Coherent Global Privacy Statement
Last Updated: September 8, 2022
II-VI Incorporated has recently acquired Coherent, Inc. and is now Coherent Corp.
Coherent Corp. and its subsidiaries (collectively, “Coherent,” “Coherent Group Entities,” “we,” “us,” “ours”) understand the importance of privacy. This Privacy Notice (“Notice”) describes how Coherent collects, uses, discloses and otherwise processes the personal data described in this Notice, as well as the rights and choices individuals have regarding such personal data.
Except as otherwise noted below, this Notice applies to the personal data that Coherent processes related to:
- Users of our websites where this Notice is posted, including www.coherent.com, (each a “Site” and together the “Sites”), the services we provide through the Sites, and any downloadable software, applications, and other products and services provided by us that display or include a link to this Notice (collectively, the “Services”);
- Current, former and prospective customers, vendors and partners;
- Individuals who register for or participate in our webinars and other events;
- Individuals who are subscribed to receive news, information and marketing communications from us;
- Individuals who participate in surveys, contests and research conducted by us; and
- Individuals that communicate with us or otherwise engage with us related to our Services.
This Notice does not apply to the personal data that we collect and process related to our employees, personnel, job applicants, and candidates, or to any information that is exempt under applicable privacy laws.
Additional Notices. Additional or supplemental notices and disclosures (each an “additional notice”) may be provided and will apply to certain personal data collected and processed by us. Generally, we provide additional notices in order to clarify our privacy practices in specific circumstances and provide you with additional information about certain processing activities. To the extent there is a conflict with this Notice, the additional notice will control with respect to the personal data subject to that additional notice.
Additional Information and Rights. For information about the privacy choices you have regarding your personal data, review Section 9. Your Privacy Rights and Choices below, as well as Section 14. Additional Information for Individuals in Certain Jurisdictions, which includes for additional about privacy rights for residents of certain jurisdictions. If you are a California resident, please see Section 14. C. Additional Information for California Residents below for more information pursuant to the California Consumer Privacy Act (“CCPA”).
Your use of our Sites and Services, and any dispute over privacy, is subject to this Notice and our applicable terms of service.
Controller and Responsible Entity. For purposes of this Notice, the controller determining the purposes and the means for the processing of your personal data is Coherent Corp., registered at World Headquarters, 375 Saxonburg Blvd., Saxonburg, Pennsylvania 16056-9499, United States (“Coherent Corp.”) and where personal data is also collected and processed by other Coherent Group Entities, they are also controllers. Please see the list of the subsidiaries by clicking https://coherent.com/legal/list-of-the-subsidiaries/.
2. PERSONAL DATA WE COLLECT
The actual personal data we collect and how we use it, varies depending upon the nature of our relationship and interactions with you. Also, in some cases (such as where required by law), we ask for your consent or give you certain choices prior to collecting or using certain personal data.
Information Provided Directly. We collect personal data (including where necessary and subject to applicable law and where required with your explicit consent, special categories of personal data (as defined under applicable privacy laws)) that you provide to us, our affiliates or share on the Sites, including related to:
- Registration: If you create a login account on any of our Sites that offer this option, we collect certain personal data from you, such as your name, business address, email address, phone number, company name, and job title; where the account registration is related to a purchase through our online store, we also collect billing address and shipping address;
- Customer service and support: When you contact us for support or other customer service requests, we maintain support tickets and other records about your requests and related communications. For example, where you use one of our support request forms, we collect details about you, including your name, contact details, state and region, company, request type, request details you provide, your preferred contact, product name and serial number;
- Communications: If you contact us by email, mail, phone, chat or otherwise regarding our products or the Services, we collect and maintain a record of name and contact information, contact details, your communications and our responses, including a transcript of the communication and any information (including attachments) you may provide to us. If you call us, we may also record calls and maintain logs and records of those calls;
- Transactions and billing information: We also collect personal data about you in connection with a purchase or payment you submit to us. This may include collection of your name, shipping and billing address, credit card and other payment information, and other transaction details. If you use our online shop(s), we may also maintain transactional records about your past purchases, as well as items that you view or add to your online shopping cart; and
- Events and other information: We also collect personal data related to your participation in our events as well as other requests that you submit to us related to our Services. For example, if you register for or attend an event that we host or sponsor, we may collect data related to your registration for and participation in such event. When you fill out a ‘Contact Us’ form, signup for our mailing lists, or otherwise request information from us, we collect and maintain records of your requests. When you complete a survey, we collect personal data about you, including your responses.
Personal Data Collected Automatically. We may collect personal data about how you use our Services and your interactions with us and others, including information we collect automatically (e.g., using cookies and pixel tags), as well as information we derive about you and your use of the Services. Such information includes:
- Usage data: we also collect activity information related to your use of our Sites and Services, such as information regarding what pages you accessed and when, date and time of your visit, the links clicked, searches, features used, items viewed, and time spent within the Services. We may also use pixels in HTML emails to understand if individuals read or open the emails we send to them.
For more information, see Section 5. Cookies, Advertising and Tracking, below and our separate Cookie Notice at https://www.coherent.com/legal/privacy-statement/coherent-cookie-policy.
Personal Data Collected from Third Parties. We may also collect certain personal data from third parties, such as:
- Third party platforms: Social networks or other platforms (such as Facebook, Twitter, LinkedIn or other third-party social network sites) that you may connect with or share information about us through, or when you login to our Services using your login information and your username, personal profiles, and the actual social media networks you used. These third-party platforms and services control the personal data they collect and share about you. For information about how they may use and disclose your personal data, including any data you make public, please consult their respective privacy policies; and
- Prospective customer information: We may receive lead and prospect information from third parties, about prospective customers that may be interested in our Services. We may also engage with third parties to enhance or update our customer information.
Anonymous and Aggregate Data. We use anonymous and aggregate data (i.e., data that is no longer reasonably linked or linkable to an identified or identifiable natural person, household, or personal or household device) related to our business and the Services.
3. PURPOSES AND LEGAL BASES FOR COLLECTING AND PROCESSING PERSONAL DATA
A. Legal Bases for Processing.
Certain data protection laws, including the General Data Protection Regulation (“GDPR”), UK data protection laws and Brazil data protection laws, require that we inform you of the legal bases for our processing of your personal data. Pursuant to such data protection laws (where applicable), we process personal data generally for the following legal bases:
- Performance of contract: The processing is necessary to perform a contract with you or take steps to enter into a contract at your request;
- Compliance with law: The processing is necessary for us to comply with a relevant legal obligation (for example, laws which require us to collect tax information from customers, carry out checks on customers, or which compel us to disclose information to public authorities or regulators);
- Our legitimate interests: The processing is in our legitimate interests, subject to your interests and fundamental rights, and notably our legitimate interest in using applicable data to conduct and develop our business activities, such as developing and maintaining relationships with our customers (the majority of the processing covered by this Notice is legitimate interest based). Where we rely on our legitimate interests as a lawful basis for processing, we take steps to ensure that our legitimate interests are not outweighed by any prejudice to data subject rights and freedoms. This is achieved in a number of ways, including the application of principles of data minimization and security, and by taking steps to ensure that personal data is collected where it is relevant to the lawful business activities, and, where using personal data, is reasonably necessary for those activities;
- Defend our rights: Where the processing is necessary to the establishment, exercise or defense of legal claims; and
- With your consent: Where you have consented to the processing (for example, where we are required by local law to rely upon your prior consent for the purposes of direct marketing).
In Section 3. B. Purposes of Collection and Processing below, we describe the purposes for which we process personal data (including the relevant legal basis under certain data protection laws (where applicable)).
B. Purposes of Collection and Processing.
The purposes for which we collect, use, disclose and otherwise process personal data vary depending upon the circumstances. Generally, we process personal data for the business and commercial purposes described below:
- Services and support: To operate the Sites and Services, including to communicate with you about your use of the Services, provide troubleshooting and technical support, respond to your inquiries and requests, fulfill your orders and requests, process your payments, for customer support purposes, and to carry out our obligations arising from our contracts with you (Legal basis: performance of contract; our legitimate interests);
- Communications: To seek your views or comments on the products or Services we provide and send you communications by post or e-mail, which you have requested or that may be of interest to you, including newsletters, or promotions of our products or Services or events, and to notify you of changes to our products and Services (Legal basis: our legitimate interests; your consent);
- Research and analytics: To measure the adequate performance of our interactions with you, improve our Services, for our internal purposes, and for other research and analytical purposes (Legal basis: our legitimate interests);
- Customization and personalization: To tailor content we may send or display on our Sites, including to offer location customization and personalized help and instructions, and to otherwise personalize your experiences (Legal basis: our legitimate interests; your consent);
- Marketing and advertising: To promote our products and services on third-party websites, as well as for direct marketing purposes, including to send you newsletters, alerts and information we think may interest you (Legal basis: our legitimate interests; your consent);
- Planning and managing events: For event planning and management, including registration, attendance, connecting you with other event attendees, and contacting you about relevant events and Services (Legal basis: performance of contract; our legitimate interests);
- Legal proceedings and obligations: To obtain or maintain insurance coverage, manage risks or obtain professional advice and defend our rights and establish, exercise and defend our legal claims (Legal basis: meeting our legal or statutory obligations; for the establishment, exercise or defense of a legal claim);
- Account administration: Facilitate your use of your web account on the Site (Legal basis: performance of contract; our legitimate interests);
- General business and operational support: To consider and implement mergers, acquisitions, reorganizations, and other business transactions, and where necessary to the administration of our general business, accounting, recordkeeping and legal functions (Legal basis: meeting our legal or statutory obligations; for the establishment, exercise or defense of a legal claim; our legitimate interest).
Anonymous and Aggregate Data. We use anonymous and aggregate data related to our business and the Services, for research, analytics, development and other purposes.
4. DISCLOSURE OF PERSONAL DATA
In general, we may disclose and make available personal ‘data to third parties as described in this section:
- Coherent Group Entities: Coherent and the Coherent Group entities are a global group of companies. As such, we may disclose personal data to the Coherent Group Entities as part of our business operations and administration of our Sites and Services;
- Processors and service providers: We may disclose personal data to third party processors (including contractors and service providers) who perform services on our behalf. For example, we use third party processors to provide us with technical support, payment processing, and to perform analytics and other work that we may need to outsource. These processors are bound by law and/or contract to protect the confidentiality of and to implement adequate security measures to protect your personal data. They only process your personal data to provide us with requested services and only act on our documented instructions;
- Vendors and business partners: We may also disclose your personal data to other companies, vendors and business partners that perform certain functions for us. These companies are themselves responsible for determining the purposes and/or means of the processing and for the lawfulness of the processing. They include insurance companies, online gateway payment providers, including credit card companies, and banks;
- Third party platforms and services: We may disclose or make available personal data to third party platforms and providers that we use to provide or make available certain features or portions of the Services, or as necessary to respond to your requests;
- Marketing, advertising and analytics providers: We may disclose certain information that includes personal data to third-party ad network providers, sponsors and/or traffic measurement services, who may use this data to improve and measure the effectiveness of our ads and those of third parties. For more information, see Section 5. Cookies, Advertising and Tracking, below. We may also engage third party analytics companies to collect information about Site usage in order to help us to understand how users access and use the Services, to improve our Services and other products and offerings, and for other research and analytical purposes;
- In support of our legal and compliance obligations: We may disclose your personal data to others where such disclosure is necessary for compliance with a legal obligation to which we are subject insofar as reasonably necessary for these purposes and as permitted by law, whether in court proceedings or in an administrative or out-of-court procedure;
- In connection with a business transaction: We may disclose your personal data in connection with a business transaction (such as a merger, acquisition, restructuring, or transfer of assets), to buyers, their lawyers or professional advisors, where needed to affect the sale or transfer of business assets (such as a merger or acquisition) including related to due diligence conducted prior to such event, where permitted by law; and
Aggregate and Anonymous data. We may also disclose aggregate and anonymous data related to our business and the Services, subject to applicable laws.
5. COOKIES, ADVERTISING AND TRACKING
- Cookies: these are alphanumeric identifiers that we transfer to your computer’s hard drive through your web browser for record-keeping purposes. Some cookies allow us to make it easier for you to navigate our Sites, while others are used to enable a faster log-in process or to allow us to track your activities while using our Sites. Most web browsers automatically accept cookies, but if you prefer, you can edit your browser options to block them in the future. The Help portion of the toolbar on most browsers will tell you how to prevent your computer from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether. Some of the Services may not work properly if you disable cookies.
- Pixels (sometimes referred to as tags, pixel tags or clear GIFs) other technologies: these are tiny graphics with a unique identifier, similar in function to cookies. In contrast to cookies, which are stored on your computer’s hard drive, pixels are embedded invisibly on web pages. We may use pixels (also referred to as web beacons, web bugs or pixel tags), in connection with our Services to, among other things, track the activities users of our Services, help us manage content, and compile statistics about usage of our Services. We and our service providers also use clear GIFs in HTML emails to our customers, to help us track email response rates, identify when our emails are viewed, and track whether our emails are forwarded.
Managing Your Preferences. You can review and manage your cookie preferences for our Sites and opt out of certain cookies, including targeting cookies and tags on our Sites, either by editing your browser options as explained below or by reviewing and changing your preferences for most cookies on our Sites (including to opt out of all but ‘required’ cookies) by adjusting your preferences through our Cookie Preferences Tool. This can be done by clicking the “Cookie Preferences” link (or if you are in California the “Do Not Sell or Share My Personal Information” link) in the footer of each of our Sites. Cookie preferences are browser and device specific, which means that you need to set the preference for each browser and device you use to access our Sites; in addition, if you delete or block cookies, you may need to reapply these preferences. Further, opting out of cookies and advertising as discussed below does not mean that you will no longer receive advertising content from us. You may continue to receive generic or “contextual” ads from us, they may just be less relevant to you.
For more information and options for managing your preferences, see also our Cookie Notice. If you are a California resident, please review Section 14. C. Additional Information for California Residents for additional information about your CCPA opt out rights.
Do Not Track (DNT). Our Sites currently do not respond to “do not track” signals. You may, however, disable certain tracking mechanisms in the cookie preference settings of your web browser and opt out of certain third-party ad cookies on our Sites.
6. INTERNATIONAL TRANSFERS OF INFORMATION
Coherent Group Entities. Coherent and our service providers may transfer your personal data to, or access it in, jurisdictions (including the United States and other jurisdictions where we, our affiliates and service providers have operations) that do not include equivalent levels of data protection as your home jurisdiction. We will take steps to ensure that your personal data receives an adequate level of protection in the jurisdictions in which we process it, including through appropriate written data processing terms and/or data transfer agreements and/or other legally acceptable mechanisms according to applicable local laws.
Individuals in the European Economic Area (EEA) and United Kingdom (UK). If you are in the EEA or the UK, and we process your personal data in a jurisdiction that the European Commission has deemed to not provide an adequate level of data protection (a “third country”), we will implement measures to adequately protect your personal data, such as by putting in place standard contractual clauses as approved by the European Commission (the form for the standard contractual clauses can be found at https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en). To obtain additional details of the mechanism under which your personal data is transferred outside of the EEA or UK, you may request such details by contacting the Coherent Data Privacy Coordinator at the contact details listed in Section 13. Contact Details below.
7. THIRD-PARTY LINKS AND SERVICES
Our Sites may provide links to third-party websites, such as social networking sites. Coherent has no control over such third-party websites and is not responsible for the privacy practices of such parties. Please note that we are not responsible for the availability of such third-party sites, and do not endorse and are not responsible or liable for any content, advertising, products or other materials on or available from such websites. Coherent is not liable, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with use of or reliance on any content, advertising, products, or other materials on or available from such websites. We encourage you to review the privacy policies of these third-party sites.
8. RETENTION OF PERSONAL DATA
We retain your personal data for as long as reasonably necessary to fulfill the purposes for which we collected it (as described in this Notice), and we may also retain your personal data for an additional period of time where necessary to comply with our legal obligations or to establish, exercise or defend our legal rights (including to respond to actual or potential legal claims). For more information on how long your personal data is stored, please contact the Coherent Data Privacy Coordinator (for contact details, see Section 13. Contact Details below).
9. YOUR PRIVACY RIGHTS AND CHOICES
In this section we describe the choices you have regarding our collection, use and handling of your personal data.
Access, Deletion and Correction. You may submit a request to access, correct or delete of personal data to us by contacting our Data Privacy Coordinator as set out in Section 13. Contact Details below. We will process your request in accordance with applicable privacy/data protection laws. We may ask you for additional information so that we can confirm your identity or process your request.
Direct Marketing. You may always opt-out of our direct marketing emails by clicking the unsubscribing link contained in our marketing or promotional emails or by contacting us as set out below. We may continue to send you transactional or service-related communications, such as service announcements and administrative messages as far as allowed by applicable laws. In addition, where required by applicable law (including for individuals that reside within the People’s Republic of China (“PRC” or “China” herein)), we will only send you direct marketing emails on an opt-in basis.
Cookie and Ad Preferences. As described in Section 5. Cookies, Advertising and Tracking, you can review and adjust your preferences for cookies and targeted advertising on our Sites using our Cookie Preferences Tool, which can be accessed by clicking the “Cookie Preferences” link (or if you are in California the “Do Not Sell or Share My Personal Information” link) in the footer of each of our Sites.
Additional Information for Certain Jurisdictions. In Section 14. Additional Information for Individuals in Certain Jurisdictions, we provide additional information, as required under certain privacy laws, including the rights certain individuals have under the privacy laws of California, the EEA, the UK and the PRC.
We have implemented physical, technical and organizational measures intended to protect the personal data that we process. However, no environment or security procedures or protocols are ever guaranteed to be 100% secure or error- free.
11. PRIVACY OF CHILDREN
Our Sites are not designed for, or directed at, children under the age of 16 and we do not knowingly collect personal data from individuals in this age group. If you believe we have inadvertently collected personal data about a child, please contact us and we will take steps to delete this data.
12. CHANGES AND UPDATES TO THIS PRIVACY NOTICE
This Notice is current as of the Last Updated Date set forth above. We may change this Notice from time to time, so please be sure to check back periodically. We will post any changes to this Notice on our Sites. If we make any changes to this Notice that materially affect our practices with regard to the personal data we have previously collected from you, we will endeavor to provide you with notice in advance of such change by highlighting the change on our Sites or notifying you electronically.
13. CONTACT DETAILS
If you have questions about this Notice or wish to exercise any of your rights, please contact our Coherent Data Privacy Coordinator at [email protected].
14. ADDITIONAL DETAILS FOR INDIVIDUALS IN CERTAIN JURISDICTIONS
If you have questions about this Notice or wish to exercise any of your rights, please contact our Coherent Data Privacy Coordinator at [email protected].
A. Additional Information for EEA/UK Users.
- Access: You have the right to obtain from us confirmation whether we process your personal data, relevant information about such processing as provided under applicable law, and a copy of the personal data undergoing processing;
- Rectification: You have the right to request us to correct inaccurate personal data and to have incomplete personal data completed;
- Objection: You have the right to object to the processing of your personal data for which we have justified on the basis of a legitimate interest, including profiling (as opposed to your consent) or to perform a contract with you. In addition, you have the right to object at any time where your personal data is processed for direct marketing purposes;
- Portability: You may request your personal data that you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit it to other data controllers without hindrance;
- Restriction: You may request to restrict processing of your personal data;
- Erasure: You may request to have your personal data erased in certain limited circumstances;
- Right to lodge a complaint: You also have the right to lodge a complaint with a supervisory authority, in particular in the jurisdictions of your residence, place of employment, or the location where the issue that is the subject of the complaint occurred; and
- Right to withdraw consent: Please note that where our processing is based on your consent, you are free to refuse to give the consent and you can withdraw your consent at any time. The lawfulness of any processing of your personal data that occurred prior to the withdrawal of your consent will not be affected.
To exercise such rights, please contact us as set forth above, in Section 13. Contact Details. Please note that we may request proof of identity, and we reserve the right to charge a fee, where permitted by law, especially if your request is manifestly unfounded or excessive. We will endeavor to respond to your request within all applicable timeframes required by law.
B. Additional Information for PRC Users
Below we provide additional information to users within the PRC about how we handle their personal data.
Your Rights. In addition to your rights mentioned above in this Notice, you may also have, subject to and to the extent permitted by, applicable law, the right to (1) withdraw your consent to processing of your personal data; (2) restrict or object to processing of your personal data in certain circumstances; (3) de-register the account(s) (if any) you have with our Sites; (4) request elaboration on an automatically made decision that significantly impacts your rights or interests, and refuse to be subject to such decision to the extent that it is solely based on automated decision-making; (5) request a copy of your personal data and/or information about how your personal data has been processed; and (6) lodge a complaint with us and/or a supervisory authority if you consider that the processing of your personal data infringes applicable data protection laws and regulations.
Sensitive Personal Data. “Sensitive Personal Data” refers to the personal data that, once leaked or illegally used, will easily lead to infringement of human dignity or harm to the personal or property safety of a natural person, including (but not limited to): (i) biometric identification, (ii) religious belief, (iii) specific social status, (iv) medical health information, (v) financial accounts, (vi) tracking/location information, and (vii) the personal data of minors under the age of 14. We will process your Sensitive Personal Data with your separate consent.
International Transfers. With your separate consent, we may transfer your personal data to Coherent Group Entities or third parties outside of PRC. We will ensure that the recipients provide an adequate level of data protection that is at least comparable to that required under applicable PRC laws to protect the integrity and security of your personal data. You can find a full list of Coherent Group Entities at https://ii-vi.com/list-of-the-subsidiaries/.
C. Additional Information for California Residents.
In this section, we provide additional information to California residents about the categories of personal information we collect about you and your privacy rights under applicable California privacy laws, as required under California privacy laws including the California Consumer Privacy Act (“CCPA”). This section does not address or apply to our collection and processing of data that is exempt from CCPA (including publicly available information lawfully made available by state or federal government records or other personal information that is exempt under the CCPA), or information about our employees, personnel, applicates and candidates.
Categories of Personal Information under the CCPA. While our collection, use and disclosure of personal information varies based upon our relationship and interactions with you, in this section we describe, generally, how we have collected and disclosed personal information about California residents in the prior 12 months (from the Last Update date above).
The table below identifies the categories of personal information (as defined by the CCPA) that we may collect about California residents, as well as the categories of third parties to whom we may disclose this information for a business or commercial purpose.
Personal information collected
Categories of third parties to whom we may disclose this information for a business or commercial purpose
Includes direct identifiers, such as name, alias user ID, username, account number; email address, phone number, address and other contact information; IP address and other online identifiers; SSN, driver’s license number, passport number, tax ID and other government identifiers; and other similar identifiers.
Includes personal information, such as name, account name, user ID, contact information, employment information, account number, and financial or payment information, that individuals provide us in order to purchase or obtain our products and services. For example, this may include account registration information, or information collected when an individual purchases or orders our products and services, or enters into an agreement with us related to our products and services.
Includes records of personal property,
products or services purchased, obtained, or considered, or other purchasing or use histories or tendencies.
Includes browsing history, clickstream data, search history, access logs and other usage data and information regarding an individual’s interaction with our Sites and Services, and our marketing emails and online ads.
Audio, video and electronic data
Includes audio, electronic, visual, thermal,
olfactory, or similar information such as, thermal screenings and CCTV footage (e.g., collected from visitors to our offices/premises, photographs and images (e.g., that you provide us) and call recordings (e.g., of customer support calls).
Includes professional and employment-related information such as business contact information and professional memberships.
Includes characteristics of protected
classifications under applicable laws, such as disability information and medical conditions provided by you when you register for events and other activities.
Information about an individual’s educational history such as the schools attended, degrees you were awarded, and associated dates.
Includes inferences drawn from other personal information that we collect to create a profile reflecting an individual’s preferences, characteristics, predispositions, behavior, attitudes, intelligence, abilities, or aptitudes. For example, we may analyze personal information in order to identify the offers and information that may be most relevant to customers, so that we can better reach them with relevant offers and ads.
Sensitive personal information
In limited circumstances, we collect and process driver’s license, state identification card and or passport number.
Sources of Personal Information. In general, we may collect the categories of personal information identified in the table above from the following categories of sources:
- Directly from the individual
- Collected automatically
- Data analytics providers
- Social networks
- Internet service providers
- Operating systems and platforms
- Government entities
- Third party and publicly-available data sources
- Business customers
Purposes for Collecting and Disclosing. As described in more detail in Section 3. B. Purposes of Collection and Processing, in general, we collect and otherwise process the personal information set forth in the table above for the following business or commercial purposes:
- Services and support
- Research and analytics
- Customization and personalization
- Marketing and advertising
- Planning and managing events
- Legal proceedings and obligations
- Account administration
- Security and protection of rights
- General business and operational support
Retention. We retain the personal information we collect only as reasonably necessary for the purposes described above or otherwise disclosed to you at the time of collection. For example, we will retain your account data for as long as you have an active account with us, transactional data for as long as necessary to comply with our tax, accounting and recordkeeping obligations, administer applicable returns and warranty programs, and for research, development and safety purposes, as well as an additional period of time as necessary to protect, defend or establish our rights, defend against potential claims, comply with legal obligations and as may otherwise required by law.
Sales and Sharing of Personal Information. Under the CCPA, a ‘sale’ is defined broadly to include disclosing or making available personal information to a third-party in exchange for monetary compensation or other benefits or value, and ‘share’ broadly includes disclosing or making available personal information to a third party for purposes of cross-context behavioral advertising. As such, while we do not disclose personal information to third parties in exchange for monetary compensation, we may, pursuant to the CCPA, sell or share identifiers, usage data and inferences to/with advertising networks and third party ad companies, data analytics providers and social networks in order to analyze use of the Services, optimize and develop our products and services, improve and measure our ad campaigns, and reach users with more relevant ads and content. However, we do not knowingly sell or share personal information about California residents who are younger than 16.
California Residents’ Rights. In general, California residents have the following rights with respect to their personal information:
- Do-not-sell or share (opt-out): To opt-out of our sale and sharing of their personal information by us, by using our Cookie Preference Tool. ““
- Right to limit use of sensitive personal information: The right to limit the use or disclosure of sensitive personal information to those uses authorized by the CCPA.
- Right of deletion: To request deletion of their personal information that we have collected about them and to have such personal information deleted (without charge), subject to certain exceptions.
- Right to know: With respect to the personal information we have collected about them in the prior 12 months, to require that we disclose the following to them (up to twice per year and subject to certain exemptions):
- categories of personal information collected;
- categories of sources of personal information;
- categories of personal information about them we have disclosed for a business purpose or sold;
- categories of third parties to whom we have sold or disclosed for a business purpose their personal information;
- the business or commercial purposes for collecting or selling their personal information; and
- a copy of the specific pieces of personal information we have collected about them.
- Right to non-discrimination: The right not to be subject to discriminatory treatment for exercising their rights under the CCPA.
Submitting Requests to Know, Correct and Delete. California residents may submit requests to know, correct and delete their personal information through:
- Our online webform
- Via email to [email protected]
When you submit a request to know or delete, we will need to verify your identity before processing your request, which may require us to request additional personal information from you or require you to log into your account, if you have one. In certain circumstances, we may decline or limit your request, particularly where we are unable to verify your identity or locate your information in our systems, or as permitted by law. Authorized agents may initiate a request on behalf of another individual by contacting us at [email protected]; authorized agents will be required to provide proof of their authorization and we may also require that the relevant consumer directly verify their identity and the authority of the authorized agent.
Requests to Opt-Out of Sales and Sharing. California residents may submit a request to opt out of sales and sharing by us, by:
- Using our Cookie Preference Tool. The cookie Preference Tool can be accessed by clicking the “Do Not Sell or Share My Personal Information” or “Cookie Settings” link in the footer of each of our Sites.
- Turning on the Global Privacy Control—or “GPC”—signal through your browser. If our Sites detect that your browser is transmitting a GPC signal, we will process that as a request to opt out you out of sales and sharing for that browser and device. Please note that if you come back to a Site from a different device or use a different browser on the same device, you will need to opt out (or set GPC for) that browser and device as well.