WHO WE ARE

KOHLER Co. is a global company providing a variety of products, services, and experiences to consumers, customers, vendors, and suppliers. We are committed to the privacy and security of personal information that is shared with us and seek to be transparent concerning our data processing practices.

This Privacy Notice describes how KOHLER Co. and its affiliates and subsidiaries, a complete list of which is available here, (together, "Kohler", "we", "us", "our") process personal information in connection with the activities described in the "Scope" section, below.

For questions about this Notice, you may contact the Kohler Global Data Privacy Team, using the contact information in the "How To Contact Us" section of this notice.


TABLE OF CONTENTS

  1. WHAT INFORMATION WE COLLECT
  2. HOW KOHLER USES YOUR PERSONAL INFORMATION
  3. SHARING YOUR INFORMATION
  4. RETENTION OF YOUR INFORMATION
  5. DATA SECURITY AND INTEGRITY
  6. YOUR CONTROLS AND CHOICES
  7. THIRD PARTY SERVICES
  8. CHILDREN'S PERSONAL INFORMATION
  9. CHANGES TO OUR PRIVACY NOTICE
  10. HOW TO CONTACT US
  11. JURISDICTION SPECIFIC
  1. UNITED STATES: STATE PRIVACY RIGHTS NOTICE
  2. SUPPLEMENTAL NOTICE FOR EUROPEAN UNION AND UNITED KINGDOM
  3. SUPPLEMENTAL NOTICE FOR BRAZIL
  4. SUPPLEMENTAL NOTICE FOR CANADA
  5. SUPPLEMENTAL NOTICE FOR CHINA

Scope

This Privacy Notice applies to our processing of personal information collected:

  • via our websites, mobile applications, social media pages, and other digital properties that display or link to this privacy notice;
  • from our customers and prospective customers, including former, current and prospective customers and others with whom we currently do or have done business;
  • and from business partners, vendors and service providers, including former, current, and prospective business partners, vendors and service providers with whom we do or have done business.

This Privacy Notice does not apply to:

  • the personal information we collect from our employees, contractors, or job applicants;
  • the personal information collected in connection with Kohler's hospitality business, ("Kohler, Wisconsin");
  • any personal information Kohler processes on behalf of a third-party entity, such as a business customer or vendor.

California Notice at Collection/State Law Privacy Rights: See the State Law Privacy Rights section for important information about your rights under applicable state privacy laws.

European Notice: Please see the European Notice for additional information for individuals located in the European Economic Area or United Kingdom (which we refer to as "Europe", and "European" should be understood accordingly) below.



WHAT INFORMATION WE COLLECT

Information You Provide to Us

Information Category Examples
Personal or business contact information Such as: name, billing and mailing address, telephone number, professional title and company name, and email address.
Transaction and payment information Such as: banking or credit card details, transaction details (e.g., billing and delivery address, order number), and other information needed to complete transactions on our services.
User-generated content Such as: comments, questions, messages, images, videos, and other content or information that you generate, transmit, or otherwise make available on our websites or other services or that you otherwise submit to us (online or offline), as well as associated metadata.
Communications information Such as: Information provided by you when you interact with our Customer Service team (including call recordings), contact us directly by email or mail, and communications with chat features such as our chatbots.
Demographic information Such as: your city, state, country of residence, postal code, and age.
Marketing information Such as: your preferences for receiving our marketing communications and details about your engagement with them.
Account information Such as: the username and password that you may set to establish an online account on our services, along with any other information that you add to your account profile.
Promotion information Such as: information you share when you enter a competition, promotion, or complete a survey.
Other information Information not specifically listed here, which we will use as described in this Privacy Notice or as otherwise disclosed at the time of collection.

 

Information Collected Automatically

Information Category Description/Examples
App, browser, and device information Such as: information about the device, operating system, browser, IP address and other device characteristics (e.g., plug-ins and the network you are connected to).
Usage and activity information Such as: information about what you view or click while visiting our sites and apps and how you use our services, and information about how our services are performing when you use them (such as diagnostic and troubleshooting information, crash data, website performance logs, error messages or reports)
Session replay information Such as: information about your interaction with our sites and with our webforms (such as IP Address, time of session, and other session details), including the use of TrustedForm session replay technology. For more information on TrustedForm session replay technology, please navigate to https://activeprospect.com/trustedform-privacy-notice/.
Communication interaction information Such as: your interactions with our email or other communications, which we may collect through use of pixel tags (also known as clear GIFs) that may be embedded invisibly in our emails.
Cookies and similar technologies See our Cookie Policy here for more information. In particular, note that we may use chat and other artificial intelligence ("AI") technologies. We may employ cookies and software code to operate chat and other features that you can use to communicate with us or input data relevant to your experience. These other technologies may access and use information about webpages you visit on our website, your IP address, and other personal information you share through online chats or within inputs to facilitate our services to you.

 

Information we obtain from Affiliates and third parties

Information Category Description
KOHLER group of companies ("Affiliates") We may obtain information about you such as personal contact information, financial information, and usage information from our Affiliates as a normal part of conducting business.
Information from our marketing and advertising partners and event co-sponsors We may receive information such as your name and contact information from our marketing partners, such as what marketing contact you viewed or interactions on our sites.
Information from analytics providers We may receive information about your interactions on our sites.
Information from public sources We may obtain information about you from social media platforms, government agencies, public records, and other publicly available sources.
Information from other entities to which we provide products and services We may obtain information about you from entities to which we provide products/services, such as retailers, distributors, and franchisees.
Information from referral sources We may obtain information about you from entities that provide referrals.

 


Handling Of Information We Collect

How Kohler Uses Your Personal Information

We may use your personal information for the following purposes or as otherwise described at the time of collection:

Delivery, personalization, and improvement of our products and services. We may use your personal information:

  • To provide you with products and services;
  • To create and maintain your Kohler account;
  • To provide customer support;
  • To send product- or service-related communications;
  • To fulfill your event registration requests;
  • To send administrative information to you, such as information regarding guarantees and warranties and changes to our terms, conditions and policies;
  • To customize your experience with our services and products, including by saving device-based settings; and
  • To conduct research and development, analysis, and otherwise improve our products and services, including by analyzing trends or patterns in the usage of our products and services.

Marketing and advertising. We, our service providers and our third-party advertising partners may collect and use your personal information for marketing and advertising purposes, including:

  • To send and measure the effectiveness of direct marketing communications about our products/services and other news about products which we have reason to believe will be of interest to you.
  • To facilitate interest-based advertising, which may information collected through cookies and other technologies described in the "Information Collected Automatically" section above.

Compliance and protection. We may use your personal information:

  • To comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas, investigations or requests from government authorities;
  • To protect our, your or others' rights, privacy, safety or property (including by making and defending legal claims);
  • To audit our internal processes for compliance with legal and contractual requirements or our internal policies;
  • To enforce the terms and conditions that govern our products and services; and
  • To prevent, identify, investigate and deter fraudulent, harmful, unauthorized, unethical or illegal activity, including cyberattacks and identity theft.

To create aggregated, de-identified and/or anonymized data. We may create aggregated, de-identified and/or anonymized data from your personal information and other individuals whose personal information we collect. We make personal information into de-identified and/or anonymized data by removing information that makes the data identifiable to you and we will not attempt to reidentify any such data. We may use this aggregated, de-identified and/or anonymized data and share it with third parties for our lawful business purposes, including to analyze and improve our products and services and promote our business and to train our AI models and for other machine learning purposes.

Data sharing in the context of corporate events. We may share certain personal information in the context of actual or prospective corporate events – for more information, see "Sharing Your Information", below.

Further uses. In some cases, we may use your personal information for further uses, in which case we will ask for your consent to use of your personal information for those further purposes if they are not compatible with the initial purpose for which information was collected.


 

Sharing Your Information

We work with our affiliates, service providers, and other third parties to help provide our services, and therefore share personal information with these third parties. We may share personal information with:

  • Advertising partners
    • Third-party advertising companies for the interest-based advertising purposes described above.
  • Affiliates
    • As a normal part of conducting business and offering our services, personal information that we collect, and process may be transferred between our companies ("affiliates"). Please visit Kohler.com for a list of our affiliated companies.
  • Authorities and others
    • Law enforcement, government authorities, and private parties, as we believe in good faith to be necessary or appropriate to comply with applicable laws, protect the rights/safety of ourselves or others, and other similar compliance/protection purposes.
  • Business transferees
    • In the context of actual or prospective business transactions or to an acquirer, successor, or assignee of Kohler.
  • Entities that offer our products and services
    • Third parties that offer our products and services, such as retailers, distributors, and franchisees.
  • Other users and the public
    • User-generated content on message boards, chat, profile pages, blogs and other services to which you can post information and content (including, without limitation, our social media), or through which you are able to send messages through the systems may be visible to other users and the public.
  • Partners
    • Third parties with whom we partner, including parties with whom we co-sponsor events or promotions, with whom we jointly offer products or services, or whose products or services may be of interest to you.
  • Professional advisors
    • Professional advisors such as lawyers, auditors, bankers and insurers, where necessary in the course of the professional services that they render to us.
  • Third-party service providers
    • These can include providers of services such as website hosting, services-related consulting and monitoring, chatbot technology providers, data analysis, information technology and related infrastructure provision, customer service, email delivery, auditing, payment processing, and other services.


 

Retention of Your Information

We retain your information as required to fulfil the purposes for which we collected it, including to provide our products and services, comply with legal obligations, or protect our or others' interests. While retention periods may vary by country, we maintain internal retention policies based on the considerations below:

  • The length of time we have an ongoing relationship with you and provide our products or services to you (for example, for as long as you have an account with us or keep using our products and services);
  • The length of time we have an ongoing relationship with you as our client and provide you with products and services;
  • Whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions or communications for a certain period before we can delete them); or
  • Whether retention is advisable considering our legal position (such as applicable statutes of limitations, litigation or regulatory investigations).

When we no longer require the personal information, we have collected about you, we will either delete or anonymize it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible. If we anonymize your personal information (so that it can no longer be associated with you), we may use this information indefinitely without further notice to you.


 


Data Security & Controls

DATA SECURITY AND INTEGRITY

We have implemented organizational, technical, and physical security measures designed to protect your personal information. Please be aware that despite our efforts, no data security measures can guarantee absolute security. You can help keep your data safe through reasonable steps to protect your information against unauthorized disclosure or misuse.


 

YOUR CONTROLS AND CHOICES

In this section, we describe the rights and choices available to all users. Users who are located in California and certain other US states and Europe can find additional information about their rights by going to the Jurisdiction Specific Information tab where they can find their respective supplemental notice.

Access or update your information. If you have registered for an account with us, you may review and update certain account information by logging into your account or using the contact methods described in Account Actions Information below.

Opt-out of communications. You may opt-out of marketing-related emails by following the opt-out or unsubscribe instructions at the bottom of the email, or by contacting us. Please note that if you choose to opt-out of marketing-related emails, you may continue to receive service-related and other non-marketing emails.
If you receive text messages from us, you may opt out of receiving further text messages from us by replying "STOP" to our message.

Cookies and other technologies. For information about cookies and other automatic data collection technologies we use, as well as how to control them, see our Cookie Policy here.

Do Not Track. Some Internet browsers may be configured to send "Do Not Track" signals to the online services that you visit. We currently do not respond to "Do Not Track" signals. To find out more about "Do Not Track," please visit http://www.allaboutdnt.com.

Some Internet browsers and browser extensions support the Global Privacy Control ("GPC"). The GPC can send a signal to the websites you visit indicating your choice to opt-out from certain types of data processing, including data "sales" as defined under certain laws. When we detect such a signal, we will make reasonable efforts to respect your choices indicated by a GPC setting as required by applicable law.

Declining to provide information. We need to collect personal information to provide certain services. If you do not provide the information we identify as required or mandatory, we may not be able to provide those services.

Linked third-party platforms. If you choose to connect to our products or services through your social media account or other third-party platform, you may be able to use your settings in your account with that platform to limit the information we receive from it. If you revoke our ability to access information from a third-party platform, that choice will not apply to information that we have already received from that third party.

Account Actions Information. You may submit requests to exercise your right to information/know, access, appeal, correction, or deletion at https://kohler.service-now.com/gdp/form.do, calling us toll free at 1-800-923-1138, or via email to KohlerGlobalDataPrivacy@kohler.com.


 


ADDITIONAL INFORMATION

THIRD PARTY SERVICES

This Privacy Notice does not address, and we are not responsible for, the privacy, information or other practices of any third parties.

This includes any third party operating any website, application, or other service to which our services may link. Please note that when you use third party services, their own terms and privacy policies will govern your use of their services and products.


 

CHILDREN'S PERSONAL INFORMATION

The sites and services are not directed to individuals under the age of sixteen (16), and we do not knowingly collect Personal Information from individuals under sixteen (16). If you are under the age of 16, please do not provide any personal information through the Sites or Services. If a customer is suspected of being younger than 16 years of age, Kohler will take steps to delete the individual's information as soon as possible.


 

CHANGES TO OUR PRIVACY NOTICE

We may update this notice from time to time to reflect changes and will indicate changes by posting the new version of the Privacy Notice (and effective date) on this website or by other appropriate means. We encourage you to periodically review this website and our Privacy Notice to understand how Kohler protects your personal information. Once effective, the revised Privacy notice will apply to you and your personal information.


 

HOW TO CONTACT US

If you have questions, complaints, or concerns regarding this Privacy Notice, please contact us at KohlerGlobalDataPrivacy@kohler.com or call the toll free number 1-800-923-1138.



United States: State privacy rights notice

Except as otherwise provided, this section applies to residents of California, Colorado, Virginia, and other states to the extent they have privacy laws applicable to us that grant their residents the rights described below (collectively, the "State Privacy Laws").

This section describes how we collect, use, and share Personal Information of residents of these states and the rights these users may have with respect to their Personal Information. Please note that not all rights listed below may be afforded to all users and that if you are not a resident of a state with a privacy law applicable to us, you may not be able to exercise these rights. In addition, we may not be able to process your request if you do not provide us with sufficient detail to allow us to confirm your identity or understand and respond to it.

For purposes of this section, the term "Personal Information" has the meaning given to "personal data", "personal information" or other similar terms and "Sensitive Personal Information" has the meaning given to "sensitive personal information," "sensitive data", or other similar terms in the State Privacy Laws, except that in neither case does such term include information exempted from the scope of the State Privacy Laws. In some cases, we may provide a different privacy notice to certain categories of residents of these states, such as job applicants, in which case that notice will apply instead of this section.

Your Privacy Rights

The State Privacy Laws may provide residents with some or all of the rights listed below. However, these rights are not absolute and some State Privacy Laws do not provide these rights to their residents. Therefore, we may decline your request in certain cases as permitted by law.

  • Information. You can request the following information about how we have collected and used your Personal Information:
    • The categories of Personal Information that we have collected.
    • The categories of sources from which we collected Personal Information.
    • The business or commercial purpose for collecting and/or selling Personal Information.
    • The categories of third parties with which we share Personal Information.
    • The categories of Personal Information that we sold or disclosed for a business purpose.
    • The categories of third parties to whom the Personal Information was sold or disclosed for a business purpose.
  • Access. You can request a copy of the Personal Information that we have collected about you:.
  • Appeal. You can appeal our denial of any request validly submitted.
  • Correction. You can ask us to correct inaccurate Personal Information that we have collected about you.
  • Deletion. You can ask us to delete the Personal Information that we have collected from you.
    • Opt-out of certain processing for targeted advertising purposes, for profiling/automated decision making, or for other sales of personal data. You can opt-out of the foregoing activities Kohler may undertake as part of your interaction with Kohler by navigating to and clicking on the "Do Not Sell or Share My Personal Information" link on any Kohler website and following the instructions provided.
  • Consumers under 16. We do not have actual knowledge that we sell or share the personal information of consumers under 16 years of age.
  • Sensitive Personal Information. We do not process Sensitive Personal Information for the purpose of inferring characteristics about consumers under the CCPA.
  • Nondiscrimination. You are entitled to exercise the rights described above free from discrimination as prohibited by the State Privacy Laws.

Exercising your right to information/know, access, appeal, correction, and deletion

You may submit requests to exercise your right to information/know, access, appeal, correction, or deletion at https://kohler.service-now.com/gdp/form.do, calling us toll free at 1-800-923-1138, or via email to KohlerGlobalDataPrivacy@kohler.com.


Exercising your right to opt-out of the "sale" or "sharing" of your Personal Information

While we do not sell personal information for money, like many companies, we use services that help deliver interest-based ads to you as described above. The State Privacy Laws may classify our use of some of these services as "selling" or "sharing" your Personal Information with the advertising partners that provide the services. You can submit requests to opt-out of tracking for targeted advertising purposes or other sales of Personal Information via email to KohlerGlobalDataPrivacy@kohler.com or via phone by calling 1-800-923-1138, or by broadcasting the global privacy control signal. You may also opt-out of tracking of this sort or other sales of personal information by navigating to and clicking on the "Do Not Sell or Share My Personal Information" link on any Kohler website and following the instructions provided.


Verification of Identity; Authorized agents

We may need to verify your identity in order to process your information/know, access, appeal, correction, or deletion requests and reserve the right to confirm your residency. To verify your identity, we may require government identification, a declaration under penalty of perjury, or other information, where permitted by law.

Under some State Privacy Laws, you may enable an authorized agent to make a request on your behalf. However, we may need to verify your authorized agent's identity and authority to act on your behalf. We may require a copy of a valid power of attorney given to your authorized agent pursuant to applicable law. If you have not provided your agent with such a power of attorney, we may ask you to take additional steps permitted by law to verify that your request is authorized, such as by providing your agent with written and signed permission to exercise your State Privacy Laws rights on your behalf, the information we request to verify your identity, and confirmation that you have given the authorized agent permission to submit the request.


Personal information that we collect, use and disclose

We have summarized the Personal Information we collect, the purposes for which we collect it and the third parties to whom we may disclose it by reference below to both the categories defined in the "What information we collect" section of this Privacy Notice above and the categories of Personal Information specified in the CCPA (Cal. Civ. Code §1798.140). This chart describes our practices currently and during the 12 months preceding the effective date of this Privacy Notice. Information you voluntarily provide to us, such as in free-form webforms, may contain other categories of personal information not described below.

Personal Information (“PI”) we collect CCPA statutory category Purposes Categories of third parties to whom we “disclose” PI for a business purpose Categories of third parties to whom we “sell” or “share” PI
Personal or business contact information
  • Identifiers (online)
  • Identifiers (other)
  • Commercial information
  • California customer records
  • Delivery, personalization, and improvement of our products and services
  • Marketing and advertising
  • Compliance and protection
  • To create aggregated, de-identified and/or anonymized data
  • Data sharing in the context of corporate events
  • Further uses
  • Affiliates
  • Third-party service providers
  • Partners
  • Entities to which we provide products and services
  • Advertising partners
  • Social media platforms and other information/referral sources
  • Professional advisors
  • Authorities and others
  • Business transferees
  • Other users and the public
  • Advertising partners (to facilitate online advertising)
  • Partners
Demographic information
  • Identifiers (online)
  • Identifiers (other)
  • California customer records
  • Delivery, personalization, and improvement of our products and services
  • Marketing and advertising
  • Compliance and protection
  • To create aggregated, de-identified and/or anonymized data
  • Data sharing in the context of corporate events
  • Further uses
  • Affiliates
  • Third-party service providers
  • Partners
  • Entities to which we provide products and services
  • Advertising partners
  • Social media platforms and other information/referral sources
  • Professional advisors
  • Authorities and others
  • Business transferees
  • Other users and the public
  • Advertising partners (to facilitate online advertising)
  • Partners
Account Information
  • Identifiers (online)
  • Identifiers (other)
  • Commercial information
  • California customer records
  • Delivery, personalization, and improvement of our products and services
  • Marketing and advertising
  • Compliance and protection
  • To create aggregated, de-identified and/or anonymized data
  • Data sharing in the context of corporate events
  • Further uses
  • Affiliates
  • Third-party service providers
  • Partners
  • Entities to which we provide products and services
  • Advertising partners
  • Professional advisors
  • Authorities and others
  • Business transferees
  • Other users and the public
  • Advertising partners (to facilitate online advertising)
  • Partners
Communications information
  • Identifiers (online)
  • Identifiers (other)
  • Commercial information
  • California consumer records
  • Internet or Network Information
  • Delivery, personalization, and improvement of our products and services
  • Marketing and advertising
  • Compliance and protection
  • To create aggregated, de-identified and/or anonymized data
  • Data sharing in the context of corporate events
  • Further uses
  • Affiliates
  • Third-party service providers
  • Partners
  • Entities to which we provide products and services
  • Advertising partners
  • Professional advisors
  • Authorities and others
  • Business transferees
  • Other users and the public
  • Advertising partners (to facilitate online advertising)
  • Partners
Transactional and payment information
  • Commercial information
  • California consumer records
  • Financial information
  • Delivery, personalization, and improvement of our products and services
  • Marketing and advertising
  • Compliance and protection
  • To create aggregated, de-identified and/or anonymized data
  • Data sharing in the context of corporate events
  • Further uses
  • Affiliates
  • Third-party service providers
  • Partners
  • Entities to which we provide products and services
  • Advertising partners
  • Professional advisors
  • Authorities and others
  • Business transferees
  • Other users and the public
  • Advertising partners (to facilitate online advertising)
  • Partners
Marketing information
  • Identifiers (online)
  • Identifiers (other)
  • Commercial information
  • California customer records
  • Internet or Network Information
  • Delivery, personalization, and improvement of our products and services
  • Marketing and advertising
  • Compliance and protection
  • To create aggregated, de-identified and/or anonymized data
  • Data sharing in the context of corporate events
  • Further uses
  • Affiliates
  • Third-party service providers
  • Professional advisors
  • Authorities and others
  • Business transferees
  • Advertising partners (to facilitate online advertising)
  • Partners
User-generated content
  • Sensory Information
  • California consumer records
  • Delivery, personalization, and improvement of our products and services
  • Marketing and advertising
  • Compliance and protection
  • To create aggregated, de-identified and/or anonymized data
  • Data sharing in the context of corporate events
  • Further uses
  • Affiliates
  • Third-party service providers
  • Partners
  • Entities to which we provide products and services
  • Advertising partners
  • Professional advisors
  • Authorities and others
  • Business transferees
  • Other users and the public
  • None
Promotion information
  • Identifiers (online)
  • Identifiers (other)
  • Commercial information
  • California customer records
  • Internet or Network Information
  • Delivery, personalization, and improvement of our products and services
  • Marketing and advertising
  • Compliance and protection
  • To create aggregated, de-identified and/or anonymized data
  • Data sharing in the context of corporate events
  • Further uses
  • Affiliates
  • Third-party service providers
  • Professional advisors
  • Authorities and others
  • Business transferees
  • Advertising partners (to facilitate online advertising)
  • Partners
App, browser, and device information
  • Identifiers (other)
  • Internet or Network Information
  • Delivery, personalization, and improvement of our products and services
  • Marketing and advertising
  • Compliance and protection
  • To create aggregated, de-identified and/or anonymized data
  • Data sharing in the context of corporate events
  • Further uses
  • Affiliates
  • Third-party service providers
  • Partners
  • Entities to which we provide products and services
  • Advertising partners
  • Professional advisors
  • Authorities and others
  • Business transferees
  • Other users and the public
  • Advertising partners (to facilitate online advertising)
  • Partners
Usage and activity information
  • Identifiers (other)
  • Commercial information
  • Internet or Network Information
  • Delivery, personalization, and improvement of our products and services
  • Marketing and advertising
  • Compliance and protection
  • To create aggregated, de-identified and/or anonymized data
  • Data sharing in the context of corporate events
  • Further uses
  • Affiliates
  • Third-party service providers
  • Partners
  • Entities to which we provide products and services
  • Advertising partners
  • Professional advisors
  • Authorities and others
  • Business transferees
  • Other users and the public
  • Advertising partners (to facilitate online advertising)
  • Partners
Communication interaction information
  • Identifiers (online)
  • Identifiers (other)
  • Commercial information
  • California consumer records
  • Internet or Network Information
  • Delivery, personalization, and improvement of our products and services
  • Marketing and advertising
  • Compliance and protection
  • To create aggregated, de-identified and/or anonymized data
  • Data sharing in the context of corporate events
  • Further uses
  • Affiliates
  • Third-party service providers
  • Partners
  • Entities to which we provide products and services
  • Advertising partners
  • Professional advisors
  • Authorities and others
  • Business transferees
  • Other users and the public
  • Advertising partners (to facilitate online advertising)
  • Partners
Information derived from the above
  • Inferences
  • Delivery, personalization, and improvement of our products and services
  • Marketing and advertising
  • Compliance and protection
  • To create aggregated, de-identified and/or anonymized data
  • Data sharing in the context of corporate events
  • Further uses
  • Affiliates
  • Third-party service providers
  • Advertising partners
  • Professional advisors
  • Authorities and others
  • Business transferees
  • Business and marketing partners
  • Advertising partners (to facilitate online advertising)
  • Partners
Other Sensitive Personal Information
We do not intentionally collect this information, but it may be revealed in identity data or other information we collect.
  • Protected Classification Characteristics
  • Delivery, personalization, and improvement of our products and services
  • Compliance and protection
  • Data sharing in the context of corporate events
  • Further uses
  • N/A
  • None

Additional information for Nevada residents

Nevada residents have the right to opt-out of the sale of certain personal information for monetary consideration. While we do not currently engage in such sales, if you are a Nevada resident and would like to make a request to opt out of any potential future sales, please email KohlerGlobalDataPrivacy@kohler.com.

Contact Us

If you have questions or concerns about our privacy policies or information practices, please contact us using the contact details set forth in How to Contact Us, in the full notice tab.

 

Supplemental Notice for European Union and United Kingdom

GENERAL

Where this Notice applies. The information provided in this Notice for European Residents ("European Notice") applies only to individuals in the United Kingdom and the European Economic Area (i.e., "Europe" as defined at the top of this Privacy Notice).

Personal information. References to "personal information" in this Privacy Notice should be understood to include a reference to "personal data" as defined in the "GDPR" (i.e., the General Data Protection Regulation 2016/679 ("EU GDPR") and the EU GDPR as it forms part of UK law ("UK GDPR"). That is, information about individuals from which they are directly identified or can be identified.

Controller. The specific company identified on this page as being the operator of this website is the data controller in the meaning of the General Data Protection Regulation for the processing activities described in this Privacy Notice.

In the course of our business relationship with you, we may share business partner contact information with affiliated Kohler companies. We and these companies are jointly responsible for the proper protection of your personal data (Art. 26 General Data Protection Regulation). To allow you to effectively exercise your data subject rights in the context of this joint controllership, we entered into an agreement with these Kohler companies granting you the right to centrally exercise your data subject rights under the Account Actions Information section of this Privacy Notice.

Our legal bases for processing

In respect of each of the purposes for which we use your personal information, the GDPR requires us to ensure that we have a "legal basis" for that use.

Our legal bases for processing your personal information described in this Privacy Notice are listed below.

  • Where we need to perform a contract, we are about to enter into or have entered into with you ("Contractual Necessity").
  • Where it is necessary for our legitimate interests and your interests and fundamental rights do not override those interests ("Legitimate Interests"). More detail about the specific legitimate interests pursued in respect of each Purpose we use your personal information for is set out in the table below.
  • Where we need to comply with a legal or regulatory obligation ("Compliance with Law").
  • Where we have your specific consent to carry out the processing for the Purpose in question ("Consent").

We have set out below the legal bases we rely on in respect of the relevant purposes for which we use your personal information – for more information on these purposes and the data types involved, see 'How Kohler Uses Your Personal Information'.

Purpose Categories of personal information involved Legal basis
Delivery, personalization and improvement of our products and services
  • Personal or business contact information
  • Demographic information
  • Communications information
  • Information from analytics providers
  • App, browser and device information
  • Usage and activity information
  • Communication interaction information
  • Cookies and similar technologies
  • Contractual Necessity to deliver the products or services which we have agreed to provide you with
  • Legitimate Interests. We have a legitimate interest in providing you with a good service, and in ensuring that our products and services are tailored to your needs and interests
  • Consent, in respect of any optional cookies used for this purpose
Marketing and advertising
  • Personal or business contact information
  • Demographic information
  • Communications information
  • Marketing information
  • Cookies and similar technologies
  • Communication interaction information
  • Legitimate Interests. We have a legitimate interest in promoting our operations and goals as an organisation and sending marketing communications for that purpose
  • Consent, in circumstances or in jurisdictions where consent is required under applicable data protection laws to the sending of any given marketing communications
Compliance and protection
  • Personal or business contact information
  • Demographic information
  • Compliance with Law
  • Legitimate Interests. Where Compliance with Law is not applicable, we have a legitimate interest in participating in, supporting, and following legal process and requests, including through co-operation with authorities. We may also have a legitimate interest in ensuring the protection, maintenance, and enforcement of our rights, property, and/or safety
Data sharing in the context of corporate events
  • Any and all data types relevant in the circumstances
  • Legitimate Interests. We have a legitimate interest in sharing personal information in the context of certain corporate events to ensure the continuity of our products and services and the ongoing operation of our business.
To create aggregated, de-identified and/or anonymized data
  • Any and all data types relevant in the circumstances
  • Legitimate Interests. We have a legitimate interest in taking steps to ensure that how we use Personal Data is as un-privacy intrusive as possible. We believe it is also in your interests that we take these privacy protective steps.
Further uses
  • Any and all data types relevant in the circumstances
  • The original legal basis relied upon, if the relevant further use is compatible with the initial purpose for which the personal information was collected
  • Consent, if the relevant further use is not compatible with the initial purpose for which the personal information was collected

ADDITIONAL INFORMATION

No Automated Decision-Making and Profiling. As part of our services, we do not engage in automated decision-making and/or profiling, which produces legal or similarly significant effects.

Your rights

General. The GDPR gives you certain rights regarding your personal information. If you are located in Europe, you may ask us to take the following actions in relation to your personal information that we hold:

  • Access. Provide you with information about our processing of your personal information and give you access to your personal information.
  • Correct. Update or correct inaccuracies in your personal information.
  • Delete. Delete your personal information where there is no good reason for us continuing to process it - you also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
  • Transfer. Transfer a machine-readable copy of your personal information to you or a third party of your choice.
  • Restrict. Restrict the processing of your personal information, for example if you want us to establish its accuracy or the reason for processing it.
  • Object. Object to our processing of your personal information where we are relying on Legitimate Interests – you also have the right to object where we are processing your personal information for direct marketing purposes.
  • Withdraw Consent. When we use your personal information based on your consent, you have the right to withdraw that consent at any time.

Exercising These Rights. You may submit these requests by email to KohlerGlobalDataPrivacy@kohler.com. You may also submit requests to exercise your right to information/know, access, appeal, correction, or deletion at https://kohler.service-now.com/gdp/form.do. We may request specific information from you to help us confirm your identity and process your request. Whether or not we are required to fulfill any request you make will depend on a number of factors (e.g., why and how we are processing your personal information), if we reject any request you may make (whether in whole or in part) we will let you know our grounds for doing so at the time, subject to any legal restrictions.

Your Right to Lodge a Complaint with your Supervisory Authority. In addition to your rights outlined above, if you are not satisfied with our response to a request you make, or how we process your personal information, you can make a complaint to the data protection regulator in your habitual place of residence.


DATA PROCESSING OUTSIDE EUROPE

We are a U.S.-based company and many of our service providers, advisers, partners or other recipients of data are also based in the U.S. This means that, if you use our service, your personal information will necessarily be accessed and processed in the U.S. It may also be provided to recipients in other countries outside Europe. Where we share your personal information with third parties who are based outside Europe, we try to ensure a similar degree of protection is afforded to it by making sure one of the following mechanisms is implemented:

  • Transfers to territories with an adequacy decision. We may transfer your personal information to countries or territories whose laws have been deemed to provide an adequate level of protection for personal information by the European Commission or UK Government (as and where applicable) (from time to time), or under specific adequacy frameworks approved by the European Commission or UK Government (as and where applicable) (from time to time), such as the EU-U.S. Data Privacy Framework or the UK Extension thereto.
  • Transfers to territories without an adequacy decision.
    • We may transfer your personal information to countries or territories whose laws have not been deemed to provide such an adequate level of protection.
    • However, in these cases:
      • we may use specific appropriate safeguards, which are designed to give personal information effectively the same protection it has in Europe – for example, standard-form contracts approved by relevant authorise for this purpose; or
      • in limited circumstances, we may rely on an exception, or 'derogation', which permits us to transfer your personal information to such country despite the absence of an 'adequacy decision' or 'appropriate safeguards' – for example, reliance on your explicit consent to that transfer.

You may contact us at KohlerGlobalDataPrivacy@kohler.com or through any of the mechanisms listed in the "How to Contact Us" Section of the main notice if you want further information on the specific mechanism used by us when transferring your personal information out of Europe.


 

SUPPLEMENTAL NOTICE FOR BRAZIL

Where Brazil’s Privacy Notice applies

The information provided below applies only to individuals in Brazil.

Personal information. References to “personal information” in this Privacy Notice should be understood to include a reference to “personal data” as defined by Law no. 13,709/2018 (General Data Protection Law – "LGPD"). That is, information about individuals from which they are directly identified or can be identified.

Controller. The company identified as being the operator of this website is the data controller according to LGPD for the processing activities described in this Privacy Notice.

Data Protection Officer (“DPO”). Person named by the Controller and Processor to act as a channel of communication between the Controller, the subjects of such data and the National Data Protection Authority ("ANPD")

In the course of our business relationship with you, we may share your contact information with affiliated Kohler companies. We will be jointly responsible for the proper protection of your personal data. To allow you to effectively exercise your data subject rights in the context of this joint controllership, we will enter into an agreement with the affiliated Kohler companies granting you the right to centrally exercise your data subject rights under "Your Rights" found in the section below.


Collection of your Personal Information

We obtain your personal data through our website or through other forms of contact and interaction with the public. Your data may be obtained when you provide it to us, for example, when registering on our websites. We may also obtain your personal data through indirect means, such as through the collection of cookies and other features on our website.


Use of Personal Information and Legal Bases for Processing

In respect of each of the purposes for which we use your personal information, the LGPD requires us to ensure that we have a "legal basis" for that use.

Our legal bases for processing your personal information described in this Privacy Notice are listed below.

  • When we need to celebrate a contract with you ("Execution of a Contract").
  • When it is necessary for our legitimate interests and on behalf of your interests and fundamental rights ("Legitimate Interests").
  • When we need to comply with a legal or regulatory obligation ("Compliance with Law").
  • When we have your specific consent to process your personal data ("Consent").

We have outlined below the legal grounds we rely on for the specific purposes for which we use your personal information – for more information, please access How Kohler Uses Your Personal Information.

Purpose Categories of personal information involved Legal basis
Delivery, personalization and improvement of our products and services
  • Personal or business contact information
  • Demographic information
  • Information from analytics providers
  • App, browser and device information
  • Usage and activity information
  • Communication interaction information
  • Cookies and similar technologies
  • Execution of a Contract to provide the products or services we have agreed to deliver to you.
  • Legitimate Interests. We have a legitimate interest in delivering excellent service and ensuring our products and services are customized to meet your specific needs and preferences.
  • Consent, regarding any optional cookies used for this purpose.
Marketing and advertising
  • Personal or business contact information
  • Demographic information
  • Marketing information
  • Cookies and similar technologies
  • Communication interaction information
  • Legitimate Interests. We have a legitimate interest in advancing our organization's objectives and promoting our operations, which includes sending marketing communications for this purpose.
  • Consent. In cases or jurisdictions where applicable data protection laws require consent, we will seek your consent before sending any marketing communications.
Compliance and protection
  • Personal or business contact information
  • Demographic information
  • Compliance with the Law.
  • Legitimate Interests. When Compliance with Law is not applicable, we have a legitimate interest in participating in, supporting, and adhering to legal processes and requests, including cooperation with authorities. Additionally, we have a legitimate interest in protecting, maintaining, and enforcing our rights, property, and safety.
Data sharing in the context of corporate events
  • Any and all data types relevant in the circumstances
  • Legitimate Interests. We have a legitimate interest in sharing personal information during certain corporate events to ensure the continuity of our products, services, and the ongoing operation of our business.
To create aggregated, de-identified and/or anonymized data
  • Any and all data types relevant in the circumstances
  • Legitimate Interests. We have a legitimate interest in minimizing privacy intrusion when using personal data, and we believe it is also in your interest that we take these privacy-protective steps.
Further uses
  • Any and all data types relevant in the circumstances
  • The original legal basis will be relied upon if any further use of personal information is compatible with the initial purpose for which it was collected. Consent will be required if any further use of personal information is incompatible with the original purpose for which it was collected.

Kohler will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.


Sharing Personal Information

Kohler may disclose your personal information to a third party, when necessary. When we disclose personal information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract.

We may disclose your personal information to the following categories of third parties:

  • Service providers;
  • Our affiliates;
  • Third parties to whom you authorize us to disclose your personal information in connection with products or services we provide you; and
  • To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.


International Transfers of Personal Information

We are a U.S.-based company and many of our service providers, advisers, partners or other recipients of data are also based in the U.S. This means that, if you use our service, your personal information will necessarily be accessed and processed in the U.S. It may also be provided to recipients in other countries outside Brazil. When we share your personal information with third parties who are based outside Brazil, we try to ensure compliance with the principles, rights of the data subject and the data protection regime provided by the LGPD, making sure one of the following mechanisms is implemented:

  • Transfers to territories with an adequacy decision. We may transfer your personal information to countries or territories whose laws have been deemed to provide an adequate level of protection for personal information by the ANPD.
  • Transfers to territories without an adequacy decision.
    • We may transfer your personal information to countries or territories whose laws have not been deemed to provide such an adequate level of protection.
    • However, in these cases:
      • we may use specific appropriate safeguards, which are designed to give personal information effectively the same protection it has in Brazil – for example, standard contractual clauses, specific contractual clauses for a given transfer or binding corporate rules;
      • in limited circumstances, we may rely on an exception, or 'derogation', which permits us to transfer your personal information to such country despite the absence of an 'adequacy decision' or 'appropriate safeguards' – for example, reliance on your explicit consent to that transfer.

You may contact us at KohlerGlobalDataPrivacy@kohler.com if you want further information on the specific mechanism used by us when transferring your personal information out of Brazil.

Brazil's Privacy Notice supplements the information contained in Kohler's global privacy notice published at https://www.kohlercompany.com/privacy/. This Notice applies to data processing activities in Brazil and/or that involve individuals located in Brazil. We have adopted this Notice in compliance with the LGPD, and any terms defined under the LGPD will carry the same meaning when used in this Notice.


Storage and Deletion of Personal Information

We securely store your personal data in compliance with applicable security standards and in a way that ensures your ability to exercise the rights granted under privacy and data protection laws. Some of the technical and administrative measures we use to protect your information are (encryption data both at rest and in transit, multi-factor authentication (MFA), Firewalls).

Kohler will only store your personal data for as long as necessary to fulfill the purpose for which it was collected, including compliance with applicable laws, regulations and court orders. Upon termination of processing activities, Kohler will securely delete the data if there is no legal basis to justify its storage.


Your Rights

The LGPD gives you certain rights regarding your personal information. The LGPD gives you certain rights regarding your personal information. We highlight that in cases provided for in art. 3º of the LGPD, this law will be fully applicable and its provisions will prevail, especially for Brazilian citizens, in the event of any conflicts between different laws. Therefore, you may ask us to comply with your requests, including:

  • Confirmation of the existence of processing;
  • Access;
  • Rectification;
  • Anonymization, redaction or elimination of unnecessary or excessive personal data, or of data that is not being processed in compliance with LGPD;
  • Portability;
  • Deletion of personal data being processed based upon consent;
  • Disclosure of subprocessors and other third parties with whom personal data is shared;
  • Information about consent choices and the consequences of refusing consent; and
  • Revocation of consent.


Exercising These Rights

You may submit these requests by email to KohlerGlobalDataPrivacy@kohler.com. You may also submit requests to exercise your right to information/know, access, appeal, correction, or deletion at https://kohler.service-now.com/gdp/form.do. We may request specific information from you to help us confirm your identity and process your request. Whether or not we are required to fulfill any request you make will depend on a number of factors (e.g., why and how we are processing your personal information), if we reject any request you may make (whether in whole or in part) we will let you know our grounds for doing so at the time, subject to any legal restrictions.

Your Right to File a Complaint with ANPD. In addition to your rights outlined above, if you are not satisfied with our response, or how we process your personal information, you can make a complaint to ANPD through the link https://www.gov.br/anpd/pt-br/canais_atendimento/cidadao-titular-de-dados/denuncia-peticao-de-titular.


Data Protection Officer ("DPO")

Please find below the contact information of our DPO. If you have any questions or complaints about the processing of personal data carried out by KOHLER, please contact our DPO directly:


 

SUPPLEMENTAL NOTICE FOR CANADA

Canada's Personal Information and Electronic Document Act (PIPEDA) defines the use and disclosure of personal information. It provides Canadian residents more control over how their personal information is used when engaging in commercial activities. Residents are provided with the right to access their personal information and the right to challenge its accuracy.

All personal information is collected and processed in accordance with our privacy notice. If you have questions regarding how your personal data is processed, you may contact us by email at KohlerGlobalDataPrivacy@kohler.com. You may also submit requests to exercise your right to information/know, access, appeal, correction, or deletion at Subject Access Request form.

As a Canadian resident, you have to be given the right to provide meaningful consent when businesses or organizations are collecting or using your information. Here are your rights:


Right to Access

You have a right to request and access any personal information we have of you


Right to Correct

You have the right to correct any inaccurate or outdated personal information we hold about you or delete any inaccurate information


Withdraw Consent

You have the right to withdraw consent on any activities which you have not consented on such as direct marketing or cookies, or delete any user generated content you have posted on our website


 

SUPPLEMENTAL NOTICE FOR CHINA

This China Privacy Notice and Kohler's Terms and Conditions on Handling Client information will also apply to the extent that you have any dealings with, or provide personal information to, any, Kohler entity or, to the extent that any data protection law in China applies or, any of their affiliates (or affiliates of Kohler, Co) from time to time. It does not replace the Privacy Notice or Kohler's and Conditions Handling Client information. To the extent that this addendum is inconsistent with the global privacy notice, this addendum shall prevail. To the extent that this addendum, the Privacy Notice or Kohler's China Terms and Conditions time on Handling Client Information are inconsistent with applicable laws and regulations, they shall be deemed amended to the extent required to comply with such applicable laws and regulations.


Definitions of Personal Information and Sensitive Personal Information

Personal Information is various information that is recorded electronically or by other means and is related to an identified or identifiable natural person, excluding anonymized information. Sensitive Personal Information is Personal Information which, once leaked or illegally used, would easily hurt a natural person's human dignity or cause harm to personal or property safety, including information regarding such as biometrics, religious beliefs, specially designated identities, medical health, financial accounts, and location tracking, as well as the Personal Information of minors under the age of 14.


Your Rights Relating to Personal Information

The following are your individual rights and to practice any of these rights, please contact us at KohlerGlobalDataPrivacy@kohler.com, or https://kohler.service-now.com/gdp/form.do.
To the extent permitted by applicable laws and regulations:

  • You have the right to know what personal information is handled
  • You have the right to know how your personal information is handled
  • You have right to access your personal information
  • You have a right to ask for your personal information to be corrected or supplemented
  • You have a right to ask to limit or reject processing of your personal information or to delete your personal information
  • You have a right to opt-out of automated decision making for push notifications or automated decision making for any marketing purposes; for automated decisions made on matters that have an important impact on personal rights and interests, you have a right to know how they are made and you have a right to reject purely automated decisions on such matters.
  • You have the right to withdraw consent to personal information processing

Revocation of Consent

You have the right to withdraw your consent to process Personal Information at any time if your consent is the lawful basis for our processing. To exercise this right please send an email to KohlerGlobalDataPrivacy@kohler.com and practice the right to opt-out.


Separate Consent

We will ask for consent under the following circumstances unless we have a Non-Consent Lawful Basis:

  • Your Sensitive Personal Information is handled;
  • Your Personal Information is transferred outside of China
  • Your Personal Information is provided to a third party
  • Your Personal Information is publicly disclosed
  • Handing personal information under the age of 14 a parent or guardian's consent is required

A Non-Consent Lawful Basis means one of the following circumstances: (i) our processing of your Personal Information is necessary for entering into or performing a contract to you, or for human resource management according to lawfully developed labor policies and lawfully signed collective contracts; (ii) our processing of Personal Information is necessary for carrying out our legal responsibilities or legal obligations; (iii) our processing of Personal Information is necessary in response to a public health emergency or for protecting a natural person's life, health and property safety in an emergency; (iv) we process Personal Information to a reasonable extent in carrying out activities for public interests; (v) we process your Personal Information that has been published by you or otherwise has been published legitimately to a reasonable extent and in compliance with applicable laws and regulations; or (vi) other circumstances as provided by applicable laws or regulations.


Transfer of Personal Information Overseas

  • We are not allowed to transfer your personal information outside of China unless we have a lawful basis to do so, and unless we have a Non-Consent Lawful Basis for transferring your Personal Information overseas, we will request your your explicit consent for the transfer to take place
  • We will keep records of the transfer we make