Data protection statement - Canyon Bicycles GmbH
Updated July, 2024
This Privacy Policy (the “Policy”) explains Canyon Bicycles USA, Inc.’s (“Canyon”) online information practices and the choices you can make about the way we collect and use your information. For purposes of this Policy, the terms “we,” “us,” and “our” refer to Canyon USA, Inc.. “You” or “your” refers to you, as a user of our services, including any use of our Site, https://www.canyon.com/en-us/ (the “Site”), whether operated by us or on our behalf (together, the “Services”). By using our Site or Services, you consent to our collection and use of this information consistent with this Policy. If we decide to change our Policy, we will post updates on the privacy section of the Site you so that you can make yourself aware of what information we collect, how we use it, and under what circumstances we disclose it.
In this Policy, “Personal Information” means any information about you that can, directly or indirectly, identify you. It does not include data that cannot identify you (anonymous or aggregated data).
This Policy describes
- Personal Information We Collect;
- How We Collect Your Personal Information;
- How We Use Your Personal Information;
- How We Share Your Personal Information With Third Parties;
- How We Protect Your Personal Information;
- Communications and Opt-Out
- Ability to Access, Update and Correct Personal Information;
- California Privacy Rights;
- Changes to the Policy;
- Questions About This Policy.
Personal information we collect
Canyon collects information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, to any individual or a household (“Personal Information”). Canyon also collects non-Personal Information that cannot be linked or associated with any individual person or household. When non-Personal Information is combined with other information so that it does identify an individual person, we treat that combination as Personal Information. We may collect, use, store and transfer different kinds of Personal Information about you, which we have grouped together as follows:
- Chat Feature When you interact with our Chat feature, we will ask for your name and email address. Any other personal information you provide is at your own discretion and not required for your use of the site or our services. We may combine the information we collect from you with other personal information we have about you as described in this Privacy Policy. Any information combined with personal information will be treated as personal information. We may maintain transcripts of chats and other written communications.
- Identifiers such as your first name, last name, alias, username or similar unique personal identifier, online identifier, and/or date of birth.
- Contact Information such as your billing address, delivery address, email address and telephone numbers.
- Financial Information such as bank account and routing numbers, credit or debit card information, payment details, or other payment information.
- Profile Data such as user name, password, details about the products you have purchased, payments you have made and/or other details of products and services you have purchased from us in the past, purchase or product preferences and size, bike club affiliation, social media information (such as your Instagram Handle), link to bike route, link to GPS file or attachments, giveaway participation, riding style preferences, feedback, survey responses, your participation in our promotional campaigns and contests, and other details of products or services you have purchased from us;
- Audio and Visual Information such as call recordings and videos.
- Technical Information such as internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our Site or Services.
- Usage Data includes information about how you use our Site and Services, such as statistics regarding the opening and clicking on emails sent by Canyon and activity on the site (pages viewed, products seen, abandoned baskets, etc.).
- Marketing and Communications Information such as marketing campaign data, click throughs, your preferences and consent in receiving marketing from us and our third parties, email and text communications, and your communication preferences.
- Other Personal Information On our Site, you can submit to us the Personal Information of other people. For example, if you order a gift online and want it sent directly to the recipient, you will need to submit the recipient’s address. In this circumstance, the types of Personal Information collected are the person’s: name, address, email address, and phone number.
If You Fail To Provide Personal Information. Where we need to collect Personal Information by law, or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with products or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.
Information You Provide To A Third Party. The Site may include links and plug-ins to websites operated by third parties such as Facebook, Twitter, YouTube and Instagram (“Third-Party Sites”). Canyon does not control any Third-Party Sites and is not responsible for any information they may collect. The information collection practices of a Third-Party Site are governed by its privacy policy. It is your choice to enter any Third-Party Site. We recommend that you read its privacy policy if you choose to do so.
Children’s Privacy. The Services are intended for adult use only and is not directed towards children, minors, or anyone under the age of 18. If you are under the age of 13, you are not authorized to provide us with any Personal Information. If the parent or guardian of a child under 13 believes that the child has provided us with any Personal Information, the parent or guardian of that child should contact us at the email address below and to have this Personal Information deleted from our files.
How we collect your personal information
Information You Provide To Us:
Canyon may collect Personal Information from you that you voluntarily provide to us in various ways, including, but not limited to:
- Place an order, purchase products from us or otherwise use our Site or establish and account;
- Submit product reviews, participate in cross-promotional campaigns, contests, surveys or raffles;
- Register to receive materials or communications from us, such as our newsletter;
- Call, email, or otherwise communicate with us; and
- Otherwise interact with the Site or use our Services.
Information We Collect When You Use Our Services
AUTOMATED TECHNOLOGIES OR INTERACTIONS.
As is true of most websites, we receive and store certain types of Personal Information whenever you interact with us online. This information may include internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and/or clickstream data. When you access and use our Services from your mobile devices, we receive data from that mobile device. This may include your device ID, location data, IP address and device type. You may manage how your mobile device and mobile browser share location information with us, as well as how your mobile browser handles cookies and related technologies by adjusting your mobile device privacy and security settings. We may also track the pages you visit, your preferences, and the products you purchase, browse, or save as a favorite. Please refer to instructions provided by your mobile service provider or the manufacturer of your device to learn how to adjust your settings.
COOKIES AND TRACKING TECHNOLOGIES.
You can easily update your cookie preferences by clicking on the “Manage Your Cookie Preferences” link. This will allow you to make any necessary changes. Manage Your Cookie Preferences
Cookies are small files that we or our service provider transfers to your computer’s hard drive through your web browser that enables us or our service provider’s systems to recognize your browser and capture and remember certain information. We use cookies to help us understand how users use the Services. For example, cookies gather information about how long you spend on a web page so that we can understand what web pages are of most interest to users. If you prefer, you can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off cookies by adjusting your browser settings. If you turn off your cookies, some of the features of the Site may not function properly.
Information We Collect From Third Parties
We collect Personal Information from various third parties, including those listed below. The collection, use, and disclosure of Personal Information received from third parties is governed by the privacy policies listed on the Site where the information was submitted by the user. Third parties may send their own cookies and pixel tags to you, and may collect information and use it in a way inconsistent with this Policy. Please carefully review these third-party privacy policies to understand how your information may be collected, used and disclosed by these third parties.
THIRD PARTY PARTNERS:
We collect Personal Information received from third party partners when we participate in co-sponsored promotional campaigns and discount partnerships for marketing purposes.
THIRD PARTY SERVICE PROVIDERS. We collect Personal Information from service providers including where we operate accounts on third-party platforms, such as platforms for payment processing, shipping, email, and social media.
THIRD PARTY ADVERTISING PARTNERS. We collect Personal Information received from third party advertising partners, including partners who host and manage various online advertisements.
GOOGLE ANALYTICS. We use third party cookies provided by Google Analytics to assist us in better understanding our Site visitors. These cookies collect IP address and usage data, such as the length of time a user spends on a page, the pages a user visits, and the Site a user visits before and after visiting our Site. Based on this information, Google Analytics compiles data about website traffic and interactions, which we use to offer better user experiences and tools in the future. For more information on Google Analytics, visit the Google Analytics privacy page at https://www.google.com/analytics/learn/privacy.html.
THIRD PARTY COOKIES. We engage third-party service providers, including but not limited to Google, Microsoft, Hotjar, Facebook, and Instagram, to serve ads to you about our products and services as you browse the Internet. These third-party providers may use their own cookies tags to track your online activities and purchases in order to deliver targeted advertising based on your interests. You can learn more about Google’s advertising cookies and opt-out options by visiting http://www.google.com/policies/technologies/types/. You can learn more about Facebook’s advertising cookies and opt-out options by visiting https://www.facebook.com/policy/cookies/. You can learn about Instagram’s advertising cookies and opt-out options by visiting https://help.instagram.com/1896641480634370?ref=ig. You can learn more about Microsoft’s advertising cookies and opt-out options by visiting https://about.ads.microsoft.com/en-us/resources/policies/personalized-ads. You can learn more about Hotjar’s advertising cookies and opt-out options by visiting https://help.hotjar.com/hc/en-us/articles/115011789248-Hotjar-Cookies.
Your ‘Do Not Track’ Browser Setting. Some web browsers incorporate a Do Not Track (“DNT”) feature that signals to the websites that you visit that you do not want to have your online activity tracked. At this time, our Site does not respond to DNT signals. Other third party websites may keep track of your browsing activities when they provide you with content, which enables them to customize what they present to you on their websites.
How we use your personal information
Personal Information is generally kept for our use in assisting you in your current or future purchases or in analyzing sales trends. We do not sell, rent or provide your "Personal Information" to third parties, except as described below. We will use the Personal Information that you provide us or we collect consistent with the terms of this Policy. We will primarily use your Personal Information for the business purpose of providing you with the products and Services you request, as well as the other business purposes detailed below.
- Providing Products and Services: We use Personal Information that you provide when placing an order primarily to complete that order and provide you with the products and services you request, including signing up for our newsletter. Personal Information from the order form is used to send orders, information about our company, and promotional material from some of our partners to you. Personal Information is also used to get in touch with you when necessary.
- Communication with you: To communicate with you in written, electronic, and verbal form, including through our call center, website forms and comments features about our products in connection with providing you with requested Services or to respond to your requests about the Site or Services. Electronic communications may also include SMS messages, which are subject to our SMS Terms and Conditions.
- Surveys: We sometimes use online surveys that ask you to voluntarily submit your Personal Information which usually includes contact information (typically your email address) and demographic information, such as age and gender. If you choose to submit this Personal Information, we use it to send you promotional material.
- Contests and cross-promotional campaigns: We periodically run contests on the Site in which we ask you to voluntarily submit selected Personal Information such as contact information (typically your email address) and demographic information If you choose to submit this Personal Information, we use it to send you our promotional material that we believe may be of interest to you, and at times, send it to some of our partners in order for them to send you promotional materials that may be of interest to you. Your Personal Information is also used to contact you when necessary in connection with the contests or promotional campaigns (i.e. if you win a contest). You may opt-out of receiving future mailings from our partners or us by following the directions in those mailings.
- Discount Based Partnerships: We periodically enter into discount-based partnerships with bicycle club members in which we ask those members to voluntarily submit selected Personal Information such as contact information for purposes of obtaining a discount code. If you choose to submit this Personal Information, we use it to send you our promotional material and at times, we may send it to some of our partners.
- Demographics: Demographic and profile data is also collected on the Site We use this information to tailor your experience on the site, showing you content that we think you might be interested in, and display the content according to your preferences.
- User Content: To the extent you submit a review of our products or Services, your review may be posted on our Site.
- Other Business Purposes:
- To maintain our service records;
- To monitor and analyze trends and usage of the Services and the Site in order to help us develop the design and layout of the Site and optimize your experience;
- To enhance the safety and security of our products and services, including by monitoring the warranty and recall status of the products;
- To provide you with invoices and process payments from you for the use of our products or Services, and for debt collection when necessary;
- For our internal marketing purposes, which include, but are not limited to, sending you material about products, services, updates, etc. that we think may be of interest to you, including special offers and updates, and service related announcements;
- To customize the advertising and content you see;
- To provide you with customer service or technical support;
- To verify your identity when necessary;
- To protect our interests, including establishing, exercising and defending legal rights and claims;
- As necessary to comply with legal requirements, to enforce the terms of our Terms of Service or Use Agreements, to prevent fraud, to co-operate with law enforcement and regulatory authorities, and to stop other prohibited, illegal, or harmful activities;
- To notify you of changes to the Site, Services, this Policy, or other information we think you will find valuable;
- For purposes disclosed at the time you provide your information or as otherwise set forth in this Policy.
We will only share your Personal Information with third parties in the ways that are described in this Policy.
WITH CONSENT:
We may share Personal Information with a third party with your consent. For example, you have the option to enroll in PayPal Credit which is an independent third-party payment service. If you choose to enroll in PayPal Credit, we will share your email address with PayPal Credit to facilitate the enrollment process. PayPal Credit’s subsequent use of this Personal Information will be governed by PayPal Credit’s Privacy Policy, available by following the link to “Terms and Conditions” at https://www.paypal.com/us/.
SERVICE PROVIDERS:
We also use Service Providers to perform certain services on our behalf, such as payment processing, performing credit checks, tracking website activity and analytics, debt collection, and performing other administrative services. We may provide them with access to Personal Information to carry out the services they are performing for you or for us. These Service Providers required to protect and secure your Personal Information with appropriate controls. Third-party analytics providers and other Service Providers may set and access their own tracking technologies on your device and they may otherwise collect or have access to information, potentially including Personal Information, about you.
MARKETING:
We may provide Personal Information to third parties, including those that we collaborate with to host contests or discount based partnerships or marketers for their marketing purposes.
We also allow certain third party advertising partners to place tracking technology such as cookies and pixels on our Site. This technology allows these advertising partners to receive information about your activities on our Site, which is then associated with your browser or device. These companies may use this data to serve you more relevant ads as you browse the internet. Under some state laws, sharing data for online advertising may be considered a “sale” of information.
BUSINESS TRANSACTIONS:
We may buy or sell subsidiaries or business units. Generally, in these transactions, customer information (including Personal Information) is a transferred asset. That information will remain subject to the then-existing Privacy Policy until or unless you provide consent for any updated use of your Personal Information. We reserve the right to transfer Personal Information in our possession in the event we go through a business transition, such as a merger, being acquired by another company, or selling a portion of our assets. Similarly, your Personal Information may be passed on to a successor-in-interest in the event of a reorganization, reconstruction, liquidation, bankruptcy or administration. Users will not be notified of any such change of ownership or control of their User Information.
USER DISCLOSURES:
Some Personal Information is disclosed as a matter of course as a result of your use of the Site. Any Personal Information shared using our Site or on another website (such as Facebook, Google, LinkedIn, Instagram, or Twitter) may become public information. You should exercise caution when disclosing information to third parties or in public forums. Content shared between users of our Site, including advice and opinions, represent the views and are the responsibility of those who post the content. We provide these forums as a convenience and do not endorse content posted. If you have any questions or comments about any content posted using our Site, please contact us at the address below. Users assume all responsibility for any loss of privacy or other harm resulting from their own voluntary disclosure of personal information in public forums.
LEGAL ENFORCEMENT:
We reserve the right to release account and Personal Information about you when we believe, in our sole discretion, that such release is appropriate to: (1) comply with the law, legal process, such as a subpoena; or in response to requests by government entities, such as law enforcement requests; (2) protect and defend our rights, property, safety, or other interests including those of our parent company, subsidiaries, customers, shareholders, or others; (3) protect against fraud, misuse or unauthorized use of our Site and to enforce or apply our Terms & Conditions of site Use ("Terms") and other agreements; (4) when we believe disclosure is necessary or appropriate to prevent physical, financial or other harm, injury or loss; and/or (5) protect the personal safety or property of our users or the public (among other things, this means that if you provide false information or attempt to pose as someone else, information about you may be disclosed as part of any investigation into your actions).
AGGREGATED DATA:
We may provide aggregate statistics about our customers, sales, traffic patterns and related site information to reputable third-party vendors, but these statistics will include no personally identifying information.
In addition to the disclosure of Personal Information to third parties as described above, we provide anonymous IP Addresses to other third parties. For example, we sometimes employ other companies and individuals to perform functions on our behalf, such as hosting our Site; providing marketing assistance, search results and links, or retargeted advertising; and/or analyzing data. These third parties have access only to IP Addresses and do not have access to other Personal Information. However, as disclosed above, we may disclose Personal Information to third parties in certain limited circumstances.
Sales of Personal Information. Like most companies, we allow certain third party advertising partners to place tracking technology such as cookies and pixels on our Site. This technology allows these advertising partners to receive information about your activities on our Site, which is then associated with your browser or device. These companies may use this data to serve you more relevant ads as you browse the internet. Under some state laws, sharing data for online advertising may be considered a “sale” of information. Except for this sharing, Canyon does not sell any of your information. Canyon has no actual knowledge of any sales of personal information of minors under 16 years of age.
How we protect your personal information
We endeavor to incorporate reasonable safeguards to help protect and secure your Personal Information. To that end, we have put in place technical, administrative and physical safeguards to protect your personal information. We follow industry-standard practices in order to protect the data we collect. For example, we work to protect the security of your Personal Information whenever it is transmitted by using Secure Sockets Layer (SSL) software, which encrypts information a user inputs. We also follow PCI-compliant standards relating to credit cards.
Although we take precautions to prevent the unauthorized access of your Personal Information, no transmission of data over the internet is guaranteed to be completely secure and we cannot guarantee that your submissions to the Site, any content residing on our servers, or any transmissions from our server will be completely secure. It may be possible for third parties to intercept or access transmissions or private communications unlawfully. Any such transmission is done at your own risk. Further, it is important for you to protect against unauthorized access to your password and computer. You should be sure to sign off after using a shared computer.
Communications and opt-out
Opting Out Of Communications From Us:
There is an unsubscribe link in every marketing email that we send. You can be removed instantly from our list by clicking it. If you choose to opt-out of receiving promotional communications, we may still send you administrative emails, including, for example, administrative and transactional confirmations, and notices of updates to our Privacy Policy and Terms, as well as email receipts and shipping confirmations for any goods purchased using the Site. For information about opting out of SMS communications, please see our SMS Terms and Conditions.
California privacy rights
If you are a resident of California, the California Consumer Privacy Act ("CCPA") and California Privacy Rights Act (“CPRA”) provide you with specific rights regarding your Personal Information. These include:
Right to Know: You have the right to know the categories of Personal Information that we collect about you over the past 12 months, the categories of sources from which the Personal Information was collected, the business or commercial purposes for which the Personal Information was collected, sold, shared, and the categories of third parties with whom we share the Personal Information, and the specific pieces of personal information we collected about you.
Right to Correct: You have the right to correct inaccurate personal information that we maintain about you.
Right to Delete: You have the right to request that we delete Personal Information that we collected from you and retained, subject to certain exceptions.
Right to Opt-Out of the Sale/Sharing: We do not sell or share your Personal Information.
Right to Limit the Use or Disclosure of Sensitive Personal Information: We do not use or disclosure your sensitive Personal Information.
Non-Discrimination: Unless permitted by applicable law, we will not discriminate against you for exercising any of your privacy rights under CCPA or applicable law, including by, but not limited to:
- Denying you goods or services;
- Charging you different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties;
- Providing you a different level of quality of goods or services; or
- Suggesting that you will receive a different price or rate for goods or services or a different level of quality of goods or services.
Exercising Your Rights - Only you or an authorized agent may make a verifiable consumer request related to your Personal Information. Each of these rights may be exercised through our online request form or by calling the following number: (833) 226-9661.
Designating a Third-Party to Act on Your Behalf - In order to designate a third party to act on your behalf, that person must be registered with the California Secretary of State and must have valid written evidence of authority from you to act on your behalf, e.g., a validly executed Power of Attorney or some other written, notarized documentation that they can provide to us. Absent such documentation, we reserve the right to refuse to comply with third-party requests for information.
Verifying Your Requests - During the verification process, depending on the nature of your request, e.g. whether you are seeking access to information versus deleting information, we will first seek to verify your identity against known information in our environment, such as your name, e-mail address, and telephone. Upon receiving your request, we may also contact you via email and/or other secured communication channel to verify your identity. In certain instances, e.g. a mismatch against known information or where you are seeking information on behalf of another person with authorization, we may seek additional verification from you, which may be in the form of you providing a copy of a valid, government issued identification or a notarized attestation.
Response Timing and Format
We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.
Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
Exceptions - We may deny certain requests, in whole or in part, based on our legal rights and obligations. For example, we may retain personal information as permitted by law, such as for tax or recordkeeping or to comply with legal obligations, to process transactions, perform continuing obligations, and facilitate requests.
Opt-Out Preference Signal - The Opt-Out Preference Signal (also referred to as Global Privacy Control) is a setting you can enable in your web browser to communicate your privacy preference for not having certain information about your webpage visits collected across websites. For all the details, including how to turn on the signal, visit https://globalprivacycontrol.org/. Our website that links to this privacy policy recognize and respond to these signals.
Notice to Nevada Residents: Nevada Senate Bill 220 provides consumers (Nevada residents) with specific rights regarding their Personal Information. This section describes your Nevada privacy rights and explains how to exercise those rights.
Right To Opt Out
You have the right to direct us to not sell your Personal Information at any time (the “Right to Opt-Out”).
To exercise the Right to Opt-Out, you (or your authorized representative) may submit a request to us: info@canyon.com.
Response Timing and Format
We endeavor to respond to a verifiable consumer request within sixty days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.
Changes to this privacy policy
We may change or replace this Privacy Policy at any time. We encourage you to revisit this page often to remain fully informed of our Policy or you can contact us at any time to obtain the latest copy of this Policy.
Questions about this policy
For questions or comments regarding our Policy, please contact us at: info@canyon.com.