Home > FAQS

Frequently Asked Questions

Version: September 13, 2017

September 30, 2017 Release Updating WERCSmart Terms of Use with Data Use Tier Disclosure

  1. Why is UL revising the WERCSmart Terms of Use?
  2. When will the new Terms of Use become effective?
  3. What are the most significant changes to the WERCSmart Terms of Use?
  4. What are the 4 new Data Use Tiers?
  5. Do suppliers specifically designate WERCSmart recipients for Tier 1 Regulatory Support? When will UL provide suppliers with the list of the recipients that receive compliance data on their products, and how long they have been receiving the data?
  6. How will UL collect my company’s acceptance of the revised Terms of Use and any consent to the different Data Use Tiers?
  7. When will suppliers learn what requirements Target, Wal-Mart, and other recipients have? What is the mechanism for informing suppliers that other recipients want to begin to use Tiers 2-4? Do all types of recipients have the ability to conduct Tier 2-4 programs?
  8. What happens if my company does not consent to a recipient’s request for a specific Data Use Tier?
  9. If a retailer requires use of Tier 2-4 and a supplier opts out, will the supplier still have access to Tier 1 functionality to provide regulatory data to all recipients?
  10. What happens if a retailer makes use of my data in a way that is not authorized by the Data Use Tiers I have consented to?
  11. How can I see which of my products are included in the Data Use Tier(s) my company has selected?
  12. Is WERCSmart collecting any new information from suppliers as a result of these new Data Use Tiers?
  13. In making changes, does UL consider the suppliers’ resource requirements needed to enter new data into the portal?
  14. Why are some retailers adopting chemical policies that impact suppliers?
  15. Why do some retailers need to know the chemical identity (e.g., CAS #) of publicly disclosed ingredients?
  16. Why is WERCS collecting general ingredient descriptions? Will they be used instead of CAS#s in reports to retailers? Will UL continue to translate general ingredient descriptions and INCI names for ingredients into CAS#s?
  17. Tier 2.1 Data Use: How will UL provide the pass/fail results of a restricted substance list screen to a retailer? If a product fails a chemical screen and the cause for the failure is a nondisclosed CAS#, does the retailer get a “fail” report leaving the retailer with the option to ask the supplier for the undisclosed chemical? Will suppliers be notified of the results of restricted substance list screens?
  18. Tier 2.2 Data Use: Who is conducting searches for chemicals of concern and what database are they searching? Are recipients being allowed to search against the full formulation dataset in WERCSmart?
  19. Tier 3 Data Use: If I consent to a retailer’s request for Tier 3 Data Use, will it automatically include product chemical data?
  20. Is there an additional cost to suppliers associated with the Data Use Tiers?
  21. WERCSmart currently stores confidential supplier data (e.g., our product formulas) and contains sensitive regulatory files. What is UL doing to ensure that our product information is kept confidential and that their systems are protected from cyber-attacks?
  22. Do third-party suppliers need to consent to Data Use Tiers?
  23. Do these changes put my confidential product data at risk?
  24. Do these changes give my confidential data to a retailer’s store-brand operations?
  25. A business unit of UL tests national brands for compliance with various retailer’s product safety and compliance directives. What assurances, if any, can UL provide that it will not share complete formulation information or test results among its business units?
  26. Have UL and recipients considered the impact of increased disclosure on categories with relatively few suppliers?
  27. What is GreenHealth Exchange, and what is their program?

1) Why is UL revising the WERCSmart Terms of Use?

The September 30, 2017 Terms of Use are intended to give retailers the opportunity to request additional information from their product suppliers and to address marketplace demands, while providing suppliers with control over how their data can be used. Retailers need information that often goes beyond regulatory compliance data. This additional information is needed to address stakeholder expectations that they operate with effective chemical policies and meet consumer demands for more sustainable products. As such, UL is updating the WERCSmart Terms of Use to support new types of data collection and to allow suppliers to opt-in to these new types of data use.


2) When will the new Terms of Use become effective?

The revised Terms of Use will be effective on September 30, 2017, and will coincide with the release of new functionality that will enable suppliers to consent to new data uses and control which recipient gets which data.


3) What are the most significant changes to the WERCSmart Terms of Use?

With the September 30, 2017 release, UL will introduce four categories of data use (each referred to as a “Data Use Tier”) in order to better support the evolving needs of recipients. Tier 1 Data Use reflects traditional WERCSmart regulatory use and the status quo. For Tier 1 Data Use, no additional supplier action is required. Every registered supplier will be deemed to have provided Tier 1 Data Use consent. Individual suppliers have the choice whether to consent for all other Data Use Tiers, that is expressly opt-in to a particular recipient’s program. If a supplier chooses not to opt-in to a new data use, that type of data or analysis will not be provided to that recipient.


4) What are the 4 new Data Use Tiers?

Full definitions of the data or reports included in each Tier are provided in the Data Use Tier Disclosure section of the WERCSmart Terms of Service.


5) Do suppliers specifically designate WERCSmart recipients for Tier 1 Regulatory Support? When will UL provide suppliers with the list of the recipients that receive compliance data on their products, and how long they have been receiving the data?

No, suppliers do not need to designate WERCSmart recipients for Tier 1 Data Use. WERCSmart recipients have grown to include not only retailers, but distributors and logistics firms that also require basic regulatory compliance data. UL wants to ensure that any party selling, transporting, storing or disposing of a product has access to the data needed to ensure a supplier’s product is handled in compliance with all applicable regulations.
The My Data & Recipients page provides a list of the recipients that a supplier has associated with its products. In the future, this list will be expanded to include recipients which have requested regulatory data about a supplier’s product. Reporting on the dates specific recipients began receiving compliance data is not currently supported.


6) How will UL collect my company’s acceptance of the revised Terms of Use and consent to the different Data Use Tiers?

The first time a registered user from your company visits the WERCSmart platform after September 30, 2017, he or she will be asked to accept the new Terms of Use. Then, if your company is a supplier of products to a retailer operating a program that is soliciting a consent under Tier 2, Tier 3 or Tier 4, users with the role of administrator or manager will also be directed to a revised version of the “My Data and Recipients” screen (see Attachment 1). This page will list each retailer separately and indicate which Data Usage Tier(s) are requested. Before continuing with any other WERCSmart business, your administrator must select which retailer(s) and which tier(s), if any, that your company authorizes. Consents apply only to products in the categories covered by specific retailer programs. We will also provide links to retailer descriptions of how their programs utilize the requested data.


7) When will suppliers learn what requirements Target, Wal-Mart, and other recipients have? What is the mechanism for informing suppliers that other recipients want to begin to use Tiers 2-4? Do all types of recipients have the ability to conduct Tier 2-4 programs?

Costco, CVS, Target, Walgreens and Walmart will be sending communications about their Tier requests to affected suppliers. After the September 30 release, suppliers will be able to review which (if any) recipients are requesting Tier 2- 4 consents on their My Data & Recipients page on the WERCSmart platform. In the event a recipient launches a new chemical policy or supplemental program that needs Tier 2-4 consent, that request will be published on a supplier’s My Data & Recipients page. Any WERCSmart recipient (including retailers, group purchasing organizations, distributors or logistics firms) has the ability to solicit additional consents from their suppliers.


8) What happens if my company does not consent to a retailer’s request for a specific Data Use Tier?

Consents to Tier 2, Tier 3 and Tier 4 are opt-in. If your company does not provide consent, the data or analysis requested by the retailer will not be provided. Retailers will have the ability to indicate whether they consider a tier mandatory (i.e., consent is required by the retailer) or optional (i.e., consent is requested by the retailer). A supplier must make its own decision as to whether it will participate in these Data Use Tiers. The consequences of failing to provide either mandatory or optional consents are determined by each retailer, not by UL. This is a business matter between the retailer and the supplier.


9) If a retailer requires Tier 2-4 Data Use and a supplier declines to consent, will the supplier still have access to Tier 1 Data Use functionality to provide regulatory data to all recipients?

Suppliers will continue to have access to Tier 1 regulatory compliance functionality no matter what decisions they make in regard to Tier 2-4 requests. Each retailer independently decides what to do if a supplier declines to opt-in. But this will have no impact on the supplier’s ability to provide regulatory data to other recipients.


10) What happens if a retailer makes use of my data in a way that is not authorized by the Data Use Tiers I have consented to?

Retailers receiving WERCSmart data agree to abide by the Data Use Tier consents. If a retailer uses your data in a way that is not allowed by a specific tier, you can revoke the consents you previously provided to that recipient, thereby restricting your data to Tier 1 Data Use for that retailer. Public disclosure of product transparency ratios, for example, would be a violation of Tier 2.2 Data Use restrictions. You can take action at any time to limit that retailer to only Tier 1 regulatory compliance data uses.


11) How can I see which of my products are included in the Data Use Tier(s) my company has selected?

From your WERCSmart dashboard you can run a query to identify the sub-set of your products that are associated with a specific retailer and within the product categories covered by that retailer’s Tier 2, Tier 3 or Tier 4 programs.


12) Is WERCSmart collecting any new information from suppliers as a result of these new Data Use Tiers?


13) In making changes, does UL consider the suppliers’ resource requirements needed to enter new data into the WERCSmart portal?

UL considers supplier impacts any time it revises or expands the data collection capabilities of WERCSmart. We believe the data hub model of the portal (“manage one product record – share it with multiple recipients”) provides suppliers with a substantially less resource intensive solution than the alternative (“manage separate product records for each and every recipient”). We are also committed to improving the user experience on WERCSmart and the overall efficiency of managing product records in our system. However, the information collected needs to evolve in response to the changing regulatory and market landscape in which recipients operate.


14) Why are some retailers adopting chemical policies that impact suppliers?

Many retailers are moving “beyond compliance” to adopt chemical policies as a key component of their corporate social responsibility programs. Retailers are responding to their various stakeholders. Consumers are demanding products that avoid chemicals of concern, investors expect companies to proactively manage the liability and reputational risks associated with chemicals, and Non-Governmental Organizations (NGOs) are publicly rating retailers on their chemical policies. In this context, retailers are taking steps to adopt or strengthen programs that identify chemicals of concern, take responsibility for the chemical composition of their portfolios, and promote substitution towards safer alternatives. Retailers respond differently to the landscape they are operating in, so suppliers should anticipate they will confront a diversity of Tier 2-4 programs in the retail marketplace. Some retailers may move towards mandatory programs, while others operate voluntary programs, or no programs at all.


15) Why do some retailers need to know the chemical identity (e.g., CAS #) of publicly disclosed ingredients?

Chemical management programs require information about chemical identity. Retailers need to be able to determine unambiguously whether an ingredient in a formulation is on regulatory or other hazard identification lists or on its corporate restricted substance list. Such lists of chemicals are compiled using Chemical Abstract Service (“CAS”) numbers whenever possible to support reliable matching. Suppliers granting Tier 2.2 Data Use consent are giving permission to UL to provide a retailer with the chemical identity of any ingredient that is on a product’s Publicly Disclosed Ingredient List. CAS #s will not be provided for ingredients that are not publicly disclosed (e.g., trade secrets or constituents of third-party components) or that are only disclosed using generic names (such as “fragrance”).


16) Why is UL collecting general ingredient descriptions? Will they be used instead of CAS#s in reports to retailers? Will UL continue to translate general ingredient descriptions and INCI names for ingredients into CAS#s?

WERCSmart is collecting the “Public Name” (if any) that a supplier uses to identify an ingredient disclosed on a product’s label, website, or safety data sheet. A Public Name may be a standard chemical name (i.e., a name that resolves to a unique chemical), a common name (such as an INCI name, which usually resolves to a unique chemical), or a generic name (such as fragrance, which does not resolve to a specific chemical). The system will make use of Public Names in a variety of ways. They will be used to define a product’s Publicly Disclosed Ingredient List and to calculate transparency ratios. They will be used in reports to recipients if the disclosure of an ingredient’s CAS # is not required by regulation or authorized by a supplier that has consented to Tier 2.2 Data Use. UL maintains a cross-reference table within WERCSmart that tracks the various standard chemical names or numbers that are used to identify a unique chemical. This “translation” capacity is essential to reliably identify chemicals and the regulations to which they are subject. Disclosure of the CAS # for an ingredient to a recipient is not automatic in WERCSmart; it occurs only if required by regulation, if authorized by supplier consent, or if a supplier has made the CAS # public on a Safety Data Sheet.


17) Tier 2.1 Data Use: How will UL provide the pass/fail results of a restricted substance list screen to a retailer? If a product fails a chemical screen and the cause for the failure is a nondisclosed CAS#, does the retailer get a “fail” report leaving the retailer with the option to ask the supplier for the undisclosed chemical? Will suppliers be notified of the results of restricted substance list screens?

UL may provide the results of restricted substance list screens to a recipient via a WERCSmart report or via our PurView application. In either case, a recipient will receive an indicator of whether the product passed or failed the screen, as well as an indicator of whether the product contains constituents that could not be screened (e.g., the formulation includes an unscreenable generic ingredient like fragrance). Whether the ingredient(s) responsible for a failure are disclosed to a recipient depends on several factors. If the particular ingredient is a trade secret, a constituent of a proprietary third-party component, or not publicly disclosed, its chemical identity will not be provided to a recipient. If the particular ingredient is publicly disclosed by the supplier, the recipient will be provided with its Public Name, or, if the supplier has also authorized Tier 2.2 Data Use, the recipient will be provided with its CAS #. Suppliers are not automatically notified by WERCSmart when chemical screens are run against their products, although retailers can generally be expected to bring failures to a supplier’s attention. Recipients are not authorized to publicly disclose the results of any restricted substance screens.


18) Tier 2.2 Data Use: Who is conducting searches for chemicals of concern and what database are they searching? Are recipients being allowed to search against the full formulation dataset in WERCSmart?

Tier 2.2 Data Use consent grants recipients access to a dataset that includes the chemical identity (by CAS#) of the Publicly Disclosed Ingredients in a supplier’s products. This dataset does not include the chemical identity of undisclosed ingredients, trade secrets, or constituents of third-party components (unless the suppliers of such components have granted Tier 2.2 Data Use consent to their customers). This dataset also does not include any percent formulation data. Recipients are not being provided with search access to the full formulation dataset in WERCSmart.


19) Tier 3 Data Use: If I consent to a retailer’s request for Tier 3 Data Use, will it automatically include product chemical data?

No. If a retailer needs access to chemical data (e.g., to derive a sustainability score that is in part based on a product’s ingredient list), the retailer will ask a supplier for consent to both Tier 2 Data Use and Tier 3 Data Use.


20) Is there an additional cost to suppliers associated with the Data Use Tiers?


21) WERCSmart currently stores confidential supplier data (e.g., product formulas) and contains sensitive regulatory files. What is UL doing to ensure that product information is kept confidential and that its systems are protected from cyber-attacks?

UL I&I /Wercs obtained accredited certification to ISO 27001, thus demonstrating our commitment to information security as our top priority. Based on ISO 27001 standards, UL has defined and put in place best practice information security processes and technology. Our employees are trained to readily understand risks and embrace security controls as part of their everyday work practices. UL is continually dedicated to ongoing industry standard information security practices.


22) Do third-party suppliers need to consent to Data Use Tiers?

Third-party suppliers will also be asked to accept the WERCSmart Terms of Use, but third-party supplier Data Use Tier consent is treated differently. For a third-party supplier, a Data Use Tier consent is given per Data Use Tier and it will apply to all the third-party’s customers that participate in such Data Use Tier. For example, if a third-party supplier consents to Tier 2.1 Data Use and one of its customers (a direct supplier) opts to participate in a recipient’s Tier 2.1 program, UL will run the Tier 2.1 analysis on the customer’s end-product, including relevant data about the third-party component. If a Tier 2.1 Restricted Substance List screen is being run on a product’s full formulation, the screen can extend into the constituent list of the third-party component. If a third-party supplier has not provided consent to Tier 2.1, the screen will not extend into the third-party component. The system will indicate that part of the formulation could not be screened. None of a third-party supplier’s confidential component data (e.g., its ingredient list or percent formulation) can be disclosed to its customer or the recipient operating the Tier 2.1 program, unless the third-party supplier has authorized specific disclosures. Third-party supplier consent is per Data Use Tier and applies to all of a third-party’s formulations and customers (i.e., direct suppliers).


23) Do these changes put my confidential product data at risk?

UL takes protecting the confidentiality of every supplier's formulation data very seriously. 

Contrary to certain reports:


24) Do these changes give my confidential data to a retailer’s store-brand operations?

Contrary to certain reports:


25) A business unit of UL tests national brands for compliance with various retailer’s product safety and compliance directives. What assurances, if any, can UL provide that it will not share complete formulation information or test results among its business units?

As noted above, none of the four Data Use Tiers involve sharing full formulation data with recipients. UL itself is only authorized to use the data collected by the portal for the purpose of providing WERCSmart services, which are subject to review and consent by suppliers. Some of our projects with recipients involve combining test data they have generated on products (using UL or other third-party testing services) with WERCSmart regulatory compliance or chemical policy data. This does not result in any disclosure of supplier confidential data that has not been authorized by a supplier’s consent to Data Use Tiers.


26) Have UL and recipients considered the impact of increased disclosure on categories with relatively few suppliers?

Whether a product category is served by a small or large number of suppliers does not have an impact on the tools UL is making available to suppliers to control use of their confidential data or disclosure of information about product or supplier performance on various chemical metrics.


27) What is GreenHealth Exchange, and what is their program?

GreenHealth Exchange is a group purchasing organization operating in the health care market. As a UL client, they use our PurView and Supply Chain Network tools to collect data from suppliers in order to identify environmentally preferable products in multiple categories for purchase by member hospital systems.



Attachment 1: Collecting Supplier Consent to Data Use Tiers on the My Data and Recipients Page

Attachment 2: Revised Formulation Entry and New Public Name Collection Pages