Werner Enterprises is a transportation and logistics leader, with more than 8,000 trucks, 24,000 trailers and nearly 13,000 employees.
Effective: September 1, 2020
Last Updated: July 30, 2021
- PERSONAL DATA COLLECTED, PROCESSED, AND DISCLOSED BY WERNER (INCLUDING SOURCES, PURPOSES, AND THIRD-PARTY RECIPIENTS)
- THIRD-PARTY PRIVACY PRACTICES
- CHILDREN’S PRIVACY
- RETENTION OF PERSONAL DATA
- PROTECTING YOUR PERSONAL DATA
- YOUR PRIVACY RIGHTS, INCLUDING CALIFORNIA AND EUROPEAN PRIVACY RIGHTS
- DO NOT TRACK
- THIRD-PARTY MARKETING
- CROSS-BORDER TRANSFERS OF PERSONAL DATA
- DATA CONTROLLER
- HOW TO CONTACT US
I. PERSONAL DATA COLLECTED, PROCESSED, AND DISCLOSED BY WERNER (INCLUDING SOURCES, PURPOSES, AND THIRD-PARTY RECIPIENTS)
The table below includes the categories of personal data that Werner has collected within the last twelve (12) months through the provision of the Services, as well as categories of personal data Werner currently collects or reasonably anticipates collecting moving forward. For each category of personal data, the table also identifies: (1) the sources from which such categories of personal data have been or may be collected; (2) the business or commercial purposes for which such categories of personal data have been or may be collected; and (3) the categories of third parties with which Werner has shared or may share such categories of personal data.
CATEGORIES OF PERSONAL DATA COLLECTED
(e.g., information regarding your name, unique personal identifier, postal address, phone number, or email address)
PERSONAL INFORMATION CATEGORIES IN CALIFORNIA CUSTOMER RECORDS STATUTE (Cal. Civ. Code § 1798.80(e))
(e.g., information regarding your name, postal address, unique personal identifier, or phone number)
SOURCES, PURPOSES, AND THIRD-PARTY RECIPIENTS
(i.e., categories of sources from which such personal data was or may be collected)
- Potential and actual customers
- Services used to monitor the use of our premises, equipment, devices, computers, network, application, and similar resources
- Invoicing and accounting vendors
- Website analytics service providers
- Data and backup service providers
- Other service providers
- Governmental entities
(i.e., business or commercial purposes for which such personal data was or may be collected)
- Providing products, transportation, and logistics solutions, requested information, and support
- Process orders, shipments, and Final Mile deliveries to consumers
- Business management, analysis, and reporting
- Performing our obligations and enforcing our rights arising from contracts, including for billing and collections
- Conducting investigations to detect and prevent malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for such activity
- Protecting our legal interests and meeting our legal obligations (e.g., Responding to law enforcement requests and as required by applicable laws, court orders, or governmental regulations
(i.e., categories of third parties with which Werner has shared or may share such personal data for a business or commercial reason)
- Our customers
- Our independent contractors and subcontractors
- Third parties involved in an actual or potential merger, acquisition, or other reorganization
- Governmental entities
- Litigants, court personnel, and providers of litigation-related services
A. NO SALE OF PERSONAL DATA
B. LEGAL GROUNDS FOR COLLECTING AND PROCESSING PERSONAL DATA
CONSENT. The legal ground for processing your personal data that we collect when you provide us with specific permission to do so, is your consent, which you may withdraw at any time by clicking on any unsubscribe link that we provide or by emailing [email protected]
CONTRACTUAL NECESSITY. We may process your personal data when it is necessary in order to enter into a contract with you or when it is necessary for the performance of a contract to which you are a party (e.g., processing credit card details in order to effect payment).
COMPLIANCE WITH LEGAL OBLIGATIONS. We also may conduct certain personal data processing activities for purposes of meeting our legal obligations in the EU, the U.K., and in EU member states (e.g., our regulatory retention obligations).
VITAL INTERESTS. Under special circumstances (e.g., in connection with natural disasters or emergency situations), we may need to process your personal data in order to protect the vital interests of you or other individuals.
LEGITIMATE INTERESTS. The last legal ground for processing the personal data that we collect for purposes identified in the table above are Werner’s legitimate interests in providing products and services; providing quality support to customers and potential customers; providing customers and potential customers with marketing materials to promote our services and products; providing customers with secure sites for project collaboration and file sharing; maintaining compliance with applicable laws and regulations; and understanding how our customers interact with our products and services so we can enhance the experience and functionality of our products and services.
II. THIRD-PARTY PRIVACY PRACTICES
III. CHILDREN’S PRIVACY
Our Services are not directed to individuals under the age of 16. We do not knowingly collect or use any personal data from users under 16 years of age. No personal data should be submitted by individuals under 16 years of age. If we learn that we have collected personal data from someone under 16, we will take steps to delete the personal data as soon as possible.
IV. RETENTION OF PERSONAL DATA
Werner will retain your personal data for the time period necessary to fulfill the purposes for which your personal data was originally collected or received and to meet our legal obligations
V. PROTECTING YOUR PERSONAL DATA
We implement technical and organizational measures designed to assist in maintaining the security and confidentiality of personal data; safeguarding against anticipated threats to the confidentiality, integrity, and availability of personal data; and protecting your personal data against accidental or unlawful destruction, loss, alteration, and unauthorized access or disclosure.
However, whenever personal data is processed, there is a risk that such data could be lost, misused, modified, hacked, breached, and/or otherwise accessed by an unauthorized third party. No system or online transmission of data is completely secure. In addition to the technical and organizational measures that we have in place to protect your personal data, you should use appropriate security measures to protect your personal data. If you believe that any personal data you provided to us is no longer secure, please notify us immediately at [email protected]
VI. YOUR PRIVACY RIGHTS, INCLUDING CALIFORNIA EUROPEAN PRIVACY RIGHTS
A. CALIFORNIA PRIVACY RIGHTS
California residents have certain rights under California privacy law, including but not limited to the California Consumer Privacy Act (“CCPA”), which gives California residents (“consumers” or “you”) certain rights and control over their personal data. Terms used in this Section, but not otherwise defined, will have the same meaning as those terms in the CCPA.
The following are the rights provided by the CCPA to California residents:1 First, you have the right to request that we disclose information about the personal information we collect, use, disclose and/or sell concerning you. Second, you have the right to request the deletion of personal information we have collected or maintain about you, subject to any exceptions set forth in the CCPA or related regulations. Third, you have the right to direct any business that sells your personal data not to sell your personal data. Fourth, you have the right to not receive discriminatory treatment for exercising your rights under the CCPA.
B. OTHER PRIVACY RIGHTS
If you are located outside of California, you may have privacy rights under your local laws.
C. EXERCISING PRIVACY RIGHTS
1 California residents that are also Werner employees or independent contractors receive separate rights under the CCPA, as set forth in the California Employee and Contractor Privacy Notice covering the personal data that Werner collects and uses within the context of their roles as employees or contractors. Questions related to the California Employee and Contractor Privacy Notice may be emailed to: [email protected]
In this section, we provide an explanation of our process for permitting individuals to exercise any privacy rights to which they are entitled by law, for designating an authorized agent, and for verifying the identity of individuals who submit privacy right requests.
1. SUBMITTING REQUESTS TO EXERCISE PRIVACY RIGHTS
- SUBMISSION METHODS:
- SPECIAL PROCESS FOR DELETION REQUESTS: To help ensure that none of your information is inappropriately deleted, we utilize a two-step process for requests to delete personal data. First, you must submit a clear request to delete. Second, we contact you separately, and you must confirm to us that you do, in fact, want your personal data deleted.
- SUBMISSION CONTENTS: Requests to exercise your privacy right(s) should include the following information:
- Your name;
- The country in which you currently reside, and if in the United States, the state in which you currently reside;
- Which privacy right(s) you are exercising;
- Details that will assist us in responding to your request, including:
- If you are exercising access rights, the information to which you are requesting access;
- If you are exercising deletion rights, the information for which you are requesting ‘deletion;
- Any other relevant information about your personal data and/or the right you are exercising; and
- A phone number and/or email address at which we can reach you.
2. DESIGNATING AN AUTHORIZED AGENT TO MAKE A REQUEST
Only you or a person that you authorize to act on your behalf may make a verifiable consumer request related to your personal data. If desired, you may designate an authorized agent to make a verifiable consumer request on your behalf by submitting such request to us via email at [email protected] with “Request for Authorized Agent” in the subject line. Before taking action in response to such a request, we will require your authorized agent to verify his/her authority and identity.
3. VERIFICATION OF REQUESTS
Before responding to your request to exercise your rights, we will verify your identity through reasonable verification measures. If we have a password-protected account with you, we may verify your identity through our existing authentication practices for your account. If you are requesting the disclosure or
deletion of personal data, we will require you to re-authenticate yourself before disclosing or deleting your personal data.
Our verification processes also may include requiring you to provide answers to questions pertaining to the information we have on file for you (e.g., your account number); requesting confirmation of the request using the your email address on file; or calling the phone number we have on file for you to confirm the request.
If we cannot verify your identity based on information we already have, we may request additional information from you. If this is necessary, we will only use the additional information for purposes of verifying your identity and for and fraud-prevention. And if we are unable to reasonably verify your identity (and thus unable to comply with your request), we will advise you why that is the case.
4. DISABILITY ASSISTANCE
VII. THIRD-PARTY MARKETING
We do not disclose personal data to third parties for their direct marketing use.
VIII. CROSS-BORDER TRANSFERS OF PERSONAL DATA
When we receive your personal data, your personal data may be stored on servers in the United States, or Mexico. If you are located outside the United States, your personal data may be transferred to us in the United States. The data protection and privacy laws of the United States may not be as comprehensive as the laws in your country. For example, personal data transferred to the United States may be subject to lawful access requests by federal and state authorities in the United States. Any transfers of personal data from the European Union or the United Kingdom are made pursuant to European Commission-approved Standard Contractual Clauses, which are available at the following link.
IX. DATA CONTROLLER
Werner, headquartered at 14507 Frontier Road, Omaha, NE 68138, is the controller of personal data that is used by Werner for a business purposes and is either received directly from Werner’s customers, applicants, and other Site Users, or collected by or on behalf of Werner (e.g., through our Sites).
- If your personal data is controlled by Werner, you may contact us by mail at Werner Enterprises, Inc., Attention: Associate Corporate Counsel, 14507 Frontier Road, Omaha, NE 68138, or by email at [email protected]
If your personal data was collected by or on behalf of one of Werner’s customers, then such personal data collection and usage is controlled by that customer, with Werner assisting such customer as a service provider (i.e., processor).
XI. HOW TO CONTACT US