Effective Date: June 1, 2020
The Herman Miller Group Companies respect your privacy and your regional privacy rights: Exercise your rights
This Privacy Notice applies to all Herman Miller, Inc., controlled subsidiaries and affiliates globally, including Herman Miller, Design Within Reach, Inc., Geiger International, Inc., Nemschoff, Inc., Colebrook Bosson Saunders, naughtone, Workplace Resource Canada, POSH Office Systems (HK) Ltd. and Maharam Fabric Corporation jointly referred to as “the Herman Miller Group Companies,” “Herman Miller,” or “HM.”
By using the Site, or sharing your information with us, you accept the privacy practices described in this Privacy Notice.
As you interact with Herman Miller, we may collect information about you from the following sources:
2.1 Directly from you, such as:
2.2 From technology when you visit our Site.
2.3 From parents, subsidiaries, and affiliates within the Herman Miller Group Companies.
2.4 From third parties or public sources, such as:
We may combine information that we receive from the sources described in this Notice, including third party sources and public sources, and use or disclose it for the purposes described below.
The information we collect from you varies, depending on the way you use our Site or interact with us. The information may include:
3.1 Identifiers, such as name, shipping/billing address, telephone number, email address, IP address; browser type and language; operating system; domain server; type of computer or device; and other information about the device you use to access our Site.
3.2 Commercial information, including records of products or services purchased, obtained, or considered, marketing preferences, customer feedback, and information regarding your Smart Furnishing preferences (e.g., desk height), or other purchasing or consuming histories or tendencies.
3.3 Internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding your interaction with our Site or advertisements.
3.4 Geolocation data.
3.5 Audio or electronic information, such as recording calls made to our customer service centers.
3.6 Professional or employment-related information and other demographic information.
3.7 Inferences drawn from any of the information above used to create a profile about our customers.
We use the information identified above for the following business purposes:
4.1 For our own internal business purposes, such as maintaining or servicing accounts, providing customer service, processing or fulfilling order and transactions, verifying customer information, processing payments, providing financing, and performing analytics.
4.2 Internal research for research, development, and product improvement.
4.3 Verifying or maintaining the quality or safety of a service or product and to improve, upgrade, or enhance the service or product.
4.4 Short-term transient use, such as customization of ads shown as part of the same interaction.
4.5 Auditing related to a current interaction with the consumer and concurrent transactions.
4.6 For legal, safety, and security reasons.
4.7 For marketing or advertising.
4.8 In a de-identified or aggregated format.
4.9 For services of third parties that you authorize.
We may share information collected about you with the following entities or in the following situations:
5.1 Affiliated Companies. We may share some or all of your information to our parent companies, subsidiaries, and affiliates within the Herman Miller Group Companies.
5.2 Service Providers. We may share your information with service providers to perform functions and services on our behalf, to deliver our products or services, and/or to conduct our business, such as product delivery services, payment processors, data hosting and storage providers, customer service, marketing, and data analytics service providers.
5.3 Professional Advisors. We may share your information with our accountants, lawyers, and other professional advisers that assist us in carrying out our business activities.
5.4 With Third Parties Regarding Corporate Changes. We might buy or sell businesses or assets. In the event of a corporate sale, merger, reorganization, sale of assets, dissolution, or similar event, the information we collect may be part of the transferred assets.
5.5 For Legal, Safety, and Security Reasons. We may disclose information to others (including law enforcement, public authorities, and regulatory bodies) if we are required to do so by law, or whenever we believe that disclosing such information is necessary or advisable to protect and defend our rights, property, or the safety of us or others. Note that we may be required to disclose an individual’s personal information in response to a lawful request by public authorities (such as a court order), including to meet national security or law enforcement requirements. We may also disclose your information to detect and/or resolve any fraud or security concerns.
5.6 With Select Partner and Digital Advertising Networks for Targeted Marketing. We may share personal information that we hold about you with non-affiliated third parties (select partners and digital advertising networks) for marketing of similar products or services.
5.7 Consent. We may share personal information that we hold about you with your consent or at your direction with non-affiliated third parties.
You can access and update most of your account information on our Site by logging into your account.
You may opt out of receiving certain future email communications from us by clicking on the unsubscribe link at the bottom of emails you receive from us. We will use commercially reasonable efforts to process such requests in a timely manner. You cannot opt out of receiving transactional emails or communications related to your account with us.
You may also contact us at the email provided in this Privacy Notice.
We use reasonable physical, technical, and administrative security measures to protect the confidentiality and security of your personal information. However, since the Internet is not a 100 percent secure environment and no security system or measures are impenetrable, we cannot guarantee the security of any information you transmit to us. We strongly advise you not to communicate any confidential information through email to us or otherwise through this Site.
We retain personal information only for as long as necessary to fulfill the stated purposes for which the personal information was collected or otherwise processed and thereafter only for legitimate purposes or legal requirements.
The Site is not directed or targeted towards, nor intended for use by, persons under the age of 16. If you are not at least 16 years of age, do not access, use, or register on the Site. We do not knowingly collect, use, share or sell Personal Information from persons under age 16. If you believe we have done so in error, please notify us and we will terminate and delete your account and all information contained therein.
9.1 Mobile Applications
Herman Miller may have mobile applications that you can download to your mobile device (“HM Applications”). When you download a HM Application, there may be an opportunity for you to provide us with or for us to obtain information about you. Each HM Application will display a Privacy Notice that will inform you about how any new or different information shared via the application will be handled. Otherwise, information collected via HM Applications will be the information identified above and will be used and shared as stated in this Privacy Notice.
Certain features and functionality of the HM Applications are based on your location. To provide these features and functionalities, if you consent, we may collect geolocational information from your mobile device, wireless carrier, and/or certain Third party service providers. Collection of such information occurs only when you are using your mobile device. You may decline to allow us to collect such information or disable location services on your mobile device but doing so will restrict certain features and functionalities to you.
9.2 Standard Open Authorization and Similar Technology (“OAuth”)
With your permission, in addition to the uses of or access to your Personal Information discussed in this Notice, third party applications and services may access your personal information using OAuth if you choose to log into our Site using your log-in information from those third party applications. We may also use OAuth to allow us to share information about you that is stored by us without sharing your security credentials.
9.3 Third party Websites
We are not responsible for the practices employed by third party websites or services linked to or from our Site, including the information or content contained in such websites or services, and this Privacy Notice does not apply to them. Privacy policies on such linked websites may be different from our Privacy Notice. Your browsing and interaction with any third party website or service, including those that have a link on our Site, are subject to that third party’s own rules and privacy policies. You access such linked websites at your own risk. You should always read the privacy notice of a linked website before disclosing any of your information on such website.
Get more information about how we use automatic data collection tools, such as cookies and widgets, and how to update your choices in relation to their use: Cookies Notice
If you have any questions about this Privacy Notice, please contact us at:
Herman Miller, Inc.
Attn: Legal Department Privacy Inquiry
855 East Main Ave.
Zeeland, MI 49464
We may make changes to this Notice from time to time, in our sole discretion. When we do, we will update this page and display the date of last update at the top of the page. We encourage you to periodically check this Site to learn about the information we collect, use, and share. Your continued use of any of the Site after the changes have been made will constitute your acceptance of the changes. If you do not wish to continue using the Site under the new version of the Notice, please uninstall any mobile application and cease using the Site. When required under applicable law, we will seek affirmative consent from you before making material changes to how we handle data previously collected from you. If you do not provide such consent, we will continue to use personal information in a manner consistent with the version of this Privacy Notice under which it was collected, or the information will be deleted.
In addition to the information provided above about the data collected and how we use and share it, in accordance with the California Consumer Privacy Act (CCPA), below is a list of the categories of personal information collected, and for each category, the categories of third parties with whom we share the personal information for a business or commercial purpose. The sections referenced in the chart below relate to the section in the Notice above.
As a California resident, you have certain rights, subject to legal limitations, regarding the collection, use, and sharing of your personal information described below. You can exercise your rights here Data Subject Right Request or you can contact us at firstname.lastname@example.org.
13.1 Right to Opt Out/Do Not Sell
We may disclose the information identified above to third parties for their targeted marketing purposes and to enhance your experience on our Site. California Consumers have the right to opt out of the sale of their personal information.
To opt out of online activity tracking and data sharing (through cookies and other tracking technologies), you can opt-out of each cookie category (except strictly necessary cookies) by clicking on the “cookie settings” button below:
13.2 Right to Delete
California Consumers have the right to request that we delete personal information about you that we have collected from you.
13.3 Right to Know
California Consumers have the right to request that we disclose personal information that we have about you. You can request that we provide you with the categories of personal information we have collected in the 12 months preceding your request, at a minimum, and for each category: the categories of sources from which the personal information was collected; the business or commercial purpose for which we collected the personal information; the categories of third parties to whom we sold or disclosed the category of personal information for a business purpose; and the business or commercial purpose for which we sold or disclosed the category of personal information. You can also request that we provide the specific pieces of personal information that we have about you.
We may seek certain pieces of information to verify your identity that may include email address and government issued identification. We may use third party verification companies to help us verify your identity. If you are submitting a request on behalf of a household, we will need to verify each member of the household in the manner set forth in this section.
13.5 Use of Authorized Agent
If you are making any of the requests above through an authorized agent, we will request written authorization from you and will seek to verify your identity in the manners stated above (depending on the request type), or we will accept a legal Power of Attorney under the California Probate Code to the authorized agent. To make a request using an authorized agent contact email@example.com.
13.6 Timing of Response
We will respond to Requests to Delete and Requests to Know within 45 calendar days, unless we need more time, in which case we will notify you. It may take up to 90 days in total to respond to your request. We will respond to Requests to Opt Out within 15 business days.
We will not discriminate against you for exercising your rights.
14.1 Herman Miller as Controller
When you provide us with your information through our Site or to use our products or services, we serve as a data controller. When we act as a data controller we determine how personal information will be utilized, in accordance with this Privacy Notice.
14.2 Our Legal Basis for Processing Your Personal Data
Depending on the purpose of each processing activity described in Section 4 above, the processing is justified on one of the legal bases indicated below.
14.3 Data Subject Rights
You may exercise certain rights, listed below, subject to legal limitations, regarding your personal information, if you are a resident of the EEA or where the General Data Protection Regulation (site) applies. You can exercise your data right here: Data Subject Request. To protect your privacy, before we allow you to exercise a right, we may ask you to verify your identity or provide additional information. We will try to do so free of charge, but if it would require a disproportionate effort on our part, we may charge a fee. We will disclose the fee before we comply with your request. We may reject a request for any of a number of reasons, including, for example, that the request risks the privacy of other users, requires technical efforts that are disproportionate to the request, is repetitive, or is unlawful.
International Transfer of Information Collected Information Herman Miller collects from you will be stored and processed in the United States. If you provide us information, it will be transferred to, processed, and accessed in the United States.
We comply with the EU-US Privacy Shield Framework as set forth by the US Department of Commerce (the "Privacy Shield") regarding the collection, use, and retention of personal information from European Union member countries. Herman Miller has certified that it adheres to the Privacy Shield principles of: notice; choice; accountability for onward transfer; security; data, integrity, and purpose limitation; access; and recourse, enforcement and liability. If there is any conflict between the policies in this Privacy Notice and Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield, and to view our certification page when available, please visit: https://www.privacyshield.gov. Herman Miller is subject to the investigatory and enforcement powers of the Federal Trade Commission (“FTC”).
In compliance with the Privacy Shield Principles, Herman Miller commits to resolve complaints about your privacy and our collection or use of your personal information. European Union citizens with inquiries or complaints regarding this Privacy Notice should first contact Herman Miller at firstname.lastname@example.org. Herman Miller has further committed to:
For Non-Human Resources Data, refer unresolved complaints to the EU-US Privacy Shield Principles BBB EU PRIVACY SHIELD, a non-profit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information and to file a complaint.
For Human Resources Data, we have committed to participate in the dispute resolution procedures of the EU Data Protection Authorities (DPA’s). For information on how to contact your jurisdiction’s DPA, visit http://ec.europa.eu/justice/data-protection/article-29/structure/data-protection-authorities/index_en.htm. Herman Miller will cooperate with the appropriate EU DPAs during investigation and resolution of complaints concerning human recourses data.
Please also note that if your complaint is not resolved through these channels, under limited circumstances, a binding arbitration option may be available before a Privacy Shield Panel.
Under the Privacy Shield frameworks, Herman Miller is responsible for the processing of personal data it receives as well as any such data that it provides to its Third party service providers and/or agents. Any personal information received under the Privacy Shield that we transfer to a third party must also comply with our Privacy Shield obligations, and we will be liable under the Privacy Shield for any failure to do so by the third party unless we prove that we are not responsible for the event giving rise to the damage.