TDW Access

Privacy Policy

1. About Us

T.D. Williamson, Inc., and its affiliates (collectively, the "Company," "we," or "us") respect your privacy and are committed to protecting it through compliance with this Privacy Policy (this "Policy"). When you visit https://www.tdwilliamson.com/ (the "Website"), this Policy governs the types of information we may collect from you or that you may provide and our practices for collecting, using, and disclosing that information.

More details of the entities involved are in Section 4 below. Please review this Policy carefully before using any part of the Website.

2.1    Personal Data

"Personal data" is any information about an identifiable individual. In practice, these include all data that is related to a person in any way. For example, your name, email address, postal address, phone number, I.P. address, device identifiers, browsing history, online activity, telephone, credit card or personnel number, account data, customer number, or address are all personal data. We use the more informal term “personal information” in this Policy to mean “personal data”.

As data controllers, we respect your right to privacy and will only process your personal information by applicable data protection laws and as described in this Policy.

We may revise and update this Policy occasionally at our sole discretion. It is your responsibility to check for updates to this Policy regularly. We will inform you of any change if reasonably possible. If you disagree with this Policy, please discontinue using the Website. We last updated the Website on January 18, 2023.

2.2 Data Processing

2.2.1 Personal Data We Collect About You.

The personal data we collect about you depends on the products and services we provide. We will collect and use the following personal data you provide:

  • Contact information (name, email address, phone number);
  • Demographic information (age, gender, location);
  • Financial information (payment methods, billing details); and
  • Content you provide (reviews, comments, photos).

We also collect data as described in our [HYPERLINK COOKIE POLICY], including but not limited to:

  • Usage data (browsing history, search queries, clicks); and
  • Device information (I.P. address, device type, operating system)

2.2.1    How and why we use your personal data:

Under data protection law, we can only use your personal data if we have a proper reason, such as:

  • Where you have given consent;
  • To comply with our legal and regulatory obligations;
  • For the performance of a contract with you or to take steps at your request before entering into a contract; or,
  • For our legitimate interests or those of a third party.

A legitimate interest is when we have a business or commercial reason to use your personal information, as long as your rights and interests do not override this. Our legitimate interests are those where we have implemented sufficient checks and protections to ensure that your rights and interests are not unreasonably intruded on.

However, you can object to processing based on legitimate interests. If you do so, we will stop processing the personal information unless we can show compelling, legitimate grounds that override your rights and interests, or we need the data to establish, exercise, or defend legal claims.

The table below explains what we use your personal data for and why.

What We Use Your Personal Information ForOur Reasons
Providing products and services to youTo perform our contract with you or to take steps at your request before entering into an agreement.
Preventing and detecting fraud against you or usFor our legitimate interest, i.e., to minimize fraud that could be damaging for you or us
Conducting checks to identify our customers and verify their identity. Screening for financial and other sanctions or embargoes. Other activities necessary to comply with legal and regulatory obligations that apply to our business (e.g., under health and safety law)Depending on the circumstances:
—to comply with our legal and regulatory obligations
—for our legitimate interests
To enforce legal rights or defend or undertake legal proceedingsDepending on the circumstances:
—to comply with our legal and regulatory obligations;
—in other cases, for our legitimate interests, i.e., to protect our business, interests, and rights
Gathering and providing information required by or relating to audits, inquiries, or investigations by regulatory bodiesTo comply with our legal and regulatory obligations
Ensuring business policies are adhered to, e.g., policies covering security and Internet useFor our legitimate interests, i.e., to make sure we are following our internal procedures so we can deliver the best service to you
Operational reasons, such as improving efficiency, training, and quality controlFor our legitimate interests, i.e., to be as efficient as we can so we can deliver the best service to you at the best price
Ensuring the confidentiality of commercially sensitive informationDepending on the circumstances:
—for our legitimate interests, i.e., to protect trade secrets and other commercially valuable information;
—to comply with our legal and regulatory obligations
Statistical analysis to help us manage our business, e.g., about customer base, product range, or other efficiency measuresFor our legitimate interests, i.e., to be as efficient as possible to deliver the best service to you at the best price.
Preventing unauthorized access and modifications to systemsDepending on the circumstances:
—for our legitimate interests, i.e., to prevent and detect criminal activity that could be damaging for you or us;
—to comply with our legal and regulatory obligations
Protecting the security of systems and data used to provide the goods and servicesTo comply with our legal and regulatory obligations. We may also use your personal data to ensure systems and data security to a standard that goes beyond our legal obligations. In those cases, our reasons are for our legitimate interests, i.e., to protect systems and data and to prevent and detect criminal activity that could damage you or us.
Updating and enhancing customer recordsDepending on the circumstances: —to perform our contract with you or to take steps at your request before entering into a contract; —to comply with our legal and regulatory obligations; —for our legitimate interests, e.g., making sure that we can keep in touch with our customers about existing orders and new products
Ensuring safe working practices, staff administration, and assessmentsDepending on the circumstances:
—to comply with our legal and regulatory obligations;
—for our legitimate interests, e.g., to make sure we are following our internal procedures and efficiently working so we can deliver the best service to you
Marketing our services to:
—existing and former customers;
—third parties who have previously expressed an interest in our services;
—third parties with whom we have had no previous dealings.		For our legitimate interests, i.e., to promote our business to existing and former customers.
3. Children Under the Age of 16

We do not intend the Website for children under 16 years of age. No one under the age of 16 may provide any information to us. We do not knowingly collect personal information from children under 16. If you are under 16, do not use or provide any information on the Website or provide any information about yourself to us, including, without limitation, your name, address, online contact information (including email address), telephone number, persistent identifiers that someone can use to recognize a user over time and across different websites or online services, geolocation information or any other personal information. If we learn we have collected or received personal information from a child under 16 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 16, please get in touch with us so that we can delete that data.

4. Disclosure of Your Information
4.1. Principle

We will not disclose your personal information to any third party except as described in this Policy. Communicating via the Internet and sending information, products, and services to you by other means involves your personal information passing through or being handled by third parties. Still, we do not sell or distribute your personal information to third parties to allow them to market their products and services to you without your consent. You should read our Cookie Policy to see how we share personal information.

4.2. Exceptions

We may disclose aggregated and non-personal information about our users without restriction.

We may disclose personal information that we collect or you provide as follows:

  • To our subsidiaries and affiliates, including around the world, which may involve transfer from countries within the European Economic Area ("EEA") to countries outside the EEA (see below at “10. Data Transfers”);

  • To contractors, service providers, and other third parties we use to support our business; and

  • To different organizations associated with our Website and other online tools. You can find out more details in our Cookie Policy.

Also, we employ agents to perform functions on our behalf. Examples include fulfilling order deliveries, sending postal mail and email, removing repetitive information from customer lists, analyzing data, providing marketing assistance, processing payments, and providing customer support.Those agents have access to personal information needed to perform their functions but may not use it for other purposes:

  • To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us about our Website users is among the assets transferred Our customer database could be sold separately from the rest of the business, in whole or in several parts. Potential purchasers and their advisors may have limited access to personal information as part of the sale process;

  • To third parties to market their products or services, by your consent;

  • To fulfill a purpose set out by you; and

  • For any other purpose disclosed by us when you provide the information with your consent. We may also disclose your personal information for the following additional reasons:

  • To comply with any court order, law, or other legal process, including responding to any government or regulatory request, even if that request is based on the law of another country;

  • To enforce or apply our Terms of Use and other agreements, including for billing and collection purposes; or

  • If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of us, our customers, or others.

We are not responsible for the personal information you provide to other websites.

Be aware that the Website may contain hyperlinks to other websites not affiliated with or under the control of the Company. Any information you may submit through other websites is not subject to this Policy. We encourage you to review the privacy policy of each other Website you visit.

5. Applying to Work with Us

If you apply to work with us, we will use the information you supply to process your application and monitor recruitment statistics. We may also need to transfer your personal information outside your home country and to other entities in our group.

We may ask you to sign additional privacy and confidentiality terms if you apply for a job with us. Once a person has taken up employment with us, we will compile a file relating to his or her employment. At that stage, we will give more details about how we hold employee data and expect the employee to sign up for additional privacy terms as part of their employment.

If you apply to work with us through a third party, such as a recruitment consultant, please also check their privacy policy before proceeding. We do not encourage unsolicited approaches directly or from third parties – please do not send personal information to us unless you have read and agreed to this Policy.

We may retain details of candidates who may be of interest to us, either now or in the future, for up to one year. Please let us know if you would not like us to do that. Additionally, if your circumstances change – for example, you no longer wish to be considered by us for employment – please let us know.

We may use third parties to consider potential hires. We may also use technology platforms to help us with the recruitment process, such as Workday – please read their privacy policy.

We use LinkedIn as a means of recruitment – if you use that route, please read their privacy policy.

We may also verify details in your application and make what we consider reasonable and necessary background checks about you. These background checks may require a third party to contact you and obtain information.

6. Cookies and Other Tracking Technology

We may use cookies, web beacons, or other similar tracking technologies. These are used to assist with your Website navigation and may also be used for advertising.

You can erase or block these tracking technologies, although it may impair your full website functionality. Please see our Cookie Policy here for more details about what we do with cookies https://www.tdwilliamson.com/cookie-policy.

7. Notice to United States Residents

This Section applies to you if you ordinarily reside in the United States or otherwise enjoy its data privacy protections.

As of the issuance of this Policy, individual states generally regulate data privacy in the United States, and California has promulgated regulations commonly viewed as standard. Our Policy aligns with the California Consumer Privacy Act of 2018 (the "CCPA"), except to the extent that other, more stringent regulations apply. (Our understanding of state-level regulations applicable to you is available upon request in the email below.)

When applicable, the CCPA regulates the personal information we collect, where we obtain it, and with whom we may share it. When you use our Services, we may collect the following categories of Personal Information:

  • Identifiers, such as a name, address, unique personal identifier, email, phone number, your device's I.P. address, software, and identification numbers associated with your devices;

  • Commercial information, such as records of products or services purchased, obtained, or considered by you;

  • Internet or other electronic information regarding your browsing history, search history, the webpage visited before you came to our Site, length of visit and number of page views, click-stream data, locale preferences, your mobile carrier, date and time stamps associated with transactions, and system configuration information;

  • Your geolocation, to the extent you have configured your device to permit us to collect such information;

  • Audio recordings of your voice, to the extent you call us, as permitted under applicable law; and

  • Inferences about your preferences, characteristics, behavior, and attitudes.

We generally do not collect protected classifications about our users, biometric information, professional or employment-related information, or education-related information.

We collect Personal Information for "business purposes". The CCPA defines a "business purpose" as the use of Personal Information for the business's operational purposes or other notified purposes, provided the use of Personal Information is reasonably necessary and proportionate to achieve the purpose for which we collected the Personal Information or another operational purpose that is compatible with the context in which we collected the Personal Information.

The following activities are considered “business purposes” under the CCPA:

  • Auditing related to a current interaction with the consumer and concurrent transactions, and auditing compliance with laws and other standards;

  • Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity;

  • Performing services on behalf of the business, including maintaining or servicing accounts, providing customer service, verifying customer information;

  • Repairing errors that impair existing intended functionality;

  • Internal research for technological development; and

  • Verify or maintain the quality or safety of, and improve, upgrade, or enhance, a service or device that we own, manufacture, or control.

8. Security

We take what we consider to be reasonable, appropriate technical and organizational measures designed to safeguard the personal information that you provide to us against unauthorized or unlawful processing and accidental destruction, loss, or damage.

While no system is entirely secure, the measures implemented on the Website reduce our vulnerability to security problems to a level appropriate to the data type involved. We also have procedures to deal with any suspected data breach. We will notify you and any applicable regulator of a suspected data breach where we are legally required to do so.

However, it remains your responsibility:

Where you have a user account for this Website;

  • To log off or exit from the Website when not using it;

  • To ensure no one else uses the Website while your device is logged on to the Website, including by logging on to your device through a mobile, Wi-Fi, or shared access connection you are using;

  • To keep your password or other access information secret. Your password and login details are personal to you and should not be given to anyone else or used to provide shared access, for example, over a network. It would help if you used a password that is unique to your use of the Website – do not use the same password as you use for another Website or email account; and,

  • To maintain good internet security. For example, if your email or Facebook account is compromised, this could allow access to your account with us if you give us those details or permit access through those accounts. If your email account is compromised, it could be used to ask us to reset a password and gain access to your account with us. You should keep all of your account details secure. If you think that any of your accounts have been compromised, you should change your account credentials with us and, in particular, make sure any compromised account does not allow access to your account with us. You should also tell us as soon as possible so that we can help you keep your account secure and, if necessary, warn anyone else who could be affected.

The Website may contain links to third parties' websites. We are not responsible for those websites' privacy practices or content. Therefore, please read carefully any privacy policies on those links or websites before either agreeing to their terms or using those websites.

9. Data Retention

We or our service providers store your personal information to the extent necessary for the performance of our obligations and for the time needed to achieve the purposes for which the information is collected under applicable data protection laws.

Different retention periods apply to different types of personal data. When we no longer need to use your information, we will remove it from our systems and records under our records destruction protocols then in place or take steps to properly anonymize it so that you can no longer be identified from it (unless we need to keep your information to comply with legal or regulatory obligations to which we are subject).

10. Data Transfers

We may need to transfer your personal data from the EEA (which includes E.U. countries) and the U.K. to other countries, including the United States of America. In those cases, we will comply with applicable E.U. and U.K. laws designed to ensure the privacy of your personal data, and we will put in place what we consider to be appropriate security measures to safeguard your personal data where any transfer is made. If your personal data is transferred to us, including through a vendor, as regards the E.U., any transfer of your personal data will be subject to an EU-approved mechanism, and, as regards the U.K., any transfer of your personal data will be subject to a UK-approved mechanism.

11. Your Rights

You have the following rights as a data subject:

  • If you have given permission, we may contact you by mail, telephone, SMS, text/picture/video message, social media, and email about products, services, promotions, and special offers that may interest you. If you prefer not to receive any such direct marketing communications from us, you may "opt-out" of receiving marketing or promotional messages from us by following the instructions in those messages;
  • The right to access to personal information that we hold about you;
  • The right to ask us to update or correct any out-of-date or incorrect personal information that we hold about you;
  • The right to erasure where the conditions of Article 17 of the GDPR have been met;
  • The right to restriction of processing where the conditions of Article 18 of the GDPR have been met;
  • The right to data portability insofar as the conditions of Article 20 GDPR apply to you; the right to object to the processing of personal data concerning you insofar as the conditions under Article 21 GDPR have been met; and
  • The right to complain to a data protection regulator.

You can learn more about these rights in the E.U. by reading the General Data Protection Regulation here: https://eur-lex.europa.eu/eli/reg/2016/679/oj. You can find out more about these rights in the U.K. by reading the U.K. General Data Protection Regulation (UK GDPR) here https://www.legislation.gov.uk/eur/2016/679/contents (please also see the U.K. Information Commissioner Office's guidance here https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/).

You may additionally have certain rights under the CCPA:

  • The right of access and data portability;
  • The right to deletion;
  • The right to correction;
  • The right to limit the use and disclosure of sensitive information; and
  • The right to opt out.

You can learn more about the CCPA under the California Civil Code §1798.140. If you need help, wish to exercise the above rights, or have questions, please get in touch with us using the details below.

We will consider all such requests and respond as soon as possible. Please note, however, that certain conditions may apply to certain rights (as indicated above), and certain exemptions may apply in certain circumstances, including needing to keep processing your personal information for our legitimate interests or to comply with a legal obligation. Please note that we may request you provide us with the information necessary to confirm your identity. To exercise these rights, please refer to section 12 below.

12. Contact Us

If you have any complaints, queries, or questions about how we use your personal information, please get in touch with us using the contact details below. We will then contact you to see how we can help.

If you have a complaint about how we use your personal information, we would always prefer you to contact us first. However, you may also complain to the relevant data privacy regulator if you wish to do so. To get an E.U. data protection regulator, you can find their contact details here: https://edpb.europa.eu/about-edpb/about-edpb/members_en. About the U.K., the Information Commissioner's Office (ICO) can be contacted here: https://ico.org.uk/make-a-complaint/data-protection-complaints/data-protection-complaints/.

If you need to contact us or have any questions about this Policy, please get in touch with us at: Dataprivacy@tdwilliamson.com

If you have any questions about the Website, please contact:

T.D. Williamson,
Inc. Attention: Website Manager
6120 South Yale, Suite 1700
Tulsa, Oklahoma 74136
United States of America

Thank you for visiting the Website.