter into with us;

    • Manage payments, fees and charges and collect and recover money owed to us;

    • Managing our relationship with you by sending you renewal notices, notifying you of product or service information, asking you to leave a review or take a survey, or enabling you to partake in a prize draw or competition;

    • Fulfill your requests, answer your questions, respond to your comments, and measure how effectively we address your concerns;

    • Analyze and develop new products and services, or make suggestions and recommendations to you about goods and services that may be of interest to you;

    • Provide customer support; or

    • Fulfill any legal obligations we may have.

  • Monitoring & Recording: to handle any calls, chats or other interactions with us, including by the customer services team. Please be aware that it is our general practice to monitor and in some cases record such interactions for staff training or quality assurance purposes or to retain evidence of a particular transaction or interaction.

  • Website Experience: for the technical administration of the website; for internal operations; for customer administration; for product surveys; for troubleshooting; for information analysis, information analytics, testing, and research and development purposes; to ensure that content from our site is presented in the most effective manner for you and for your computer; and as part of our efforts to keep our site safe and secure.

  • Protecting our Rights and Property: to protect our rights or property or that of our business partners, dealers, distributors, suppliers, customers or others when we have reasonable grounds to believe that such rights or property have been or could be affected; to recover debts; to prevent, detect, identify, investigate, respond, and protect against potential or actual claims, liabilities and prohibited behavior or activities.

  • Information for our Business Partners, Dealers and Distributors: to administer and develop our business relationship with you, the business partner, dealer or distributor you represent, including sharing information with our group, to enter into or perform a transaction with you, to contact you as part of satisfaction surveys or for market research purposes.

  • Product development: We may use non-identifying and aggregate information to gather information for product management and development. For example, we may tell our sales and marketing staff that X number of individuals visited a certain area on our web site, or that Y number of software licenses were ordered during a particular time period. This aggregate information may also be shared with our affiliates and independent dealers.

  • Marketing: to communicate about, and administer participation in, special events, programs, surveys, contests, sweepstakes, and other offers and promotions; to provide you with information about other goods and services we offer, or offered by others, that are similar to those that you have already purchased or enquired about and to send informational or promotional email messages to you, which you may opt out of receiving as described below.

 

4.          On what legal basis do we gather and use personal information of UK/EU/EEA residents?

We gather and use your personal information for either (i) the performance of a contract to which you are party or in order to take steps at your request prior to entering into a contract, and/or (ii) our legitimate interests and in compliance with your fundamental rights and freedoms and/or (iii) because of a legal obligation, and/or (iv) to protect your vital interests.

 

5.          Is my personal information disclosed to third parties?

We may disclose Personal Information with the following categories of third parties:

  • “Affiliates”  We share with our affiliates for the purposes described in this Privacy Policy.

  • “Service Providers”  We share with our trusted third-party service providers, to facilitate services they provide to us, such as internet services, website hosting, data analytics, payment processing, order fulfillment, information technology and related infrastructure provision, customer service, email delivery, marketing, auditing, background checks, and other services. 

  • “Business Partners”  We share with our trusted business partners.

  • “Credit Bureaus”  We share information about your credit history with us with credit bureaus.

  • “Legal Authorities”  We share with public and government authorities, including regulators and law enforcement, to respond to requests, as well as to protect and defend legal rights.

  • “Other Parties in Litigation”  We share information in the context of litigation discovery and in response to subpoenas and court orders.

 

In the preceding 12 months, we disclosed for our operational business purposes the following categories of Personal Information to the following categories of third parties:

Categories of Personal Information

Disclosed to Which Categories of Third Parties for Operational Business Purposes

Identifiers

Affiliates, Business Partners, Credit Bureaus, Service Providers, Legal Authorities, Other Parties in Litigation

Commercial Information

Affiliates, Legal Authorities, Other Parties in Litigation

Financial Information

Credit Bureaus, Service Providers, Legal Authorities, Other Parties in Litigation

Technical and Usage Information

Affiliates, Credit Bureaus, Service Providers, Legal Authorities, Other Parties in Litigation

Professional/Employment  Related Information

Affiliates, Business Partners, Service Providers, Legal Authorities, Other Parties in Litigation

 

6.          How long will my personal information be kept for?

We will endeavor not to keep your personal information in a form that allows you to be identified for any longer than is reasonably necessary for achieving the permitted purposes. This means that information will be destroyed or erased from our systems or anonymized when it has reached the applicable retention period.  

7.          Will my personal information be transferred to other countries?

We are a global company and we may process, store and transfer personal information we collect to a country outside your own, provided that certain conditions as set out in the applicable legislation are complied with.  

We are party to an information transfer agreement with the members of the Snap-on Group and we will keep that document up to date with current law. For more information on the safeguards in place, please contact DataProtectionManager@snapon.com.

8.          What security measures are in place to protect my personal information?

We endeavor to protect the security of your personal information. We will seek to maintain administrative, technical and physical safeguards to protect against loss, misuse or unauthorized access, disclosure, alteration or destruction of your personal information.

Unfortunately, the transmission of information via the internet is not completely secure. Although we endeavor to protect your personal information, we cannot guarantee the security of your personal information transmitted to us or stored on our systems; any transmission is at your own risk. Once we have received your personal information, we will use procedures and security features to try to prevent unauthorized access. These procedures include physical, electronic, and managerial procedures.

9.          How do I update or access my personal information?

We ask that you keep your information as up-to-date as possible so you may get the maximum benefit from us.

If you have an Arcturus account with us then you can access and correct personal information that we keep on the main page within the Account Information section. For other questions related to updating or changing your account information or if any errors in your personal information cannot be corrected by accessing the Account Information section, please call 800-671-6501.

Employees of users of AutoCrib products, whose data is stored within Arcturus, should contact their employer to have their information changed or removed.

 

10.       What specific rights do I have in relation to my personal information based on my residency?

·   European Union, European Economic Area, and UK Residents. Depending on the circumstances, the General Data Protection Regulation “GDPR” may provide you the right to:

o   request access to any personal information we hold about you;

o   object to the processing of your information for direct-marketing purposes;

o   ask to have inaccurate information held about you amended or updated;

o   ask to have your information erased or to restrict processing in certain limited situations;

o   request the porting of your personal information to another organization in control of your personal information; and/or

o   object to any decision that significantly affects you being taken solely by a computer or other automated process.

If you are a resident of the European Union or European Economic Area that wishes to make a formal request for information we hold about you, you can contact us, here. We will respond to your request consistent with the GDPR. 

 

·   California Residents: The California Consumer Privacy Act (“CCPA”) provides California residents specific rights regarding their personal information. You have the right to be free from unlawful discrimination for exercising your rights under the CCPA. This section describes your CCPA rights and explains how to exercise those rights.

 

o   Access to Specific Information and Data Portability: You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months, including the following:

§  The categories of personal information we collected about you.

§  The categories of sources for the personal information we collected about you.

§  Our business or commercial purpose for collecting that personal information.

§  The categories of Personal Information about you that we shared or disclosed, and, for each, the categories of third parties with whom we shared or to whom we disclosed such Personal Information.

§  The specific pieces of personal information we collected about you (also called a data portability request).

o   Deletion Request Rights:  You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.  We do not provide these deletion rights for B2B personal information. We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:

§  Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, or otherwise perform our contract with you.

§  Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.

§  Debug products to identify and repair errors that impair existing intended functionality.

§  Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.

§  Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).

§  Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.

§  Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.

§  Comply with a legal obligation.

§  Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

o   Exercising Access, Data Portability, and Deletion Rights. 

§  To exercise the rights described above, please submit a verifiable consumer request to us by either:

·   Calling us toll-free at 844-972-1285; or

·   Contact us here.  

§  We will verify and respond to your Request to Know or Request to Delete consistent with applicable law, taking into account the type and sensitivity of the Personal Information subject to the request.  We may need to request additional Personal Information from you, such as name, phone number, e-mail address and/or delivery address, in order to verify your identity and protect against fraudulent requests. If you make a Request to Delete, we may ask you to confirm your request before we delete your Personal Information.

§  If you are the authorized agent of a consumer, making a Request to Know or a Request to Delete on behalf of the consumer, we will ask you for:

·   proof of your registration with the California Secretary of State to conduct business in California; and

·   proof that the consumer has authorized you to make a Request to Know or a Request to Delete on the consumer’s behalf.  This must be a permission signed by the consumer. “Signed” means that the permission has either been physically signed or provided electronically in accordance with the Uniform Electronic Transactions Act, Civil Code 1633.7 et seq.

§  If an authorized agent has not provided us with a power of attorney from the consumer pursuant to Probate Code sections 4000-4465, we may also:

·   require the consumer to provide you with a written permission signed by the consumer to make the request on the consumer’s behalf,

·   verify the identity of the consumer as we would if the consumer were making the request personally, and

obtain verification from the consumer that they provided the authorized agent permission to make the request.

o   Other notices for California residents:

§  California “Do Not Track” Disclosure.  We do not track our customers over time and across third party websites to provide targeted advertising and therefore generally do not respond to Do Not Track (DNT) signals. 

§  Pursuant to the CCPA, California residents have the right to opt-out of the sale of their personal information.

§  WE HAVE NOT “SOLD” PERSONAL INFORMATION FOR PURPOSES OF THE CCPA.

§  If you are a resident of California, under 18, and a registered user of our websites, you may ask us to remove content or information that you have posted by writing to our Data Protection Manager at DataProtectionManager@snapon.com.  Please note that your request does not ensure complete or comprehensive removal of the content or information, as, for example, some of your content may have been reposted by another user.

 

·   Nevada Residents: Nevada residents may request that website operators not sell consumer’s “Covered Information” as defined by Nevada law. WE HAVE NOT “SOLD” COVERED INFORMATION FOR PURPOSES OF NEVADA LAW.   If you are a Nevada resident that would like to make a further inquiry regarding the selling of your Covered Information, please contact DataProtectionManager@snapon.com

 

11.       How do I opt out of being contacted for promotional purposes?

You have the right to ask us not to send you marketing communications. We will usually inform you (before collecting the personal information) if we intend to use your personal information for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect personal information. You can also exercise the right to prevent such processing at any time by:

  • Clicking the unsubscribe link in any informational or promotional email that we send you.

  • Calling our Customer Service Center at 800-671-6501​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​ if you have any questions about changing your contact preference or require assistance in removing your name from our subscription lists.

 

12.       How do we use cookies?

What are cookies: Cookies are small text files that are placed on your computer by websites that you visit, and are widely used to make websites work, or work more efficiently.

If you receive marketing or newsletter emails from us, they are sent using our service provider HubSpot.  The HubSpot privacy notice can be found here: https://legal.hubspot.com/privacy-policy.  Emails from this service may include tracking pixels (also known as web beacons) to enable us to recognize when someone has opened them and measure the success of campaigns.  HubSpot’s Cookie Statement can be found here: https://legal.hubspot.com/cookie-policy.

If you receive alert emails from us, they are sent using our service provider Mailgun.  The mailgun privacy notice can be found here: https://www.mailgun.com/legal/privacy-policy/.  Emails from this service may include tracking pixels (also known as web beacons) to enable us to recognize when someone has opened them and measure the success of campaigns.  Mailgun’s Cookie Statement can be found here: https://www.mailgun.com/legal/cookie-policy/

 

·   How do I change my cookie settings:

o   Most browsers automatically accept cookies. However, you can prevent cookies from being stored on your computer or device by setting your browser to not accept cookies. The exact instructions for this can be found in the manual for your browser. You can delete cookies already on your computer or device at any time. If you choose to set your browser settings so cookies are not accepted, then you can still visit our website, apps and online services, however doing so may affect your use of some parts of our web services, apps and online services and reduce availability of the services provided by our website, apps and online services.

o   To opt out of being tracked by Google Analytics across all websites, visit http://tools.google.com/dlpage/gaoptout

o   You can disable tracking pixels in our email campaigns by blocking remote images from being displayed by default in your mail client.

·   How does this website use cookies: The table below explains the cookies we use and why.

 

Cookie

Name

Purpose

More information

.ASPXAUTH

.ASPXAUTH

This cookie is used by sites using the .NET technology platform from Microsoft. It is commonly used to identify a logged-in user to enable access to secure areas of a site.  Expires after session is closed.

Created by ASP.NET runtime (Essential to site functionality)

_RequestVarificationToken

_RequestVarificationToken

This is an anti-forgery cookie set by web applications built using ASP.NET MVC technologies. It is designed to stop unauthorized posting of content to a website, known as Cross-Site Request Forgery. It holds no information about the user and is destroyed on closing the browser.

Created by ASP.NET runtime (Essential to site functionality)

ASP.NET_SessionId

ASP.NET_SessionId

General purpose platform session cookie, used by sites written with Microsoft .NET based technologies. Usually used to maintain an anonymised user session by the server.  Expires after the session is closed.

Created by ASP.NET runtime (Essential to site functionality)

incap_ses_*

incap_ses_*

Save jqxGrid state.  Saves your preferences and speeds up searches.  Expires after the session is closed.

Created by JQXGrid plugin

_ga

_ga

Used to distinguish unique users by assigning a randomly generated number as a client identifier. It is included in each page request in a site and used to calculate visitor, session and campaign data for the site’s analytics reports.  By default it is set to expire after 2 years.

Google Analytics

_gid

_gid

Session cookie used to store and update a unique value for each page visited.  Expires after session is closed.

Google Analytics

_fw_crm_v

_fw_crm_v

Used to track Visitor/User identity and chat sessions performed by the User for Freshdesk Live Chat features.  Expires after 1 year.

Freshdesk Live Chat plugin

ssr-caching

ssr-caching

Used to indicate the system from which the site was rendered. Expires in 1 minute.

 

bSession

bSession

Used for system effectiveness measurement.

Expires after 1 day.

 

svSession

svSession

Used in connection with user login. Expires after 1 day.

 

hs

Hs

Used for security reasons. Expires after the session.

 

_dc_gtm_UA-xxxxxxxx

_dc_gtm_UA-xxxxxxxx

This cookie is associated with sites using Google Tag Manager to load other scripts and code into a page.  Where it is used it may be regarded as Strictly Necessary as without it, other scripts may not function correctly. The end of the name is a unique number which is also an identifier for an associated Google Analytics account. Expires after 1 day.

 

TS01xxxxxxxx

TS01xxxxxxxx

TS Expires after the session.

 

XSRF-TOKEN

XSRF-TOKEN

This cookie is written to help with site security in preventing Cross-Site Request Forgery attacks. Expires after the session.

 

_gclxxxx

_gclxxxx

Google conversion tracking cookie. Expires in 3 months.

 

_wixAB3

_wixAB3

This domain is owned by Wix Inc. The company provides a platform for creating and hosting websites. Expires in 6 months.

 

bcookie

bcookie

This domain is owned by LinkedIn, the business networking platform. It typically acts as a third party host where website owners have placed one of its content sharing buttons in their pages, although its content and services can be embedded in other ways. Although such buttons add functionality to the website they are on, cookies are set regardless of whether or not the visitor has an active Linkedin profile, or agreed to their terms and conditions.  For this reason it is classified as a primarily tracking/targeting domain. Expires in 2 years.

 

lang

lang

This domain is owned by LinkedIn, the business networking platform. It typically acts as a third party host where website owners have placed one of its content sharing buttons in their pages, although its content and services can be embedded in other ways. Although such buttons add functionality to the website they are on, cookies are set regardless of whether or not the visitor has an active Linkedin profile, or agreed to their terms and conditions.  For this reason it is classified as a primarily tracking/targeting domain. Expires after the session.

 

li_gc

li_gc

This domain is owned by LinkedIn, the business networking platform. It typically acts as a third party host where website owners have placed one of its content sharing buttons in their pages, although its content and services can be embedded in other ways. Although such buttons add functionality to the website they are on, cookies are set regardless of whether or not the visitor has an active Linkedin profile, or agreed to their terms and conditions.  For this reason it is classified as a primarily tracking/targeting domain. Expires in 2 years.

 

AnalyticsSyncHistory

AnalyticsSyncHistory

This domain is owned by LinkedIn, the business networking platform. It typically acts as a third party host where website owners have placed one of its content sharing buttons in their pages, although its content and services can be embedded in other ways. Although such buttons add functionality to the website they are on, cookies are set regardless of whether or not the visitor has an active Linkedin profile, or agreed to their terms and conditions.  For this reason it is classified as a primarily tracking/targeting domain. Expires in 30 days.

 

bscookie

bscookie

This domain is owned by LinkedIn, the business networking platform. It typically acts as a third party host where website owners have placed one of its content sharing buttons in their pages, although its content and services can be embedded in other ways. Although such buttons add functionality to the website they are on, cookies are set regardless of whether or not the visitor has an active Linkedin profile, or agreed to their terms and conditions.  For this reason it is classified as a primarily tracking/targeting domain. Expires in 2 years.

 

lidc

lidc

This domain is owned by LinkedIn, the business networking platform. It typically acts as a third party host where website owners have placed one of its content sharing buttons in their pages, although its content and services can be embedded in other ways. Although such buttons add functionality to the website they are on, cookies are set regardless of whether or not the visitor has an active Linkedin profile, or agreed to their terms and conditions.  For this reason it is classified as a primarily tracking/targeting domain. Expires in 24 hours.

 

UserMatchHistory

UserMatchHistory

This domain is owned by LinkedIn, the business networking platform. It typically acts as a third party host where website owners have placed one of its content sharing buttons in their pages, although its content and services can be embedded in other ways. Although such buttons add functionality to the website they are on, cookies are set regardless of whether or not the visitor has an active Linkedin profile, or agreed to their terms and conditions.  For this reason it is classified as a primarily tracking/targeting domain. Expires in 30 days

 

__cf_bm

__cf_bm

This is a CloudFoundry cookie. Expires in 30 minutes.

 

lang

lang

This domain is owned by LinkedIn, the business networking platform. This sub-domain is connected with LinkedIn's marketing services that enable website owners to gain insight into types of users on their site based on LinkedIn profile data, to improve targeting. Expires after the session.

 

 

Except for essential cookies, all cookies will expire after 2 years. [].

 

13.       Who should I contact with concerns or questions about this Privacy Policy or applicable data protection legislation?

If you have concerns or questions about this Privacy Policy or you believe that the applicable data protection legislation or this policy has not been followed, then you should raise the matter with our Data Protection Manager at DataProtectionManager@snapon.com.  

If you are a citizen of the European Union or European Economic Area, you may make a complaint at any time to the applicable supervisory authority for data protection issues.  We have appointed a data protection manager who is responsible for addressing any reported data protection issues related to GDPR, and we would like the opportunity to respond to your concerns before you approach a supervisory authority so please feel free to contact the data protection manager at DataProtectionManager@snapon.com.

14.       Modifications to this Privacy Statement

We reserve the right to modify this Privacy Policy at any time and without prior notice, subject to applicable legal requirements to notify you or obtain your consent. We will post any changes on our website so please check regularly for the most recent version of our Privacy Policy. This version is dated, 06/16/2022.

15.       Links

This site contains links to other sites. Please be aware that We are not responsible for the content or privacy practices of those sites, and our Privacy Policy does not apply to information collected from you by those sites. We encourage you to read the privacy statements of each site that collects information from you. When you are leaving our site via a link to interact with a site that is not governed by our Privacy Policy, a new browser window will open. If your interaction with our site will require sending your information to a third-party site that is not governed by our privacy policy, We will clearly inform you before your information is sent.

PRIVACY POLICY