Our
Ranges

Privacy Statement

We know that you care about your Personal Data and how it is used, and we want you to trust that Lucozade Ribena Suntory Ltd. (‘LRS’) uses your Personal Data carefully.

This privacy notice applies to www.lucozade.com Please read it carefully as the privacy notice sets out how and why we collect, store, use and share your Personal Data and your rights in relation to your Personal Data including details of how to contact us and the supervisory authorities if you have a complaint.

This Privacy Statement was last updated on 01/07/2025.

  1. WHO ARE WE AND HOW TO CONTACT US
  2. DEFINITIONS
  3. SCOPE OF THIS PRIVACY STATEMENT
  4. HOW AND WHY WE PROCESS YOUR PERSONAL DATA
  5. HOW WE SHARE YOUR PERSONAL DATA WITH THIRD PARTIES
  6. HOW WE SECURE YOUR PERSONAL DATA
  7. HOW LONG WE KEEP YOUR PERSONAL DATA
  8. YOUR RIGHTS IN REGARDS TO THE PROCESSING OF YOUR PERSONAL DATA AND HOW YOU CAN EXERCISE THEM
  9. QUESTIONS AND CONCERNS
  10. PRIVACY STATEMENT UPDATES

  1. WHO ARE WE AND HOW TO CONTACT US

    Suntory Beverage & Food Europe ("SBFE") is the European regional division of Suntory Beverage & Food (SBF) Limited and part of the Suntory Group. This website is operated by Lucozade Ribena Suntory Ltd. (‘LRS’), which is an affiliate of SBFE.

    Lucozade Ribena Suntory Ltd. (‘LRS’) is the Controller of your Personal Data collected through your interactions with this website, and these are our contact details: 

    -   Name Lucozade Ribena Suntory Ltd. (‘LRS’)
    -   Address: Building 1, ARC Uxbridge, UB8 1DH,
    -   United Kingdom.
         Email: GDPR.info@suntory.com

    Where we refer to SBFE in this Privacy Statement we are referring to Lucozade Ribena Suntory Ltd.

    SBFE and its affiliates (also referred in this notice as ‘’SBFE, ‘’We’, ‘’Our’’, or ‘’us’’) take privacy very seriously and are committed to ensure that you are informed about the manner in which we collect, use and share your Personal Data.

    We have appointed a Data Protection Officer (DPO) ;

    HelloDPO Law Ltd is a company registered in England and Wales.

    Registered office: 23 Cottingham Way, Thrapston, Northamptonshire, NN14 4PL, United Kingdom.

    For any questions related to the processing of your Personal Data in scope of this Privacy Statement, contact our DPO at GDPR.info@suntory.com.

  2. DEFINITIONS

    “Affiliate means, with respect to a party, an entity that (directly or indirectly) controls, is controlled by or is under common control with, such party, where control refers to the power to direct or cause the direction of the management policies of another entity, whether through ownership of voting securities, by contract or otherwise;

    Controller means the entity which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data;

    Data Protection Laws means all applicable laws and regulations relating to the processing of the Personal Data and privacy including, not limited to, the Data Protection Act 2018; the UK General Data Protection Regulation (GDPR); the European Union (EU) GDPR; the Privacy and Electronic Communications (EC Directive) Regulations 2003;  the Data Protection (Charges and Information) Regulations 2018 and any EU member state local laws;

    Data Subject Request means a Data Subject's request to exercise the individual’s rights under the Data Protection Laws in respect of the individual’s Personal Data, including, without limitation, the right to be informed, access, correct or amend, transfer, obtain a copy of object to the processing of, block or delete such Personal Data and rights in relation to automated decision making and profiling;

    EU GDPR means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (General Data Protection Regulation);

    Data means any data, including Personal Data, whether in physical or electronic form, including but not limited to documents, databases, records, intellectual property and confidential information (as defined elsewhere in this Privacy Statement), created by or made available to any SBFE entity and/or any of its Affiliates;

    “Personal Data means any information relating to an identified or identifiable natural person made available to SBFE affiliates through this website.  An identifiable natural person (each a “Data Subject”), is one who can be identified, directly or indirectly, in particular by reference to an identifier, identification number or to one or more factors specific to the physical, physiological, mental, economic, cultural or social identity of that natural person;

    Processing or Process means any operation or set of operations which is performed by or on behalf of SBFE and its affiliates as part of the Services upon Personal Data, whether or not by automatic means, such as collection, recording, organisation, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction;

    Processor means the entity which Processes Personal Data on behalf of the Controller.

    Regulator means the European data protection authority or other regulatory, governmental or supervisory authority with authority over all or any part of (a) the provision or receipt of the Services provided by SBFE through its affiliates, (b) the Processing of Personal Data in connection with this website;

    Security Incident means any Personal Data Breach (as defined in the Data Protection Laws) or other incident that has resulted, or is reasonably likely to result, in any accidental, unauthorised or unlawful destruction, loss, alteration, disclosure of, access to or encryption of (a) SBFE entity Data or (b) other information where such incident has the potential to harm any SBFE entity's or affiliate’s business, clients, employees, systems or reputation;

    Services means the services that the SBFE affiliates provide through this website;

    Subcontractor means a third-party subcontractor engaged by or on behalf of the SBFE affiliate managing this website;

    “Suntory Group” means Suntory Holdings Limited (“SHD”) and entities which SHD directly or indirectly controls.

    UK GDPR means the General Data Protection Regulation (EU) 2016/679 as it forms part of the law of England and Wales, Scotland, and Northern Ireland by virtue of section 3 of the European Union (Withdrawal) Act 2018, working alongside the Data Protection Act 2018 (DPA 2018), as amended by the Data Protection, Privacy and Electronic Communications (Amendments etc.) (EU Exit) Regulations 2019 and 2020, and as further amended or replaced by legislation in force in the United Kingdom from time to time.

  3. SCOPE OF THIS PRIVACY STATEMENT

    This privacy notice sets out the conditions on how and why Lucozade Ribena Suntory Ltd. processes your Personal Data. These are:

    1. When you visit this website;
    2. When you interact with our social media platforms (LinkedIn, Facebook, Twitter, etc); for inquiries, to make requests, to provide feedback or other general communication;
    3. When you contact us through our website contact form or chat;
    4. When you contact us by email or phone call;
    5. When we manage our website;
    6. When we comply with our legal obligations;
    7. When we need to protect our interests;
    8. When you visit us in any of our physical locations (offices, factories, warehouses, etc).

     

  4. HOW AND WHY WE PROCESS YOUR PERSONAL DATA

    Personal data that you provide

    Purpose of the processing

    Type of Personal Data

    Legal basis for processing

    When you interact with our social media platforms

    We may use the content you share with us on our social media platforms, for marketing campaigns and to generally promote our products and services.

     

    We can also process the feedback we receive from you on social media to improve our products and services.

    1. Personal identifiers: first name, family name, email address, phone number.

    2. Any information that may be considered     Personal Data and that you choose to share with us through our web forms, phone call, postal mail, or on our social media platforms.

    Our Legitimate Interest to improve and advertised our products and services.

    When you contact us through our communication channels (web contact form, web chat, email or phone call)

    To manage, track and respond to your inquiries and questions, receive your comments, feedback and/ or fulfil your requests or to provide you with more information on the use or characteristics of our products.

    1. Personal identifiers: first name, family name, email address, postal address, phone number, date of birth.

    2. The reason for your contact and any additional information that may be considered     Personal Data and that you choose to share with us through our web forms, phone call, postal mail, or on our social media platforms.

    Our legitimate interest to respond to your enquiry, fulfil your request , respond to your feedback.

    When we comply with our legal obligations

    To comply when this is required by legal proceedings or public authorities, and we reasonably believe that disclosing your Personal Data is strictly necessary to comply with those obligations.

    1. Personal identifiers: first name, family name, email address, phone number.

    2. Any information that may be considered     Personal Data and that you choose to share with us through our web forms, phone call, postal mail, or on our social media platforms.

    Our legal obligation

    When we need to protect our interests

    To lawfully enforce our terms and conditions, protect our operations or those of any SBFE affiliates, protect our rights, privacy, safety, or property, and/or that of any SBFE affiliates, and allow us to pursue available legal remedies or limit the damages that we may have.

    1. Personal identifiers: first name, family name, email address, phone number.

    2. Any information that may be considered     Personal Data and that you choose to share with us through our web forms, phone call, postal mail, or on our social media platforms.

    Our Legitimate interest to lawfully enforce our terms and conditions, protect our operations or those of any SBFE affiliates, protect our rights, privacy, safety, or property, and/or that of any SBFE affiliates, and allow us to pursue available legal remedies or limit the damages that we may have.



    Personal data that we collect or generate about you:

    Purpose of the processing

    Type of Personal Data

    Legal basis for processing

    When you visit our website - Use of cookies

    1. Non-essential cookies: To measure your engagement with this website and provide you with content adapted to your interests (e.g. to know how you use our Sites, when you use them, how often, through which device, how long you stay on the website, what items you click on) we use cookies.


    The use of these cookies also helps us to know the Sites' users better, and adapt our Sites to the identified preferences of the users, but also more generally improve our products and services.*

    1. A file with your contact history, to be used for enquiry purposes, so that we may ensure that you are satisfied with the services we are providing to you;  

    2. Browser and device information: IP address, MAC address, Google Ad ID, Identity For Advertisers (device ID);

    3. Server log file information;

    4. Activity / Engagement     Personal Data (e.g. date and time of activity on relevant Sites, number of times a Site was visited and which items are clicked on).

    Your consent

    2. Essential cookies:  We use essential cookies to enable our website to function properly and improve its use and functionality.

    1. IP address, MAC address, device type, software, browser information, Google Ad ID, Identity For Advertisers (device ID.

    Our legitimate interest to enable our website to function properly and improve its use and functionality.

    When we manage our website

    For the correct administration, changes or restructuration of this website, to diagnose server problems, to prevent any potential disruptions or cyberattacks on our systems and networks and to update our security solutions.

     

    1. IP address, MAC address, device type, software, browser information, Google Ad ID, Identity For Advertisers (device ID.

    Our legitimate interest to manage our website, to diagnose server problems, to prevent any potential disruptions or cyberattacks on our systems and networks and to update our security solutions.

    When we comply with our legal obligations

    To comply, when this is required by legal proceedings or public authorities, and when we reasonably believe that disclosing your Personal Data is strictly necessary to comply with those obligations.

    1. A file with your contact history, to be used for enquiry purposes, so that we may ensure that you are satisfied with the services we are providing to you;  

    2. Browser and device information: IP address, MAC address, Google Ad ID, Identity For Advertisers (device ID);

    3. Server log file information;

    4. Activity / Engagement Personal Data (e.g. date and time of activity on relevant Sites, number of times a Site is visited and which items are clicked on).

    Our legal obligation

    When we need to protect our interests

    To lawfully enforce our terms and conditions, protect our operations or those of any of our affiliates, protect our rights, privacy, safety, or property, and/or that of a SBFE affiliates, and allow us to pursue available legal remedies or limit the damages that we may have.

    1. A file with your contact history, to be used for enquiry purposes, so that we may ensure that you are satisfied with the services we are providing to you;   

    2. Browser and device information: IP address, MAC address, Google Ad ID, Identity For Advertisers (device ID);

    3. Server log file information;

    4. Activity / Engagement Personal Data (e.g. data and time of activity on relevant Sites, number of times a Site is visited, which items are clicked).

    Our legitimate interest to lawfully enforce our terms and conditions, protect our operations or those of any of our affiliates, protect our rights, privacy, safety, or property, and/or that of a SBFE affiliates, and allow us to pursue available legal remedies or limit the damages that we may have.

    When we anonymize your personal information

    To perform statistics, analytics, and/or research, we may want to anonymize your Personal Data to securely process it with no possibility for this information to be related to you or identify you.

    1. A file with your contact history, to be used for enquiry purposes, so that we may ensure that you are satisfied with the services we are providing to you;  

     

    2. Browser and device information: IP address, MAC address, Google Ad ID, Identity For Advertisers (device ID);

     

    3. Server log file information;

     

    4. Activity / Engagement Personal Data (e.g. data and time of activity on relevant Sites, number of times a Site is visited, which items are clicked).

     

    Our legitimate interest to perform statistics, analytics, and/or research, we may want to anonymize your Personal Data to securely process it with no possibility for this information to be related to you or identify you.

     

    *We will always ask for your consent before placing and using non-essential cookies to track your behaviour and collect information about you. You can use the ‘Manage Cookies’ (Apt. 8 of the Cookie Policy on this website) to change your preferences or revoke consent for cookies at any time. For more information on how we use cookies, please see our Cookie Policy.

    Children Personal Data

    We take children privacy seriously therefore we do not process children’s Personal Data.

    In accordance with best practice and international standards, we do not directly market our
    products or services to children], and we do not show images of children in marketing communications.

    If you become aware that a child has provided us with personal information without parental consent or in a manner not permitted by applicable law, please contact our Data Protection Officer at GDPR.info@suntory.com. 
    Once we become aware of this, we will take steps to delete the child's personal information as required by applicable law.


    In any case, when we process your Personal Data, we make sure that this is carried out in compliance with applicable laws and regulations. We ensure that your data is only accessed by SBFE employees that have a need to do so for the purposes described in this Privacy Statement and according to our SBFE Access Control Policy. 

  5. HOW WE SHARE YOUR PERSONAL DATA WITH THIRD PARTIES

    SBFE only shares your Personal Data in the cases described below:

    1. As a global business, we may share your Personal Data within the Suntory Group, its subsidiaries and affiliates when this is required to achieve any of the purposes described in the table in ap. 4 above. When we do this, we ensure that the processing of your data by the affiliates will be carried out under the conditions described in this Privacy Statement.
    2. We may also share your Personal Data with third parties service providers outside of the group to operate and maintain our services. These third-parties service providers act as our processors for the purposes outlined in the table in ap. 4 above. Rest assured that when engaging these third parties, appropriate contractual agreements (Data Processing Agreements) compliant with the GDPR requirements are put in place between us and the third-party provider:
      1. With our business partners (for example, this could include our partners from whom you or your company or your organisation purchased our Products. Personal Data will only be transferred to a business partner who is contractually obliged to comply with SBFE data protection standards and the applicable data protection legislation);
      2. With third party agents and contractors for the purposes of providing services to us (for example, the SBFE’s accountants, professional advisors, IT and communications providers and debt collectors). These third parties will be subject to SBFE data protection standards, internal policies and procedures when processing your Personal Data, they will only use your Personal Data as described in this Privacy Statement and as expressly instructed by SBFE;
    3. If we are legally required to disclose your Personal Data, for example, to comply with any legal obligation (including, without limitation, to comply with tax reporting requirements and disclosures to regulators), or to establish, exercise or defend legal rights, described in the table in ap. 4 above;
    4. If we sell our business or assets, your Personal Data will be used by us or shared with Suntory Group for internal reasons, primarily for business and operational purposes. As we continue to develop our business, we may sell or purchase assets, subsidiaries or business units. In such transactions, your Personal Data generally is one of the transferred business assets but remains subject to the promises made in any pre-existing Privacy Notice or Statement (unless, of course, you consent otherwise).
    5. If we are acquired by a third party, your Personal Data will be disclosed to such entity as part of the due diligence process and will be transferred to such entity as one of the transferred assets. Also, if any bankruptcy or reorganization proceeding is brought by or against us, all such Personal Data will be considered an asset of ours and as such it is possible they will be sold or transferred to third parties.

    5.1 International data transfers

    SBFE is part of the Suntory Group, a global company with operations, customers, and partners spread all around the world.

    To achieve the purposes described in this Privacy Statement, we may transfer some of your Personal Data to third parties across international borders. As a result, your Personal Data may be transferred to locations outside of your country.

    If your data is transferred to a country or territory located outside the European Economic Area (EEA) or the United Kingdom (UK) and therefore not protected by GDPR, we will ensure that your Personal Data is transferred and processed with the same level of protection as it is the case when processed in the UK and the EEA. This will be done in one of the following ways:

    1. The country that we send the Personal Data to is approved by the European Commission or the UK Secretary of State (as applicable) as offering an adequate level of protection for Personal Data;
    2. The recipient of your data in the foreign country might have signed up to a contract which included “standard contractual clauses” (SSCs), approved by the European Commission or UK Secretary of State, obliging them to protect your Personal Data with certain minimum standards;
    3. By confirming that the recipient of your Personal Data is located in the United States of America and that it is self-certified under the US Department of Commerce’s ‘EU-U.S. Data Privacy Framework (DPF),’ program for international transfers to entities located in the United States https://www.dataprivacyframework.gov/list.
    4. In other circumstances, EU member state law may permit us to otherwise transfer your Personal Data outside the EEA or UK in certain specific situations.

    You can obtain more details of the protection given to your Personal Data when it is transferred outside the EEA and the UK (including a copy of the standard data protection clauses which we have entered into with the recipients of your Personal Data) by emailing us at GDPR.info@suntory.com.

  6. HOW WE SECURE YOUR PERSONAL DATA

    SBFE takes all necessary technical and organisational measures to protect the confidentiality, security, and ensure the availability of your Personal Data collected via our digital media. These efforts include but are not necessarily limited to:

    1. Technical measures: We have controls in place to maintain the security of our information and information systems. Files containing Personal Data are protected with different safeguards according to the sensitivity of the relevant information. Appropriate controls (such as restricted access) are placed on our computer systems. Physical access to areas where Personal Data is gathered, processed or stored is also limited to authorised employees.
    2. Organizational measures: As a condition of employment, our employees are required to follow internal policies and procedures, and all applicable data protection laws and regulations. Access to sensitive Personal Data is limited to those employees who need it to perform their roles. Unauthorised use or disclosure of confidential SBFE entity information by one of our employees is prohibited and may result in disciplinary measures.
      When you contact one of our employees about your file, you may be asked for some Personal Data. This type of safeguard is designed to ensure that only you, or someone authorised by you, has access to your file.
    3. Contractual measures: All data processors we engage with are subject to an exhaustive selection process and bind to SBFE data protection contractual clauses to ensure the processing of your Personal Data remains within our standards of GDPR compliance. Data processors on behalf of SBFE are also contractually obliged to ensure that any sub-processors engaged in the processing will perform its duties within the same required data protection standards.

  7. HOW LONG WE KEEP YOUR PERSONAL DATA

    By rule, we will keep your data accurate and up to date for as long as we need it for the purposes described in this Privacy Statement. If the processing of your Personal Data is no longer necessary for any purpose, it will be either irreversibly anonymized (and the anonymized data may be retained), or securely erased.

    Exception to this rule is when it is necessary to comply with our legal and regulatory obligations, resolve disputes and enforce our agreements imposing that SBFE must keep your Personal Data for a longer period after the purpose of the processing was attained..

    For more information on how long we keep cookies on your electronic device, please refer to our Cookie Policy

  8. YOUR RIGHTS IN REGARDS TO THE PROCESSING OF YOUR PERSONAL DATA AND HOW YOU CAN EXERCISE THEM

    I) In all cases described in apt.4 in which we collect, use or store your Personal Data, you may have the following rights, and, in most cases, you can exercise them free of charge.

    These rights include:

    1. Right of access: the right to request the confirmation on whether your Personal Data is being processed by us or not, and to access that Personal Data;
    2. Right to withdraw: when the processing of your Personal Data is legally based on your consent, you have the right to withdraw your consent at any time, without prejudice tto the validity of the processing prior to the withdrawal. Please note, however, that we may still be entitled to process your Personal Data if we have a legitimate reason for doing so. For example, we may retain Personal Data if we need to comply with a legal obligation.
      To withdraw your consent, please go to the ‘Manage Cookies’ section of our Cookie Policy in this website, and remove the consent you provided for the different type of cookies. 
      You always have the option not to share any of your Personal Data with us. If you choose this option, you may be limited in the activities and features we can provide to you.
    3. Right to rectification: the right to request the rectification of your Personal Data if it is inaccurate, outdated or incomplete.
    4. Right to erasure: the right to request that we erase your Personal Data if: (i) your Personal Data is no longer necessary for the purpose of the data processing, (ii) you have withdrawn your consent on the data processing based exclusively on such consent, (iii) you objected to the data processing, (iv) the Personal Data processing is unlawful, (v) the Personal Data must be erased to comply with a legal or regulatory obligation applicable to SBFE
      Please note that there may be circumstances where you ask us to erase your Personal Data, but we are legally obliged or entitled to retain it;
    5. Right to object: the right to object to our processing of your Personal Data at any time, including for marketing purposes based on profiling, if the data processing is based on our legitimate interest, the legitimate interest of any other SBFE’s affiliates or an SBFE’s third-party, unless SBFE can demonstrate overriding compelling legitimate grounds for it.
    6. Right to restrict: the right to temporarily restrict the processing of your Personal Data carried out by SBFE and any of its affiliates: (i) in the event the accuracy of your Personal Data is contested to allow SBFE to check such accuracy, (ii) if you wish to restrict your Personal Data rather than deleting it despite the fact that the processing is unlawful, (iii) if you wish SBFE to keep your Personal Data because you need it for your defence in the context of legal claims (iv) if you have objected to the processing but SBFE conducts verification to check whether it has legitimate grounds for such processing which may override your own rights.
    7. Right to data portability: in some circumstances, the right to receive some Personal Data in a structured, commonly used and machine-readable format and/or request that we transmit those data to a third party where this is technically feasible. Please note that this right only applies to Personal Data which you have provided directly to us or any other SBFE affiliate. Or process to perform a contract or enter into a contract with you
    8. Right not to be subject to automated decision making: you can exercise this right when your Personal Data is subject to a decision based solely on automated decision making (including profiling) that can significantly affect you.
      You have the right not to be subject to a decision which is based solely on automated processing, and which produces legal or other significant effects on you. In particular, you have the right to:

    - obtain human intervention;

    - express your point of view;

    - obtain an explanation of the decision reached after an assessment; and

    - challenge such a decision.

    II) You would like to exercise any of the above rights, you can contact our Data Protection Officer by emailing:

    • GDPR.info@suntory.com

    In case you believe your Personal Data is processed in a manner constituting an infringement of the GDPR, you can lodge a complaint with the relevant Supervisory Authority in your EU country as listed in point 9 below, or the Autoriteit Persoonsgegevens in the Netherlands (https://www.autoriteitpersoonsgegevens.nl/en)  which is our Lead Supervisory Authority for all our business in the EU.

    If you are a UK resident, you can contact the Information Commissioner’s Office (ICO) for the same purpose (https://ico.org.uk).

    To give us the opportunity to deal and respond to your complaint, we would appreciate however that you contact us in the first instance. To do this, please email our Data Protection Officer at GDPR.info@suntory.com

  9. QUESTIONS AND CONCERNS

    If you have any questions or concerns about SBFE handling of your Personal Data, or about this Privacy Statement please contact our Data Protection Officer using the following contact information:

    Email Address: GDPR.Info@suntory.com

    We are usually able to answer privacy questions or concerns promptly and effectively. If you are not satisfied with the response you receive, you can contact the relevant Data Protection Authority in your country of residence.

    If you are resident of the EU, you can also contact the Autoriteit Persoonsgegevens in the Netherlands, which is our lead supervisory authority for all our business in the EU. If you are located in the UK, you can contact the Information Commissioner’s Office (ICO) (https://ico.org.uk).

    The contact details of the Supervisory Authorities relevant to SBFE are:

    1. Belgium Autorité de la protection des données / Gegevensbeschermingsautoriteit (APD-GBA): www.autoriteprotectiondonnees.be / www.gegevensbeschermingsautoriteit.be
    2. Ireland Data Protection Commission: www.dataprotection.ie
    3. France Commission Nationale de l'Informatique et des Libertés (CNIL): www.cnil.fr
    4. Netherlands Autoriteit Persoonsgegevens: www.autoriteitpersoonsgegevens.nl
    5. Poland Urząd Ochrony Danych Osobowych (Personal Data Protection Office): www.uodo.gov.pl
    6. Portugal Comissão Nacional de Proteção de Dados (CNPD): www.cnpd.pt
    7. Spain Agencia Española de Protección de Datos (AEPD): www.aepd.es
    8. United Kingdom Information Commissioner's Office (ICO): www.ico.org.uk
    9. Luxembourg CNPD: https://cnpd.public.lu/en.html
    10. Italy Garante GPDP: https://www.garanteprivacy.it/web/garante-privacy-en

  10. PRIVACY STATEMENT UPDATES

    We will update this Privacy Statement when necessary to reflect customer feedback, system updates, and changes in our products and services. When we post changes to this statement, we will revise the “last updated” date at the top of this document. If the changes are significant, we will provide a more detailed notice (including, for certain services, email notification of Privacy Statement changes). We will also keep prior versions of this notice in an archive.