Last updated: March 2024
Your privacy is important to us. Our policy is to comply with all applicable consumer privacy and data protection laws, including the choices we offer with respect to your personal information or personal data (referred to herein as “personal data”), as defined by applicable laws. This commitment reflects the value we place on earning and keeping the trust of our customers, business partners, and others who disclose their personal data to us.
This Privacy Notice (“Notice”) will provide you with information regarding how Cintas Corporation (together with its relevant subsidiaries, associates, and affiliated companies, “Cintas,” “we,” “us,” or “our”) collects, uses, and discloses information about you, including the choices we offer with respect to that information, relating to the Smart First Aid Cabinets (“Stations”), the Smart First Aid mobile application (“App”) and Smart First Aid web portal (“Web Portal”) (collectively, the “Services”), and any email, text, and other electronic communications sent through the Services. For information on our other data practices, please see our General Privacy Notice.
This Notice is subject to our Terms and Conditions of Use, which are incorporated herein by reference. We encourage you to read this Notice and our Terms and Conditions of Use in full before using our Services. For certain Services, there may be additional notices about information practices and choices. Please read those additional privacy disclosures to understand how they apply to you.
State Specific Rights: For individuals in California, Colorado, Connecticut, Nevada, Virginia, and Utah, please see our specific section that pertains to you.
Not Applicable to Workforce: This Notice does not apply to our job applicants, current employees, former employees, or independent contractors (“Workforce”). For information on our privacy practices for our Workforce for California residents, see our Workforce Privacy Notice.
In the event of a conflict between any other Cintas policy, notice, or statement and this Notice, this Notice will prevail unless stated otherwise. Please also see any other privacy policies, notices or statements posted or referenced on our Services.
To see and print our full Privacy Notice, click here. You can also request a copy, including in Braille, or otherwise obtain disability access assistance by calling 1-844-378-7411.
Personal data is generally any information, alone or in combination with other information, that relates to an identified or identifiable person or can be used to identify, contact or locate a person.
Cintas, and/or its Service Providers (defined below), may collect information that you provide directly to Cintas and/or its Service Providers via the Services. For example, Cintas collects information when you use or register for the Services, subscribe to notifications, or communicate or transact through the Services. Cintas may also collect personal data about you from our customers (for example, your employer) to enable us to provide services to you or Cintas' customer.
In addition, when you interact with Third-Party Services (defined below), you may be able to provide information to those third parties. For more information on Third-Party Services' data collection and practices please refer to the Third-Party Content, Third-Party Services, and Analytics section. For more information on Service Provider data collection practices please refer to the Information We Disclose to Third Parties section.
Information that Cintas, its Service Providers, and/or Third-Party Services may collect includes personal data you provide us, which may include:
contact information, such as your name, company name, job title, address, e-mail address, and phone number;
username and password for any accounts you may establish (or established on your behalf);
additional information about how you use our products or services;
comments, questions, requests, and orders you may make;
financial information needed to process payments if you make purchases, such as business or personal credit card, account information, or tax identification number;
information about your preferences, such as your preferred methods of communication, and the types of products and services in which you are interested; and
when you open and remove an item from the Station, your image.
Cintas, its Service Providers, and/or Third-Party Services may also automatically collect certain information about you when you access or use the Services, including as follows:
Device and Browser Information: Cintas may collect technical information about your device, such as device type, browser type, IP address, operating system, and device identifier. Cintas collects this information automatically from your device and web browser through cookies and similar technologies.
Information About How You Interact with Us: Cintas may collect technical data about your usage of the Services, including features used, links clicked, Cintas e-mails opened, and dates and times of interactions. Cintas collects this information using cookies and similar technologies.
Location Information: Cintas may collect location information from your device and imprecise location information derived from, for example, your IP address or postal code.
The methods we use to automatically collect your information (“Tracking Technologies”) include:
Cookies: A cookie is a small text file that is stored on a user's device, which may be session ID cookies or tracking cookies. Session cookies make it easier for you to navigate the Service and expire when you close your browser. Tracking cookies remain longer and help in understanding how you use the Service and enhance your user experience. Cookies may remain on your hard drive for an extended period.
The Web Portal uses “session cookies.” A session cookie does not identify you personally and expires after you close your browser. The Web Portal also uses “persistent cookies.” These cookies do not expire when you close your browser. Persistent cookies stay on your computer until you delete them or they expire. By assigning your computer a unique identifier, we are able to create a database of your previous choices and preferences which can be provided by us automatically, saving you time and effort on future visits.
We use the information collected through cookies for security purposes, to facilitate navigation, to display information more effectively, and to personalize your experience. We also gather statistical information about use of the Services in order to continually improve their design and functionality, understand how they are used, and assist us with resolving questions regarding them. Cookies further allow us to select which of our advertisements or offers are most likely to appeal to you and display them while you are on the Services. We may also use cookies or other technologies in online advertising to track responses to our ads.
Web Beacons (“Tracking Pixels”): Web beacons are small graphic images, also known as “Internet tags” or “clear gifs,” embedded in web pages and e-mail messages. Web beacons may capture information including your IP address, web browser type, mobile network information, pages viewed, pages visited before navigating to our Services (i.e., referrer URLs), time spent on pages, links clicked, and conversion information. Web beacons may be used, without limitation, to count the number of visitors to our Services, to monitor how users navigate the Services, and to count content views.
Embedded Scripts: An embedded script is programming code designed to collect information about your interactions with the Services. It is temporarily downloaded onto your computer from Cintas' web server or from a third party with which Cintas works and is active only while you are connected to the Services and deleted or deactivated thereafter.
Device Recognition Technologies: Technologies that include the application of statistical probability to data sets or linking a common unique identifier to different device use (e.g., Facebook ID), which attempt to recognize or make assumptions about users and devices (e.g., that a user of multiple devices is the same user or household) (“Cross-device Data”).
Device and Activity Monitoring and Session Replay: Technologies that monitor, and may record, certain of your interactions with the Services, and/or collect and analyze information from your device, such as, without limitation, your operating system, plug-ins, system fonts, and other data, for purposes such as identification, security, fraud prevention, troubleshooting, tracking and/or improving the Services, and customizing or optimizing your experience on the Services. This may also include technologies that monitor and record usage sessions to help us better understand, track, analyze and improve the usage and quality of our Services. These technologies use cookies that may collect information such as session duration, engagement rate, pages visited, mouse movements and clicks, keystrokes and other traffic data. We also use such technologies to debug, identify, and repair errors that impair the intended functionality of our Services.
For information on choices some of these third parties may offer you regarding automated data collection, please refer to the Choices: Tracking and Communications Options section.
Cintas also collects personal data through our customers and business partners. This information may include contact information, such as name, company name, job title, address, e-mail address, and phone number. Cintas may also obtain personal data from other third-party sources, including publicly and commercially available sources. We may combine the information we receive from our customers, business partners, and other third-party sources with information that we collect from you or your device, as described above.
Some information about your use of the Services and certain other online services may be collected using Tracking Technologies across time and services, which may be used by Cintas and third parties for purposes such as to associate different devices you use and deliver content to you on the Services. Please refer to the Choices: Tracking and Communications Options section for more information regarding certain choices regarding these activities.
Cintas may use your personal data for any purpose consistent with Cintas' statements under this Notice or otherwise made by us in writing at the point of collection or to which you have consented, and not prohibited by applicable law, including without limitation, to:
Develop and Manage Our Relationships With You and Our Customers: This may include: (i) delivering services or carrying out transactions that you or our customers have requested; (ii) providing information about Cintas' products, services, transactions, and advertisements, that may be of interest to you; (iii) providing you and our customers a more consistent experience in interacting with Cintas, including by learning more about you and how you use and interact with our Services; and (iv) planning, managing, and performing under our contractual relationships with our customers.
Communicate With You or Our Customers: This may include: (i) informing you of Cintas' products, services, and promotional activities that may be of interest to you or our customers; (ii) providing information about our relevant products, services, and transactions, including, for example, pricing information, technical data, invoice, shipping, or production information, warranty or recall information, or information about product or service improvements; (iii) responding to questions or inquiries that you make, including customer service requests; and (iv) inviting you to participate in, or informing you of the results of, customer satisfaction or market research surveys.
Provide and Improve Our Website, Products, and Services: This may include: (i) customizing them to your preferences or interests, making them more compatible with your technology, or otherwise making them easier to use; (ii) maintaining the security of and otherwise protecting our Services; and (iii) developing new websites, apps, products, and services.
Address Legal Issues: This may include: (i) complying with our obligations to retain certain business records for minimum retention periods; (ii) establishing, exercising, or defending legal claims; (iii) complying with laws, regulations, court orders, or other legal process; (iv) detecting, preventing, and responding to fraud, intellectual property infringement, violation of our contracts or agreements, violations of law, or other misuse of our Services, websites, apps, products, or other services; and (v) protecting our rights or property, or yours or others' health, safety, welfare, rights, or property.
To the extent permitted by law, we may anonymize or aggregate any of the information we collect and use it for any purpose, including for research and product-development purposes.
Generally, we may disclose information about you for any purposes consistent with our statements under this Notice, or otherwise made by us in writing at the point of collection or to which you have consented, and not prohibited by applicable law, including, without limitation, as described below:
We may disclose your personal data to other Cintas entities and our agents, vendors, consultants, and other service providers that provide services such as website hosting, data analysis, payment processing, information technology and related infrastructure provision, customer service or related benefits, email delivery, marketing, auditing, and other services (“Service Providers”). We may also disclose your personal data to Service Providers we hire to perform support services for us and to help us use your personal data as described above.
Cintas may disclose your personal data to third parties who partner with us to provide products and services to our customers, such as distributors and shipping partners.
Cintas may disclose your personal data to other third parties when we have a good faith belief that disclosure is necessary: (i) to comply with a law, regulation, court order, or other legal process; (ii) to detect, prevent, and respond to fraud, intellectual property infringement, violation of our contracts or agreements, violation of law, or other misuse of the Website, products or services; (iii) to protect Cintas’ rights or property or yours or others’ health, safety, welfare, rights, or property; (iv) if Cintas believes your actions are inconsistent with our terms of use, user agreements, applicable terms or policies; or (v) under similar circumstances. If such an event occurs, we will take appropriate steps to protect your personal data.
Cintas will not disclose your personal data to third parties for their own direct marketing purposes except in connection with corporate transactions, as set forth in the next bullet, absent your consent (which may be by means of third-party interaction described in the last bullet point).
Cintas may disclose your personal data to third parties in connection with the sale, purchase, merger, reorganization, liquidation, or dissolution of Cintas, or under similar circumstances. If such an event occurs, we will take appropriate steps to protect your personal data.
Cintas may disclose your personal data with your permission or at your request. As more fully described in the Third-Party Content, Third-Party Services, and Analytics section, your activities on the Services may, by their nature, result in the sharing of your personal data with third parties, and by engaging in these activities you consent to that and further sharing and disclosure to third parties. Such third-party data receipt and collection is subject to the privacy and business practices of that third party, not Cintas.
Cintas may disclose anonymized or aggregated information internally and to third parties for any purpose, to the extent permitted by law.
The Services may contain links to websites or mobile apps that are not operated by Cintas and plugins from other third parties (“Third-Party Services”). Some examples of links to third-party websites include those websites operated by our business partners, suppliers, sponsors, licensors, and other third parties. The inclusion of these links or plug-ins on the Services does not imply any endorsement of the activities or content of the related websites, apps, or platforms, nor any association with their operators. To learn about the information collected by these third-party websites, apps, and plugins, if any, please review their privacy notices. We encourage you to review the privacy notices for the websites, apps, and social media platforms you visit before using them or providing personal data.
If you post information on a Third-Party Service that references Cintas (e.g., by using a hashtag associated with Cintas in a tweet or status update), your post may be used on or in connection with the Services or otherwise by Cintas. Also, both Cintas and the third party may have access to certain information about you and your use of the Services and any Third-Party Service.
Cintas may use Microsoft, Google Analytics, or other Service Providers for analytics services. These analytics services may use cookies and other Tracking Technologies to help Cintas analyze Service users and how they use the Service. They also use these technologies, along with information they collect about your online use, to recognize you across the devices you use, such as a mobile phone and a laptop. Information generated by these analytics services (e.g., your IP address and other usage information) may be transmitted to and stored by these Service Providers on servers in the U.S. (or elsewhere) and these Service Providers may use this information for purposes such as evaluating your use of the Services, compiling statistic reports on the Services' activity, and providing other services relating to Service activity and other Internet usage.
Please refer to the Choices: Tracking and Communications Options section for more on certain choices offered by some third parties regarding their data collection and use, including regarding Interest-based Advertising and analytics.
Tracking Technologies Generally
Regular cookies may generally be disabled or removed by tools available as part of most commercial browsers, and in some instances blocked in the future by selecting certain settings. Browsers offer different functionalities and options, so you may need to set them separately. Please be aware that if you disable or remove these technologies, some parts of our Services may not work and that when you revisit the Services your ability to limit browser-based Tracking Technologies is subject to your browser settings and limitations.
Your browser settings may allow you to automatically transmit a “Do Not Track” signal to online services you visit. Note, however, there is no consensus among industry participants as to what “Do Not Track” means in this context. Cintas currently does not alter its practices when Cintas receives a “Do Not Track” signal from a visitor's browser. To learn more about “Do Not Track,” you can visit http://www.allaboutdnt.com, but Cintas is not responsible for the completeness or accuracy of this third-party information.
For information on how to do this on the browser of your mobile phone or tablet you will need to refer to your device manual. Please note that you will not be able to opt out of receiving certain cookies that are strictly necessary for the delivery of a service requested by you.
Communications
You can opt out of receiving certain promotional communications (e-mails) from Cintas at any time by following the instructions provided in e-mails to click on the unsubscribe link or, if available, by changing your communication preferences by logging onto your account. Please note that your opt-out is limited to the e-mail address used and will not affect subsequent subscriptions. If you opt out of only certain communications, other subscription communications may continue. Even if you opt out of receiving promotional communications, Cintas may, subject to applicable law, continue to send you non-promotional communications, such as those about your account, transactions, servicing, or Cintas' ongoing business relations. If you believe our opt-out mechanism is not working, please email us at privacy@cintas.com.
Cintas maintains reasonable and appropriate administrative, physical, and technological safeguards to protect the confidentiality, security, and integrity of your personal data. We also have a data incident response plan to ensure our personnel understand what to do in the event of a data incident or security breach. Although we use security measures to help protect your personal data against unauthorized disclosure, misuse, or alteration, as is the case with all computer networks linked to the Internet, we cannot guarantee the security of information provided over the Internet and will not be responsible for breaches of security beyond our reasonable control.
How long we keep your personal data will vary and will depend on the purpose and use of the personal data collected. There are legal requirements that we keep some types of data for specific periods. Otherwise, we will retain it for no longer than is necessary for the purposes for which the personal data was collected.
Our Services are not intended for children under 16 years of age. If we obtain knowledge that we have collected information regarding children under 16, we will remove such data to the extent required by applicable law.
The description of our data practices in this Notice covers the 12 months prior to the date this Notice was last updated (“Reporting Period”) and will be updated at least annually. Our data practices may differ between updates; however, if they are materially different from this Notice, we will provide supplemental pre-collection notice of the current practices. Otherwise, this Notice serves as our Notice at Collection.
Personal Data Collection, Disclosure, and Retention
During the Reporting Period, we collected, retained, disclosed, and otherwise processed (collectively, “process(ed)(ing)”) personal data about users of the Stations or Services, as follows:
| Category of personal data | Examples of personal data Collected and Retained | Categories of Recipients |
|---|---|---|
| Identifiers | A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, or other similar identifiers. |
Disclosures for Business Purposes:
|
| Personal Records | Name, signature, address, telephone number, financial information (e.g., bank account number or payment card information). |
Disclosures for Business Purposes:
|
| Protected classification characteristics under California, Virginia, Colorado, or federal law. | Not collected. |
Disclosures for Business Purposes: N/A Sale/Share: N/A |
| Customer Account Details/Commercial Information | Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. |
Disclosures for Business Purposes:
|
| Physical Characteristics Information | Physical characteristics to the extent captured by photograph upon opening of the Stations. |
Disclosures for Business Purposes:
|
| Internet Usage Information | Browsing history, search history, and other information regarding your interaction with our Services or other sites, applications, or advertisements. |
Disclosures for Business Purposes:
|
| Geolocation Data | Physical location of Stations. |
Disclosures for Business Purposes:
|
| Sensory Data | Audio, electronic, or similar information when you contact us through our customer service line. |
Disclosures for Business Purposes:
|
| Professional or Employment Information (such as your current employer) | Information regarding your current employer and position to enable us to provide products or services to you on behalf of your employer (our customer). |
Disclosures for Business Purposes:
|
| Non-public Education Information | Not collected. |
Disclosures for Business Purposes: N/A Sale/Share: N/A |
| Inferences from Personal Data Collected | Not collected. |
Disclosures for Business Purposes: N/A Sale/Share: N/A |
| Sensitive Personal Data | Account log-in credentials. |
Disclosures for Business Purposes:
|
Other parties (e.g., litigants) within the limits of Additional Business Purposes.
Your Rights and Choices:
California, Colorado, Connecticut, Virginia, and Utah consumers have the privacy rights described in this section, subject to meeting the requirements for a Verifiable Consumer Request.
Please note that Nevada residents only have the right to opt out of sales as described in the Do Not Sell/Share/Target section, if applicable, and the other rights and choices described below will not apply to them. To submit a request to exercise your privacy rights, or to submit a request as an authorized agent, use our Privacy Rights Request Portal, or call us at 1-844-378-7411 and respond to any follow-up inquiries we make. Please be aware that we do not accept or process requests through other means (e.g., via fax, chats, social media etc.). More details on the request and verification process is described in the Your Request Must be a Verifiable Consumer Request section. Your rights and the related verification process are listed below:
| Right | Description | Verification Process |
|---|---|---|
| Right to Know and Request Disclosure (California) |
The right to request that we disclose certain information to you about our collection and use of your personal information, including:
In connection with any personal information we may sell, share, or otherwise disclose to a third party for a business purpose, you have the right to know:
|
We verify your Request to Know Categories of personal data to a reasonable degree of certainty, which may include matching at least two data points provided by you with data points maintained by us, which we have determined to be reliable for the purpose of verifying you. If we cannot do so, we will refer you to this Notice for a general description of our data practices. |
| Right to Confirm | The right to confirm whether or not we are processing your personal information. | |
| Right to Access | The right to access your personal information, subject to exceptions set out in the applicable state law. California users are able to submit requests to know up to twice in a 12-month period. For additional such requests in that period, we may charge a reasonable a service fee. | We verify your Request to Access your personal data to a reasonably high degree of certainty, which may include matching at least three data points provided by you with data points maintained by us, which we have determined to be reliable for the purpose of verifying you together with a signed declaration under penalty of perjury that you are the Consumer whose personal data is the subject of the request. If you fail to provide requested information for a Request to Know (Specific Pieces), we will be unable to verify you sufficiently to honor your request, but we will then treat it as a Right to Know Categories Request. |
| Right to Delete |
The right to request that we delete any of your personal information that we collected from or about you and retained, subject to certain exceptions set out in the applicable state law. We may deny your deletion request if retaining the information is necessary for us or our Service Provider(s):
Please be aware that making a deletion request does not ensure complete or comprehensive removal or deletion of personal data or content you may have posted. |
We verify your Request to Delete to a reasonable degree of certainty, which may include matching at least two data points provided by you with data points maintained by us, or to a reasonably high degree of certainty, which may include matching at least three data points provided by you with data points maintained by us, depending on the sensitivity of the personal data and the risk of harm to the Consumer posed by unauthorized deletion. If we cannot verify you sufficiently to honor a deletion request, you can still make a Do Not Sell/Share/Target request. |
| Right to Correct | The right to request that we correct any of your personal information that is inaccurate. You can also make changes to your online account in the account settings section of the account. That will not, however, change your information that exists in other places. | We verify your Request to Correct personal data to a reasonable degree of certainty, which may include matching at least two data points provided by you with data points maintained by us, or to a reasonably high degree of certainty, which may include matching at least three data points provided by you with data points maintained by us, depending on the sensitivity of the personal data and the risk of harm to the Consumer posed by unauthorized correction. |
| Right to Obtain a Copy | The right to obtain a copy of or otherwise receive the personal information that you have provided to us in a portable, readily usable format that can be easily transferred to third parties. | We verify your Request to Obtain a Copy of your personal data to a reasonably high degree of certainty, which may include matching at least three data points provided by you with data points maintained by us, which we have determined to be reliable for the purpose of verifying you together with a signed declaration under penalty of perjury that you are the Consumer whose personal data is the subject of the request. |
| Right to Opt Out |
The right to opt out of the following uses of your personal information:
We do not sell or share personal data for targeted behavioral advertising, or use personal data for profiling. |
N/A |
| Right to Limit the Use of Sensitive Personal Information |
The right to:
We only process sensitive personal data for purposes that are exempt from consumer choice under applicable law. |
No specific verification required unless we suspect fraud. |
| Right to Non-Discrimination | The right to not be retaliated or discriminated against because you have exercised your data privacy rights. | No specific verification required unless we suspect fraud. |
Do Not Sell/Share/Target
With respect to the Services, we do not sell, share your personal data for cross-contextual behavioral advertising, or use it for targeted advertising.
In California, global privacy control is referred to as opt-out preference signals (“OOPS”), which are signals sent by a platform, technology, or mechanism, enabled by individuals on their devices or browsers that communicate the individual's choice to opt-out of the sale or sharing of personal data. To use an OOPS/GPC, you can download an internet browser or a plugin to use on your current internet browser and follow the settings to enable the OOPS/GPC. We have configured the settings of our consent management platform to receive and process OOPS/GPC signals on our website. We do not: (1) charge a fee for use of our service if you have enabled OOPS/GPC; (2) change your experience with any product or service if you use OOPS/GPC; or (3) display a notification, pop-up, text, graphic, animation, sound, video, or any interstitial in response to the OOPS/GPC.
We do not knowingly collect, sell, or share the personal data of Consumers under 16, unless we receive affirmative opt-in consent (“opt-in”) from either the Consumer who is between 13 and 16 years old, or the parent or guardian of a Consumer who is under 13 years old. If you think we may have unknowingly collected personal data of a Consumer under 16 years old, please Contact Us.
We may disclose your personal data for the following purposes, which are not a sale or share: (i) if you direct us to disclose personal data; (ii) to comply with a Consumer rights request you submit to us; (iii) disclosures among Cintas companies as defined above, or as part of a corporate transaction; and (iv) as otherwise required or permitted by applicable law.
Automated Decision Making/Profiling
We do not engage in Automated Decision Making or Profiling.
Exercising Your Rights
To exercise the Consumer privacy rights described above, or to submit a request as an authorized agent, please use our Privacy Rights Request Portal or calling us at 1-844-378-7411.
Your Request Must be a Verifiable Consumer Request
Only you, or someone legally authorized to act on your behalf (your authorized agent if you're a California consumer), may make a verifiable consumer request related to your personal data. You may also make a verifiable consumer request on behalf of your minor child. For California consumers, you may only make a verifiable consumer request for access or data portability twice within a 12-month period.
When you make a request applicable to you, we may ask you to provide verifying information, such as your name, e-mail, phone number, account, and/or transaction information. We will review the information provided and may request additional information (e.g., transaction history) via e-mail or other means to ensure we are interacting with the correct individual. We will not fulfill your Right to Know (Categories), Right to Know (Specific Pieces), Right to Obtain a Copy (Data Portability), Right to Access, Right to Delete, or Right to Correction request unless you have provided sufficient information for us to reasonably verify you are the Consumer about or from whom we collected personal data. We do not verify opt-outs of Sell/Share/Target or Limitation of Sensitive Personal Data requests, if applicable, unless we suspect fraud.
To protect individuals, if we are unable to verify you sufficiently, we will be unable to honor your request. We will use personal data provided in a Verifiable Consumer Request only to verify your identity or authority to make the request and to track and document request responses, unless you also gave it to us for another purpose.
Agent Requests
You may use an authorized agent to make a request for you, subject to our verification of the agent, the agent's authority to submit requests on your behalf, and of you. You can learn how to do this by visiting the agent section of our Privacy Rights Request Portal. Once your agent's authority is confirmed, they may exercise rights on your behalf subject to the agency requirements of applicable law.
Response Timing and Formats
We endeavor to respond to a verifiable consumer request within 45 days of its receipt. If we require more time (up to 45 additional days), we will inform you of the reason and extension period in writing.
The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal data that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
Notice of Financial Incentive Programs:
We do not currently offer discounts or rewards to users for providing us personal data, or set price or service differences related to the collection, retention, sale, or sharing of personal data. If we offer such programs in the future, we will update this Notice to describe such program(s), including how you may opt-in and how we value the personal data required.
Our Rights and the Rights of Others:
Notwithstanding anything to the contrary, we may collect, use, and disclose your personal data as required or permitted by applicable law and this may override your rights under applicable law. In addition, we are not required to honor your requests to the extent that doing so would infringe upon our or another person's or party's rights or conflict with applicable law.
Additional Notice for California Residents:
Certain Californians are also entitled to certain other notices, as follows:
This Notice provides information on our online practices and your California rights specific to our online services. Without limitation, Californians that visit our online Services and seek to acquire goods, services, money or credit for personal, family or household purposes are entitled to the following notices of their rights:
California's “Shine the Light” law (Civil Code Section § 1798.83) permits users of our Websites who are California residents to request certain information regarding our disclosure of personal data to third parties for their direct marketing purposes. To make such a request, please send an email to Privacy@Cintas.com or write us at:
Cintas Corporation Chief Compliance Officer 6800 Cintas Boulevard Mason, Ohio 45040
You must put the statement “Shine the Light Request” in the body of your correspondence. In your request, please attest to the fact that you are a California resident and provide a current California address for your response. This right is different than, and in addition to, CCPA rights, and must be requested separately. However, a Do Not Sell/Share/Target opt-out is broader and will limit our sharing with third parties for their own direct marketing purposes without the need for making a separate Shine the Light request. We will not accept Shine the Light requests by telephone or by fax, and are not responsible for requests not labeled or sent properly, or that are incomplete.
We reserve the right to amend this Notice at our discretion and at any time. When we make changes to this Notice, we will post the updated notice on the App download page and Web Portal, and update the Notice's effective date. In some cases, we may provide additional notice by adding a statement to our Websites or sending you a notification by email or through the App or Web Portal. Any modifications will apply only to the personal data we collect after posting the updated Notice. Your continued use of our Services following the posting of changes constitutes your acceptance of such changes.
If you have any questions or comments about this notice, the ways in which Cintas collects and uses your personal data described here and in our General Privacy Notice, your choices and rights regarding such use, or wish to exercise your rights under applicable law, please do not hesitate to contact us at: