Werner Enterprises

privacy policy

Werner Enterprises is a transportation and logistics leader, with more than 8,000 trucks, 24,000 trailers and nearly 13,000 employees.

Privacy Policy

Effective: September 1, 2020

Last Updated: July 30, 2021

Your privacy is important to Werner Enterprises, Inc. (referenced within this Privacy Policy as “Werner,” “we,” “us,” or “our”). We developed this Privacy Policy to provide you with information concerning our personal data collection and usage through services provided to customers through Werner’s Final Mile division (“Services”). This Privacy Policy exclusively governs our privacy and security practices concerning Personal Data (as that term is defined herein) which is provided to Werner by a customer pursuant to our Services. For the avoidance of doubt, this Privacy Policy does not govern Personal data collected through use or visits to our sites or use of our apps (collectively, “Site” or “Sites”), even if the Sites contain information about Services.

Personal data” is information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household. “You” and “your” refer to specifically refers to the person reading this Privacy Policy, which may include Werner customers.

I. PERSONAL DATA COLLECTED, PROCESSED, AND DISCLOSED BY WERNER (INCLUDING SOURCES, PURPOSES, AND THIRD-PARTY RECIPIENTS)

The table below includes the categories of personal data that Werner has collected within the last twelve (12) months through the provision of the Services, as well as categories of personal data Werner currently collects or reasonably anticipates collecting moving forward. For each category of personal data, the table also identifies: (1) the sources from which such categories of personal data have been or may be collected; (2) the business or commercial purposes for which such categories of personal data have been or may be collected; and (3) the categories of third parties with which Werner has shared or may share such categories of personal data.

CATEGORIES OF PERSONAL DATA COLLECTED

IDENTIFIERS
(e.g., information regarding your name, unique personal identifier, postal address, phone number, or email address)

and

PERSONAL INFORMATION CATEGORIES IN CALIFORNIA CUSTOMER RECORDS STATUTE (Cal. Civ. Code § 1798.80(e))
(e.g., information regarding your name, postal address, unique personal identifier, or phone number)

SOURCES, PURPOSES, AND THIRD-PARTY RECIPIENTS

SOURCES
(i.e., categories of sources from which such personal data was or may be collected)

  • Potential and actual customers
  • Services used to monitor the use of our premises, equipment, devices, computers, network, application, and similar resources
  • Invoicing and accounting vendors
  • Website analytics service providers
  • Data and backup service providers
  • Other service providers
  • Governmental entities

PURPOSES
(i.e., business or commercial purposes for which such personal data was or may be collected)

  • Providing products, transportation, and logistics solutions, requested information, and support
  • Process orders, shipments, and Final Mile deliveries to consumers
  • Business management, analysis, and reporting
  • Performing our obligations and enforcing our rights arising from contracts, including for billing and collections
  • Conducting investigations to detect and prevent malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for such activity
  • Protecting our legal interests and meeting our legal obligations (e.g., Responding to law enforcement requests and as required by applicable laws, court orders, or governmental regulations

THIRD-PARTY RECIPIENTS
(i.e., categories of third parties with which Werner has shared or may share such personal data for a business or commercial reason)

  • Our customers
  • Our independent contractors and subcontractors
  • Third parties involved in an actual or potential merger, acquisition, or other reorganization
  • Governmental entities
  • Litigants, court personnel, and providers of litigation-related services

A. NO SALE OF PERSONAL DATA

Werner has not sold personal data for any business or commercial purpose at any point in time during the twelve (12) months prior to the effective date of this Privacy Policy. Werner similarly does not sell any personal data of minors under 16 years of age under any circumstances, including with or without affirmative authorization. Werner does not and will not sell personal data

B. LEGAL GROUNDS FOR COLLECTING AND PROCESSING PERSONAL DATA

CONSENT. The legal ground for processing your personal data that we collect when you provide us with specific permission to do so, is your consent, which you may withdraw at any time by clicking on any unsubscribe link that we provide or by emailing [email protected]

CONTRACTUAL NECESSITY. We may process your personal data when it is necessary in order to enter into a contract with you or when it is necessary for the performance of a contract to which you are a party (e.g., processing credit card details in order to effect payment).

COMPLIANCE WITH LEGAL OBLIGATIONS. We also may conduct certain personal data processing activities for purposes of meeting our legal obligations in the EU, the U.K., and in EU member states (e.g., our regulatory retention obligations).

VITAL INTERESTS. Under special circumstances (e.g., in connection with natural disasters or emergency situations), we may need to process your personal data in order to protect the vital interests of you or other individuals.

LEGITIMATE INTERESTS. The last legal ground for processing the personal data that we collect for purposes identified in the table above are Werner’s legitimate interests in providing products and services; providing quality support to customers and potential customers; providing customers and potential customers with marketing materials to promote our services and products; providing customers with secure sites for project collaboration and file sharing; maintaining compliance with applicable laws and regulations; and understanding how our customers interact with our products and services so we can enhance the experience and functionality of our products and services.

II. THIRD-PARTY PRIVACY PRACTICES

We cannot and do not control the privacy and security practices of our customers or third-party contractors who may collect personal data pursuant to the performance of the Services. If you are interested in information concerning privacy and security practices any of the customers or third-party contractors, please directly review such party’s privacy policy.

III. CHILDREN’S PRIVACY

Our Services are not directed to individuals under the age of 16. We do not knowingly collect or use any personal data from users under 16 years of age. No personal data should be submitted by individuals under 16 years of age. If we learn that we have collected personal data from someone under 16, we will take steps to delete the personal data as soon as possible.

IV. RETENTION OF PERSONAL DATA

Werner will retain your personal data for the time period necessary to fulfill the purposes for which your personal data was originally collected or received and to meet our legal obligations

V. PROTECTING YOUR PERSONAL DATA

We implement technical and organizational measures designed to assist in maintaining the security and confidentiality of personal data; safeguarding against anticipated threats to the confidentiality, integrity, and availability of personal data; and protecting your personal data against accidental or unlawful destruction, loss, alteration, and unauthorized access or disclosure.

However, whenever personal data is processed, there is a risk that such data could be lost, misused, modified, hacked, breached, and/or otherwise accessed by an unauthorized third party. No system or online transmission of data is completely secure. In addition to the technical and organizational measures that we have in place to protect your personal data, you should use appropriate security measures to protect your personal data. If you believe that any personal data you provided to us is no longer secure, please notify us immediately at [email protected]

VI. YOUR PRIVACY RIGHTS, INCLUDING CALIFORNIA EUROPEAN PRIVACY RIGHTS


A. CALIFORNIA PRIVACY RIGHTS

California residents have certain rights under California privacy law, including but not limited to the California Consumer Privacy Act (“CCPA”), which gives California residents (“consumers” or “you”) certain rights and control over their personal data. Terms used in this Section, but not otherwise defined, will have the same meaning as those terms in the CCPA.

This section of our Privacy Policy applies solely to Site visitors, users, and other persons whose personal data we collect and/or maintain who reside in the State of California.

The following are the rights provided by the CCPA to California residents:1 First, you have the right to request that we disclose information about the personal information we collect, use, disclose and/or sell concerning you. Second, you have the right to request the deletion of personal information we have collected or maintain about you, subject to any exceptions set forth in the CCPA or related regulations. Third, you have the right to direct any business that sells your personal data not to sell your personal data. Fourth, you have the right to not receive discriminatory treatment for exercising your rights under the CCPA.

Additionally, under California’s “Privacy Rights for California Minors in the Digital World” law, California residents under the age of 18 have the right to request removal of certain content that such persons have publicly posted on our Sites. There may be circumstances under which the law does not require or permit removal even if requested. Additionally, complete or comprehensive removal of content or information posted on our Sites cannot be ensured. If you are a California resident under the age of 18 who seeks removal of any personal data, please submit your request using via email to [email protected], another method set forth in this Privacy Policy.

B. OTHER PRIVACY RIGHTS

If you are located outside of California, you may have privacy rights under your local laws.

C. EXERCISING PRIVACY RIGHTS

___________________________________

1 California residents that are also Werner employees or independent contractors receive separate rights under the CCPA, as set forth in the California Employee and Contractor Privacy Notice covering the personal data that Werner collects and uses within the context of their roles as employees or contractors. Questions related to the California Employee and Contractor Privacy Notice may be emailed to: [email protected]

In this section, we provide an explanation of our process for permitting individuals to exercise any privacy rights to which they are entitled by law, for designating an authorized agent, and for verifying the identity of individuals who submit privacy right requests.

1. SUBMITTING REQUESTS TO EXERCISE PRIVACY RIGHTS

To exercise your rights described in this Privacy Policy, please submit a verifiable consumer request to us through one of the following methods:

  • SPECIAL PROCESS FOR DELETION REQUESTS: To help ensure that none of your information is inappropriately deleted, we utilize a two-step process for requests to delete personal data. First, you must submit a clear request to delete. Second, we contact you separately, and you must confirm to us that you do, in fact, want your personal data deleted.
  • SUBMISSION CONTENTS: Requests to exercise your privacy right(s) should include the following information:
    • Your name;
    • The country in which you currently reside, and if in the United States, the state in which you currently reside;
    • Which privacy right(s) you are exercising;
    • Details that will assist us in responding to your request, including:
      • If you are exercising access rights, the information to which you are requesting access;
      • If you are exercising deletion rights, the information for which you are requesting ‘deletion;
      • Any other relevant information about your personal data and/or the right you are exercising; and
      • A phone number and/or email address at which we can reach you.

2. DESIGNATING AN AUTHORIZED AGENT TO MAKE A REQUEST

Only you or a person that you authorize to act on your behalf may make a verifiable consumer request related to your personal data. If desired, you may designate an authorized agent to make a verifiable consumer request on your behalf by submitting such request to us via email at [email protected] with “Request for Authorized Agent” in the subject line. Before taking action in response to such a request, we will require your authorized agent to verify his/her authority and identity.

3. VERIFICATION OF REQUESTS

Before responding to your request to exercise your rights, we will verify your identity through reasonable verification measures. If we have a password-protected account with you, we may verify your identity through our existing authentication practices for your account. If you are requesting the disclosure or

deletion of personal data, we will require you to re-authenticate yourself before disclosing or deleting your personal data.

Our verification processes also may include requiring you to provide answers to questions pertaining to the information we have on file for you (e.g., your account number); requesting confirmation of the request using the your email address on file; or calling the phone number we have on file for you to confirm the request.

If we cannot verify your identity based on information we already have, we may request additional information from you. If this is necessary, we will only use the additional information for purposes of verifying your identity and for and fraud-prevention. And if we are unable to reasonably verify your identity (and thus unable to comply with your request), we will advise you why that is the case.

4. DISABILITY ASSISTANCE

We are committed to ensuring that this Privacy Policy is accessible to everyone. Individuals with difficulty accessing information in this Privacy Policy are encouraged to contact us by email at [email protected] or by calling us at 1-800-228-2240 to access the notice in another format.

VII. THIRD-PARTY MARKETING

We do not disclose personal data to third parties for their direct marketing use.

VIII. CROSS-BORDER TRANSFERS OF PERSONAL DATA

When we receive your personal data, your personal data may be stored on servers in the United States, or Mexico. If you are located outside the United States, your personal data may be transferred to us in the United States. The data protection and privacy laws of the United States may not be as comprehensive as the laws in your country. For example, personal data transferred to the United States may be subject to lawful access requests by federal and state authorities in the United States. Any transfers of personal data from the European Union or the United Kingdom are made pursuant to European Commission-approved Standard Contractual Clauses, which are available at the following link.

IX. DATA CONTROLLER

Werner, headquartered at 14507 Frontier Road, Omaha, NE 68138, is the controller of personal data that is used by Werner for a business purposes and is either received directly from Werner’s customers, applicants, and other Site Users, or collected by or on behalf of Werner (e.g., through our Sites).

  • If your personal data is controlled by Werner, you may contact us by mail at Werner Enterprises, Inc., Attention: Associate Corporate Counsel, 14507 Frontier Road, Omaha, NE 68138, or by email at [email protected]

If your personal data was collected by or on behalf of one of Werner’s customers, then such personal data collection and usage is controlled by that customer, with Werner assisting such customer as a service provider (i.e., processor).

  • If your personal data is controlled by one of Werner’s customers, you should review the customer’s privacy policy, and you may contact the customer directly with any questions.

X. PRIVACY POLICY UPDATES

We will update this Privacy Policy at least once every twelve (12) months. We also may update this Privacy Policy from time to time as we add new services or offerings; as we improve our current services and offerings; and as technologies and laws change. It is our policy to post any changes we make to our Privacy Policy on our Sites. Any changes will become effective upon our posting of the revised Privacy Policy on the Sites. The date this Privacy Policy became effective is identified at the top of the first page. If we make material changes to how we treat the personal data that falls within the scope of this Privacy Policy, we will notify you by email or through a prominent notice on the homepage of our Site.

XI. HOW TO CONTACT US

If you have any questions about this privacy policy or our privacy practices, any complaints, or any need for assistance relating to your personal data, you may contact us via email at [email protected] or by writing to us at the following address: Werner Enterprises, Inc., Attention: Associate Corporate Counsel, 14507 Frontier Road, Omaha, NE 68138.