Last Updated: January 1, 2023
1.Collection of Personal Information.
Categories of Personal Information. Depending on how you interact with us, we may collect the following categories of Personal Information (subject to applicable legal requirements and restrictions):
- Name, contact information and other identifiers: identifiers such as a name, username, account name, address, phone number, birth date, email address, and online identifier.
- Purchase Information: electronic customer records, including information about purchases, containing Personal Information.
- Device information: internet protocol (IP) address, web browser type, operating system version, phone carrier and manufacturer, application installations, device identifiers, mobile advertising identifiers, and push notification tokens.
- Demographic Information: including gender, age, race and disability. Certain information could include information that is considered sensitive personal information as that term is understood under certain data protection laws.
- Communications: direct communication, web forms, online polls, or interactions with our blogs and posts.
- Commercial information: including records of products or services purchased, obtained, or considered, or other purchasing or use histories or tendencies.
- Warranty Registration information: including information about your product purchase such as the product name and where the product was purchased, and Personal Information, including contact information, necessary to register a warranty.
- Usage data: internet or other electronic network activity information including, but not limited to, browsing history, search history, and information regarding a consumer’s interaction with an internet website, application, or advertisement.
- Location data: location information about a particular individual or device, general location information (for example, your IP address may indicate your more general geographic region).
- Profiles and inferences: inferences drawn from any of the information identified above to create a profile reflecting a resident’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, or aptitudes.
2.Sources of Personal Information.
We may collect Personal Information about individuals:
- Directly from you:such as when you make a purchase, when you create an online account with us (the “User Account”), participate in contests and promotions we offer, register to receive marketing and other communications from us, enter a sweepstakes or promotion, register product warranties, engage with us as part of an offer or marketing initiative, or contact us for customer support purposes.
- From third parties:such as third-party providers of services to us (e.g., fraud detection, identity verification and security), third party resellers of our products, marketing agencies and third parties that provide advertising services to us, consumer data resellers, social networks, and marketing partners.
- Related to your use of our Services:including information we collect automatically when you use our Site or interact with us, or information we derive about you and your preferences or interests based on the Personal Information we collect and our interactions with you.
We may collect Personal Information about you from third-party sources (which may be combined with other Personal Information we have collected about you), such as:
- Payments:if you make a purchase and process your payment with a third-party processor (e.g., PayPal) we may collect Personal Information such as your name, billing address, payment type, as well as credit card number or other payment account details.
- Acquisition: we may collect Personal Information as a result of a corporate restructuring, or an acquisition or merger with a third party.
- Other:we may obtain Personal Information, such as demographic information or updated contact details, from third parties; we may also collect information from public records.
We may automatically collect or derive Personal Information about your use of our Services, or other interactions with us.
3.Use of Personal Information.
We and our authorized third parties will only process your Personal Information where we have legal grounds to do so. We may use Personal Information for a variety of purposes, including, without limitation:
- Providing support and services:including to provide our Services, operate our Site, Apps and online services, and interact with you on our Services; to respond to your inquiries; to provide troubleshooting, fulfill your orders and requests, process warranty registrations, to provide the Vista Outdoor Rewards Program, process your payments and provide technical support; and for other customer service and support purposes. Our lawful basis is to fulfil any contractual terms we have with you.
- Analyzing and improving our business:including to better understand how users access and use our Services and Site, to evaluate and improve our Site, Apps, Services and business operations, and to develop new features, offerings, and services; to conduct surveys and other evaluations (such as customer satisfaction surveys); to monitor consumer interest in our products and Services; to troubleshoot problems that may arise on the Site or Apps; to improve the accuracy of our customer database; to increase our understanding of our customer database; to increase our understanding of our customers; and for other research and analytical purposes. Our lawful basis is our legitimate business interests in understanding and improving our services.
- Advertising, marketing and promotional purposes:including to reach you with more relevant ads and to evaluate, measure and improve the effectiveness of our ad campaigns; to send you newsletters, offers or other information we think may interest you; to send you stickers, or other promotional materials when you sign up for our email list; to conduct sweepstakes, contests or other promotional offers; to contact you about our Services, products, or other information we think may interest you; and to identify potential new customers. Our lawful basis is your consent to choose to subscribe to any newsletter or marketing (and you can unsubscribe at any time).
- Securing and protecting our business:including to protect and secure our business operations, assets, Services, network and information and technology resources; to investigate, prevent, detect and take action regarding fraud, unauthorized access, situations involving potential threats to the rights or safety of any person or third-party, or other unauthorized activities or misconduct. Our lawful basis is our legitimate business interests in protecting our business and Services and because, in some circumstances, we are under a legal obligation to do this (e.g. to protect and secure your Personal Information).
- Defending our legal rights:including to manage and respond to actual and potential legal disputes and claims, and to otherwise establish, defend or protect our rights or interests, including in the context of anticipated or actual litigation with third parties. Our lawful basis is our legitimate business interests in protecting our business or our need to defend ourselves legally.
- Auditing, reporting, corporate governance, and internal operations:including relating to financial, tax and accounting audits; audits and assessments of our operations, privacy, security and financial controls, risk, and compliance with legal obligations; our general business, accounting, record keeping and legal functions; and related to any actual or contemplated merger, acquisition, asset sale or transfer, financing, bankruptcy or restructuring of all or part of our business. Our lawful basis is our legal obligations under relevant legislation such as tax reporting and our legitimate interests in running our governance programs.
- Complying with legal obligations:including to comply with the law, our legal obligations and legal process, such as warrants, subpoenas, court orders, and regulatory or law enforcement requests. Our lawful basis is compliance with applicable law.
- For our legitimate business interests: including where the interest of our business in conducting and managing our business to enable us to give you the best service/product and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your Personal Information for our legitimate interests. We do not use your Personal Information for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us. Our lawful basis is this legitimate business interest.
- To perform any contracts in place between us and you: where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract. Our lawful basis is performance of these contracts.
We, and our third-party service providers, may de-identify and anonymize Personal Information and create anonymous and aggregated data sets and reports to assess, improve and develop our business, products and Services, prepare benchmarking reports on our industry and/or for other research, marketing and analytics purposes. This data is not Personal Information.
We may combine information from different sources. For example, we may combine information that we have collected offline with Personal Information we collect online, or we may combine information we get from a third-party with Personal Information we already have.
If you submit any Personal Information relating to other people to us, you represent that you have the authority to do so and have informed that other person about the contents of this Policy.
4. Disclosure of Personal Information.
We may share or disclose the Personal Information we collect with the following categories of third parties as follows:
- Service providers:We may disclose Personal Information with third-party service providers who use this information to perform services for us, such as hosting providers, auditors, advisors, consultants, payment processors, customer service and/or support providers.
- Advertising and Marketing Partners:We may share Personal Information with third parties that provide advertising, campaign measurement, online and/or mobile analytics, and related services. These third parties may receive or access browsing and/or other data about your use of the Services, in order to help us better reach individuals with relevant ads and/or measure our ad campaigns, and/or to better understand how individuals interact with our Site and Services overtime and across devices. The third parties may also assist us with promotions, promotional offers or engagements. We may also transfer and/or sell Personal Information we collect and/or join together with other businesses to bring selected opportunities to customers or potential customers.
- Subsidiaries, affiliates, and business partners: Vista Outdoor may share your Personal Information with its affiliated companies (i.e., affiliated brands, parent company, and other companies under common ownership, control or management); these affiliated companies may use such Personal Information for the purposes set out in this Policy, including for market research, sending promotional material, newsletters, and surveys.
- Legal compliance:We may be required to share Personal Information in response to a valid court order, subpoena, government investigation, or as otherwise required by law. We also reserve the right to report to law enforcement agencies any activities that we, in good faith, believe to be unlawful. In addition, we may share certain Personal Information when we believe that doing so is reasonably necessary to protect the rights, property and safety of our company and/or others.
- Business transfers:We may disclose and/or transfer Personal Information as part of any actual or contemplated merger, sale, transfer of assets, acquisition, financing and/or restructuring of all or part of our business, bankruptcy or similar event, including related to due diligence conducted prior to such event where permitted by law.
- Protect our rights:We may disclose Personal Information where we believe it necessary to respond to claims asserted against us, to enforce or administer our agreements and terms, for fraud prevention, risk assessment, investigation and/or to protect our and our affiliates, partners, clients, customers and/or others’ rights, property, or safety.
We may share aggregate or anonymized information with third parties for research, marketing, advertising, analytics and/or other purposes. If we anonymize your Personal Information we will not attempt to re-identify you.
Automated decisions are decisions made without human intervention that have a legal effect on you or another similarly significant effect. We may carry out this type of processing for profiling purposes, or [insert activity]. For more information on your right to opt out of this type of processing activity, please see Section 14 of this policy.
5. User Choice Regarding Collection, Use and Disclosure of Personal Information.
If you do not provide the Personal Information we request, or if you withdraw your consent to the processing of your Personal Information, then you may be unable to use the Services.
6. Cookies and Analytics.
We use the following cookies on our Site, unless specified otherwise:
Description of Cookies
Strictly Necessary Cookies
These are essential to enable you to move around our Site and to allow the features of the sites to work correctly. Without these, services you request – such as navigating between pages – cannot be provided. These cookies are used to collect information about how visitors use our Site. We use this information to compile reports and to help us improve the Site. These cookies are used to request for services, such as setting your privacy preferences, logging in or filling in forms, in connection with your shopping cart or checkout, updating account information, etc. Some may be set by us or by third-party providers whose services we have added to our pages. Some are used in connection with access to admin. Others are used to track a user's session through the multi-step checkout process and keep their order, payment and shipping details connected. You can set your browser to block or alert you about these cookies, but some parts of our Site may not work. These cookies do not store any personally identifiable information except as may be necessary to authenticate your access to our Site.
These cookies record information about choices you have made and allow us to remember your preferences. If your identity is known to us and we have information about your choices and preferences, we may use this information to help us build up your profile based on your web journey, and choices. These cookies enable our Sites to provide enhanced functionality and personalization. They may be set by us or by third-party providers whose services we have added to our pages. If you do not allow these cookies, then some or all of these services may not function properly.
Performance and Analytics Cookies
These cookies allow us to count visits and traffic sources, through various third parties, so we can measure and improve the performance of our sites. These enable us to collect information about how you use our Site or read our publications, for instance which pages are viewed by visitors most frequently and how users interact with each of our Site. This information is used to compile reports to improve the respective site, including reports on the number of visitors to the Site, where the visitors are located, marketing and referrals, and what pages the users visit on the Site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies, we will not know when you have visited our Site and will not be able to monitor site performance.
Social Media Cookies
These cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies, you may not be able to use or see these sharing tools.
Advertising cookies help us make sure that the ads you see on our Site are relevant to you and your interests. Advertising cookies may also be placed on your device by our third-party service providers that remember you have visited the Sites in order to provide you with ads more relevant to you.
How to disable cookies: Most browsers automatically accept cookies unless you change your internet browser settings. If you wish to restrict, block or delete the cookies which are set by our Site, you can generally do this through your browser settings. These settings are usually found in the 'options' or 'preferences' menu of your internet browser. If you set your internet browser preferences to block all cookies, you may not be able to access all or parts of our site.
If you want to learn more about cookies, or how to control, disable or delete them, please visit http://www.aboutcookies.org for detailed guidance. In addition, certain third-party advertising networks, including Google, permit users to opt out of or customize preferences associated with your internet browsing. To learn more about this feature from Google, click here.
7. Protection of Personal Information.
We want you to have continuing trust in us and in our products and Services. In order to prevent unauthorized access, maintain data accuracy, and ensure the correct use of information, we have put in place reasonable and appropriate physical, electronic, and managerial procedures to safeguard the information we collect. Unfortunately, we cannot guarantee that unauthorized access, hacking, data loss, or other breaches will not occur. As a result, while we strive to protect your Personal Information, you acknowledge that: (a) there are security and privacy limitations of the internet which are beyond our control; (b) the security, integrity and privacy of any and all information and data exchanged between you and us through our Services cannot be guaranteed; and (c) any such information and data may be viewed or tampered with in transit by a third party. We urge you to take steps to keep your Personal Information safe, such as choosing a strong password and logging out of your User Account and closing your web browser when finished using the Services.
8. Retention of Personal Information.
9. Children’s Privacy.
The Children’s Online Privacy Protection Act (COPPA) protects the online privacy and Personal Information of children under 13 years of age. We respect children’s privacy. The Services are not intended for children under the age of 13. We do not knowingly solicit, collect or maintain personally identifiable information online from children under the age of 13 without prior verifiable parental consent. As soon as it is reasonable to assume your Personal Information is no longer needed or required, we will cease to retain your Personal Information, or remove the means by which the data can be associated with you. If you have concerns over the collection of children's Personal Information on the Site, please contact us at the information provided in the Contact Us section below. Parents can also select the Subject: “Personal Information / Opt Out” on our Contact Us page to access, change, or delete any Personal Information that has been submitted by a child. We do not share or sell Personal Information of minors under 16 years of age.
10. Transfers outside the UK/Europe
For users in the UK and European Economic Area (“EEA”): We may sometimes transfer your Personal Information to countries outside the UK and EEA, for example if we are using a supplier based elsewhere. The privacy laws in countries outside the UK and EEA may be different from those in your home country.
Where we transfer data to a country that has not been deemed to provide adequate data protection standards, we will always have security measures and approved European or UK model clauses (available on the European Union’s legal website at eur-lex.europa.eu and the UK ones at the ICO website www.ico.gov.uk) or other adequate safeguards in place to protect your Personal Information. Please contact us if you would like more details about our safeguards for data transfers outside of the UK/EEA.
For other users: If we transfer your Personal Information to countries outside of your home country, we will take steps to comply with the requirements for such transfer in your home country as required by relevant law.
11. Links to Third Party Sites.
The Services may contain links to websites operated by third-parties. This Policy does not apply to third-party websites that are accessible through our Services unless such website directs users or visitors to this Policy. When you click on one of these links, you will be transferred out of the Site and connected to the website of the organization or company that maintains that website. We are not responsible for the privacy practices or the content of third-party websites. Even if an affiliation exists between the Site and a third-party website, we exercise no control over the use of such websites and we encourage you to read the privacy policies of those websites.
12. Text Messages.
We may send text messages you have consented to receive. Depending on your consents, the text messages may provide you with information about your orders or special offers regarding marketing communications about our products. The messages you receive may come from an autodialer. You can cancel text messages at any time by texting “STOP”. After you send “STOP”, we may send you an additional text message to confirm that you have been unsubscribed. You will no longer receive text messages from that number, but you may receive text messages if you are subscribed to other text lists. You may resubscribe to receive text messages after you have unsubscribed. If at any time you have questions about the text messages, text “HELP” and we will respond with additional information to assist. Message and data rates may apply. Consent is not required as a condition of purchase.
13. How to Contact Us.
14. Your Rights.
Depending on where you live, you may have a number of rights when it comes to your Personal Information. Further information and advice about your rights can be obtained from the data protection regulator in your country, and many countries provide a right to lodge a complaint with the regulator. The rights that may be available to you include rights such as:
United States (“US”) data protection laws grant California, Colorado, Connecticut, Utah, and Virginia residents the following data rights:
You also have the right to request access to Personal Information collected about you and information regarding the source of that information, the purposes for which we collect it, and the third parties and service providers with whom we share it. You may submit such a request as described below. To protect our customers’ Personal Information, we are required to verify your identify before we can act on your request.
Right to Portability. You have the right to request that we provide a copy of the Personal Information we have collected about you, in a portable and, to the extent technically feasible, readily usable format that allows you to transmit the data to another entity without hindrance. Once we receive your request and confirm your identity, we will provide to you a copy of your data as required under the applicable data protection laws. We may provide this data to you through your user account with us, or via email to the email address you have provided with your request.
Right to Delete. Subject to certain exceptions, you have the right to request that we delete any of your Personal Information. Once we receive your request and confirm your identity, we will review your request to see if an exception allowing us to retain the information applies. We will delete or de-identify Personal Information not subject to one of these exceptions from our records and will direct our service providers to take similar action.
Right to Correct. Subject to certain exceptions, you have the right to request that we correct inaccurate Personal Information that we have collected about you. Once we receive your request and confirm your identity, we will review your request, taking into account the nature of the Personal Information and the purposes of the processing of the Personal Information to see if we can correct the data. We may also request additional information showing that the information you want to correct is inaccurate.
Non-Discrimination. We will not discriminate against you for exercising any of your data privacy rights.
Exercising Your Rights. To make your request to know or delete, contact us toll-free at 800-285-0689, and provide the following information: first name, last name, email, mailing address, brand, request. We will verify your request by sending a response to the email or mailing address we have on file for you. You can also submit requests to exercise your rights here.
Only you, or someone legally authorized to act on your behalf, may make a request to know or delete related to your Personal Information. You may also make a request to know or delete on behalf of your child.
Certain data protection laws limit the ability to make a request to know to twice within a 12-month period and allow us to charge a reasonable fee for responding to numerous requests from the same user. We cannot respond to your request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to you.
You do not need to create an account with us to submit a request to know or delete. However, we do consider requests made through your password protected account sufficiently verified when the request relates to Personal Information associated with that specific account.
We will only use Personal Information provided in the request to verify the requestor's identity or authority to make it.
Right to Opt-Out of Sale or Sharing of Personal Information. You have the right to opt-out of selling or sharing your Personal Information with third parties, as those terms are defined under California law. Submit your request to opt out of the sale of your Personal Information Contact Us.
As described above in Section 4 titled “4. Disclosure of Personal Information,” Vista Outdoor will only share your information with its Affiliated Brands and Companies, service providers, in connection with certain business transfers, as required by law, or, in some cases, business partners that you agree to share your information with.
California Shine the Light
Under California’s "Shine the Light" law (Cal. Civ. Code § 1798.83), California residents who provide us certain Personal Information are entitled to request and obtain from us, free of charge, information about the Personal Information (if any) we have shared with third parties during the immediately preceding calendar year for their own direct marketing use. Such requests may be made once per calendar year for information about any relevant third-party sharing in the prior calendar year. California residents who would like to make such a request may submit a request to the contact information provide below. The request should attest to the fact that the requester is a California resident and provide a current California address. We are only required to respond to a customer request once during any calendar year. Please be aware that not all information sharing is covered by California’s "Shine the Light" law and only information sharing that is covered will be included in our response.
If you are a resident of Nevada, you have the right to opt-out of the sale of certain Personal Information to third parties who intend to license or sell that Personal Information. You can exercise this right by contacting us here. Please note that we do not currently sell your Personal Information as sales are defined in Nevada Revised Statutes Chapter 603A. If you have any questions, please contact us as set forth above.
Colorado, Connecticut, Virginia and Utah Residents’ Rights
Right to Opt-Out. You have the right to out of the processing of the Personal Information for purposes of (i) targeted advertising, (ii) the sale of Personal Information, or (iii) profiling in furtherance of decisions that produce legal or similarly significant effects concerning the consumer.
Right to Appeal. If you make a request to exercise any of the above data access rights and we are unable to comply with your request, you may request to appeal our decision. To appeal any data privacy request decision, please contact us here. If after you complete the appeal process with us, you are still unsatisfied with our response, you may contact your Attorney General to file a complaint. Below is the contact information for the appropriate entity where you can inquire about filing an appeal:
Office of the Attorney General
202 North 9th Street
Richmond, Virginia 23219
Phone: (804) 786-2071
Office of the Attorney General
Colorado Department of Law
Ralph L. Carr Judicial Building
1300 Broadway, 10th Floor
Denver, CO 80203
Office of the Attorney General
165 Capitol Ave
Hartford, CT 06106
European Union/EEA and United Kingdom
- The right to be informed. You have the right to be provided with clear, transparent and easily understandable information about how we use your Personal Information and your rights. This is why we are providing you with the information in this Policy. If you have any additional questions, for example regarding transfers and locations of data or our legitimate interests basis, please contact us.
- The right of access. You have the right to obtain access to your Personal Information (if we are processing it), and certain other information (similar to that provided in this Policy).
- The right to rectification. You have the right to request us to correct inaccurate Personal Information we hold about you.
- The right to erasure. This is also known as the ‘right to be forgotten’ and enables you to request the deletion or removal of your information where there is no compelling reason for us to keep using it. This is not a general right, there are exceptions.
- The right to restrict processing. You have rights to ‘block’ or suppress further use of your Personal Information in certain circumstances. When processing is restricted, we can still store your Personal Information, but we may not use it further. We keep lists of people who have asked for further use of their information to be ‘blocked’ to make sure the restriction is respected in future.
- The right to data portability. You have the right, in certain circumstances, to request that we send a copy of your Personal Information to a third party. If we do this, we will send your Personal Information in a structured, commonly-used and machine-readable format. This is not a general right, there are exceptions.
- The right to object. You have the right to object to certain types of processing, including processing for direct marketing or where we are relying on our legitimate interests for processing.
- The right to lodge a complaint. You have the right to lodge a complaint about the way we handle or process your Personal Information with your national data protection regulator. In the UK, this is the Information Commissioner, and details of how to contact the ICO can be found on their website at ico.org.uk.
- The right to withdraw consent. If you have given your consent to anything we do with your Personal Information, you have the right to withdraw your consent at any time (although if you do so, it does not mean that anything we have done with your Personal Information with your consent up to that point is unlawful). This includes your right to withdraw consent to us using your Personal Information for marketing purposes.
You can exercise any of these rights using the Contact Us function on the Site.
We usually act on requests and provide information free of charge, but we may charge a reasonable fee to cover our administrative costs of providing the information for baseless or excessive/repeated requests, or further copies of the same information. Alternatively, we may be entitled to refuse to act on the request in some circumstances.
Please consider your request responsibly before submitting it. We will respond as soon as we can. Generally, this will be within one month from when we receive your request but, if the request is going to take longer to deal with, we will come back to you and let you know.