Privacy Policy

Hain Website Standards& Policies

September 1, 2020

This document outlines standards and expectations to be adhered towhen creating a digital project for the Hain Celestial Group.Any deviations from these standards and policies require documented approval by Hain Marketing and IT.

For a detailed explanation of the Hain web hosting infrastructure and data pipelinessee the document entitled, “Hain Celestial Web Server Infrastructure and Deployment Workflow.

“For a detailed project outline see the document entitled, “New Website Process.”

  1. Privacy and Accessibility Compliance: The website must adhere to WCAG 2.1 AA Compliance and Accessibility guidelines(ADA). Privacy compliance must adhere to CCPA, Cookie notice,& GDPR(if applicable).In the case of financial data PCI Data Security Standards must be adhered to.To measure compliance levels we are currently using the Google Lighthouse tool and expect agrade of 90 or above on every page template.
  2. Domains: Hain must be the registrant and will purchase all website domains.
  3. DNS: DNS will be administered by Hain.
  4. Hosting: Hain will provide website hosting services.
  5. Code Repository: Allwebsite code will be stored in a Bitbucket account owned by Hain.
  6. HTTPS: The website willbe HTTPS enabled. The SSL Certificate must be purchased and managed by Hain.
  7. Passwords: All passwords will adhere to current best practices i.e. Does not contain dictionary words, should not contain references to the brand, and be lengthy alphanumeric strings.8.Responsive Websites: All websites willbe fully responsive. Bootstrap is the preferred method.
  8. CMS: WordPress will be used for all website projects.
  9. CMS for E-commerce: Shopify will be used for all transactional e-commerce websites.
  10. Ecommerce PCI Requirements: All ecommerce partners must be PCI DSS Level 1 certified. In addition,they must be SOC 2 compliant.
  11. CMS Access: Configure and provide an administrator account for the website CMS. Use the email: digital.identity@hain.comand configure a 20 character alphanumeric string for the password.
  12. 3rdParty Services & Accounts: Forany third-party services (plug-ins, eCRM, etc.)Hain must be configured as the owner or admin of the account. Use digital.identity@hain.com
  13. Social Accounts: Hain must be the owneroradmin forallsocial accounts. Facebook accounts must be grouped under the Hain Business master account (digital.identity@hain.com). Configure accounts and access for digital.identity@hain.com
  14. ECRM: Mailchimp is the preferred tool.The account will be grouped under the master Hain account (digital.identity@hain.com)
  15. Analytics: Please use an existing Google Analytics tracking number. In the case where there is not an existing Google Analytics account Hain will create a new account and provide the tracking code. Google Tag Manager will be usedto implement Analytics and other pixels. Hain shall configure and own the GTM account.
  16. ContactUs Form: Hain will provide the standard consumer Contact Us form that must be implemented on each website. The form can be implemented via a WordPress plugin or via an iframe. Both methods are acceptable.
  17. Privacy Policy / Terms of Use: Hain will provide the standard documents to be implemented on each website.
  18. Store Locator: If enabled, Hain will manage the store locator service and will provide the code to addthe feature into the website.The store locator is implemented via an iframe.
  19. SEO: For website rebuilds it is necessaryto maintain SEO page ranking inertia by using the same page slug/URL pattern or by implementing 301 redirects.Yoast SEO is the preferred WordPress plugin.Heading style tags and best practices for SEO should be implemented on every page.
  20. Video Content: All video content will be posted to YouTube and embedded into the website. Closed captioning must be enabled. The Youtube account must be owned by Hain andbe either a brand account or the general Hain account.
  21. Image Files: JPEG and PNG files are the preferred format. File names must match the title of the recipe or product, or otherwise contain descriptive keywords. Replace each space with an underscore or hyphen. Delete any special characters. Replace accented letters with unaccented letters.
  22. Fonts: Google Fonts is the preferred method to implement fonts. At a minimum, all website fonts must be properly licensed. Please provide a copy of theusagelicense to Hain.
  23. Javascript: jQuery is the preferred Javascript library.
  24. Deliverables: Upon website completion, please provide an archive of website assets such as layered image files, keyword lists, website copy documents, passwords, wireframes, style guides,software licenses,etc.

En caso de eventos adversos o farmacovigilancia, reportarlo a: farmacovet@merck.com