Effective Date: June 1, 2020
The Herman Miller Group Companies respect your privacy and your regional privacy rights:Exercise your rights
This Privacy Notice applies to all Herman Miller, Inc., controlled subsidiaries and affiliates globally, including Herman Miller, Design Within Reach, Inc., Geiger International, Inc., Nemschoff, Inc., Colebrook Bosson Saunders, naughtone, Workplace Resource Canada, POSH Office Systems (HK) Ltd. and Maharam Fabric Corporation jointly referred to as “the Herman Miller Group Companies,” “Herman Miller,” or “HM.”
By using the Site, or sharing your information with us, you accept the privacy practices described in this Privacy Notice.
As you interact with Herman Miller, we may collect information about you from the following sources:
We may combine information that we receive from the sources described in this Notice, including third party sources and public sources, and use or disclose it for the purposes described below.
The information we collect from you varies, depending on the way you use our Site or interact with us. The information may include:
We use the information identified above for the following business purposes:
We may share information collected about you with the following entities or in the following situations:
You can access and update most of your account information on our Site by logging into your account.
You may opt out of receiving certain future email communications from us by clicking on the unsubscribe link at the bottom of emails you receive from us. We will use commercially reasonable efforts to process such requests in a timely manner. You cannot opt out of receiving transactional emails or communications related to your account with us.
You may also contact us at the email provided in this Privacy Notice.
We use reasonable physical, technical, and administrative security measures to protect the confidentiality and security of your personal information. However, since the Internet is not a 100 percent secure environment and no security system or measures are impenetrable, we cannot guarantee the security of any information you transmit to us. We strongly advise you not to communicate any confidential information through email to us or otherwise through this Site.
We retain personal information only for as long as necessary to fulfill the stated purposes for which the personal information was collected or otherwise processed and thereafter only for legitimate purposes or legal requirements.
The Site is not directed or targeted towards, nor intended for use by, persons under the age of 16. If you are not at least 16 years of age, do not access, use, or register on the Site. We do not knowingly collect, use, share or sell Personal Information from persons under age 16. If you believe we have done so in error, please notify us and we will terminate and delete your account and all information contained therein.
Herman Miller may have mobile applications that you can download to your mobile device (“HM Applications”). When you download a HM Application, there may be an opportunity for you to provide us with or for us to obtain information about you. Each HM Application will display a Privacy Notice that will inform you about how any new or different information shared via the application will be handled. Otherwise, information collected via HM Applications will be the information identified above and will be used and shared as stated in this Privacy Notice.
Certain features and functionality of the HM Applications are based on your location. To provide these features and functionalities, if you consent, we may collect geolocational information from your mobile device, wireless carrier, and/or certain Third party service providers. Collection of such information occurs only when you are using your mobile device. You may decline to allow us to collect such information or disable location services on your mobile device but doing so will restrict certain features and functionalities to you.
With your permission, in addition to the uses of or access to your Personal Information discussed in this Notice, third party applications and services may access your personal information using OAuth if you choose to log into our Site using your log-in information from those third party applications. We may also use OAuth to allow us to share information about you that is stored by us without sharing your security credentials.
We are not responsible for the practices employed by third party websites or services linked to or from our Site, including the information or content contained in such websites or services, and this Privacy Notice does not apply to them. Privacy policies on such linked websites may be different from our Privacy Notice. Your browsing and interaction with any third party website or service, including those that have a link on our Site, are subject to that third party’s own rules and privacy policies. You access such linked websites at your own risk. You should always read the privacy notice of a linked website before disclosing any of your information on such website.
If you have any questions about this Privacy Notice, please contact us at:
Herman Miller, Inc.
Attn: Legal Department Privacy Inquiry
855 East Main Ave.
Zeeland, MI 49464
We may make changes to this Notice from time to time, in our sole discretion. When we do, we will update this page and display the date of last update at the top of the page. We encourage you to periodically check this Site to learn about the information we collect, use, and share. Your continued use of any of the Site after the changes have been made will constitute your acceptance of the changes. If you do not wish to continue using the Site under the new version of the Notice, please uninstall any mobile application and cease using the Site. When required under applicable law, we will seek affirmative consent from you before making material changes to how we handle data previously collected from you. If you do not provide such consent, we will continue to use personal information in a manner consistent with the version of this Privacy Notice under which it was collected, or the information will be deleted.
In addition to the information provided above about the data collected and how we use and share it, in accordance with the California Consumer Privacy Act (CCPA), below is a list of the categories of personal information collected, and for each category, the categories of third parties with whom we share the personal information for a business or commercial purpose. The sections referenced in the chart below relate to the section in the Notice above.
|Category of Personal Information||Categories of Third Parties to whom it was disclosed for a business purpose||Categories of Third Parties to whom it was sold for marketing purposes|
|Commercial Information (3.2)|
|Internet or other electronic activity (3.3)|
|Geolocation data (3.4)|
|Audio or electronic information (3.5)|
|Professional or employment-related information (3.6)|
As a California resident, you have certain rights, subject to legal limitations, regarding the collection, use, and sharing of your personal information described below. You can exercise your rights here Data Subject Right Request, or you can contact us at email@example.com.
We may disclose the information identified above to third parties for their targeted marketing purposes and to enhance your experience on our Site. California Consumers have the right to opt out of the sale of their personal information.
To opt out of online activity tracking and data sharing (through cookies and other tracking technologies), you can opt-out of each cookie category (except strictly necessary cookies) by clicking on the “cookie settings” button below:
[Cookie Settings] Code from the OneTrust Cookie Banner Example:
California Consumers have the right to request that we delete personal information about you that we have collected from you.
California Consumers have the right to request that we disclose personal information that we have about you. You can request that we provide you with the categories of personal information we have collected in the 12 months preceding your request, at a minimum, and for each category: the categories of sources from which the personal information was collected; the business or commercial purpose for which we collected the personal information; the categories of third parties to whom we sold or disclosed the category of personal information for a business purpose; and the business or commercial purpose for which we sold or disclosed the category of personal information. You can also request that we provide the specific pieces of personal information that we have about you.
We may seek certain pieces of information to verify your identity that may include email address and government issued identification. We may use third party verification companies to help us verify your identity. If you are submitting a request on behalf of a household, we will need to verify each member of the household in the manner set forth in this section.
If you are making any of the requests above through an authorized agent, we will request written authorization from you and will seek to verify your identity in the manners stated above (depending on the request type), or we will accept a legal Power of Attorney under the California Probate Code to the authorized agent. To make a request using an authorized agent contact firstname.lastname@example.org.
We will respond to Requests to Delete and Requests to Know within 45 calendar days, unless we need more time, in which case we will notify you. It may take up to 90 days in total to respond to your request. We will respond to Requests to Opt Out within 15 business days.
We will not discriminate against you for exercising your rights.
When you provide us with your information through our Site or to use our products or services, we serve as a data controller. When we act as a data controller we determine how personal information will be utilized, in accordance with this Privacy Notice.
Depending on the purpose of each processing activity described in Section 4 above, the processing is justified on one of the legal bases indicated below.
|Purpose (references refer to Section 4 above)||Legal Basis for Processing|
|For our own internal business purposes (4.1)||Herman Miller’s legitimate business purposes (such as to provide to you our products, services, and Site; to develop and improve our products, services and Site; prevent fraud and provide security) and as necessary to perform our contractual obligations to provide you products or services.|
|Internal research for research, development, and product improvement (4.2)||Herman Miller’s legitimate business purposes|
|Verifying or maintaining the quality or safety of a service or product and to improve, upgrade, or enhance the service or product (4.3)||Herman Miller’s legitimate business purposes|
|Short-term transient use, such as customization of ads shown as part of the same interaction (4.4)||Herman Miller’s legitimate business purposes|
|Auditing related to a current interaction with the consumer and concurrent transactions (4.5)||Herman Miller’s legitimate business purposes|
|For legal, safety, and security reasons (4.6)||Herman Miller’s legitimate business purposes, because processing is necessary for us to comply with law and in order to establish, exercise, or defend legal claims.|
|For marketing or advertising (4.7)||Herman Miller’s legitimate business purposes, except where your consent is required under applicable law, then in accordance with consent provided by you.|
|For services of third parties that you authorize (4.9)||In accordance with consent provided by you.|
You may exercise certain rights, listed below, subject to legal limitations, regarding your personal information, if you are a resident of the EEA or where the General Data Protection Regulation (site) applies. You can exercise your data right here: Data Subject Right Request. To protect your privacy, before we allow you to exercise a right, we may ask you to verify your identity or provide additional information. We will try to do so free of charge, but if it would require a disproportionate effort on our part, we may charge a fee. We will disclose the fee before we comply with your request. We may reject a request for any of a number of reasons, including, for example, that the request risks the privacy of other users, requires technical efforts that are disproportionate to the request, is repetitive, or is unlawful.
International Transfer of Information
Collected Information Herman Miller collects from you will be stored and processed in the United States. If you provide us information, it will be transferred to, processed, and accessed in the United States.
EU-US Privacy Shield
We comply with the EU-US Privacy Shield Framework as set forth by the US Department of Commerce (the "Privacy Shield") regarding the collection, use, and retention of personal information from European Union member countries. Herman Miller has certified that it adheres to the Privacy Shield principles of: notice; choice; accountability for onward transfer; security; data, integrity, and purpose limitation; access; and recourse, enforcement and liability. If there is any conflict between the policies in this Privacy Notice and Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield, and to view our certification page when available, please visit: https://www.privacyshield.gov. Herman Miller is subject to the investigatory and enforcement powers of the Federal Trade Commission (“FTC”).
Resolution of Complaints
In compliance with the Privacy Shield Principles, Herman Miller commits to resolve complaints about your privacy and our collection or use of your personal information. European Union citizens with inquiries or complaints regarding this Privacy Notice should first contact Herman Miller at email@example.com.
Herman Miller has further committed to:
For Non-Human Resources Data, refer unresolved complaints to the EU-US Privacy Shield Principles BBB EU PRIVACY SHIELD, a non-profit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information and to file a complaint.
For Human Resources Data, we have committed to participate in the dispute resolution procedures of the EU Data Protection Authorities (DPA’s). For information on how to contact your jurisdiction’s DPA, visit http://ec.europa.eu/justice/data-protection/article-29/structure/data-protection-authorities/index_en.htm. Herman Miller will cooperate with the appropriate EU DPAs during investigation and resolution of complaints concerning human recourses data.
Please also note that if your complaint is not resolved through these channels, under limited circumstances, a binding arbitration option may be available before a Privacy Shield Panel. Under the Privacy Shield frameworks, Herman Miller is responsible for the processing of personal data it receives as well as any such data that it provides to its Third party service providers and/or agents. Any personal information received under the Privacy Shield that we transfer to a third party must also comply with our Privacy Shield obligations, and we will be liable under the Privacy Shield for any failure to do so by the third party unless we prove that we are not responsible for the event giving rise to the damage.