CALIFORNIA PRIVACY POLICY

CALIFORNIA PRIVACY POLICY Last Updated: January 7, 2020

Masonite Corporation(“Masonite”, “Company,” “we,” “our,” or “us”) takes your privacy seriously. We want you to know how we collect, use, share, and protect your Personal Information and about the rights of California Consumers under California law.

This Privacy Policy addresses the following topics

  • The Scope of this Privacy Policy
  • The Company’s Collection, Use and Disclosure of Personal Information
  • Your California Privacy Rights
  • How to Exercise Your Rights
  • How We Will Verify Your Requests
  • Requests by Authorized Agents
  • The Company’s Non-Discrimination Policy
  • Your Right to Information About Disclosures of Personal Information for DirectMarketing Purposes
  • Your “Do Not Track” Browser Setting
  • Third-Party Links and Services
  • Minors Under 13 Years of Age
  • For More Information
  • Changes to This California Privacy Policy

Assistance For The Disabled

Alternative formats of this Privacy Statement are available to individuals with a disability. Please contact us at webmaster@Masonite.com for assistance.

The Scope Of This Privacy Policy

What Is Personal Information?

“Personal Information”. “Personal Information” means information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular CaliforniaConsumer or household.

Whose Personal Information Is Covered By This Policy?

This California Privacy Policy applies to the Personal Information of residents of the State of California in their capacity as consumers (“California Consumers”).

What Personal Information Does This Privacy Policy Cover?

This Privacy Policy applies to all Personal Information of California Consumers that we collect both online and offline, including through California Consumers’ (a) visits to our website, and (b) use of our products, applications, or services that references this Privacy Policy (collectively, the “Services”).

Whose Personal Information Is Not Covered By This Privacy Policy?

For purposes of this Privacy Policy, “Consumer” does not include:
  • California residents who are Company’s employees, job applicants, directors,officers, or independent contractors (collectively, “HR Individuals”), or theemergency contacts of HR Individuals or the dependents or spouses who receiveCompany benefits by virtue of their relationship to an HR Individual in theircapacities as HR Individuals or emergency contacts, dependents, or spouses; or
  • California residents who are employees or other agents of a business engaged ina transaction with Company in their capacities as employees or agents of thatbusiness.

What Else Should I Know About The Company’s Handling Of California Consumers’Personal Information?

Please read Masonite’s Terms of Use and Privacy policy available at https://www.masonite.com/about-us/privacy-legal, as they contain important information about your use of the Services. If you have any questions, please contact us using the information below.

The Company’s Collection, Use And Disclosure Of Personal Information

This section of the Privacy Policy describes, for the 12 months preceding the date last updated, above, (a) the categories of Personal Information we have collected about you, (b) the sources of that Personal Information, (c) the business and commercial purposes for use, and (d) the categories of third party recipients of your Personal Information. Unless we inform you otherwise, this section also serves as our “notice of collection” by informing your of your Personal Information to be collected in the future and the purposes for its use.

Categories Of Personal Information Collected

In the last 12 months, Companycollected the following categories of Personal Information about California Consumers:
  • Identifiers, including: full name; address; email address; and telephone number.
  • Payment Information,including: payment method; credit card number, CVV /CID, expiration date; billing address.
  • Product Information, including: product name, serial number, place of purchase,product usage information, color, and version; product reviews.
  • Commercial Information, including: products and services purchased; shippingmethod for purchased products; information about products that you havereturned; marketing preferences including email marketing preferences.
  • Internet Or Other Electronic Network Activity Information, including: browserused, search requests and results, pages visited on Masonite’s websites and linksclicked; IP address; language preferences.
  • Inferences, drawn from the categories of Personal Information listed above tocreate a profile reflecting a consumer’s preferences.

Purposes For Using Personal Information Collected

In the last 12 months, Companyused the categories of Personal Information listed above for the following purposes:
Categories of Personal Information Purpose For Which Information Is Used
  • Identifiers
  • Payment Information
  • Product Information
  • Commercial Information
  • Internet or Other ElectronicNetwork Activity Information
  • Inferences drawn from thecategories of Personal Informationlisted above to create a profilereflecting a consumer’spreferences
    To Provide Our Services
    • Identifiers
    • Commercial Information
    • Internet OrOther ElectronicNetwork Activity Information
    • Inferences drawn from thecategories of Personal Informationlisted above to create a profilereflecting a consumer’spreferences
    To Communicate With Current And Prospective Customers, Including Responding To Questions About Our Services.
    • Identifiers
    • Product Information
    To Communicate With Current And Prospective Customers About Our Services As Well As Promotions.
    • Identifers
    • Commercial Information
    • Internet Or Other ElectronicNetwork Activity Information
    • Payment Information
    To Protect Against Malicious, Deceptive, Fraudulent, Or Illegal Activity.
    • Identifiers
    • Commercial Information
    • Internet or Other ElectronicNetwork Activity Information
    To Audit Masonite’s Customer Interactions, Transactions, and Legal Compliance.
    • Commercial Information
    • Internet or Other ElectronicNetwork Activity Information
    • Product Information
    To Undertake Internal Research For Technological Development And Demonstration.
    • Internet or Other ElectronicNetwork Activity Information
    • Product Information
    To Undertake Activities To Verify Or Maintain The Quality Or Safety Of Our Services, And To Improve, Upgrade, Or Enhance Our Services.
    • Product Information
    • Identifiers
    • Payment Information
    • Product Information
    • Commercial Information
    • Internet or Other ElectronicNetwork Activity Information
    • Inferences drawn from thecategories of Personal Informationlisted above to create a profilereflecting a consumer’spreferences
    Short-term, Transient Use.

    Sources Of Personal Information Collected

    In the last 12 months, Companycollected the following categories of Personal Information about California Consumers from the following sources:
    • Directly From California Consumers: (a) Identifiers, (b) CommercialInformation, (c) Payment Information, (d) Product Information; (e) Inferences 5drawn from the aforementioned categories of Personal Information provided by the consumer.
    • Data Collection Technologies(described above): InternetOr Other ElectronicNetwork Activity Information.

    Disclosure Of Personal Information To Third Parties

    In the last twelve months, Masonite disclosedthe following categories of Personal Information about California Consumers for a business or commercial purpose to our affiliates and to customers, suppliers, or others involved in the distribution chain to provide the products or services that have been requested by the California Consumer. Category of Personal InformationCategory of Third Party
    Identifiers
    • Affiliates
    • Government agencies, lawenforcement, and other parties asrequired by law, including inlitigation

    No Sale Of Personal Information

    Masonite does not and will not sell California Consumers’ Personal Information.

    Your California Privacy Rights

    Right to Know
    California Consumers have the right to submit a verifiable request to know:
    • The categories and specific pieces of Personal Information that Companyhascollected about them;
    • The categories of sources from which Companycollected the PersonalInformation;
    • The categories of Personal Information that Companysold or disclosed to a thirdparty (other than a service provider) for a business purpose and the categories ofrecipients of that information; and
    • The business orcommercial purposes for Company’s collection, disclosure, or saleof the Personal Information.
    Right To Delete
    • California Consumers have the right to submit a verifiable request for deletion oftheir Personal Information that Companyhas collected from the Consumer.
    Right to Opt Out of Sale of Personal Information
    • California Consumers have a right to opt-out of the sale of the PersonalInformation. However, as stated above, Company does not and will not sellPersonal Information.

    How to Exercise Your Rights

    Masonitewill respond to requests in accordance with applicable law if it can verify the identity of the individual submitting the request. California Consumers can exercise their rights in the following ways:

    Requests By Authorized Agents

    You may designate an authorized agent to exercise your right to know or your right to delete by submitting to us a completed “Authorized Agent Designation” form. You can obtain the designation form by contacting us at webmaster@Masonite.com If an authorized agent submits a request to know or a request to delete on your behalf, the authorized agent must submit with the request either (a) a power of attorney that is valid under California law, or (b) a document signed by you that authorizes the authorized agent to submit the request on your behalf. In addition, we may ask you to follow the applicable process described above for verifying your identity.

    How We Will Verify Your Requests

    The processes that we follow to verify that the person making a request to know or a request to delete is the person about whom we have collected personal information are described below. The relevant process depends on how and why the request is submitted.

    Requests Through Your Password-Protected Account

    If you created a password-protected account with us before the date of your request, we will rely on the fact that your request has been submitted through your account as verification of your identity. We will require that you re-authenticate yourself before we disclose your personal information in response to a request to know and before we delete your personal information in response to a request to delete. You are responsible for protecting the security of your log-in credentials for your account. Please do not share your log-in credentials with anyone. If we suspect fraudulent or malicious activity on or from your account, we will not respond to a request to know or a request to delete until we have been able to confirm, through further verificationprocedures, that you made the request.

    Requests Other Than Through A Password-Protected Account

    If you submit a request by any means other than through a password-protected account that you created before the date of your request, the verification process that we follow will depend on the nature of your request as described below:
    • Requests To Know Categories Of Personal Information: We will match at least two data points that you provide with your request to know, or in response to our request for verification information, against information about you we already have in our records and that we have determined to be reliable for purposes of verifying your identity. Examples of relevant data points include your mobile phone number, your zip code, or information about products or services that you have purchased from us.
    • Requests To Know Specific Pieces Of Personal Information: We will match at least three data points that you provide with your request to know, or in response to our request for verification information, against information that we already have about you in our records and that we have determined to be reliable for purposes of verifying your identity.
    • Requests To Delete Personal Information: Our process for verifying your identity will depend on the sensitivity (as determined by Masonite) of the personal information that you ask us to delete. For less sensitive personal information, we will require a match of two data points as described in Point No. 1, above. For more sensitive personal information, we will require a match of three data points as described in Point No. 2, above.
    We have implemented the following additional procedures when verifying the identity of requestors:
    1. If we cannot verify your identity based on the processes described above, we may ask you for additional verification information. If we do so, we will permanently delete the verification information that you provide promptly after we have 8completed the verification process. We will not use that information for any purpose other than verification.
    2. If we cannot verify your identity to a sufficient level of certainty to respond to your request, we will let you know promptly and explain why we cannot verify your identity.

    The Company’s Non-Discrimination Policy

    California Consumers have the right not to be subject to discriminatory treatment by Companyfor exercising their privacy rights under the California Consumer Privacy Act, and Companywill not discriminate on that basis. However, Companymay charge a California Consumer a different price or rate or provide a different level or quality of goods or services if the difference is reasonably related to the value provided to the California Consumer by the Consumer’s Personal Information. If Companydoes so, it will provide Consumers with any legally required notice.

    Your Right to Information About Disclosures of Personal Information for Direct Marketing Purposes:

    Under California law, California Consumers can request information from us whether we have disclosed Personal Information to any third parties for the third parties' direct marketing purposes. We will not sell consumer’sPersonal Information to, or share it,with third-party companies for their direct marketing purposes.

    Your ‘Do Not Track’ Browser Setting

    Thissite collects personally identifiable information about your online activities over time. However,we do not collect personally identifiable information across third-party websites or online services, and third parties may not collect personally identifiable information about an individual’s online activities over time when an individual uses thisweb site.and across third-party websites or online services.We not support the Do Not Track (DNT) browser setting. DNT is a preference you can set in your browser’s settings to let the websites you visitknow that you do not want the sites collecting your personally identifiable information. A visitor to thissite has control over their individual settings on their browser application which may block collection of information, but we do not push any of these settings to the visitor.

    Third-Party Links And Services

    We provide links to third party websites operated by organizations not affiliated with Company. We donot disclose your Personal Informationto organizations operating such linked third-party websites. We do not review or endorse, and are not responsible for, the privacy practices of these organizations. We encourage you to read the privacy policy of each and every website that you visit. This Privacy Policy applies solely to information collected by Company through the Services.

    Minors Under 16Years of Age

    We respect the privacy of children. Our Services are not designed to attract an audience younger than sixteen (16), and we do not knowingly collect Personal Information from children under sixteen (16). If you are under the age of sixteen (16), you are not permitted to use our Services and should not send any information about yourself to us through the Services. Please contact us using the contact details below if you believe we may have collected information from your child under the age ofsixteen (16), and we will work to delete it.

    For More Information

    For questions or concerns about Company’s privacy policies and practices, please contact us at webmaster@Masonite.com.