PRIVACY NOTICE

Last Updated: January 13, 2023

Central Garden & Pet Company and its affiliated entities (collectively, “Central”, “we”, “us,” “our”) are committed to protecting individual privacy and maintaining the trust of our customers (“Customers”) and visitors to our websites (collectively, “Visitors”). It is important to us that we provide transparency regarding our collection, use, and disclosure of your personal data. This includes information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual or household. We refer to this information interchangeably as “Personal Data” or “Personal Information” throughout this policy.

To help us meet our commitment to you, we have created this Privacy Notice (“Privacy Notice”). This Privacy Notice governs data protection matters across our suite of products (collectively, the “Central Products” or “Products”), including data provided by Visitors to the websites we control and that link to this Privacy Notice (“Central Sites”). This Privacy Notice, along with our Terms of Use, form an integral and binding part of our relationship with you.

1.   What Does This Privacy Notice Apply to?

This Privacy Notice describes how we use, share, and protect the Personal Data of Customers and Visitors who visit the Central Sites. It also describes the rights and choices regarding use, access to, and correction of Personal Data available.

2.  What Information Do We Collect and Why?

We may collect Personal Data in various ways, such as when you: enter into a transaction or contractual arrangement with us; participate in our programs or activities; provide data at industry events and trade shows; visit our facilities or we visit you at your offices; contact our customer service; or in connection with your inquiries and communications with us. We may also collect or purchase Personal Data from other sources, including Customers, data companies, publicly accessible databases, and joint marketing partners.

We have created the following table to help you understand the categories of Personal Data that we are responsible for and process as a data controller:

Categories of Data Subjects:	Categories of Personal Data:	Why We Collect It – Our Purposes and Legal Bases
Customers	Contact Information such as email address, phone number, address Personal Identifiers such as first and last name Marketing Preferences and Customer Service Interactions such as marketing preferences; responses to voluntary surveys Operational Data such as transactions, sales, purchases, vendor information, credentials to online services and platforms, payment information, and electronic content produced by individuals using company systems Internet or Other Network Activity such as device identifiers, browsing history, search history, and information regarding your interactions with our websites.	Communicate with Customers for the purpose of our contractual relationships or for our legitimate interests. Provide you with the Products and services that you have requested. Fulfill your orders and/or complete the transactions you request. Process your payments. Provide you with receipts, invoices, and order updates. Send notifications to you related to your account, purchases, returns, and exchanges. Respond to and/or follow-up on your requests, inquiries, issues, or feedback, and to provide customer service. Operate our business for the purpose of our contractual relationships or for our legitimate interests. Provide Products and information of interest to you with your consent, where applicable, or where we have a legitimate interest. Engage with you as a business relation with your consent when we have a contractual relationship or for our legitimate interests. Detect, investigate, prevent, or take action regarding possible malicious, deceptive, fraudulent, or illegal activity, including fraudulent transactions. Support core business functions, including to maintain records related to business process management, loss and fraud prevention. To comply with our legal, regulatory, government, or other corporate governance requirements and requests. Analyzing and improving our business and operational processes. Conduct research and analytics, including to improve our services and product offerings; to understand how you interact with our websites. To protect the rights and property of Central Garden, employees, or the public, as required or permitted by law.
Prospective Customers	Contact Information such as email address, phone number, address Personal Identifiers such as first and last name Marketing Preferences and Customer Service Interactions such as marketing preferences; responses to voluntary surveys Internet or Other Network Activity such as device identifiers, browsing history, search history, and information regarding your interactions with our websites.	Send marketing, advertising, and promotional communications by email or other electronic forms of communication. Show you advertisements for products and/or services tailored to your interests on social media and other websites. For marketing purposes, such as re-engaging with prospective Customers who have expressed an interest in our products. Conduct research and analytics, including to improve our services and product offerings; to understand how you interact with our websites. Detect, investigate, prevent, or take action regarding possible malicious, deceptive, fraudulent, or illegal activity, including fraudulent transactions. Support core business functions, including to maintain records related to business process management, loss and fraud prevention. Responding to your inquiries, for example, when you send us questions, suggestions, compliments or complaints, or when you request further information about our Products. Provide you with our newsletter and/or other marketing materials and facilitate social sharing with your consent, where applicable, or where we have a legitimate interest.
Vendors	Contact Information such as email address, phone number, address Personal Identifiers such as first and last name Employment Information such as company and job title	Communicate with Vendors for the purpose of our contractual relationships or for our legitimate interests. Operate our business for the purpose of our contractual relationships or for our legitimate interests. Manage our business to comply with our legal obligations, or when we have a legitimate interest.
Job Applicants	Contact Information such as email address, phone number, address Personal Identifiers such as first and last name Education Information such as schools you have attended and degrees you have received Employment Information such companies you have worked for, titles and roles you have held Equal Opportunities and Demographic Information such as age, gender, race, ethnicity Medical Information such as any information relevant to any request by you for accommodations as a result of an underlying medical condition or disability Pre-Employment Check Information such as right to work checks and related documents, medical test results and criminal records information	Identifying and evaluating job applicants, including assessing skills and qualifications. Using your information to inform you about and consider you for other positions that may be appropriate for you, in addition to using your information for the position for which you have applied. Verifying your information and carrying out background and reference checks, where applicable, subject to your consent where required by applicable law. Communicating with you about the recruitment process and your application. Keeping records related to our recruitment and hiring processes. To comply with our legal, regulatory, government, or other corporate governance requirements and requests. To monitor equality of opportunity and diversity in our recruitment and hiring processes.

3.  Cookies and Tracking Data

We and our third-party service providers (such as advertising and analytics providers) use cookies, web beacons, clear GIF, pixels, internet tags, and other similar tracking technologies (collectively, “tracking technologies”) to gather information when you interact with our websites and email communications. Some tracking technologies help us maintain the security of our websites and your account, prevent crashes, fix bugs, save your preferences, and assist with basic site functions. These tracking technologies are “required” because we need them for the websites to work properly. We don’t provide the option to opt-out of these tracking technologies, but you can remove these “required” tracking technologies by modifying your browser settings. Please note, some features of our websites may not be available to you as a result. You can read more about our Cookie Policy here.

We permit third-parties to use tracking technologies on our websites for analytics to understand how visitors interact with our websites. For example, we use Google Analytics to evaluate website traffic and usage data to help us improve our products and services. For more information about how Google collects and processes data visit https://policies.google.com/technologies/partner-sites. For more information about how to opt out of having your information used by Google Analytics, visit https://tools.google.com/dlpage/gaoptout/, and for Adobe please visit https://www.adobe.com/privacy/opt-out.html.

We also permit third-parties to use tracking technologies on our websites for advertising, including to help manage and display advertisements, to tailor advertisements to your interests, or to send abandoned shopping cart reminders (depending on your communication preferences). The third-parties use their technology to provide advertising about products and services tailored to your interests which may appear either on our websites or on other websites. This is sometimes referred to as third-party behavioral advertising.

4.  How We Collect Personal Data

We collect Personal Data about you from various sources. For example, we collect and obtain information:

Directly from you

We collect Personal Data that you voluntarily submit to us, such as when you register for an account or create a profile or contact us.

We collect Personal Data you provide, such as when you make a purchase, register for an account or create a profile, contact us, respond to a survey, apply for a job, or sign up to receive emails, text messages, and/or postal mailings.

Using cookies and other automatic data collection technologies

When you visit our websites, open or click on emails we send you, or interact with our advertisements, we or third-parties we work with automatically collect certain information using technologies such as cookies, web beacons, clear GIF, pixels, internet tags, web server logs, and other data collection tools. For more information, please see “Cookies and Similar Tracking Technologies” section below.

From our Third-Party Partners

We obtain information from third-parties partners and other third-parties we choose to collaborate or work with. For example, if you have given Central Garden permission to store your Payment Information, your credit card issuer may provide us with updated Payment Information (including credit card number and expiration date) in connection with the credit card issuer’s account updater service.

From social media

If you interact with us on social media in connection with Central Garden, we collect information that you share with us, or that the social media platforms share with us. For more information about the privacy practices of those social media platforms, please review the privacy policies and settings of the social media platforms and networks that you use.

From other sources

For example, we may obtain information about you from other sources, such as data analytics providers, marketing or advertising service providers, fraud prevention service providers, vendors that provide services on our behalf, or publicly available sources. We also create information based on our analysis of the information we have collected from you.

5. What Are Our Legal Bases for Processing Personal Data?

We collect and process Personal Data about you only where we have a legal basis for doing so. Our legal bases for processing Personal Data are dependent on the purpose and context of the processing activity.

Our legal bases include:

a.  Legitimate Interests (Customer Data)

We process Customer Data to further our own legitimate interests, which may include:

1. providing our Customers with our Products;
2. continuously improving, customizing, and personalizing our Products;
3. taking measures to protect against fraud, spam, and abuse; and/or
4. aggregating and/or anonymizing Customer Data, so that they will no longer be considered Personal Data. We do so to generate other data for our use, which we may use and disclose for any purpose. We will engage in this activity because we have a legitimate interest.

b.  Consent (Customer Data)

We obtain consent to send marketing communications to our potential Customers and leads. Where you have provided your consent to receive marketing communications from us, you can withdraw your consent at any time by clicking on an unsubscribe link in each marketing communication or changing settings in your account, but doing so will not affect the processing that has already taken place.

c.  Contractual Necessity

We process Customer Data based on contractual necessity, which may include providing the Products to our Customers.

d.  Legal Obligation

Central may be required under EU, EU member state or other applicable law to obtain and store certain Personal Data. For example, Central may be required to obtain and store data relating to Customers for reporting purposes.

6. How Do We Use Personal Data?

We may use Personal Data for the following purposes:

1. Providing Products and Services - To provide you with the Products and services you request from us. This includes storing and retrieving Personal Data as needed by our Customers, processing transactions with Customers, and for any other purposes that our Customers request.
2. Communicating with You - We use your Personal Data to communicate with you, such as to send security or maintenance advisories, respond to and/or follow-up on your requests, inquiries, issues or feedback, and to provide customer service.
3. Marketing and Promotional Purposes - We use your Personal Data for marketing and promotional purposes, such as to send marketing, advertising, and promotional communications by email, text message or postal mail (such as trend alerts, promotions, new product launches, and event invitations); to show you advertisements for products and/or services tailored to your interests on social media and other websites; and to administer our sweepstakes, contests, and other similar promotions.
4. Analytics and Personalization - We use personal information to conduct research and analytics, including to improve our product offerings and services; to understand how you interact with our websites, advertisements, and communications with you to determine which of our products or services are the most popular, and to improve our websites and marketing campaigns; to personalize your experience, to save you time when you visit our websites, and to customize the marketing and advertising that we show you; to provide services, to better understand our customers’ needs, and to provide personalized recommendations about our products and services.
5. Job Applicant Screening - If you have consented to Central performing a background check in the employment process, we may also use your government identification number, and/or any other required identifier. The results of such background check will only be used for the purposes you consented to and will be kept strictly confidential. Please note that you are under no obligation to provide us with your government identification number (this is entirely optional) but failing to do so may hinder your ability to be employed by Central. Notwithstanding anything to the contrary in this Privacy Notice, in the event you choose to provide your government identification number, we will not use or disclose it except as necessary for the purpose of running a background check.
6. Security and Fraud Prevention - We use personal information to detect, investigate, prevent, and take action against potential malicious, deceptive, fraudulent, or illegal activity, including attempts to manipulate or violate our policies, procedures, and terms and conditions, security incidents, and harm to the rights or property of Central Garden and our users, employees, or others.
7. Legal Obligations - We use personal information to comply with our legal or regulatory obligations, to establish or exercise our rights, and to defend against a legal claim and to enforce our Terms of Use and any other agreements and as otherwise required or permitted by law.
8. Core Business Functions - We use personal information to support core business functions, including to maintain records related to business process management; loss and fraud prevention, and to collect amounts owing to us; and to provide and maintain the functionality of our websites, including identifying and repairing errors or problems.

7.  How Do We Disclose or Share Personal Data?

We disclose personal information only to the third-parties as indicated below, in addition to any specified disclosures described elsewhere in this Policy:

1. Our Affiliates. We may share your personal information with our business affiliates, including any affiliated companies, subsidiaries, sister companies. Our business affiliates process personal information as our service providers, where necessary to provide the websites, products, and services that you have requested, including to administer our websites, or in other circumstances with your consent or as permitted or required by law
2. Business Partners. We may partner with select retailers and other companies at various times to provide expanded services to our Site visitors. As part of such a relationship, we may share with these companies the use of certain interactive Site functions. Information provided by our Site visitors through the use of such interactive functions may be available to both us and our partners.
3. Service Providers. We may disclose Personal Data to our service providers who perform certain services necessary to run our business (for example, data hosting and development, data analysis, customer service, auditing and other services), provided that these service providers have entered into legally binding agreements with us to protect the Personal Data shared, limit their use of the Personal Data, and assist us with our compliance requirements.

   We share certain personal information with third-parties that perform services to support our core business functions and internal operations including: fulfilling orders, delivering packages, complying with your request for the shipment of products to or the provision of services by a third-party intermediary, sending postal mail, emails and text messages, analyzing customer data, providing marketing assistance, administering our Ratings & Reviews, supporting beacons, processing credit card and debit card payments, investigating fraudulent activity, conducting customer surveys, and providing customer service.

4. Professional Advisors. We may share your personal information with our professional advisors, including legal, accounting, or other consulting services for purposes of audits or to comply with our legal obligations.
5. Third-Party Partners.  We may share your personal information with third-parties that we have partnered with to jointly create and offer a product, service, or joint promotion. If you decide to obtain a product or service that is offered by any of our third-party partners, the personal information that you provide will be shared with us and them. Any use of your information by our third-party partners is not governed by this Privacy Policy, but by the third-party’s own privacy policy.
6. Legal Request. We may disclose Personal Data to comply with applicable law and our regulatory monitoring and reporting obligations (which may include laws outside your country of residence), to respond to requests from public and government authorities (which may include authorities outside your country of residence), to cooperate with law enforcement, or for other legal reasons.
7. Business Transfer. We may disclose Personal Data to a buyer or successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Central’s assets, whether as a going concern or as part of bankruptcy, liquidation, receivership, or similar proceeding in which Personal Data held by Central are among the assets to be transferred.
8. Enforcement of Our or Others' Rights. We may disclose Personal Data to the extent they are necessary to enforce or protect our rights, privacy, safety or property, and/or that of our affiliates, you or others, including enforcing our Terms of Use and any other agreements (such as for billing and collection purposes and fraud prevention).

8.  Children

We do not knowingly collect Personal Data from children under the age of sixteen (16) without authorization by a holder of parental responsibility. If you believe that we may have collected Personal Data from or about a child under the age of sixteen (16) without such authorization, please contact us here.

9.  How Do We Protect Your Personal Data?

At Central we take the protection of your Personal Data seriously. We make every reasonable effort to prevent unauthorized use, disclosure, loss, or theft of your Personal Data. Central employees who have access to your Personal Data are made aware of the importance of keeping it confidential. Where we collect your payment card information, we will comply with all applicable Payment Card Industry Data Security Standards (PCI-DSS).

When we rely on service providers that may require access to your Personal Information, we require them to have adequate privacy and security standards. We use contracts and other legally binding measures with our service providers to maintain the confidentiality and security of your Personal Data, and to prevent such information from being used for any other purpose.

However, no data security measures can guarantee complete security; we also depend on you to take common sense steps to ensure your Personal Information remains secure.

Unfortunately, the transmission of information via the Internet is not completely secure. Although we do our best to protect your Personal Data, we cannot guarantee the security of your Personal Information transmitted to our Platforms. Any transmission of Personal Data is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on our Platforms.

10.  Information for California Consumers

This section of our Privacy Policy is specifically for California residents and explains how we collect, use, and disclose personal information relating to California residents covered by the California Consumer Privacy Act (“CCPA”) and the California Privacy Rights Act (“CPRA”). The CCPA and CPRA define “personal information” as any information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular California resident or household.

Categories of Personal Information We Collect and Our Purposes for Collection and Use

You can find a list of the categories of personal information that we collect in Section 2 above. For details regarding the sources form which we obtain personal information, please see Section 4 above. We collect and use personal information for the business or commercial purposes described in Section 6 above.

Central Garden does not collect any sensitive personal information for any individuals.

Categories of Personal Information Disclosed and Categories of Recipients

We disclose the following categories of personal information for business or commercial purposes to the categories of recipients listed below:

• We share Personal Identifiers and Contact Information with: service providers, third-parties, advertising networks, and social media networks.
• We share Internet or Other Network Activity with: service providers, third-parties, advertising networks, and social media networks.
• We share Marketing Preferences and Customer Service Interactions with: service providers, third-parties, and advertising networks who help administer marketing and personalization.
• We share Operational Data with: service providers and third-parties.

For more information on how your information is shared, please see the “How We Disclose and Share Your Personal Information" section. We may also need to share any of the above categories of information pursuant to reasons described in the “How We Disclose and Share Your Personal Information” section.

Sale of Personal Information / Do Not Sell

Central Garden does not knowingly sell, trade, or rent out personal information for compensation that would constitute a sale under California law, nor have we done so in the preceding 12 months. In the event that Central Garden sells, trades, or rents out personal information that would constitute a sale, Central Garden will provide disclosures in this section of the Policy as well as the option to opt out of the sale of personal information using global privacy controls.

Our use of tracking technologies may be considered a “sale” under California law. You can opt-out of being tracked by these third parties by clicking “Do Not Sell My Personal Information” link at the bottom of our website and selecting your preferences, or by broadcasting the global privacy control signal. Please note that your use of our website may still be tracked by Central Garden and/or our service providers. We do not knowingly sell the personal information of consumers under 16 years of age.

Categories of personal information disclosed that may be considered a “sale” under California law: Personal Identifiers, device information and other unique identifiers, and Internet or Other Network Activity.

Categories of third parties to whom personal information was disclosed that may be considered a “sale” under California law: advertisers and marketing partners, data analytics providers, and social media networks.

Retention of Personal Information

Central Garden retains personal information for only as long as necessary to provide you with access to the websites or until you have made a verifiable request to delete your personal information, unless a longer retention period is required or permitted by law. Please note that in many circumstances we are required to retain all, or a portion, of your personal information to comply with our legal obligations, resolve disputes, enforce our agreements, to protect against fraudulent, deceptive, or illegal activity, or for another one of our business purposes.

The criteria used to determine our retention periods includes, without limitation:

• The length of time we have an ongoing relationship with you and provide the Platform to you;
• Whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them); or
• Whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations).

Your California Rights

California residents are entitled to contact us to request information about whether we have disclosed personal information to third-parties for direct marketing purposes. Currently, Central Garden does not disclose personal information to third-parties for direct marketing purposes. Upon receipt of such a request by a California resident, we will either (1) respond with a confirmation that we have not disclosed any personal information to third-parties in the previous calendar year; or (2) if our practices have changed, we will provide the categories of personal information that has been shared in the past 12 months and categories of third-parties to whom such personal information was disclosed, whichever is relevant.

California residents have the right to:

• Request disclosure of the categories and specific pieces of personal information that Central Garden has collected about you;
• Request disclosure of the categories of third-party sources, if any, from which Central Garden has collected personal information about you;
• Disclosure of the business or commercial purpose(s) for which your personal information has been collected by Central Garden;
• Receive a list of the categories of third-parties with whom Central Garden has shared your personal information;
• Request that Central Garden delete any personal information that it has collected from you (subject to exceptions);
• Request that Central Garden correct any inaccurate personal information held about you;
• Opt out of the sharing or disclosure of your personal information and sensitive personal information to third-parties; and
• Not be discriminated against by Central Garden (e.g., charged different rates, provided different levels of service, denied goods or services, or suggested any of the preceding) for exercising any of the individual rights granted above.

To exercise any of your rights as a California resident, you can submit a request here.

Before complying with your request, we will need to verify that it is you that is making the request. To accomplish this, you may be requested to confirm specific personal information that we already know about you. California residents are limited to two requests for personal information per 12-month period. Only you or an authorized agent may make a verifiable data subject request related to your personal information.

The verifiable data subject request must provide sufficient information to allow us to verify that you (or an authorized agent) are the person about whom we collected personal information. We will not provide you with personal information if we cannot verify your identity and/or authority to make the data subject request and confirm the personal information belongs to you or the represented individual. Making a verifiable data subject request does not require you to create an account with us. We use personal information provided in a verifiable data subject request solely to verify the requestor's identity or authority to make the request.

We will acknowledge receipt of your data request within 10 days. We will respond to a verifiable data subject request within 45 days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period. If you have an account with us, we will deliver our response to the email address for that account. If you do not have an account with us, we will deliver our response by US mail or electronically at the email address in your request, at your option. All disclosures we provide will only cover the 12-month period preceding the verifiable employee request's receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable.

We do not charge a fee to process or respond to your verifiable data subject request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

Right to Non-Discrimination

We do not discriminate against any California residents who exercise any of their rights described in this Policy.

Notice of Financial Incentive

We offer our customers a loyalty program (that provides certain perks, such as rewards and exclusive offers. We may also provide other programs, such as sweepstakes, contest, or other similar promotional campaigns (collectively, the “Loyalty Programs”). When you sign up for one of these Loyalty Programs, we typically ask you to provide your name and contact information (such as email address and/or phone number). Because our Loyalty Programs involve the collection of personal information, they might be interpreted as a “financial incentive” program under California law. The value of your personal information provided to us is related to the value of the free or discounted products or services, or other benefits that you obtain or that are provided as part of the applicable Loyalty Program, less the expense related to offering those products, services, and benefits to Loyalty Program participants.

You may withdraw from participating in a Loyalty Program at any time by contacting us using the designated method set forth in the applicable Loyalty Program rules.

11.  How Long We Retain Your Personal Data

• In general, we retain your Personal Information for only as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. In the event that you make a verifiable request to delete your Personal Information and no exceptions apply, we will no longer retain your Personal Information. Please note that in many circumstances we are required to retain all, or a portion, of your Personal Information to comply with our legal obligations, resolve disputes, enforce our agreements, to protect against fraudulent, deceptive, or illegal activity, or for another one of our business purposes. The length of time we have an ongoing relationship with you and provide the Products to you;
• Whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them); or
• Whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations).

12.  Your Individual Rights under the GDPR

Under the General Data Protection Regulation (“GDPR”) (and subject to any relevant exceptions) you have the right to access, correct, change, delete, restrict, exercise your right to data portability, or object to the processing of Personal Data.

As a Customer residing in, or located in, the EU or EEA, you can exercise your GDPR rights by submitting a request here. We may first request verification of your identity prior to facilitating the exercise of your rights.

You can also elect not to receive marketing communications by changing your preferences in your account, or by following the unsubscribe instructions in each communication..

We will retain Personal Data in order to comply with legal requirements, protect our and others’ rights, resolve disputes, or enforce our legal terms or policies, to the extent permitted under applicable law.

You may also lodge a complaint with an EU/EEA data protection authority for your country or region where you have your habitual residence or place of work or where an alleged infringement of applicable data protection law occurs.

13.  Transfers outside of the EEA

Your Personal Data may be stored and processed in any country where we have facilities or in which we engage service providers, and by visiting our Sites and/or purchasing our Products you understand that your information will be transferred to countries outside of your country of residence, including the United States, which may have data protection rules that are different from those of your country. In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities in those other countries may be entitled to access your Personal Data.

Please note that when your Personal Data are located outside of the EEA, they may be subject to the laws of the country in which they are hosted.

14.  Information for Canada Consumers

The information and rights in this section apply specifically to Canada residents. Central will only collect Personal Information as listed above in Section 2.

Canada consumers have the right to limit collection and disclosure of their Personal Information. For any new purpose, Central will request new consent from you. You may contact us to request information about whether we have disclosed Personal Information to third parties. Currently, Central does not disclose Personal Information to third parties for any purposes. Thus, upon receipt of such a request by a Canada consumer, and as required by Canada law, we will either (1) respond with a confirmation that we have not disclosed any Personal Information to third parties in the previous calendar year, or (2) if our practices have changed, we will provide the categories of Personal Information that has been shared in the past 12 months and categories of third parties to whom such Personal Information was disclosed, whichever is relevant.

Canada consumers have the right to:

• Access all of the Personal Information that Central has collected and/or stored.
• Contact Central with any questions or complaints regarding the Privacy Policy or our privacy practices.
• Limit collection and disclosure of your Personal Information.

To exercise any of your rights as a Canada consumer, please see Section 16 for information on how to reach our Privacy Team who is in charge of maintaining this Privacy Policy.

Before complying with your request, we will need to verify that it is you that is making the request. To accomplish this, you may be requested to (1) confirm specific Personal Information that we already know about you; and/or (2) provide us with appropriate identification and documentation as we request.

Only you or an authorized agent may make a verifiable data subject request related to your Personal Data.

The verifiable data subject request will be asked to provide sufficient information and documentation to allow us to verify that you (or an authorized agent) are the person about whom we collected Personal Data.

We will not provide you with Personal Data if we cannot verify your identity and/or authority to make the data subject request and confirm the Personal Data belongs to you or the represented individual. We use Personal Data provided in a verifiable data subject request solely to verify the requestor's identity or authority to make the request.

15.  Updates to this Privacy Notice

It is our policy to post any changes we make to our Privacy Notice on this page, with a notice that it has been updated on our main homepage. If we make material changes to how we treat your Personal Data, we will notify you through a notice on the homepage. The date that this Privacy Notice was last revised is listed at the top of the page. You are responsible for visiting our site and this Privacy Notice to check for any changes.

16.  Updating Your Information and Contacting Us

If you have any questions or complaints related to our Privacy Policy or practices with respect to the collection, use, or disclosure of Personal Data, or if you would like to update your information, please contact us here.

© 2023 Central Garden & Pet Company