Last updated: February 7, 2023
Sustainable Brands ("us", "we", or "our") operates the Sustainable Brands’ website at sustainablebrands.com and various websites and digital services operating from subdomains thereof, the Brands For Good website at sbbrandsforgood.com, the SB Brand Transformation Roadmap Self-Assessment Tool at sbroadmap.com and various subdomains thereof (“BTR Services”), and other software and services that Sustainable Brands makes available for purchase (collectively the "Service").
By using the Service, You agree to the collection and use of information in accordance with this policy.
Personal Data means data about a living individual who can be identified from those data, or from those in combination with other information either in our possession or likely to come into our possession.
Usage Data is data collected automatically either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).
BTR Data means all electronic data or information submitted by You to BTR Services, including Your responses to statements in the SB Brand Transformation Roadmap Self-Assessment Tool.
Data means all information submitted by You to the Service or collected automatically about You, including but not limited to Personal Data, Usage Data, and BTR Data.
Cookies are files stored on Your computer or mobile device (“Device”) that contain a small amount of data and may include an anonymous unique identifier. Cookies are sent to Your browser from a website and stored on Your Device.
Data Processors (or Service Providers) means any natural or legal person who processes the data on behalf of the Data Controller. We may use the services of various Service Providers in order to process Your data more effectively.
Data Subject (or User) is any living individual who is using the Service and is the subject of Personal Data.
We collect several different types of information for various purposes to provide and improve the Service to You. Types of Data collected:
While using the Service, we may ask You to provide us with certain Personal Data included but not limited to:
In certain cases, we are contractually obligated to share Your data with a third-party sponsor or advertiser (e.g. webinars, sponsored content, etc.). In these cases we will make it clear Your data is being shared. You will have the option not to have that data shared by not taking part in that particular program.
We may also collect Usage Data related to how the Service is accessed and used. This Usage Data may include information such as Your computer's Internet Protocol address (“IP address”), browser type, browser version, the pages of the Service that You visit, the time and date of Your visit, the time spent on those pages, unique device identifiers and other diagnostic data.
We may use and store information about Your location if You give us permission to do so ("Location Data"). We use this data to provide features of the Service, to improve and customise the Service.
You can enable or disable location services when You use the Service at any time by way of Your device settings.
Cookies and Tracking
Examples of Cookies we use:
Session Cookies. We use Session Cookies to operate the Service, e.g., to record the time that You logged in to the Sustainable Brands website so that we can safely expire your session and log You out of the Service.
Preference Cookies. We use Preference Cookies to remember Your preferences and various settings, such as your username that is registered with the Service.
Security Cookies. We use Security Cookies for security purposes.
You can instruct Your browser to refuse all cookies or to indicate when a cookie is being sent. However, if You do not accept cookies, You may not be able to use some portions of the Service.
Use of Data
Sustainable Brands uses the collected data for various purposes:
To provide, maintain and monitor the usage of the Service and to detect, prevent and address technical issues.
To notify You about changes to the Service.
To verify Your identity. For example, we send a verification email to You upon receiving a password reset request for Your Account; similarly, Users of BTR Services log in using their email address to identify their Account.
To enable You to access certain Content on the Service (e.g., premium Content or products and services that are only accessible under a Subscription associated with Your Account).
To allow You to participate in interactive features of the Service when You choose to do so.
To support billing, provide customer support, and general account maintenance purposes.
To analyze Your profile and behavioral data to improve the products we offer You and the Service in general, and to personalize the delivery of news and other Content based on Your preferences.
To serve targeted or interest-based advertising.
In the event that You create an Account on the Service, You agree that we may use Your Personal Data to contact You with newsletters, special offers or promotional materials and other information that we may send. You may opt out of receiving any, or all, of these communications from us by following the unsubscribe link or the instructions provided in any email we send.
Please note that you can decline to have Your Personal Data collected via third party tracking technologies by navigating to the settings feature in Your browser and declining all third party cookies or declining third party cookies from specific sites, or, for mobile, limiting ad tracking or resetting the advertiser identifier via the privacy settings on Your mobile device. Our partners, such as NextRoll and Google, may use non-cookie technologies that may not be impacted by browser settings that block cookies. Your browser may not permit you to block such technologies. For this reason you can use the following third-party opt-out tools to decline the collection and use of Your Personal Data for the purpose of serving you interest-based advertising:
We reserve the right to use BTR Data, in whole to provide the BTR Services, and in anonymized, aggregated form to generate benchmarks to provide the BTR Services and related products and marketing.
Legal Basis for Processing Personal Data under the General Data Protection Regulation (GDPR)
Sustainable Brands may process Your Personal Data because:
We need to perform a contract with You
You have given us permission to do so
The processing is in our legitimate interests and it is not overridden by Your rights
For payment processing purposes
To comply with the law
Retention of Data
Sustainable Brands will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of the Service, or we are legally obligated to retain this data for longer periods.
Transfer of Data
Your information, including Personal Data, may be transferred to - and maintained on - computers located outside of Your state, province, country or other governmental jurisdiction where the data protection laws may differ from those of Your jurisdiction.
If You are located outside the United States and choose to provide information to us, please note that we transfer the data, including Personal Data, to the United States and process it there.
Disclosure of Data
Disclosure for Law Enforcement
Under certain circumstances, Sustainable Brands may be required to disclose Your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).
Sustainable Brands may disclose Your Personal Data in the good faith belief that such action is necessary to:
To comply with a legal obligation
To protect and defend the rights or property of Sustainable Brands
To prevent or investigate possible wrongdoing in connection with the Service
To protect the personal safety of users of the Service or the public
To protect against legal liability
Security of Data
The security of Your data is important to us but no method of transmission over the Internet or electronic storage is 100% secure. We strive to maintain commercially reasonable administrative, physical, and technical safeguards for protection of the security, confidentiality and integrity of Your Data, though we cannot guarantee its absolute security.
Regarding BTR Data, we shall not (a) modify BTR Data except to the extent required to provide the BTR Services, (b) disclose BTR Data except as compelled by law or as expressly permitted in writing by You or the administrator of the BTR Services, or (c) access BTR Data other than in a fully anonymized, aggregated form, except to provide the BTR Services and prevent or address service or technical problems, or in connection with customer support matters.
Our Policy on "Do Not Track" Signals under the California Online Protection Act (CalOPPA)
We do not support Do Not Track ("DNT"). Do Not Track is a preference You can set in Your web browser to inform websites that You do not want to be tracked.
You can enable or disable Do Not Track by visiting the Preferences or Settings page of Your web browser.
Your Data Protection Rights under the General Data Protection Regulation (GDPR)
If You are a resident of the European Economic Area (EEA), You have certain data protection rights. Sustainable Brands aims to take reasonable steps to allow You to correct, amend, delete or limit the use of Your Personal Data.
If You wish to be informed about what Personal Data we hold about You and if You want it to be removed from our systems, please contact us.
In certain circumstances, You have the following data protection rights:
The right to access, update or delete the information we have on You. Whenever made possible, You can access, update or request deletion of Your Personal Data directly within Your account settings section. If You are unable to perform these actions Yourself, please contact us to assist You.
The right of rectification. You have the right to have Your information rectified if that information is inaccurate or incomplete.
The right to object. You have the right to object to our processing of Your Personal Data.
The right of restriction. You have the right to request that we restrict the processing of Your personal information.
The right to data portability. You have the right to be provided with a copy of the information we have on You in a structured, machine-readable and commonly used format.
The right to withdraw consent. You also have the right to withdraw Your consent at any time where Sustainable Brands relied on Your consent to process Your personal information.
Please note that we may ask You to verify Your identity before responding to such requests.
You have the right to complain to a Data Protection Authority about our collection and use of Your Personal Data. For more information, please contact Your local data protection authority in the European Economic Area (EEA).
We may employ third party companies and individuals to facilitate the Service ("Service Providers"), provide the Service on our behalf, perform Service-related services or assist us in analysing how the Service is reached and/or used.
These third parties have access to Your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
We may use third-party Service Providers to monitor and analyse the use of the Service.
Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of the Service. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network.
For more information on the privacy practices of Google, please visit the Google Privacy Terms web page: https://policies.google.com/privacy?hl=en
Advertising and Conversion Tracking
We may use third-party Service Providers to show advertisements to You to help support and maintain the Service, and/or to track Your behavior after You have been redirected to one of our websites by clicking on an advertisement on a third-party social networking service.
AdRoll Pixel and Cookies
We use AdRoll’s pixel and cookies to gather information about You for use in targeting advertising on the AdRoll platform (a product from NextRoll). California visitors to the Service may review NextRoll’s Service Privacy Notice for California Residents.
Facebook Conversion Tracking
We use the “visitor action pixels” from Facebook Inc (1 Hacker Way, Menlo Park, CA 94025, USA, or, if you are based in the EU, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”)) on some websites associated with the Service. This allows Your behavior to be tracked after You have been redirected to one of our websites by clicking on a Facebook ad. This enables us to measure the effectiveness of Facebook ads for statistical and market research purposes. The data collected in this way is anonymous to us, i.e. we do not see the personal data of individual users. However, this data is stored and processed by Facebook, which is why we are informing You, based on our knowledge of the situation. Facebook may link this information to your Facebook account and also use it for its own promotional purposes, in accordance with Facebook’s Data Usage Policy https://www.facebook.com/about/privacy. You can allow Facebook and its partners to place ads on and off Facebook. A cookie may also be stored on your computer for these purposes. The legal basis for the use of this service is Art. 6 paragraph 1 sentence 1 letter of GDPR. You can object to the collection of your data by Facebook pixel, or to the use of your data for the purpose of displaying Facebook ads by contacting the following address: https://www.facebook.com/settings?tab=ads.
Google Ad Manager and AdSense DoubleClick Cookies
Google Ad Manager is an ad serving platform that helps streamline ad management, and provides metrics on impressions, clicks, and ad revenue. Google AdSense is a service that displays ads next to online content.
Google uses Google Ad Manager and AdSense/DoubleClick cookies to enable it and its partners to serve ads to You based on Your visit to the Service or other websites on the Internet.
You may opt out of the use of the DoubleClick Cookie for interest-based advertising by visiting the Google Ads Settings web page: http://www.google.com/ads/preferences
LinkedIn Conversion Tracking
We use the Conversion Tracking and Website Analytics features of LinkedIn (1000 W Maude Ave, Sunnyvale, CA 94085, “LinkedIn”) on some websites associated with the Service. LinkedIn stores a cookie on Your computer and uses tags, pixels, and APIs to send data to LinkedIn to enable an analysis of Your use of the Service. LinkedIn Conversion Tracking tracks the actions of users after they have viewed or interacted with ads on LinkedIn, and allows us to assign conversions such as link clicks, shares, or “like” data. The legal basis for the use of this service is Art. 6 paragraph 1 sentence 1 letter f of GDPR. If you wish to object to tracking, you can do so using the Digital Advertising Alliance tool at www.aboutads.info/choices.
Twitter Conversion Tracking
We use the Conversion Tracking Service of Twitter Inc. (1355 Market Street #900, San Francisco, California 94103, “Twitter”) on some websites associated with the Service. Twitter stores a cookie on the user’s computer to enable an analysis of the use of our online products and services. Twitter Conversion Tracking tracks the actions of users after they have viewed ads or interacted with ads on Twitter. Twitter’s Conversion Tracking allows you to assign conversions such as link clicks, retweets or “like” data. The legal basis for the use of this service is Art. 6 paragraph 1 sentence 1 letter f of GDPR. If you wish to object to tracking, you can do so using the Digital Advertising Alliance tool at www.aboutads.info/choices.
We may provide paid products and/or services within the Service. In that case, we use third-party services for payment processing (e.g. payment processors).
The payment processors we work with are:
Hosting and Authenticating Users of the Service
We host the BTR Services on Microsoft Azure. Legal information about Microsoft Azure can be viewed at: https://azure.microsoft.com/en-us/support/legal/
Amazon Cognito Federated Identities
Amazon Cognito Federated Identities (“Cognito”) is a web service that delivers temporary credentials to web browsers, mobile devices, and other environments. Cognito uses Your email address to uniquely identify and authenticate Your devices when You access the Service.
For more information on Amazon’s AWS data privacy practices, see their FAQ at: https://aws.amazon.com/compliance/data-privacy-faq/
For further information on Data Protection in Amazon Cognito, see: https://docs.aws.amazon.com/cognito/latest/developerguide/data-protection.html
Customer Data Management and Marketing
We use the Salesforce Platform (“Salesforce”) to manage customer data for the purposes of fulfilling product and service purchases and informing our sales and marketing efforts. When you purchase products or services from us, portions of Your Personal Data may be stored in Salesforce including Your name, email address, company, phone number, and/or other information that You have provided to us.
We also use Salesforce Experience Cloud to enable our Member Hub private messaging and discussion forums for our Members and other purposes. Any posts, notes, chat entries, Personal Data, and/or other content that You submit to Member Hub are stored on Salesforce’s servers.
Virtual Events and Video Conferencing
Links to Other Sites
The Service may contain links to third party websites or services that are not owned or controlled by us. We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services. We do not warrant the offerings of any of these entities/individuals or their websites. You acknowledge and agree that Sustainable Brands shall not be responsible or liable, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with use of or reliance on any such content, goods or services available on or through any such third party websites or services.
The Service does not address anyone under the age of 18 ("Children").
We do not knowingly collect personally identifiable information from anyone under the age of 18. If You are a parent or guardian and You are aware that Your Child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.
By email: [email protected]
By visiting this page on our website: https://sustainablebrands.com/corporate