California Vendor Privacy Statement
Last Updated: August 4, 2023
This notice is being provided to you in connection with the California Consumer Privacy Act (or CCPA). This notice describes the purposes for which Qurate Retail Group (or "QRG") uses personal information and the kinds of personal information that QRG may collect and use about California vendors.
QRG is a group of companies that are owned by Qurate Retail, Inc. Companies in the Qurate Retail Group include HSN, QVC, Cornerstone Brands and any other company that may become affiliated with QRG in the future. QRG companies use personal information in connection with participation in the Qurate Retail Group and in connection with QRG's direct and indirect parent companies.
This California Privacy Statement describes our practices within the last 12 months regarding personal information about people who are consumers under CCPA. This California Privacy Statement does not apply to customer information. If you would like information about customer data, please submit your request through the applicable QRG company website.
This California Privacy Statement does not apply to information that is excluded from the definition of “personal information” under CCPA or to information or activity that is subject to exemptions under CCPA.
We may update our Privacy Statement or this California Privacy Statement from time to time or provide additional notices where required or appropriate.
This California Privacy Statement supplements our other privacy notices and policies and shall govern in the event of a conflict between this California Privacy Statement or other privacy notices and policies.
COLLECTED PERSONAL INFORMATION
Categories of Personal Information. We collect personal information about users of our services who are California consumers including personal information in the following categories:
- Identifiers, such as a real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers
- Personal information records (as described in described in Cal. Civ. Code § 1798.80(e)), such as name, signature, social security number, physical characteristics or description, address, telephone number, driver’s license or state identification card number, employment, employment history, bank account number, credit card number, debit card number, or other financial information, medical information
- Characteristics of protected classifications under California or federal law
- Commercial information, such as records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies
- Internet or other electronic network activity information, such as details about computers, mobile phones, and other devices you use in the performance of work with QRG; use of the Internet, applications and systems.
- Geolocation data and other location information, such as information related to real-time location of drivers who are shipping products for QRG.
- Audio, electronic, visual, thermal, olfactory, or similar information
- Professional or employment-related information, such as information that you disclose on applications or resumes or information that is collected as part of the submission process; wage information; competencies and skills.
- Education information, such degrees, licenses, and certifications earned.
- Sensitive personal information in the following categories:
- Social security, driver’s license or state identification card
- account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account
- racial or ethnic origin, religious or philosophical beliefs
- personal information collected and analyzed concerning a consumer’s health
- Inferences drawn from any of the categories of information identified above
Retention. We retain personal information and sensitive personal information in the categories above pursuant to our retention schedule, which is based on the purposes for which we collect and process the information, legal and regulatory requirements, and our legitimate business purposes.
SOURCES OF PERSONAL INFORMATION. We collect personal information from different sources, including:
Personal information we collect from you. We collect personal information that you provide directly to us. Personal information we collect in this way includes your identifiers, personal information records, characteristics of protected classifications, commercial information, audio, electronic, visual, thermal, olfactory or similar information, professional or employment-related information, non-public education information, and all categories of sensitive personal information with the exception of precise geolocation.
Personal information we collect from other people. We collect some personal information about you from other people such as references. Typically, personal information we collect in this way may include your identifiers, personal information records, commercial information, and employment information.
Personal information we collect automatically. We collect some personal information automatically when you use our services, such as browsing and use information; information about devices that you use to access our services; and information collected through cookies, pixels, and similar technology. The categories of personal information collected automatically include identifiers, commercial information, internet or other electronic network activity information, geolocation data, and audio, electronic, visual, thermal, olfactory or similar information.
Personal information we create. We create some personal information when you use our services or in the operation of our business. This includes information that may be categorized as identifiers, commercial information, internet or other electronic network activity information, and inferences.
Personal information we collect from other companies. We collect personal information from other companies, including advertising networks, internet service providers, data analytics providers, government entities, operating systems and platforms, and social networks. The categories of personal information we collect from these types of sources may include any category of personal information listed above.
PURPOSES FOR COLLECTING, SELLING, OR SHARING PERSONAL INFORMATION.
We collect, use, sell or share personal information for the following business or commercial purposes:
- Performing services, such as:
- Account provision and maintenance, including creating and managing your account with us; providing support; verifying account information; and providing other services in the course of our business operations
- Product and services sales and fulfillment, including purchase and sale of products and services; processing and shipping orders to you or to recipients you designate; managing returns; processing refunds; managing warranties
- Support services and communications, including responding to requests, comments, or questions through email, text message, telephone calls, postal mail, chat functions; maintaining user forms and product review capabilities; reviewing recorded calls or content of other communications for quality or support service purposes; responding to requests for information and taking action that may be requested under CCPA
- Payment-related activities, including processing payments, checking creditworthiness, evaluating payment options
- Providing technology to enable use and operation of services; providing storage
- Conducting QRG's business, such as operating QRG's broadcast, e-commerce and other retail activities.
- Financial reporting and forecasting.
- Managing resources, schedule and assignment planning; notice of schedule changes or emergency closures; notice of new available opportunities; analytics.
- Managing locations where QRG operates, including providing and monitoring access to QRG’s locations.
- Managing systems and information that QRG uses in its business, including provisioning, managing, and monitoring the applications and systems QRG uses for its operations.
- Maintaining and improving services and user experience, including:
- Creating and updating applications, websites, and other features or functionality that we use
- Debugging to identify and repair errors that may affect how the services function
- Engaging in analytics related to improving services or user experience
- Product safety or quality activities
- Fraud prevention and information security, including:
- Measures to verify identity when an account is used for ordering or when the account is otherwise accessed
- Helping to ensure security and integrity, including by detecting and responding to fraud or security incidents, including responding to possible or actual threats, acts of misconduct, accidents, or other events that may affect the health, safety, or security of people at QRG's locations, or people working for QRG outside of QRG's locations; responding to possible or actual threats, acts of misconduct, accidents, or other events that may affect the security of QRG's information, systems, applications, trade secrets, property, or other interests.
- Limiting payment fraud
- Protecting against other malicious, deceptive, or illegal activity
- Short-term, transient use permitted under CCPA
- Internal research, including:
- Developing and demonstrating technology
- Conducting research, analytics, surveys, and focus groups to improve customer experiences, develop services and products, provide better marketing and advertising
- Other business purposes for which we provide notice, including:
- Legal obligations, including prosecuting people responsible for fraudulent, malicious, deceptive or illegal activities; defending claims; notifying of product recalls or other issues related to products; enforcing and notifying of our terms and conditions, privacy statement, forum guidelines, and other policies and changes to such terms and conditions, privacy statement and other policies; and for records retention purposes
- Undertaking activities to verify or maintain the quality or safety of a service or device that is owned, made, or controlled by us, and to improve, upgrade, or enhance a service or device that is owned, made, or controlled by us
- Any other purposes consistent with our applicable privacy statements
We collect, sell or share sensitive personal information for the following purposes:
- To perform or enable the performance of the services or provide the goods reasonably expected by an average consumer who requests those goods or services, including activities such as:
- Conducting QRG's business, such as operating QRG's broadcast, e-commerce and other retail activities.
- Financial reporting and forecasting.
- Managing resources, schedule and assignment planning; notice of schedule changes or emergency closures; notice of new available opportunities; analytics.
- Managing locations where QRG operates, including providing and monitoring access to QRG’s locations.
- Managing systems and information that QRG uses in its business, including provisioning, managing, and monitoring the applications and systems QRG uses for its operations.
- Helping to ensure security and integrity, including;
- Enabling networks or information systems to detect security incidents that compromise the availability, authenticity, integrity, and confidentiality of stored or transmitted personal information
- Detecting security incidents, resisting malicious, deceptive, fraudulent, or illegal actions and helping to prosecute those responsible for those actions
- Ensuring physical safety of natural persons
- Short-term, transient use permitted under CCPA
- Performing services for our business operations, including maintaining or servicing accounts, providing support services, processing or fulfilling orders and transactions, verifying consumer information, processing payments, providing analytic services, providing storage, or providing similar services for our business operations
- Undertaking activities to verify or maintain the quality or safety of a service or device that is owned, made, made for, or controlled by us, and to improve, upgrade, or enhance a service or device that is owned, made, made for, or controlled by us
We do not use or disclose Sensitive Personal Information for purposes to which the right to limit use and disclosure applies under the CCPA.
SALES OR SHARING OF PERSONAL INFORMATION. We do not sell or share vendor personal information.
DISCLOSURES OF PERSONAL INFORMATION FOR BUSINESS PURPOSES. We disclose personal information that is within the categories in the table below for business purposes. Beside each category of personal information are the categories of service providers and contractors to which such personal information is disclosed for business purposes. Items of sensitive personal information are noted with an asterisk.
| CATEGORIES OF PERSONAL INFORMATION DISCLOSED FOR BUSINESS PURPOSES | CATEGORIES OF SERVICE PROVIDERS AND CONTRACTORS |
| Identifiers |
|
| Personal information records (as described in described in Cal. Civ. Code § 1798.80(e)) |
|
| Characteristics of protected classifications |
|
| Commercial information |
|
| Internet or other electronic network activity information |
|
| Geolocation data |
|
| Audio, electronic, visual, thermal, olfactory, or similar information |
|
| * Social security, driver’s license or state identification card |
|
| * Account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account |
|
| * Racial or ethnic origin, religious or philosophical beliefs |
|
| * Personal information collected and analyzed concerning a consumer’s health |
|
| Inferences |
|
CCPA RIGHTS. Following are rights of California consumers under CCPA. To exercise these rights, please submit a request through the following methods:
Cornerstone Brands: Email VENDOR.PRIVACY@CCSGINC.COM or call 877.822.7024
HSN or QVC: Submit through the form available here or call us at 1-866-376-0280 (Hours - Monday through Saturday 8:00-4:30 pm Eastern)
When submitting, please include which QRG brands you have worked with. Please note that, if you submit a request to know, request to delete or request to correct, you may be asked to provide 2-3 pieces of personal information that we will match against our records to verify your identity.
Please include the following in your request:
- Company name
- Type of vendor
- Vendor ID (if known)
Deletion. A California consumer has the right to request the deletion of personal information we have collected from the consumer, but CCPA permits some personal information to be retained, notwithstanding a consumer’s deletion request.
Correction. Taking into account the nature of personal information and the purposes of processing personal information, a California consumer has the right to request the correction of the consumer’s personal information if it is inaccurate. You can request to correct personal information at the information above, and you can also correct some personal information by updating your information in the vendor portal or reaching out to your vendor contact.
Right to Know. A California consumer has the right to request the disclosure of (1) the categories of personal information we have collected about that consumer; (2) the categories of sources from which that personal information is collected; (3) the business or commercial purpose for collecting, selling or sharing the personal information; (4) the categories of third parties to whom we disclosed personal information; (5) the categories of personal information that we sold, and for each category identified, the categories of third parties to which we sold that particular category of personal information; and (6) the categories of personal information that we sold, and for each category identified, the categories of third parties to which we sold that particular category of personal information.
A California consumer also has the right to request the specific pieces of personal information we have collected about that consumer.
Opt-out of sales or sharing. A California consumer has the right to opt out of sales or sharing of personal information about that consumer. To submit a request to opt out of offline sales and sharing, please use our form available above.
Non-Discrimination. A California consumer has the right that a business shall not discriminate against you because you exercised your rights under CCPA.
Agents. Authorized agents may submit requests on a California consumer's behalf by submitting the request through the same means listed under the rights above. Authorized agents must establish their qualification to act as an agent, and we will still require verification directly from the consumer, unless the authorized agent possesses an appropriate power of attorney.
How to contact us. If you have questions or concerns with respect to how we use personal information, you may call 1-888-345-5788. You may also ask questions about this Privacy Statement by contacting privacy.statement@qvc.com.