Privacy Policy

Note: If you link to other websites, please review the privacy policies posted at those sites.

Our Pages are For Business Use

Our Services describe a wide range of services and products that we offer, sell, and provide to a broad range of customers. Our Services are for general commercial and informational purposes and are designed to facilitate and enhance communications and transactions with customers for the purchase of our products and services. While any person may review the information provided through our Services, they are not intended for communications or transactions with persons below the legal age of contracting (generally age 18).

You hereby grant us an irrevocable, non-exclusive and perpetual license to use the information that you convey, disclose, or make available to us to receive, hold, and use such information in connection with our business and for other purposes allowed by law.

Collection of Information

We collect personally identifiable information, like names, postal addresses, email addresses, and purchase information. The information you provide is used to fulfill your specific request. We may use your information to place you on our mailing list. We never sell your information to any other company or agency. Below, we describe more specifically how we collect your information and what we do with it.

1. Information You Provide.

• Information that is necessary for the use of our Services. We ask for and collect personal information about you when you use our Services, sign up for an account, and make purchases. This information is necessary for the adequate performance of any contract between you and Brooks and to allow us to comply with our legal obligations. This information is also necessary for any contract you may have with Brooks and for Brooks' legitimate business purposes.

• Information you choose to give us and communications with Brooks. When you communicate with Brooks, submit information to Brooks for purchasing goods and services from Brooks, or open an account with Brooks, we collect information about your communication or submission and any information you choose to provide. This information is necessary for the adequate performance of any contract between you and Brooks and to allow us to comply with our legal obligations. This information is also necessary for any contract you may have with Brooks and for Brooks' legitimate business purposes.

• Payment Information. If you make purchases from us, you may provide payment information, such as a credit card number and/or other related information. Unless we tell you otherwise, your payment information is processed by our third-party processor and we do not collect, store or maintain your payment information. The storage and use of your payment information is subject to the terms and conditions, and privacy policies of our third-party processor and is not subject to the terms of this Privacy Policy.

• Additional Information. In addition to the information noted above, you may choose to provide us with additional personal information. This additional information will be processed based on your consent.

2. Information We Automatically Collect from Your Use of the Services.

We automatically collect information, including personal information, about the goods and services you use and how you use them. This information is necessary for the adequate performance of the contract between you and Brooks, to enable us to comply with legal obligations, and given our legitimate interest in being able to provide and improve the functionalities of our Services.

• Cookie/Tracking Technology.

  • Brooks uses cookie and tracking technologies on our website and within our mobile application. The technologies we use to collect information about you automatically include cookies, flash cookies, and web beacons. A cookie is a small file placed on the hard drive of your computer. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting you may be unable to access certain parts of our Services. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our website. Certain features of our website may use local stored objects (sometimes called, "Flash cookies") to collect and store information about your preferences and navigation to, from, and on our website. Flash cookies are not managed by the same browser settings as are used for browser cookies. We may also utilize small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit Brooks, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).

  • Cookie and tracking technology are useful for gathering information such as browser type and operating system, the time zone settings and location of visitors, the time and date of website and mobile application visits, tracking the number of visitors to the website, and understanding how visitors use the website or mobile application. Cookies can also help customize the Services for visitors. Personal information cannot be collected via cookies and other tracking technology; however, if you previously provided personally identifiable information, cookies may be tied to such information. Aggregate cookie and tracking information may be shared with third parties.

  • AT THIS TIME, OUR SERVICES DO NOT RESPOND TO "DO NOT TRACK" SIGNALS. WE MAY ADD THIS FUNCTIONALITY IN THE FUTURE, AND IF WE DO, WE WILL UPDATE THIS PRIVACY POLICY AND LET YOU KNOW.

3. Information We Collect from Third Parties.

We may collect information, including personal information, that others provide about you, or obtain information from other sources and combine that with information we collect. We do not control, supervise, or take responsibility for how the third parties providing your information process your personal data, and any information request regarding the disclosure of your personal information to us should be directed to such third parties.

• Third Party Services. In addition, If you link or connect with a third party service (e.g., Google) or interact with our social media pages (including LinkedIn, Facebook, and Youtube), we may receive information such as your registration and profile information. This information varies and is controlled by that service provider or as authorized by you via your privacy settings within that other service.

4. Other Sources.

To the extent permitted by applicable law, we may receive additional information about you, such as demographic data or fraud detection information, from third party service providers and/or partners, and combine it with information we have about you. For example, we may receive credit check results (with your consent where required) or fraud warnings from service providers like identity verification services for our fraud prevention and risk assessment efforts.

Exclusions

Some of the personal information we collect is not subject to this Privacy Policy. Personal information, as the term is used in this Privacy Policy does not include:

• Publicly available information, which is information that is lawfully made available from Federal, State, or local government records and information that we or a business partner reasonably believes you have publicly released or made available without restriction; and

• De-identified, pseudonymized, or aggregated data.

Use of Information

We use, store, and process information, including personal information, about you to provide, understand, improve, and develop the Services, communicate with you, facilitate a contract or purchase order with you, and comply with our legal obligations. Specifically, we use, store, and process information to:

Sharing Your Information

1. Your Consent.

Where you have provided consent, we may share your information, including personal information, as described at the time of consent and as allowed by applicable state law.

2. Compliance with Law, Responding to Legal Requests, Preventing Harm and Protection of Our Rights.

Brooks may disclose your information, including personal information, to courts, law enforcement or governmental authorities, or authorized third parties, if and to the extent we are required or permitted to do so by law or if such disclosure is reasonably necessary: (i) to comply with our legal obligations; (ii) to comply with legal process and to respond to claims asserted against Brooks; (iii) to respond to verified requests relating to a criminal investigation or alleged or suspected illegal activity or any other activity that may expose us, you, or any of our users or customers to legal liability; (iv) to enforce and administer our Terms and Conditions; or (v) to protect the rights, property, or personal safety of Brooks, its employees, and members of the public.

Where appropriate, we may notify you about legal requests unless: (i) providing notice is prohibited by the legal process itself, by court order we receive, or by applicable law; or (ii) we believe that providing notice would be futile, ineffective, create a risk of injury or bodily harm to an individual or group, or create or increase a risk of fraud upon Brooks.

3. Service Providers.

Brooks uses a variety of third party service providers to help us provide services related to the Services. Service providers may be located inside or outside of the European Economic Area ("EEA"). These providers have limited access to your information to perform tasks on our behalf, such as website, mobile application, and software optimization, and are contractually bound to protect and to use it only for the purposes for which it was disclosed and consistent with this Privacy Policy. Brooks will need to share your information, including personal information, in order to ensure the adequate performance of any contract with you and given our legitimate interest in being able to provide and improve the functionalities of the Services.

4. Business Transfers.

If Brooks undertakes or is involved in any merger, acquisition, reorganization, sale of assets, bankruptcy, or insolvency event, then we may sell, transfer, or share some or all of our assets, including your information, in connection with such transaction or in contemplation of such transaction (e.g., due diligence). In this event, we will notify you before your personal information is transferred and becomes subject to a substantively different privacy policy.

5. Aggregated Data.

We may also share aggregated information (information about our users that we combine so that it no longer identifies or references an individual user) and other anonymized information for regulatory compliance, industry and market analysis, demographic profiling, marketing and advertising, and other business purposes.

Your Rights

You may exercise any of the rights described in this section by contacting Brooks through the Privacy Contact Information provided at the end of this Privacy Policy. Please note that we may ask you to verify your identity before taking further action on your request.

1. Managing Your Information.

Through your account you can manage certain settings, such as to subscribe or unsubscribe to content.

2. Rectification of Inaccurate or Incomplete Information.

You have the right to ask us to correct inaccurate or incomplete personal information concerning you.

3. Data Access and Portability.

In some jurisdictions, applicable law may entitle you to request copies of your personal information held by us. You may also be entitled to request copies of personal information that you have provided to us in a structured, commonly used, and machine-readable format and/or request us to transmit this information to another service provider (where technically feasible).

4. Data Retention and Erasure.

We generally retain your personal information for as long as is necessary for the performance of a contract or purchase order with you and to maintain your account, for our legitimate business interests, or to comply with our legal obligations. If you no longer want us to use your information you can request that we erase your personal information. Please note that if you request the erasure of your personal information:

• We may retain some of your personal information as necessary for our legitimate business interests, such as fraud detection and prevention and enhancing safety;

• We may retain and use your personal information to the extent necessary to comply with our legal obligations;

• Some copies of your information (e.g., log records) may remain in our database but are disassociated from personal identifiers; and

• Residual copies of your personal information may not be removed from our backup systems for a limited period of time.

5. Withdrawing Consent and Restriction of Processing.

Where you have provided your consent to the processing of your personal information by Brooks you may withdraw your consent at any time by changing your account settings or by sending a communication to Brooks specifying which consent you are withdrawing. Please note that the withdrawal of your consent does not affect the lawfulness of any processing activities based on such consent before its withdrawal. Additionally, in some jurisdictions, applicable law may give you the right to limit the ways in which we use your personal information, in particular where (i) you contest the accuracy of your personal information; (ii) the processing is unlawful and you oppose the erasure of your personal information; (iii) we no longer need your personal information for the purposes of the processing, but you require the information for the establishment, exercise, or defense of legal claims; or (iv) you have objected to the processing and pending the verification of whether the legitimate grounds of Brooks in processing the information override your interests.

6. Objection to Processing.

In some jurisdictions, applicable law may entitle you to require Brooks not to process your personal information for certain specific purposes (including profiling) where such processing is based on legitimate interest. If you object to such processing, Brooks will no longer process your personal information for these purposes unless we can demonstrate compelling legitimate grounds for such processing or such processing is required for the establishment, exercise or defense of legal claims.

Where your personal information is processed for direct marketing purposes, you may, at any time, ask Brooks to cease processing your data for these direct marketing purposes.

7. Lodging Complaints.

You have the right to lodge complaints about the data processing activities carried out by Brooks before applicable competent data protection authorities.

Operating Globally

1. General.

To facilitate any global operations Brooks may perform, Brooks may transfer, store, and process your information within our company or with service providers based in Europe, India, Asia-Pacific, and North and South America. Laws in these countries may differ from the laws applicable to your Country of Residence.

2. Residents of the European Economic Area (EEA).

At this time, our Services are not intended to be accessed from within the United Kingdom, Switzerland, or any European Union Member State. We will not knowingly process personal information users of these Services in these geographic locations and will take prompt steps to delete any such personal data.

3. California Residents.

This Privacy Policy includes supplemental terms in its final section that apply solely to California residents covered by the California Consumer Privacy Act ("CCPA").

Security

We have implemented reasonable security measures designed to secure your personal information from accidental loss or unauthorized access, use, and disclosure. Unfortunately, the transmission of information via the internet is not completely secure. Although we attempt to protect your personal information, we cannot guarantee the security of your personal information transmitted to our website. We are continuously implementing and updating administrative, technical, and physical security measures to help protect your information against unauthorized access, loss, destruction, or alteration. Some of the safeguards we use to protect your information are firewalls and data encryption and information access controls. If you know or have reason to believe that your Brooks credentials have been lost, stolen, misappropriated, or otherwise compromised, or in case of any actual or suspected unauthorized use of your Brooks account, please contact us following the instructions in the Privacy Contact Information section below.

Changes to This Privacy Policy

Brooks reserves the right to modify this Privacy Policy at any time in accordance with this provision. If we make changes to this Privacy Policy, we will post the revised Privacy Policy on our website and update the "Last Updated" date at the top of this Privacy Policy. If you disagree with the revised Privacy Policy you should refrain from using our Services. Your continued access to or use of our Services will be subject to the revised Privacy Policy.

Privacy Contact Information

If you have any questions, concerns, or comments about our Privacy Policy you may contact us using the information below:

By E-mail: MarketingSupport@BrooksEquipment.com
By Phone: 704-916-3400

Privacy Policy Supplement for California Consumers

This Privacy Policy Supplement for California Consumers (this "Supplement") adds additional terms to those contained in this Policy that apply solely to residents of the State of California who are subject to the California Consumer Privacy Act of 2018, as amended ("CCPA"). Any terms defined in the CCPA that are not otherwise defined in this Supplement shall have the same meanings as such terms are given in the CCPA.

The CCPA provides Consumers with certain additional rights and information regarding their personal information. This Supplement provides those disclosures and describes those additional rights and explains how such additional rights may be exercised. Please read this Supplement as an expansion of the terms of the Policy set forth above as to Consumers interacting or doing business with us.

Definitions

As used in this Supplement, the following terms shall mean as follows:

"Consumer(s)" means California resident(s) who are subject to CCPA and are identified or identifiable from or through the use of "personal information" collected or used by us as such term is defined in the CCPA.

"Sell," "Selling," "Sale," or "Sold" means selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a Consumer's personal information by a business subject to the CCPA to another covered business or to a third party for monetary or other consideration.

"Service Provider" means a for-profit legal entity that processes a Consumer's personal information on behalf of a CCPA-covered business that has disclosed such information to the recipient for a business purpose pursuant to a written contract that restricts the use of such data by the recipient to providing services to the disclosing business.

Categories of Personal Information Collected. Listed below are the categories of personal information that we collect and use in our business for commercial purposes. These categories of data do not all apply at all times or as to all Consumers and often our receipt of this data is based on a Consumer's voluntary submission of it to us for specific purposes or transactions requested by the Consumer:

Sale of Personal Information

1. Sale of Personal Information. The CCPA requires that we disclose if we sell the personal information of Consumers to third parties which do not meet the definition of Service Providers under the CCPA. The common understanding of the term "sell" is to transfer property (in this case, personal information) for monetary consideration (i.e., cash), but under the CCPA, the definition of "sell" includes exchanging data for a business benefit other than cash. We do not sell, disclose, or transfer any Consumer's personal information to a third party which does not meet the definition of Service Providers under the CCPA.

2. Participation in Advertising Networks. We do participate in digital advertising activities through third party data analytics providers such as Google Analytics, which provides us with information collected on third-party websites and applications on which we advertise our product and services, including the identity of users of those websites and applications. Our use of digital advertisers and participants helps us identify persons who are shopping for products and services and enables us (i) to measure whether and how our ads were delivered to and interacted with by Consumers; (ii) provides us reporting about the effectiveness and performance of our ads; (iii) provides us reporting about users who interacted with our ads; and (iv) informs us about the percentage of our ads that had the opportunity to be seen.

Disclosures to Categories of Service Providers.

We disclose personal information for business purposes to the following categories of Service Providers under restrictive contracts which meet the requirements of the CCPA:

• Business partners who assist us in conducting transactions with our Consumers like scheduling service or delivery;

• Customer relationship management ("CRM") software providers with which we have entered into licensing agreements for marketing and communications activities with current and prospective Customers;

• Data analytics and cloud data providers other than Google Analytics with which we have entered into licensing agreements for data collection, use, analysis, transfer, and storage in support of our business;

• Payment processing and human resource information system ("HRIS") providers for vendor, supplier, contractor, employee and Service Provider payment processing activities; and

• Other Service Providers directly involved in our business transactions with Customers.

Consumer Data Rights

Overview. We extend the following rights to Consumers relating to their personal information that we have collected, used, or hold (collectively, "Data Rights").

When Data Rights Do Not Apply. Data Rights are subject to certain exceptions and limitations based on the specific data processing activities involved or other legal constraints like law enforcement and litigation uses. If any of those exceptions or limitations should apply to a Data Rights request, we will explain in our response why (or the extent to which) we are unable to honor a Consumer request.

Data Rights Described. A Consumer's rights relating to his or her personal information includes one or more of the following rights if and as applicable to a given request (a "Data Rights Request"). If a Consumer desires to exercise any of these rights, they should contact us by using the Data Rights Request Form referenced in Section 13.6 below.

• The Right to Know. A Consumer has a right to request that we disclose certain information to him or her about our collection and use of the Consumer's personal information over the past 12 months. Upon such a request, after verification of the Consumer's identity, we will confirm (i) the categories of personal information we have collected about the Consumer, (ii) the categories of sources from which such information was collected, (iii) the business or commercial purpose for our collection, disclosure or use of such data, (iv) the categories of any third parties with which we shared such personal information for a business purpose, and (v) the specific pieces of personal information we have collected about the Consumer (also called a data portability request).

• The Right of Deletion. In some circumstances, a Consumer has the right to request that we delete personal information that we have collected from or about the Consumer. Those circumstances include when (i) the personal information is no longer necessary in relation to the purposes for which it was collected or processed; (ii) the Consumer withdraws his or her Consent to any consent-based processing such as marketing; and/or (iii) our continued processing of such data violates this Policy or is otherwise unlawful. However, there are exceptions to the right of deletion, including when our retention and processing of such data is reasonably necessary to (A) complete the transaction for which such data was collected, to fulfill the terms of a written warranty or product recall or otherwise perform our contract with the Consumer, (B) provide a product or service requested by the Consumer or take actions reasonably anticipated within the context of our ongoing business relationship, (C) detect security incidents or protect against deceptive, fraudulent or unlawful activity, (D) for internal use reasonably aligned with the Consumer's expectations under this Policy or applicable law, and/or (E) compliance with a legal obligation.

• The Right to Data Portability. In certain circumstances under the Right to Know, a Consumer has the right to access the specific pieces of his or her personal information that we collected from such Consumer, by mail or electronically, and if provided electronically, in a portable, readily useable format to the extent technically feasible. However, this right does not apply where it is outweighed by other lawful needs or when the attempted return of it would adversely affect the rights or interests of others, such as when the personal information cannot be segregated from other protected data.

• Right to Opt-Out of the Sale of Personal Information. If and to the extent we are deemed to Sell a Consumer's personal information to a third party, the Consumer has the right to direct us to stop Selling the Consumer's personal information to such third parties (the "Right to Opt-Out). To exercise the Right to Opt-Out, the Consumer may contact us using the information below to us invoking such right. The Consumer does not need to create an account with us to exercise his or her Right to Opt-Out. We will only use personal information provided in an opt-out request to review and comply with the requesting Consumer's request. A Consumer's exercise of the Right to Opt-Out will only apply to our disclosures to third parties which are not Service Providers and will not affect our own communications and transactions with our Customers or communications by our business partners with our Customers in connection with our own business activities.

Exercising Data Rights

To exercise any Data Rights or make a Data Rights Request, please contact us by:

Calling us at: 704-916-3400

Emailing us at: MarketingSupport@BrooksEquipment.com

Mailing us at: Brooks Equipment Company, LLC

Attn: CCPA Requests

10926 David Taylor Drive, Suite 100

Charlotte, NC 28262

Only the affected Consumer, or someone legally authorized to act on such Consumer's behalf, may make a Data Rights Request related to a Consumer's personal information. In order to make requests on behalf of a Consumer, an authorized agent of that consumer must provide to us via mail either (i) a notarized power of attorney document including the Consumer's name and physical California address, (ii) a written authorization document that includes the Consumer's name, address, telephone number and valid email address, signed by the Consumer authorizing the authorized agent to act on behalf of the Consumer in making the request.

Any Data Rights Request must:

1. Provide sufficient information to permit us to reasonably verify that the requestor is the person about whom we collected personal information or an authorized representative thereof. We cannot respond to a request or provide personal information if we cannot verify the requestor's identity or authority to make the request and confirm that the personal information relates to them. Such verification requirements include proof of the identity of the Consumer about whom a request is made either (i) by a third party identity verification service engaged by us, or (ii) by our matching the identifying information of the Consumer at issue with the personal information of the Consumer already maintained by us, either in a password protected account with the Consumer or by identification of the Consumer's recent product searches or other activities with us or our business partners.

2. Describe the Data Rights Request with sufficient detail for us to properly understand, evaluate and respond to it.

Consumers do not need to create an account with us to submit a Data Rights Request. We will only use personal information provided in the request to verify the requestor's identity or authority to make it.

We will promptly confirm receipt of any such request (generally within ten 10 days) and endeavor to substantively respond to it after verification within forty-five (45) days of its receipt. If we require more time (up to another 45 days), we will inform you of the reason and extension period in writing.

We will deliver our written response by mail or electronically or as otherwise agreed.

Any disclosures we provide will only cover the 12-month period preceding our receipt of your request. The response we provide will also explain the reasons we cannot comply with a request, if applicable. We do not charge a fee to process or respond to verifiable Data Rights Requests unless excessive, repetitive, or manifestly unfounded.

Right to Non-Discrimination

Consumers have the right to be free of discrimination relating to their exercise of any Data Rights. We do not discriminate against Consumers for exercising any of their Data Rights. This means that the exercise of Data Rights will not result in our:

Denial of any goods or services;

Charging a different price or rate for goods or services, including through granting discounts or other benefits or imposing penalties;

Providing a Consumer with a different level or quality of goods or services; or

Suggesting any of the above results to a Consumer.

Other California Privacy Rights

California's "Shine the Light" law (Civil Code Section 1798.83) permits users of our Services who are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes in the past year, including the categories of personal information disclosed and the identity of such third parties. To make such a request, please send an email or write to us at the address set forth above.