WestRock Legal, Privacy and Cookies Notices

WESTROCK INTERNET SITE USER AGREEMENT AND TERMS OF USE

ATTENTION: PLEASE READ THESE TERMS CAREFULLY BEFORE USING THIS WEB SITE. USING THIS WEB SITE INDICATES THAT YOU ACCEPT THESE TERMS. IF YOU DO NOT ACCEPT THESE TERMS, DO NOT USE THIS WEB SITE.

Welcome to the WestRock Company World Wide Web Site (www.westrock.com) and its business and subsidiary sites which are reached from links off www.westrock.com. The WestRock group (“WestRock”, “we”, “our”, etc.). is comprised of the WestRock Company of 1000 Abernathy Road NE, Atlanta, GA 30328, USA, and all of its subsidiaries. By using this web site (the “Site”), you expressly agree to these terms and conditions of use. WestRock reserves the right to change these terms and conditions at any time, without prior written notice. Users are also bound by the copyright notice and all applicable laws and regulations.

USE OF SITE

The materials displayed on this Site, including, but not limited to, all written material, photographs, illustrations, artwork and other graphic material, and names, logos, trademarks and service marks, are the property of WestRock or its licensors and are protected by copyright, trademark and other intellectual property laws. Use of the materials on this Site may violate copyright, trademark, and other laws. Any content from this Site may be displayed and printed solely for your personal, non-commercial use, provided that you retain all copyright and other proprietary notices contained in the original materials on any copies of the materials. You may not modify the materials on this Site in any way, or reproduce, retransmit, distribute, disseminate, sell, publish, broadcast or otherwise use any material from this Site without the express prior written consent of WestRock. Any use of these materials on any other web site or networked computer environment for any purpose is prohibited. Any use of Google Maps is subject to, and you are bound by, the Google Maps/Google Earth Additional Terms of Service (including the Google Privacy Policy).

DISCLAIMERS

No Obligation to Update Information

WestRock believes that the information contained herein is reliable. WestRock, however, does not guarantee the accuracy or completeness of any information on this Site. All information included on this Site, whether historic in nature or forward-looking, speaks only as of the date shown on such information. We do not undertake any obligation to update or correct such information after it is posted or to remove such information from the Site if it is no longer accurate or complete.

No Cybersecurity Warranty

WestRock does not warrant that this Site and the server connected to it are free of computer viruses or other harmful components. This is not a secure Site, so users should not send sensitive or confidential information in an unencrypted message.

Stock Price Information – No Offer of Securities

WestRock does not warrant or guarantee the accuracy or completeness of the information regarding stock prices provided on this Site, and under no circumstances will WestRock be liable for any loss or direct, indirect, incidental, special or consequential damages caused by reliance on this information or by the risks of the stock market. Information on this Site does not constitute an offer to sell, or the solicitation of an offer to buy any securities, and you should not rely on such information in connection with any investment decision.

No Warranty

THE MATERIALS (INCLUDING ALL SOFTWARE) AND SERVICES AT THIS SITE ARE PROVIDED “AS IS” WITHOUT WARRANTIES OF ANY KIND, INCLUDING, BUT NOT LIMITED TO, WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGMENT OF INTELLECTUAL PROEPRTY. WestRock’s obligations with respect to its products and services are governed solely by the agreements under which they are provided and nothing on this Site should be construed to alter such agreements. WestRock further does not warrant the accuracy and completeness of the materials, software, or services at this Site. WestRock may make changes to the materials and services at this Site, or the products described in them, at any time without notice. The materials and services at this Site may be out of date, and WestRock makes no commitment to update the materials and services at this Site. Information published at this Site may refer to products or services that are not available in your country. Consult your local WestRock business contact for information regarding the products and services that may be available to you. Applicable law may not allow the exclusion of implied warranties, so this exclusion may not apply to you.

Limitation of Liability

IN NO EVENT WILL WESTROCK, ITS SUPPLIERS, OR OTHER THIRD PARTIES MENTIONED AT THIS SITE BE LIABLE FOR ANY DAMAGES WHATSOEVER (INCLUDING, WITHOUT LIMITATION, SPECIAL, INCIDENTAL, INDIRECT, PUNITIVE, CONSEQUENTIAL, OR THOSE RESULTING FROM LOST PROFITS, LOST DATA OR BUSINESS INTERRUPTION) ARISING OUT OF THE USE, INABILITY TO USE, OR THE RESULTS OF USE OF THIS SITE, ANY WEB SITES LINKED TO THIS SITE, OR THE MATERIALS OR INFORMATION OR SERVICES CONTAINED AT ANY OR ALL SUCH SITES, WHETHER BASED ON WARRANTY, CONTRACT, TORT OR ANY OTHER LEGAL THEORY AND WHETHER OR NOT WESTROCK HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. IF YOUR USE OF THE MATERIALS, INFORMATION OR SERVICES FROM THIS SITE RESULTS IN THE NEED FOR SERVICING, REPAIR OR CORRECTION OF EQUIPMENT OR DATA, YOU ASSUME ALL COSTS THEREOF. APPLICABLE LAW MAY NOT ALLOW THE EXCLUSION OR LIMITATION OF INCIDENTIAL OR CONSEQUENTAL DAMAGES, SO THESE LIMITATIONS OR EXCLUSIONS MAY NOT APPLY TO YOU.

Links to Other Sites

Links on this Site to third-party web sites are provided solely as a convenience to you. WestRock makes no representations whatsoever about any other web site which you may access through this Site. When you access a non-WestRock web site, you should understand that it is independent from WestRock and that WestRock has no control over the content presented in that web site. A link to a non-WestRock site does not mean that WestRock endorses or accepts any responsibility for the content, or the use, of such a web site. If you decide to access any of the third-party web sites linked to this Site, you do so entirely at your own risk. It is up to you to take precautions to ensure that whatever you select for your use is free of such items as viruses and other items of a destructive nature.

SEC INFORMATION

The reports filed by us with the Securities and Exchange Commission that are listed on, linked to or are accessed through this Site speak only as of the respective dates on which they were filed. The contents of those reports may become out-of-date. We do not assume any duty of disclosure beyond that which is imposed by law, and expressly disclaim any (a) obligation to update the information on this Site or (b) duty to update any information set forth in our SEC filings.

FORWARD-LOOKING STATEMENTS

This Site, along with any documents issued by us and made available on this Site, may contain forward-looking statements within the meaning of the Private Securities Litigation Reform Act of 1995. Forward-looking statements are based on our current expectations, beliefs, plans or forecasts and are typically identified by words or phrases such as “may,” “will,” “could,” “should,” “would,” “anticipate,” “estimate,” “expect,” “project,” “intend,” “plan,” “believe,” “target,” “prospects,” “potential” and “forecast,” and other words, terms and phrases of similar meaning. Forward-looking statements involve estimates, expectations, projections, goals, forecasts, assumptions, risks and uncertainties. We caution Users that a forward-looking statement is not guarantee of future performance and that actual results could differ materially from those contained in the forward-looking statement. Such forward-looking statements include, but are not limited to, statements regarding, among other things, that focusing on people, planet and performance will make WestRock an even more profitable business in the future. With respect to forward-looking statements, we have made assumptions regarding, among other things, the results and impacts of the merger of MeadWestvaco and RockTenn; economic, competitive and market conditions generally; volumes and price levels of purchases by customers; competitive conditions in your businesses and possible adverse actions for their customers, competitors and suppliers. Further, our businesses are subject to a number of general risks that would affect any such forward-looking statements. These risks, and other factors that may impact management’s assumptions, are more particularly described in our filings with the Securities and Exchange Commission, including Item 1A “Risk Factors” in our most recently filed annual report on Form 10-K.

TRADEMARKS

WestRock and the names of WestRock products referenced herein are either trademarks and/or service marks or registered trademarks and/or service marks of WestRock and/or its subsidiaries. Other product and company names mentioned herein may be trademarks and/or service marks of their respective owners.

PRIVACY NOTICE

When you use this Site, you consent to the collection and use of information by WestRock as specified below.

This privacy notice (“Notice”) sets out how WestRock processes the Personally Identifiable Information (as defined below) of visitors to our Site and our customers (each a “User”). We are committed to protecting the privacy of our Users.

If you have any questions about this Notice, please contact a member of the WestRock Global Information Privacy Office (the “Privacy Office”) by post to 501 S. 5th Street, Richmond, Virginia 23219, USA, or by email.

Personally Identifiable Information” or “PII” is information that is recorded in any form which relates to an individual or an identifiable natural person (“Data subject”), and is legally protected by applicable law. PII may include first and last names, mailing addresses, phone numbers, e-mail addresses, photographs of a person, etc. and, in some jurisdictions, IP addresses and other information, which is automatically sent to us from your browser.

How does WestRock process User Personally Identifiable Information?

WestRock may process your PII, where permitted by applicable law, for the following purposes:

  • creating and maintaining your User account, if you become our registered User;
  • offering our goods and providing our services to you in a personalized way; for example, we may provide suggestions based on your previous searches to enable you to identify suitable goods and services quicker. This may also include, where legally permitted, processing information relating to your location;
  • handling and fulfilling your orders, if you request goods or services from us. This may also include processing of information that we receive from third parties, such as, for example, address data to verify your correct address;
  • obtaining payment from you, if you purchase any of our goods and/or services;
  • enabling our suppliers and service providers to carry out certain functions on our behalf, including payment processing, verification, technical, logistical or other functions, as may be required in order to fulfill your orders;
  • resolving any returns, refunds or disputes; for example, if you lawfully exercise your rights or if you wish to dispute any part of our offering;
  • handling any job application that you may make to us;
  • sending you personalized marketing communications, where you have agreed or where we have a legitimate interest to do so, in order to keep you informed of our and our selected partner’s products and services, which we consider may be of interest to you;
  • serving personalized advertising to your devices, based on your interests ascertained from your past searches, visits of subpages and purchases on our Site, and other data obtained through the use of "cookies" placed on your devices. Please see our Cookies Notice below;
  • ensuring the security of your account and our business, preventing or detecting fraud or abuses of our Site; for example, by requesting verification information in order to reset your account password;
  • developing and improving our products and services; for example, by reviewing visits to our website and its various subpages, demand for specific goods and services and User comments;
  • to assist you and/or respond to any inquiries or requests you make through our Site; and
  • to comply with applicable law; for example, in response to a request from a court or regulatory body, where such request is made in accordance with the law.

Your consent, as Data subject, to the processing as specified in this Notice is the primary legal ground for our processing of your PII. However, there may be circumstances where we may also rely on other valid legal grounds for the processing of your PII, such as:

  • your request for content, goods or services necessitating steps, including the processing of your PII, to be taken prior to entering into contract with you and any processing that is necessary for the performance of such contract. For example, we may rely on this legal ground in relation to the processing necessary to fulfil your orders, obtain payment and enable our providers to supply you with services, where applicable, and any profiling activities as required for sending you personalized ads relating to your contract with us; and
  • legitimate interests pursued by WestRock as a business, except where such interests are overridden by your interests and fundamental rights. For example, we may rely on this legal ground in relation to the processing for security reasons or product improvements, in which we have a legitimate interest; and
  • compliance with WestRock’s legal obligations, such as, for example, where a request has been made in accordance with the law.

Disclosure of Personally Identifiable Information

There are circumstances where we wish to disclose or are compelled to disclose your PII to third parties. This will only take place in accordance with the applicable law and for the purposes listed above. These scenarios include disclosure:

  • to our subsidiaries, branches or associated offices;
  • to our outsourced service providers or suppliers to facilitate the provision of our services or goods to our Users; for example, the disclosure to our data centre provider for the safe keeping of your PII, webhosting provider through which your PII may be collected, identity verification partners in order to verify your identity against public databases;• to our advertising partners who enable us to deliver personalized ads to your devices or similar advertising;
  • with your consent, to our marketing partners, who may contact you by post, email, telephone, SMS or by other means. If you do not wish to be contacted, you may unsubscribe by contacting our Privacy Office;
  • to third party service providers and consultants in order to protect the security or integrity of our business, including our databases and systems, and for business maintenance and continuity reasons;
  • to another legal entity, on a temporary or permanent basis, for the purposes of a joint venture, collaboration, financing, sale, merger, reorganization, change of legal form, dissolution or similar event. In the case of a merger or sale, your PII will be permanently transferred to a successor company;
  • to public authorities where we are required by law to do so; and
  • to any other third party where you have provided your consent.

International transfer of Personally Identifiable Information

We may transfer your PII to a third party in countries outside the country in which it was originally collected for further processing in accordance with the purposes set out above. In particular, your PII may be transferred throughout the WestRock group and to our outsourced service providers located abroad. In these circumstances we will, as required by applicable law, ensure that your privacy rights are adequately protected by appropriate technical, organizational, contractual or other lawful means. Please contact the Privacy Office for a copy of the safeguards which we have put in place to protect your PII and privacy rights in these circumstances.

Retention of Personally Identifiable Information

Your PII will be retained until your last use or purchase of our services or goods and normally for a period of three years thereafter, unless longer retention is required by applicable local law or where we have a legitimate and lawful reason to do so. However, we will not retain beyond this period any of your PII that is no longer required for the purposes set out in this Notice. The retention of your PII will be subject to periodic review pursuant to WestRock’s policies.

We may keep an anonymized form of your PII data, which will no longer refer to you, for statistical purposes without time limits, to the extent that we have a legitimate and lawful interest in doing so.

Children’s Privacy

Our Site is not directed at children, and we do not wish to collect or use any PII from anyone identified as being a child.

User rights

Data protection laws in certain countries, states and jurisdictions provide Data subjects with numerous rights, as set out below. Depending on your location, these rights may be available to you. You may, as permitted by applicable law:

  • make a subject access request (SAR). Data subjects may, where permitted by applicable law, request copies of their PII. If you would like to make a SAR, i.e. a request for copies of the PII we hold about you, you may do so by writing to Privacy Office whose contact details are above. The request should make clear that a SAR is being made. You may also be required to submit a proof of your identity and a fee.
  • request that we rectify any inaccurate and/or complete any incomplete PII.
  • withdraw your consent to the processing of your PII at any time. Such withdrawal will not affect the lawfulness of processing based on your previous consent. Please note that if you withdraw your consent, you may not be able to benefit from certain service features for which the processing of your PII is essential.
  • request that we stop processing, including automated processing and profiling, of your PII and you will have the right to obtain human intervention.
  • request that we erase your personal data. We will comply with such requests unless there is a lawful reason for not doing so. For example, there may be an overriding legitimate ground for keeping your personal data, such as a where retention is necessary for us to comply with our legal obligations.
  • lodge a complaint with the relevant data protection authority. We suggest that you contact us about any questions or if you have a complaint in relation to how we process your PII. However, you may also have the right to contact the relevant data protection authority in your country, state or jurisdiction directly.

Changes to WestRock’s Privacy Notice

If we decide to change our privacy policies, we will update this Notice so you are always aware of what information we collect, how we use it, and under what circumstances we disclose it.

This Site contains links to other sites which are subject to their own privacy notice. This Notice applies only to information collected by this Site and not to any other sites.

COOKIES NOTICE

Our Site uses "cookies" to help you personalize your online experience. A cookie is a text file that is placed on your computer’s hard disk, mobile phone or other device by a website server. Cookies do not damage your device. Cookies are uniquely assigned to you, and can only be read by a web server in the domain that issued the cookie to you.

Generally, cookies provide our Users convenience and save their time. However, we also use cookies to send you advertisements that may be of interest to you.

What cookies does WestRock use?

Strictly necessary cookies

These cookies are essential in order to enable you to move around the Site and use its features. Without these cookies, services you have asked for cannot be provided. They are deleted when you close the browser.

Performance cookies

These cookies collect information in an anonymous form about how visitors use our Site. They allow us to recognize and count the number of visitors and help us understand which pages are the most popular and where visitors spend most of their time.

Functionality cookies

These cookies allow our Site to remember choices you make, such as your name, the region you are in or the pages you have viewed. They are used to provide enhanced and more personal features.

If you create an account on our Site, a persistent cookie helps WestRock to recall your specific information on subsequent visits. This simplifies the process of recording your PII, such as billing addresses, shipping addresses, and so on. When you return to the same Site, the information you previously provided can be retrieved, so you can easily use our features that you customized. Persistent cookies will be kept on your device until their expiration or earlier manual deletion.

We may also use your IP address sent to us by your browser to help diagnose problems with our server, to administer our Site and to improve the service we offer to you. An IP address is a numeric code that identifies your computer on a network, or in this case, the internet. Your IP address might also be used to gather broad demographic information. We may perform IP lookups to determine which domain you are coming from to more accurately gauge our Users' demographics.

Targeting or advertising cookies

These cookies allow us and our advertisers to deliver information more relevant to you and your interests. They are also used to limit the number of times you see an advertisement as well as help measure the effectiveness of advertising campaigns. They remember that you have visited our Site and may help us in compiling your profile.

Social Media cookies

These cookies allow you to connect with social media networks such as Instagram and youtube.

We may combine information from these types of cookies and technologies with information about you from any other source.

User consent to place cookies

We assume that you are happy for us to place cookies on your device. Most browsers automatically accept cookies. However, if you, or another user of your device, wish to withdraw your consent at any time, you have the ability to accept or decline cookies by modifying your browser setting. If you choose to decline cookies, you may not be able to fully experience the interactive features of our services or the websites you visit.