EXXON MINING  PRIVACY POLICY

This Privacy Policy explains our privacy practices for customer information we collect, use or disclose through our websites (including through exxonmining.com and other Internet sites, mobile apps, and social media sites, which we will refer to collectively as “Sites”), as well as our customer service interactions with you. In this Privacy Policy, the terms “EXXON MINING,” “we” and “our” refer to EXXON MINING  and all of its subsidiaries with respect to its operations in Canada, unless otherwise indicated. Personal information that you provide when you visit non-Canadian EXXON MINING websites outside of Canada are governed by the privacy policies that are posted on those websites.

This Privacy Policy is incorporated into the Terms of Use for our Sites and into the terms applicable to EXXON MINING members and persons applying for EXXON MINING membership. By using our Sites, by applying for membership, or by using a membership, you are consenting to this Privacy Policy.

  1. EXXON MINING’s Commitment to Privacy

EXXON MINING is committed to protecting the privacy of its customers. We have and will take all necessary measures that protect the privacy of personal information held by us. This Privacy Policy provides you with details regarding:

  • why we collect personal information;
  • what we do with that information;
  • what steps we take to ensure that the information is secure;
  • who you should contact if you have questions or concerns about our policies or practices.

We reserve the right to change this Privacy Policy at any time; however, any changes or additions to Section 4 regarding the reasons we use personal information will not apply to you unless you consent to them. We will alert you that changes have been made by indicating at the top of the Privacy Policy the date that it was last updated.

We encourage you to review our Privacy Policy carefully to make sure that you understand how information that you provide will be used or disclosed.

Children: We do not intend to collect information from children who are under 18 years of age. If you are under 18, please do not provide information on our Sites.

  1. What is personal information?

In general terms, personal information means any information about an identifiable individual. For example, this includes your name, postal and email address, telephone number, credit card number, demographic information and purchasing history.

Personal information does not include aggregate information, such as data about a group or category of products, services or customers, from which individual customer identities have been removed. For example, information about how you use a service may be collected and combined with information about how others use the same service, but no personal information will be included in the resulting data. Likewise, information about the products you purchase may be collected and combined with information about the products purchased by others.

We may also gather aggregate information about how EXXON MINING customers use our Sites. Aggregate information about product purchases helps us understand trends and customer needs, and assists us in the introduction of new products and services.

We may automatically collect some information when you visit our Sites, such as your computer’s network address and operating system, the site from which you linked to us, and the time and date of your visit and purchases. This information is not linked by us to personal information, but rather is only used to compile aggregate information. This information may be collected through the use of cookies (see our “Online privacy practices” in Section 10 below).

  1. When we collect personal information

We only collect such personal information as is strictly necessary for the purposes outlined in Section 4. We collect personal information when you:

  • apply for membership;
  • renew your membership;
  • contact us with questions, inquiries, comments, complaints or requests;
  • sign up for certain products and services (such as discounts, the EXXON MINING referral program and other business services, collectively known as the “EXXON MINING Services”);
  • use our Sites;
  • participate in any of our programs;
  • place orders, make purchases, or seek further information about our products and services;
  • ask us to place you on a “Do Not Email” list so that we can ensure that your wishes are respected.

Please note that EXXON MINING Services may be provided by third-party suppliers. We collect from such third-party suppliers a list of our customers who have signed up for EXXON MINING Services and information about the use our customers make of such EXXON MINING Services (for example, frequency of use and customer feedback).

  1. How we use personal information

As part of our business operations, we hold and use certain personal information pertaining to you in order to process your requests, provide you with EXXON MINING Services, and to understand your needs so that we can serve you better.

Specifically, we may use personal information for the following purposes:

  • Notifying you of recalls or safety issues;
  • Approving you as a member when you apply for membership;
  • Managing the provision of goods, services and privileges to you, including monitoring your membership, to determine your credit status and for fraud detection and identification purposes;
  • Managing invoicing, accounting and information security services related to our transactions with you;
  • Monitoring your satisfaction with our programs, including the Elite Membership program;
  • Protecting against harm to the rights, property or safety of EXXON MINING, its customers, employees, or the public;
  • Internal management purposes, including planning, resource allocation, policy development, quality improvement, monitoring, audit, evaluation and reporting;
  • As described in our “Online privacy practices” in Section 10 below;
  • Managing our “Do Not Email” lists; and
  • Using personal information to create aggregate information as described above in Section 2.

If you ask us to, we will also tell you about news, promotions, special offers and other information from EXXON MINING. You may unsubscribe from these kinds of messages at any time by visiting exxonmining.com and setting your preferences.

  1. When we share personal information

Personal information we collect in accordance with this Privacy Policy may be shared with the EXXON MINING Affiliates, for the purposes listed above, provided that such shared information is required for and is used and disclosed for such purposes only. Personal information may also be disclosed to unaffiliated third parties in connection with the sale, assignment or other transfer of our business, in which case we will require such third parties to adhere to the terms of this Privacy Policy. We will also disclose personal information in accordance with Section 10 below when the information is collected online at our Sites.

From time to time we engage unaffiliated third parties and their affiliates, agents and subcontractors (“Service Providers”) to perform certain technological or administrative services. For example, a Service Provider may be asked to perform credit card processing services, administer a contest or be asked to run a computer program that identifies which of our members purchased a particular product so we can notify those members of special programs regarding the same or similar products. We also may use a Service Provider to host and administer one or more of our Sites, process and store data, and fulfill similar technology-related functions on our behalf. In these circumstances, the personal information that the Service Provider receives is limited to only the personal information held by us that they need in order to render their service to us. The companies that are provided with the personal information are first required to sign an agreement that obligates them to keep the information confidential and secure and prohibits them from using it for unauthorized purposes.

We have engaged Service Providers to provide us with cloud computing services. Cloud computing is the provision of network-based services, located on remote computers, that allow individuals and businesses to use software and hardware operated by third parties. Examples of these services include online file storage, webmail and online business applications. Service Providers have policies and processes in place to ensure that the confidentiality of information in their care is properly safeguarded at all times.

You acknowledge that if Service Providers provide services from other countries, your personal information may be processed and stored in these countries and the governments, courts or law enforcement or regulatory agencies of these jurisdictions may be able to obtain disclosure of your personal information through a lawful order.

We may disclose personal information without your knowledge or consent if a law, regulation, search warrant, subpoena or court order legally authorizes us or requires us to do so. We may also disclose personal information to protect the rights, property or personal safety of EXXON MINING, its customers, employees or other members of the public.

Except as set out above, we do not sell, rent, share or disclose the personal information we hold or make our membership list available to others for a fee without your consent.

  1. How long do we hold personal information?

Personal information is retained only for so long as is necessary for the purposes set out above. When no longer required, we will destroy, erase or de-personalize the personal information. Legal requirements may necessitate our retaining some or all of the personal information we hold for a period of time that is longer than we might otherwise hold it. However, EXXON MINING will restrict access to such information to prevent it from being used except for the fulfillment of these legal requirements.

  1. Accuracy

To ensure that the personal information you provided is accurate, complete and up-to-date, we urge you to provide us with updates regarding such information and to inform us of any errors affecting the personal information we hold. You may update, review or correct your exxonmining.com online account information at any time by accessing your password-protected registration page via the “My Account” area of the Sites.

  1. Security measures

We will continue to keep in place security measures in an effort to protect personal information held by us from unauthorized use, access, disclosure, distribution, loss or alteration. We employ physical, administrative, contractual and technological safeguards to protect personal information, and insist that our Service Providers do the same. We will continue to keep in place security measures in an effort to protect personal information held by us from unauthorized use, access, disclosure, distribution, loss or alteration. We employ physical, administrative, contractual and technological safeguards to protect personal information, and insist that our Service Providers do the same. Please be aware though that, despite these efforts, no security measures are perfect and no systems are impenetrable. Your privacy can be enhanced by taking care to use suitably strong passwords that others cannot guess, that are kept safe by you, and that are not re-used on other sites. Taking steps like avoiding dictionary words or proper names, and adding extra character and punctuation marks can also help protect you. If you believe your password has been compromised, you should change it immediately.

Access to personal information will be restricted to authorized personnel who require the information in order to perform their duties properly. In addition, access will be limited to only that information that is strictly necessary for the performance of those duties. Please also see our “Online privacy practices” in Section 10 below.

We periodically update our policies regarding information security measures in an effort to protect the personal information held by us in the most effective manner possible.

  1. Accessing personal information

Our customers are entitled to access the personal information held by us concerning them. In recognition of the importance we attach to each customer’s personal information, you can only access personal information we hold about you, but not personal information about your spouse or others who may have been issued a membership card on your account. Under limited circumstances, we may give you access to personal information that we hold about others, but only if required or permitted by law (for example, a parent or guardian may, in certain instances, be given access to the personal information of a child or a person who requires a substitute decision maker).

You can access your personal information using “login” at exxonmining.com or completing a written request for such information on a form we provide. We will generally respond to your request for information within thirty (7) days, unless, for reasons beyond our control, a longer response time is necessary, in which case you will be advised accordingly. While our response will generally be provided at no cost, you will be informed in advance of any charges that apply in connection with the information request. Charges may relate to the transcription, reproduction or transmission of personal information held by us.

In very limited circumstances, we may not be able to supply personal information for reasons of a legal nature, including privileged communications between professional and client or a pending judicial proceeding. In each case, we will provide written reasons outlining why your request for access has not been granted.

  1. Online privacy practices

Collection: We may collect personal information online when you visit our Sites as described in Section 3.

In addition, we may collect cookie and Web beacon information when you browse the Sites. Cookies are small files that are stored on your computer, and Web beacons are electronic images that allow us to count visitors visiting certain Web pages, to access cookies, and to analyze whether advertising banners on our site or other sites were effective. At exxonmining.com, we may use cookies and beacons to help optimize your shopping experience, to evaluate use of the Sites, and to support Site analytics and marketing campaigns. In doing so, we may collect technical information such as your IP address, your browser type, the addresses of referring Sites, and your path through the Sites.

Cookies help us to customize our home page for you and to better display pages according to your browser type. While cookies are optional for browsing exxonmining.com, they are required for registering, logging on, purchasing or adding items to your cart. If you wish to purchase items or set up an account on exxonmining.com, you will need to accept a exxonmining.com cookie. (In order to control the ability of website providers to place cookies on your computer, you should consult your browser’s “Options” and “Help” pages to learn how to adjust your settings to suit your privacy preferences.)

Use: We use personal information collected online as described in Section 3 above. In addition, we use personal information:

  • to facilitate and monitor certain features of the Sites that you choose to interact with, such as online forums, feeds and chatrooms;
  • to respond to your questions and concerns and to understand your needs and preferences;
  • to conduct surveys and other research;
  • to provide you with customized Site content and advertising;
  • to fulfill your online orders for products or services and to facilitate product deliveries, pickups and returns;
  • to detect, prevent, or otherwise address fraud, security or technical issues; or
  • to protect against harm to the rights, property or safety of EXXON MINING, its users or the public as required or permitted by law.

Sharing: We share personal information collected online as described in Section 5 above. In addition, we may provide Service Providers and product manufacturers and vendors with certain information that is necessary to fulfill an order you have placed with us. For example, if you pay by credit or debit card, your card number and sales transaction information are passed to the card processor and/or issuer (including their service providers such as fraud verification services). We also may use Service Providers to host and administer the Sites, process and store data, and fulfill other technology related functions on our behalf. However, we only give or permit access to vendors, suppliers and other Service Providers involved in Site administration and the commerce distribution chain the limited information needed to perform their duties and provide you with the products and services you order. We are not responsible for any additional information you provide directly to these parties.

Protection: Personal information we collect on our Sites is stored electronically, and may be combined with other off-line information. Personal information entered on our Sites is encrypted using a security protocol. Account information is accessible online only through the use of a password. To protect the confidentiality of personal information, you must keep your password confidential and not disclose it to any other person. You are responsible for all uses of our Sites by any person using your password. You are advised that, unlike communication within our Sites, we have no control over the privacy of your email communications with us while in transit. We recommend that you do not include confidential, proprietary, personal in emails, including credit card numbers, passwords, prescriptions and other similar information. Also, if other people have access to your email account, they may be able to access your password and obtain personal information about you (such as your credit card information), or change information about your user profile. You should not use an email account operated by your employer because many employers have the legal right to access such email accounts.

Online links to other sites: Through links provided on our Sites, you can link to other sites of third parties who have agreed to offer goods and services to our members. Any personal information you provide on the linked pages is provided directly to that third party and is subject to that third partys’ privacy policy. Except as described above, we are not responsible for the content or privacy and security practices and policies of sites to which we provide links. Links from our Sites to third parties or to other sites are provided for your convenience. We encourage you to learn about their privacy and security practices and policies before providing them with personal information.

  1. Complaint process

If you are not completely satisfied with or wish to submit comments concerning this Privacy Policy or its application by us, we invite you to convey your concerns or suggestions to:

info@exxonmining.com

We will reply as quickly as possible and inform you of the steps, if any, that have been or will be taken in order to address the concern or implement the suggestion.

  1. Choice

If you previously consented to the sharing of the personal information you provided, you can change your mind by:

  • Emailing Customer Service at info@exxonmining.com with ATTENTION: PRIVACY OFFICER in the subject line;
  •  If you wish to unsubscribe from electronic messages providing news, promotions, special offers and other information from EXXON MINING, you may do so at any time by visiting exxonmining.com and setting your Communication Preferences.