privacy policy

H-E-B PRIVACY POLICY

H-E-B ("we" or "us") is concerned about privacy issues and wants you to be familiar with how we collect, use and disclose information. This Privacy Policy describes our practices in connection with information that we collect through the websites, software applications, and other online properties and services operated by us in the United States and branded with the H-E-B logo from which you are accessing this Privacy Policy (collectively, the "Services").

Other information collected about you from other parts of our business, such as information collected by our pharmacy operations, may be regulated differently and subject to different privacy practices. For example, please refer to H-E-B Health Care Services Notice of Privacy Practice and to H-E-B Nutrition Services Notice of Privacy Practices for information on your rights with regard to H-E-B use and disclosure of protected health information. This Privacy Policy does not apply to software applications, and other online properties and services operated by us which are outside the United States, or which are not branded with the H-E-B logo, or any other collection or use of data other than via the Services.

By providing Personal Information to us or using the Services, you agree to the terms and conditions of this Privacy Policy.

PERSONAL INFORMATION

Personal Information We May Collect

"Personal Information" is information that identifies you as an individual or relates to an identifiable person, which may include, for example:

  • Name
  • Postal address (including billing and shipping addresses)
  • Telephone number
  • Email address
  • Credit and debit card number (such as for online purchases)
  • Social Security number or tax identification number (such as for online employment applications)

How We May Collect Personal Information

We and our service providers may collect Personal Information in a variety of ways, including:

  • Through the Services: We may collect Personal Information through the Services, e.g., when you register, sign up for a newsletter, participate in a promotion or event, or make a purchase.

  • From Other Sources: We may receive your Personal Information from other sources, such as public databases; joint marketing partners; social media platforms; people with whom you are friends or otherwise connected on social media platforms; and other third parties. For example, if you connect your social media account to your Website account, certain Personal Information from your social media account will be shared with us, which may include Personal Information that is part of your profile or your friends' profiles. In addition, we may supplement the Personal Information that you provide us and/or the Other Information we collect from you with demographic, social, and other information about you that we receive from other sources. Once we combine data from other sources with your Personal Information collected pursuant to this policy, we apply this policy to the combined data as long as it is combined. However, this Privacy Policy does not apply to the original source or uncombined data.

How We May Use Personal Information

We may use Personal Information:

  • To respond to your inquiries and fulfill your requests, such as to send you newsletters or announcements.
  • To send administrative information to you, such as information regarding the Services and changes to our terms, conditions, and policies.
  • To complete and fulfill your purchase, including to process your payments, have your order delivered to you, communicate with you regarding your purchase, and provide you with related customer service.
  • To present you with coupons and other offers.
  • To send you information and marketing communications that we believe may be of interest to you.
  • To personalize your experience on the Services by presenting products and offers tailored to you.
  • To allow you to participate in sweepstakes, contests, and similar promotions, as well as store or community events, and to administer these activities. Some of these activities have additional rules, which could contain additional information about how we use and disclose your Personal Information, so we suggest that you read such rules carefully.
  • To facilitate social sharing functionality.
  • To allow you to send messages to a friend through the Services. By using this functionality, you are telling us that you are entitled to use and provide us with your friend's name and email address.
  • For our business purposes, such as data analysis; audits; fraud monitoring and prevention; developing new products; enhancing, improving, or modifying our products and services; identifying usage trends; determining the effectiveness of our promotional campaigns; and operating and expanding our business activities.
  • To de-identify and aggregate information. Once de-identified and aggregated so that data does not personally identify you (for example, we may aggregate Personal Information to calculate the percentage of our users who have a particular telephone area code), it is no longer Personal information. Such de-identified and/or aggregated information which does not identify individuals is not subject to this Privacy Policy.
  • As we believe to be necessary or appropriate: (a) under applicable law, including laws outside your country of residence; (b) to comply with legal process; (c) to respond to requests from public and government authorities, including public and government authorities outside your country of residence; (d) to enforce our terms and conditions; (e) to protect our operations or those of any of our affiliates; (f) to protect our rights, privacy, safety or property, and/or that of our affiliates, you, or others; and (g) to allow us to pursue available remedies or limit the damages that we may sustain.

How Personal Information May Be Disclosed

Your Personal Information may be disclosed:

  • To our third-party service providers who provide services such as website hosting, data analysis, payment processing, order fulfillment, information technology and related infrastructure provision, customer service, email delivery, auditing, and other services.
  • To third party businesses offering goods and services via the Services. We work closely with third party businesses to offer products and services to you. In some cases, these businesses may sell offerings to you via the Services.
  • To identify you to anyone to whom you send messages through the Services.
  • To joint marketing partners for you to participate in joint marketing promotions.
  • By you, when you post a review or when you post on message boards, chat, profile pages, blogs, or other services to which you are able to post information and materials. Please note that any information you post or disclose through these services will become public and may be available to other users of the Services and to the general public. We urge you to be very careful when deciding to disclose any information on such services.
  • To your friends associated with your social media account, to other users of the Services, and to your social media account provider, in connection with your social sharing activity, such as if you connect your social media account to your Services account or log-into your Services account from your social media account. By connecting your Services account and your social media account, you authorize us to share information with your social media account provider, and you understand that the use of the information we share will be governed by the social media site's privacy policy. You should review the privacy policy of the social media account provider before sharing Personal Information. If you do not want your Personal Information shared with other users or with your social media account provider, please do not connect your social media account with your Services account, and do not participate in social sharing on the Services.
  • To a third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer, or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings).
  • To subsidiary and affiliated entities that we control, that control us, or that are under common control with us.
  • As we believe to be necessary or appropriate: (a) under applicable law, including laws outside your country of residence; (b) to comply with legal process; (c) to respond to requests from public and government authorities, including public and government authorities outside your country of residence; (d) to enforce our terms and conditions; (e) to protect our operations or those of any of our affiliates; (f) to protect our rights, privacy, safety or property, and/or that of our affiliates, you or others; and (g) to allow us to pursue available remedies or limit the damages that we may sustain.
  • Any additional disclosures for which you provide consent.

OTHER INFORMATION

Other Information We May Collect

"Other Information" is any information that does not reveal your specific identity, such as:

  • Browser and device information
  • App usage data
  • Information collected through cookies, pixel tags, and other technologies
  • Demographic information and other information provided by you

How We May Collect Other Information

We and our third party service providers may collect Other Information in a variety of ways, including:

  • Through your browser or device: Certain information is collected by most browsers or automatically through your device, such as your Media Access Control (MAC) address, computer type (Windows or Macintosh), screen resolution, operating system name and version, device manufacturer and model, language, Internet browser type and version and the name and version of the Services (such as the app) you are using. We use this information to ensure that the Services function properly.

  • Through your use of our apps: When you download and use our apps, we and our service providers may track and collect app usage data, such as the date and time the app on your device accesses our servers and what information and files have been downloaded to the app based on your device number.

  • Using cookies: Cookies are pieces of information stored directly on the computer that you are using. Cookies allow us to collect information such as browser type, time spent on the Services, pages visited, language preferences, and other traffic data. We and our service providers use the information for security purposes, to recognize your computer when you return to the Services, to facilitate navigation, to display information more effectively, and to personalize your experience while using the Services. We also gather statistical information about use of the Services in order to continually improve their design and functionality, understand how they are used, and assist us with resolving questions regarding them. Cookies further allow us to select which of our advertisements or offers are most likely to appeal to you and display them while you are on the Services. We may also use cookies in online advertising to track responses to our advertisements. We do not track your use of third-party websites or services.

    If you do not want information collected through the use of cookies, there is a simple procedure in most browsers that allows you to automatically decline cookies or be given the choice of declining or accepting the transfer to your computer of a cookie (or cookies) from a particular site. You may also wish to refer to http://www.allaboutcookies.org/manage-cookies/index.html. If, however, you do not accept our cookies, you may experience some inconvenience in your use of the Services. For example, we may not be able to recognize your computer and you may need to log in every time you visit. You also may not receive advertising or other offers from us that are relevant to your interests and needs.

  • Using third-party analytics providers: We use Google Analytics, a web analytics service provided by Google Inc. Google Analytics uses cookies and similar technologies to analyze how users use the Services, compile statistical reports on Services activity, and provide other services related to the Services. Google may also collect information about Services' visitors' use of other websites. For more information about Google Analytics, or to opt out of Google Analytics, please go to: https://tools.google.com/dlpage/gaoptout.

    We also use Adobe Site Catalyst to provide analytics, in order to help us measure the use of the Services, as well as to provide personalization services. To opt out of the use of Adobe cookies for these purposes, please visit http://www.adobe.com/privacy/opt-out.html.

  • Using pixel tags and other similar technologies: Pixel tags (also known as web beacons and clear GIFs) may be used in connection with the Services to, among other things, track the actions of users (including email recipients), measure the success of our marketing campaigns, and compile statistics about use and response rates.

  • Using Adobe Flash technology (including Flash Local Shared Objects ("Flash LSOs")) and other similar technologies: We may use Flash LSOs and other technologies to, among other things, collect and store information about your use of the Services. If you do not want Flash LSOs stored on your computer, you can adjust the settings of your Flash player to block Flash LSO storage using the tools contained in the Website Storage Settings Panel. You can also control Flash LSOs by going to the Global Storage Settings Panel and following the instructions (which may include instructions that explain, for example, how to delete existing Flash LSOs (referred to as "information" on the Macromedia site), how to prevent Flash LSOs from being placed on your computer without your being asked, and (for Flash Player 8 and later) how to block Flash LSOs that are not being delivered by the operator of the page you are on at the time). Please note that setting the Flash Player to restrict or limit acceptance of Flash LSOs may reduce or impede the functionality of some Flash applications, including, potentially, Flash applications used in connection with the Services.

  • IP Address: Your IP address is a number that is automatically assigned to the computer that you are using by your Internet service provider. An IP address may be identified and logged automatically in our server log files whenever a user accesses the Services, along with the time of the visit and the page(s) that were visited. Collecting IP addresses is standard practice and is done automatically by many websites, applications, and other services. We use IP addresses for purposes such as identifying your general location, calculating usage levels, helping diagnose server problems, and administering the Services.

  • Physical Location: We may collect the physical location of your device by, for example, using satellite, cell phone tower or WiFi signals. We may use your device's physical location to provide you with personalized location-based services and content. We may also share your device's physical location, combined with information about what advertisements you viewed and other information we collect, with our marketing partners to enable them to provide you with more personalized content and to study the effectiveness of advertising campaigns. In some instances, you may be permitted to allow or deny such uses and/or sharing of your device's location, but if you do, we and/or our marketing partners may not be able to provide you with the applicable personalized services and content.

  • From you: Information such as your preferred means of communication, shopping list or dietary preferences is collected when you voluntarily provide it. Unless combined with Personal Information, this information does not personally identify you.

How We May Use and Disclose Other Information

We may use and disclose Other Information for any purpose, except where we are required to do otherwise under applicable law. If we are required to treat Other Information as Personal Information under applicable law, then we may use it for all the purposes for which we use and disclose Personal Information. In some instances, we may combine Other Information with Personal Information. If we do, we will treat the combined information as Personal Information as long as it is combined.

LINKS

This Privacy Policy does not address, and we are not responsible for, the privacy, information, or other practices of any third party operating any site or service to which the Services link or which link to the Services. The inclusion of a link on or to the Services does not imply endorsement of the linked site or service by us or by our affiliates.

Please note that we are not responsible for the collection, use, and disclosure policies and practices (including the data security practices) of other organizations, such as Facebook, Apple, Google, Microsoft, or any other app developer, app provider, social media platform provider, operating system provider, wireless service provider, or device manufacturer.

THIRD PARTY ADVERTISERS

We may use third-party advertising companies to serve advertisements regarding goods and services that may be of interest to you when you access and use the Services and other websites, based on information relating to your access to and use of the Services. To do so, these companies may place or recognize a unique cookie on your browser (including through the use of pixel tags). If you would like to learn more about this practice, including your choices with respect to it, please visit http://www.networkadvertising.org/managing/opt_out.asp and http://www.aboutads.info/.

SECURITY

We seek to use reasonable physical, technical, and administrative measures designed to protect Personal Information within our organization. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of your account has been compromised), please immediately notify us in accordance with the "Contacting Us" section below.

PROTECTION OF SOCIAL SECURITY NUMBERS

When we collect Social Security numbers in the course of our business, it is our policy to use reasonable physical, technical, and administrative measures designed to protect the confidentiality of such numbers, prohibit their unlawful use or disclosure, and limit access to them. When disposed of, this information is shredded, destroyed, erased, or otherwise sought to be made unreadable.

CHOICES AND ACCESS

Your choices regarding our use of your Personal Information

We give you choices regarding our use of your Personal Information for certain communications purposes. You can always choose not to provide information, even though it might be needed to make a purchase or to take advantage of certain features within the Services. You may opt-out from:

  • Receiving emails from us: If you no longer want to receive marketing-related emails from us on a going-forward basis, you may opt-out by clicking on this link or following the instructions contained in any such message.

  • Receiving text messages from us: If you no longer want to receive text messages from us on a going-forward basis, you may opt-out by following the instructions at this link or following the instructions contained in any such message.

We will try to comply with your request(s) as soon as reasonably practicable. Please note that if you opt-out of receiving marketing-related emails from us, we may still send you important administrative messages, from which you cannot opt-out.

How you request modification or removal of your Personal Information

If you would like to modify or request removal of the Personal Information that you have provided to us, you may manage your profile or contact us directly.

In your request, please make clear what Personal Information you would like to have modified or removed, or otherwise let us know what limitations you would like to put on our use of it. For your protection, we may only implement requests with respect to the Personal Information associated with the particular email address that you use to send us your request, and we may need to verify your identity before implementing your request. We will try to comply with your request as soon as reasonably practicable. Please note that we may need to retain certain information for recordkeeping purposes and/or to complete any transactions that you began prior to requesting such change or deletion. There may also be residual information that will remain within our databases and other records, which will not be removed.

USE OF THE SERVICES BY MINORS

The Services are not directed to individuals under the age of thirteen (13), and we request that these individuals not provide Personal Information through the Services.

JURISDICTIONAL ISSUES

The Services are controlled and operated by us from the United States and are not intended to subject us to the laws or jurisdiction of any state, country, or territory other than that of the United States.

UPDATES TO THIS PRIVACY POLICY

We may change this Privacy Policy. The "LAST UPDATED" legend at the top of this page indicates when this Privacy Policy was last revised. Any changes will become effective when we post the revised Privacy Policy on the Services. Your use of the Services following these changes means that you accept the revised Privacy Policy.

CONTACTING US

If you have any questions about this Privacy Policy, please contact us at privacyoffice@heb.com or:

H-E-B
Attention: Privacy Office
P.O. Box 101047
San Antonio, TX 78201-9047

You may also reach us by telephone at:

Privacy Office
San Antonio, Texas 1-210-938-4923
Outside of San Antonio 1-866-432-4318

Customer Relations
San Antonio, Texas 1-210-938-8357
Outside of San Antonio 1-800-432-3113

Because email communications are not always secure, please do not include credit card information or other sensitive information in your emails to us.

Last Revision Date: March 16, 2015