PRIVACY POLICY

Mitchell Repair Information Company LLC is part of the Snap-on Incorporated group of companies (“Snap-on Group”), which processes your information. Mitchell Repair Information Company LLC is referred to as “we” in this privacy policy.

The protection of your personal information is an important concern to which we pay special attention.

This privacy policy answers frequently asked questions about the kinds of personal information we collect from you and how it is used.

Please note, the privacy practices set forth in this privacy policy are for Mitchell Repair Information Company LLC only. Other companies within the Snap-on Group may have websites and products that collect and use different personal information. Additionally, if you link to or otherwise visit any other websites, please review the privacy policies posted on those sites.

Should you have any questions or concerns regarding this privacy policy, please contact the data protection manager at: DataProtectionManager@snapon.com.

1. What types of personal information do we gather?

We may collect and process, and have collected and processed in the last 12 months, a range of personal information including:

  • Identifiers: Such as a real name, alias, postal address, telephone number, online identifier, internet protocol address, email address, account name, social security number, driver’s license number, passport number, other state or national identification number(s), your signature, physical characteristics or description, insurance policy number or other similar unique personal identifiers.
  • Commercial Information: Such as transaction and purchase information and history.
  • Financial Information: Such as your bank account number, credit card number, debit card number or any other financial information.
  • Technical and Usage Information: Such as login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and information on other technology on the devices using our websites or products; information about how you use our website, products and services, such as browsing history, search history, or other information on interactions with our websites, applications, products and services. For detailed information on the tracking technologies we us on this website, see How does this website use cookies.
  • Sensory information: Such as audio, electronic, visual and similar information, such as call and video recordings.
  • Geolocation Information: Such as device and internet protocol address location.
  • Inference Information: For example preference profiles drawn from any of the personal information listed above.
  • We do not intend to collect personal information of Children: We do not knowingly collect personal information from children under 16. Our website is not intended for children under 16 years of age. If you are under 16, do not use or provide any information on this website or through any of its features. If you believe we might have any information from or about a child under 16, please contact us at DataProtectionManager@snapon.com.

2. What are the sources of personal information we have gathered?

We collect personal information from a variety of sources, including:

  • From You. You may directly give us personal information when you:
    • Apply for, purchase, register or use our products and services;
    • Receive customer support;
    • Create an account on our website;
    • Subscribe to our publications;
    • Request marketing be sent to you;
    • Enter a competition, promotion or survey;
    • Correspond with us in person at trade shows, events, or otherwise;
    • Give us feedback or provide us other information when you contact us; or
  • From automated technologies or interactions. As you interact with our website or application, we will automatically collect Technical and Usage Information (more fully described in the “What types of personal information do we gather?” Section.) We collect this data by using cookies, server logs and other similar technologies. For detailed information on the technologies we us on this website, see How does this website use cookies.
  • From third parties or publicly available sources. We will receive personal information from various third parties that confirmed they are authorized to share it with us or other public sources, such as:
    • Consumer reporting agencies, credit reference agencies and publicly available databases;
    • Auto repair shops and auto dealers who use our products or services;
    • Our Independent Sales Contractors;
    • Other Snap-on Group companies that you may interact with through other websites, products, services, or social media pages;
    • Search information providers;
    • Advertising networks;
    • Internet service providers;
    • Data Analytics Providers;
    • Operating systems and platforms;
    • Social networks; or
    • Data brokers;

3. How is that personal information used by us?

We may use your personal information in the following ways:

  • Business Uses, such as:
    • Register you as a new customer;
    • Process and deliver your order, manage your subscriptions, or carry out our obligations arising from any other contracts you enter into with us;
    • Manage payments, fees and charges and collect and recover money owed to us;
    • Managing our relationship with you by sending you renewal notices, notifying you of product or service information, asking you to leave a review or take a survey, or enabling you to partake in a prize draw or competition;
    • Fulfil your requests, answer your questions, respond to your comments, and measure how effectively we address your concerns;
    • Analyse and develop new products and services, or make suggestions and recommendations to you about goods and services that may be of interest to you;
    • Enable dealerships to provide you services using our products;
    • Provide customer support; or
    • Fulfil any legal obligations we may have.
  • Monitoring & Recording: to handle any calls, chats or other interactions with us, including by the customer services team. Please be aware that it is our general practice to monitor and in some cases record such interactions for staff training or quality assurance purposes or to retain evidence of a particular transaction or interaction.
  • Mobile Applications: to make available mobile applications, to register on these platforms.
  • Website Experience: for the technical administration of the website; for internal operations; for customer administration; for product surveys; for troubleshooting; for information analysis, information analytics, testing, and research and development purposes; to ensure that content from our site is presented in the most effective manner for you and for your computer; and as part of our efforts to keep our site safe and secure.
  • Protecting our Rights and Property: to protect our rights or property or that of our business partners, franchisees, dealers, suppliers, customers or others when we have reasonable grounds to believe that such rights or property have been or could be affected; to recover debts; to prevent, detect, identify, investigate, respond, and protect against potential or actual claims, liabilities and prohibited behavior or activities.
  • Information for our Business Partners, Dealers and Franchisees: to administer and develop our business relationship with you, the business partner, dealer or franchisee you represent, including sharing information with our group, to enter into or perform a transaction with you, to contact you as part of satisfaction surveys or for market research purposes.
  • Product development: We may use non-identifying and aggregate information to gather information for product management and development. For example, we may tell our sales and marketing staff that X number of individuals visited a certain area on our web site, or that Y number of software licenses were ordered during a particular time period. This aggregate information may also be shared with our affiliates and independent dealers.
  • Marketing: to communicate about, and administer participation in, special events, programs, surveys, contests, sweepstakes, and other offers and promotions; to provide you with information about other goods and services we offer, or offered by others, that are similar to those that you have already purchased or enquired about and to send informational or promotional email messages to you, which you may opt out of receiving as described below.

4. On what legal basis do we gather and use personal information of EU/EEA residents?

We gather and use your personal information for either (i) the performance of a contract to which you are party or in order to take steps at your request prior to entering into a contract, and/or (ii) our legitimate interests and in compliance with your fundamental rights and freedoms and/or (iii) because of a legal obligation.

5. Is my personal information disclosed to third parties?

We may disclose Personal Information with the following categories of third parties:

  • “Service Providers.” We share with our trusted third-party service providers, to facilitate services they provide to us, such as internet services, website hosting, data analytics, payment processing, order fulfilment, information technology and related infrastructure provision, customer service, email delivery, marketing, auditing, background checks, and other services.
  • “Business Partners.” We share with our trusted business partners.

In the preceding 12 months, we disclosed for our operational business purposes the following categories of Personal Information to the following categories of third parties:

Categories of Personal Information Disclosed to Which Categories of Third Parties for Operational Business Purposes
Identifiers Business Partners, Service Providers
Commercial Information Business Partners, Service Providers
Financial Information Service Providers
Technical and Usage Information Service Providers

6. How long will my personal information be kept for?

We will endeavour not to keep your personal information in a form that allows you to be identified for any longer than is reasonably necessary for achieving the permitted purposes. This means that information will be destroyed or erased from our systems or anonymized when it has reached the applicable retention period.

7. Will my personal information be transferred to other countries?

We are a global company and we may process, store and transfer personal information we collect to a country outside your own, provided that certain conditions as set out in the applicable legislation are complied with.

We are party to an information transfer agreement with the members of the Snap-on Group and we will keep that document up to date with current law. For more information on the safeguards in place, please contact DataProtectionManager@snapon.com.

8. What security measures are in place to protect my personal information?

We endeavour to protect the security of your personal information. We will seek to maintain administrative, technical and physical safeguards to protect against loss, misuse or unauthorized access, disclosure, alteration or destruction of your personal information.

Unfortunately, the transmission of information via the internet is not completely secure. Although we endeavour to protect your personal information, we cannot guarantee the security of your personal information transmitted to us or stored on our systems; any transmission is at your own risk. Once we have received your personal information, we will use procedures and security features to try to prevent unauthorised access. These procedures include physical, electronic, and managerial procedures.

9. How do I update or access my personal information?

We ask that you keep your information as up-to-date as possible so you may get the maximum benefit from us.

For questions related to updating or changing your account information, please send a request to CustomerCare@mitchell1.com.

10. What specific rights do I have in relation to my personal information based on my residency?

  • European Union and European Economic Area Residents. Depending on the circumstances, the General Data Protection Regulation “GDPR” may provide you the right to:
    • request access to any personal information we hold about you;
    • object to the processing of your information for direct-marketing purposes;
    • ask to have inaccurate information held about you amended or updated;
    • ask to have your information erased or to restrict processing in certain limited situations;
    • request the porting of your personal information to another organization in control of your personal information; and/or
    • object to any decision that significantly affects you being taken solely by a computer or other automated process.

    If you are a resident of the European Union or European Economic Area that wishes to make a formal request for information we hold about you, you can contact us here. We will respond to your request consistent with the GDPR.

  • California Residents: The California Consumer Privacy Act (“CCPA”) provides California residents specific rights regarding their personal information. You have the right to be free from unlawful discrimination for exercising your rights under the CCPA. This section describes your CCPA rights and explains how to exercise those rights.
    • Access to Specific Information and Data Portability: You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months, including the following:
      • The categories of personal information we collected about you.
      • The categories of sources for the personal information we collected about you.
      • Our business or commercial purpose for collecting that personal information.
      • The categories of Personal Information about you that we shared or disclosed, and, for each, the categories of third parties with whom we shared or to whom we disclosed such Personal Information.
      • The specific pieces of personal information we collected about you (also called a data portability request).
    • Deletion Request Rights: You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies. We do not provide these deletion rights for B2B personal information. We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:
      • Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, or otherwise perform our contract with you.
      • Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
      • Debug products to identify and repair errors that impair existing intended functionality.
      • Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
      • Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
      • Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
      • Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
      • Comply with a legal obligation.
      • Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
    • Exercising Access, Data Portability, and Deletion Rights. To exercise the rights described above, please submit a verifiable consumer request to us by either:
      • Calling us toll-free at 844-972-1285; or
      • Logging a request here.
      • We will verify and respond to your Request to Know or Request to Delete consistent with applicable law, taking into account the type and sensitivity of the Personal Information subject to the request. We may need to call you on the telephone number we have on your purchase record, in order to verify your identity and protect against fraudulent requests. If you make a Request to Delete, we may ask you to confirm your request before we delete your Personal Information.
      • If you are the authorized agent of a consumer, making a Request to Know or a Request to Delete on behalf of the consumer, we will ask you for:
        • proof of your registration with the California Secretary of State to conduct business in California; and
        • proof that the consumer has authorized you to make a Request to Know or a Request to Delete on the consumer’s behalf. This must be a permission signed by the consumer. “Signed” means that the permission has either been physically signed or provided electronically in accordance with the Uniform Electronic Transactions Act, Civil Code 1633.7 et seq.
      • If an authorized agent has not provided us with a power of attorney from the consumer pursuant to Probate Code sections 4000-4465, we may also:
        • require the consumer to provide you with a written permission signed by the consumer to make the request on the consumer’s behalf,
        • verify the identity of the consumer as we would if the consumer were making the request personally, and
      • obtain verification from the consumer that they provided the authorized agent permission to make the request.
    • Other notices for California residents:
      • California “Do Not Track” Disclosure. We do not track our customers over time and across third party websites to provide targeted advertising and therefore generally do not respond to Do Not Track (DNT) signals.
      • Pursuant the CCPA, California residents have the right to opt-out of the sale of their personal information.
      • WE HAVE NOT “SOLD” PERSONAL INFORMATION FOR PURPOSES OF CCPA.
      • If you are a resident of California, under 18, and a registered user of our websites, you may ask us to remove content or information that you have posted by writing to our Data Protection Manager at DataProtectionManager@snapon.com. Please note that your request does not ensure complete or comprehensive removal of the content or information, as, for example, some of your content may have been reposted by another user.
  • Nevada Residents: Nevada residents may request that website operators not sell consumer’s “Covered Information” as defined by Nevada law. WE HAVE NOT “SOLD” COVERED INFORMATION FOR PURPOSES OF NEVADA LAW. If you are a Nevada resident that would like to make a further inquiry regarding the selling your Covered Information, please contact DataProtectionManager@snapon.com.

11. How do I opt out of being contacted for promotional purposes?

You have the right to ask us not to send you marketing communications. We will usually inform you (before collecting the personal information) if we intend to use your personal information for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect personal information. You can also exercise the right to prevent such processing at any time by:

  • Clicking the unsubscribe link in any informational or promotional email that we send you.
  • Contacting CustomerCare@mitchell1.com if you want to modify your subscription, email and contact preferences or if you have questions about removing your name from our subscription lists.
  • Calling our Customer Service Center at 888-724-6742 if you have any questions about changing your contact preference or require assistance in removing your name from our subscription lists.

12. How do we use cookies?

  • What are cookies: Cookies are small text files that are placed on your computer by websites that you visit, and are widely used to make websites work, or work more efficiently.
  • How do I change my cookie settings:
    • Most browsers automatically accept cookies. However, you can prevent cookies from being stored on your computer or device by setting your browser to not accept cookies. The exact instructions for this can be found in the manual for your browser. You can delete cookies already on your computer or device at any time. If you choose to set your browser settings so cookies are not accepted, then you can still visit our website, apps and online services, however doing so may affect your use of some parts of our web services, apps and online services and reduce availability of the services provided by our website, apps and online services.
    • To opt out of being tracked by Google Analytics across all websites, visit http://tools.google.com/dlpage/gaoptout.
  • How does this website use cookies: The table below explains the cookies we use and why.
SITE Cookie Purpose Expiry
www.m1socialcrm.com M1SocialCRM Store information about your preferences 1 month
aui.mitchell1.com RememberMe Indicates user has previously checked a box 365 Days
aui.mitchell1.com RememberMeUsername Customer convenience, stores username 365 Days
profilemanager.mitchell1.com profilemanager.session Needed for access to various features within Profile Manager; also for navigation between Profile Manager and applications that interact with it 1 month
www*.prodemand.com
www*.shopkeypro.com
truck*.prodemand.com
sun*.collisiontechdata.com
pdoap*.oaprepair.com
ActiveSubDomain Needed for smooth navigation between main page and landing page 1 month
www*.prodemand.com
www*.shopkeypro.com
truck*.prodemand.com
sun*.collisiontechdata.com
pdoap*.oaprepair.com
v2.{appId}.sessionTicket Needed to gain access to the application and various features within it 1 month
www*.prodemand.com
www*.shopkeypro.com
truck*.prodemand.com
sun*.collisiontechdata.com
pdoap*.oaprepair.com
{appId}.logout Needed to correctly track the difference between a logout and a closed browser window 1 month
Deleted at next login
www*.prodemand.com
www*.shopkeypro.com
truck*.prodemand.com
sun*.collisiontechdata.com
pdoap*.oaprepair.com
v2._PdControllerTempData Needed to communicate initialization data from the landing page to the main application 1 month
Deleted when main application page is opened
mitchell1.com PHPSESSID PHP Session cookie (indicates start of browsing session) At the end of each session
mitchell1.com TS01baa7ac Site Domain stats and valuation At the end of each session
mitchell1.com _fbp Facebook targeting, advertising 3 months
mitchell1.com _ga Google site analytics 2 years
mitchell1.com _gat Google site analytics 10 minutes
mitchell1.com _gat_UA-35975993-1 Google targeting, advertising 1 minute
mitchell1.com _gcl_au Google AdSense  targeting, advertising 1 year
mitchell1.com _gid Google site analytics 1 day
mitchell1.com g1_preheader_open_on_startup Tracks details about the session At the end of each session
mitchell1.com wp32549 Blocks administrative login with bad cookie 1 year

13. Who should I contact with concerns or questions about this Privacy Policy or applicable data protection legislation?

If you have concerns or questions about this Privacy Policy or you believe that the applicable data protection legislation or this policy has not been followed, then you should raise the matter with our Data Protection Manager at DataProtectionManager@snapon.com.

If you are a citizen of the European Union or European Economic Area, you may make a complaint at any time to the applicable supervisory authority for data protection issues. We have appointed a data protection manager who is responsible for addressing any reported data protection issues related to GDPR, and we would like the opportunity to respond to your concerns before you approach a supervisory authority so please feel free to contact the data protection manager at DataProtectionManager@snapon.com.

14. Modifications to this Privacy Statement

We reserve the right to modify this Privacy Policy at any time and without prior notice, subject to applicable legal requirements to notify you or obtain your consent. We will post any changes on our website so please check regularly for the most recent version of our Privacy Policy. This version is dated August 17, 2020.

15. Links

This site contains links to other sites. Please be aware that we are not responsible for the content or privacy practices of those sites, and our Privacy Policy does not apply to information collected from you by those sites. We encourage you to read the privacy statements of each site that collects information from you. When you are leaving our site via a link to interact with a site that is not governed by our Privacy Policy, a new browser window will open. If your interaction with our site will require sending your information to a third-party site that is not governed by our privacy policy, we will clearly inform you before your information is sent.