一般数据保护条例 (GDPR) 隐私声明
生效日期 2024年11月24日
通用数据保护法规通知
Natural persons located in the European Economic Area (“EEA”), in the United Kingdom or in Switzerland, may have additional rights under the General Data Protection Regulation ((EU) 2016/679) (“EU GDPR”) and the EU GDPR as it forms part of the law of England and Wales, Scotland and Northern Ireland by virtue of section 3 of the European Union (Withdrawal) Act 2018 and as amended by Schedule 1 to the Data Protection, Privacy and Electronic Communications (EU Exit) Regulations 2019 (SI 2019/419) (“UK GDPR”) or the Swiss Data Protection Act ("Swiss DPA") and should review the GDPR Notice here, which incorporates the requirements under such laws for providing data subjects with information about their personal data, including how we use it and their rights.
简介
Bel Fuse Inc., and its subsidiaries and affiliates provide this GDPR Privacy Notice (this “GDPR Notice”), which is incorporated into our Privacy Policy. To the extent of any conflict between this GDPR Privacy Notice and the Privacy Policy linked above, this GDPR Privacy Notice shall control with respect to use of personal data falling under the scope of the EU GDPR, UK GDPR and Swiss DPA. Any capitalized terms or other terms not defined herein (please refer to the 'Glossary' section at the bottom of this Notice) shall have the meaning ascribed to them in the Privacy Policy or, if not defined in the Privacy Policy, shall have the meaning ascribed to them in the EU GDPR.
本 GDPR 声明告知您我们如何在您访问我们的网站(无论您从何处访问)、与我们沟通、购买我们的商品或服务,或接收我们的商品或服务订单时处理和保护您的个人数据,以及您的隐私权以及法律如何保护您。
请务必阅读本 GDPR 声明,以及当我们收集或处理您的个人数据时在特定情况下可能提供的任何其他隐私声明或公平处理通知,以便您充分了解我们如何以及为何使用您的数据。本 GDPR 声明旨在补充而并非覆盖其他声明。
本 GDPR 声明以分层次的形式提供,您可以点击下列特定区域。您也可以在此处下载此 GDPR 声明的 pdf 版本:belfuse.com/bel-privacy-GDPR-Notice.pdf. 另请使用词汇表来理解本 GDPR 声明中使用的某些术语的含义。
- 我们是谁,如何与我们联系,以及其他关键信息
- 我们收集的关于您的数据
- 如何收集您的个人数据
- How and Why We Use Your Personal Data
- 披露您的个人数据
- Where your Personal Data is Held and International Transfers
- EU-U.S. Data Privacy Framework ("DPF"), UK Extension to the EU-U.S. DPF and Swiss-U.S. DPF
- 数据安全
- 数据保留
- 您的法律权利
- 词汇表
1. 我们是谁,如何与我们联系,以及其他关键信息
控制者
Bel Fuse Inc. 由不同的法人实体组成,每个法人实体可能不时控制您的数据。This GDPR Notice is issued on behalf of Bel Fuse Inc.’s subsidiaries and affiliates, so when we mention "Bel Fuse," "we," "us," or "our" in this GDPR Notice, we are referring to the relevant company responsible for processing your data unless stated otherwise.
Bel Fuse Inc. 集团公司总部位于美国,业务遍及全球。For more information about the Bel Fuse Inc. group, including the identities and addresses of the different legal entities, please see www.belfuse.com.
We have appointed Data Protection Leads within our various affiliates who are responsible for overseeing questions in relation to this GDPR Notice. If you have any questions about this privacy notice, including any requests to exercise your legal rights, please contact the appropriate Data Protection Lead (e.g., as applicable, the Data Protection Lead in your member state or the UK) using the details set out below:
爱尔兰 |
Bel Power Solutions Ireland Limited City Gate House Raheen business park Limerick 爱尔兰 |
斯洛伐克 |
Bel Power Solutions s.r.o. Areal ZTS 924 018 41 Dubnica nad Vahom 斯洛伐克 |
德国 |
Bel Stewart GmbH Amelia-Mary-Earhart- Straße 8, 60549 Frankfurt am Main, Germany |
英国 |
Cinch Connectors Limited Shireoaks Road Worksop Nottinghamshire S80 3HA |
意大利 |
BEL POWER EUROPE SRL Via Resegone 28 Camparada (MB) IT20857 意大利 |
Cinch Connectivity Solutions Limited 11 Bilton Road Chelmsford Essex CM1 2UP |
瑞士 |
Bel Power Solutions GmbH Ackerstrasse 56 CH-8610 Uster |
向监管机构投诉的权利
You have the right to lodge a complaint at any time with the appropriate supervisory authority (also referred to as “data protection authorities”). Contact details for EU supervisory authorities can be found here. The Swiss Federal Data Protection and Information Commissioner can be contacted here here.
然而,在您提出此类投诉之前,我们希望有机会处理您的疑虑,因此请首先与我们联系。
第三方链接
我们的网站可能包含指向第三方网站、插件和应用程序的链接。点击这些链接或启用这些连接可能允许第三方收集或分享您的数据。我们无法控制此类第三方网站,也不对其隐私声明负责。当您离开我们的网站时,我们建议您阅读您访问的每个网站的隐私声明。
儿童
Please note that our website, products, and services are not intended for children, and we do not knowingly collect data about children.
本 GDPR 声明的更新
We may change this privacy policy from time to time - when we make significant changes, we will take steps to inform you, by emailing you a copy of the updated privacy policy and displaying the new policy on our website.
2. 我们收集的关于您的数据
Personal data under the EU GDPR, UK GDPR and Swiss DPA means any information relating to an identified or identifiable individual. 其不包括“匿名”数据,即某些数据已被删除,使得个人的身份不再可识别。
我们可能收集、使用、存储和传输您的各类个人数据,组合如下:
- Identity Data: includes first name, last name, and title.
- Contact Data: includes billing address, delivery address, email address, telephone numbers.
- Financial Data: includes bank account and payment card details.
- Transaction Data: includes details about quotes provided to you, payments to and from you, a purchase order number, an account number, shipping details and other details of products and services you have purchased from us.
- Technical Data: includes internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access our website.
- Profile Data: includes purchases or orders made by you, your interests, preferences, feedback, and survey responses.
- Usage Data: includes information about how you use our website, products, and services.
- Marketing and Communications Data: includes your preferences in receiving marketing from us and our third parties and your communication preferences.
We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data may be derived from your personal data but is not considered personal data when it does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this GDPR Notice.
We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data and under the Swiss DPA some additional similar categories) nor do we collect any information about criminal convictions and offences.
如果您未能提供个人数据
如果我们需要依法或根据我们与您签订的合同条款收集个人数据,并且您未能在要求时提供此类数据,则我们可能无法履行现有或正在尝试与您签订的合同(例如,为您提供商品或服务)。In this case, we may have to cancel a product or service you have with us, but we will notify you if this is the case at the time.
3. 如何收集您的个人数据
我们使用不同的方法从您那里收集您的数据,包括以下方式:
- 直接互动。 You may give us your Identity, Contact, Financial, Transaction, and Marketing and Communication Data by filling in forms or by corresponding with us by post, phone, email, or otherwise. This includes personal data you provide when you:
- 索取我们的产品或服务;
- 订阅我们的服务或出版物;
- 联系我们获取技术或销售支持;
- 索取营销材料;
- 参加促销或调查;或
- give us feedback.
- 自动化技术或互动。 As you interact with our website, we may automatically collect Technical Data about your equipment, browsing actions, and patterns. We collect this personal data primarily by using cookies, pixel tags, and server logs. We use automatic data collection technology provided by certain analytics providers to evaluate your use of the Website, compile reports on activity (based on their collection of IP address, Internet service provider, browser type, operating system and language, referring and exit pages and URLs, date and time, amount of time spent on particular pages, what sections of the Website you visit, number of links you click while on the Website, search terms, and other data), and analyze performance metrics. 此类提供商可能使用跟踪技术,例如但不限于 cookie,以帮助收集、分析和向我们提供报告和/或数据。
您可以将浏览器设置为拒绝所有或部分浏览器 cookie,或在网站设置或访问 cookie时提醒您。请注意,如果您禁用或拒绝 cookie,我们网站的某些部分可能无法访问或无法正常运行。Please refer to our Cookie Notice for more information on how we use cookies and other analytics information.
- 第三方或公开来源。 We may receive personal data about you from various third parties and public sources as set out below:
- Technical Data from analytics providers, such as Google based outside the European Economic Area (the “EEA”), the United Kingdom and Switzerland.
- Contact and Transaction Data from providers of technical, fulfilment, and delivery services based inside and outside the EEA, the United Kingdom and Switzerland.
- Identity, Contact, Financial, Profile, Usage, Transaction, and Marketing and Communication Data from third party agents or distributors based inside and outside the EEA, the United Kingdom and Switzerland.
- Identity and Contact Data from publicly availably sources such as Companies House based inside the EEA, the United Kingdom and Switzerland.
4. How and Why We Use Your Personal Data
我们通常在以下情况下使用您的个人数据:
- 当我们需要履行即将或已经与您签订的合同时。
- 当维护我们的合法利益(或第三方利益)所必要且您的利益和基本权利不会超越这些利益时。
- 当我们需要遵守法律或监管义务时。
Click here to find out more about the types of lawful basis that we will rely on to process your personal data.
我们使用您个人数据的目的
We have set out below a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. 在适用时,我们还注明了我们的合法利益。
请注意,根据我们使用您数据的具体目的,我们可能基于多个合法理由处理您的个人数据。对于下表中列示多个理由的条目,如果您需要详细了解我们处理您个人数据的具体法律依据,请联系我们。
目的/活动 |
数据类型 |
处理的合法依据,包括合法利益依据 |
将您注册为新的客户 |
(a) 身份 (b) 联系 |
•Performance of a contract with you |
处理和交付您的订单,包括: (a) 管理付款、费用和收费 (b) 收集和追回您欠我们的资金 |
(a) 身份 (b) 联系 (c) 财务 (d) 交易 |
•Performance of a contract with you •Necessary for our legitimate interests (to recover debts due to us) |
向您下订单: (a) 管理付款、费用和收费 (b) Reconcile invoices (c) 获取我们购买的商品或服务 |
(a) 身份 (b) 联系 (c) 财务 (d) 交易 |
•Performance of a contract with you •Necessary for our legitimate interests (to ensure accurate payment and obtain goods or services we have paid for) |
向您通知有关我们条款或隐私政策的变更 |
(a) 身份 (b) 联系 (c) 个人资料 |
•Performance of a contract with you •To comply with our legal obligation to provide privacy disclosures |
支持您完成调查或参加促销 |
(a) 身份 (b) 联系 (c) 个人资料 (d) 使用 (e) 营销和沟通 |
•Necessary for our legitimate interests (to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy) |
管理和保护我们的业务和我们的网站(包括故障排除、数据分析、测试、系统维护、支持、报告和数据托管) |
(a) 身份 (b) 联系 (c) 技术 |
•Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganization or group restructuring exercise) •Necessary to comply with a legal obligation |
向您提供相关的网站内容和广告,并衡量或了解我们为您提供的广告的有效性 |
(a) 身份 (b) 联系 (c) 个人资料 (d) 使用 (e) 营销和沟通 (f) 技术 |
•Necessary for our legitimate interests (to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy) |
使用数据分析以改进我们的网站、产品/服务、营销、客户关系和体验 |
(a) 技术 (b) 使用 |
•Necessary for our legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business, and to inform our marketing strategy) |
提出建议和推荐,并向您提供您可能感兴趣的商品或服务的技术和销售信息 |
(a) 身份 (b) 联系 (c) 技术 (d) 使用 (e) 个人资料 |
•Necessary for our legitimate interests (to develop our products/services and grow our business) |
对您执行信用检查 |
(a) 身份 (b) 联系 (c) 财务 |
•Necessary for our legitimate interests (to confirm you are able to pay for products or services) •Performance of a Contract with you |
营销沟通与退出
我们可能会使用您的身份、联系、技术、使用和个人资料数据,以构建我们认为您可能想要或需要的内容,或您可能感兴趣的内容。我们通过这种方式决定哪些产品、服务和优惠可能与您相关(我们称之为营销)。
You will receive marketing communications from us if you have (i) consented to your personal data being used for marketing purposes (including requesting marketing communications from us); or (ii) previously purchased from us and in both cases you have not opted out of receiving that marketing at the point we first collected your personal data or at any point thereafter.
We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising. You can contact us using the details at the start of the privacy notice or use the email address privacy@belf.com to tell us about your marketing preferences and to opt out of further marketing communications from us. Please note that this opt-out will not prohibit transactional or administrative emails being sent to you, such as those regarding a product/service purchase, warranty registration, product/service experience, or other transactions.
5. 披露您的个人数据
出于上文第 4 段表格中列出的目的,我们可能必须与下列各方分享您的个人数据。
- Internal Third Parties as defined in the Glossary.
- External Third Parties as defined in the Glossary.
- 我们可能选择出售、转让或合并部分业务或资产的第三方。或者,我们可能寻求收购其他业务或与之合并。如果我们的业务发生变化,新所有者可能按照本 GDPR 声明中的规定使用您的个人数据。
We require all third parties that process data under our control to respect the security of your personal data and to treat it in accordance with the law. 所有此类第三方均作为我们的代理人,根据我们的指示和代表我们根据合同履行服务,这些合同要求他们至少提供本隐私政策要求并由我们实施的相同级别的隐私保护。我们不允许我们的第三方服务提供商将您的个人数据用于其自身的目的,且仅允许他们按照我们的指示处理您的个人数据用于指定目的。
We may also be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
6. Where your Personal Data is Held and International Transfers
Personal data may be held at our offices and those of our group companies, third party agencies, service providers, representatives and agents as described above (see section 5: ‘Disclosures of Your Personal Data’). We also share your personal data within the Bel Fuse Inc. group who are based in the United States of America. This will involve transferring your data outside the EEA, the United Kingdom and Switzerland.
Some of our external third parties are based outside the EEA, the United Kingdom and Switzerland so their processing of your personal data will also involve a transfer of data outside the EEA, the United Kingdom and Switzerland. Your data may be transferred to the United States of America and in any other country of the world. Other countries outside the EEA, the United Kingdom and Switzerland have differing data protection laws, some of which may provide lower levels of protection of privacy.
Whenever we transfer your personal data out of the EEA, the United Kingdom and Switzerland, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented or an exception is provided for:
- We will transfer your personal data to a recipient who is subject to, and has certified itself, under the EU-U.S. Data Privacy Framework or the U.S.-Swiss Data Privacy Framework with regard to such personal data transfer.
- We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission or the UK Information Commissioner, or the Swiss Federal Council, as applicable in each case.
- We will ensure an adequate safeguard is in place, such as the Standard Contractual Clauses approved by the European Commission, and/or the UK Addendum and Addendum required under the Swiss DPA where applicable.
- A specific exception applies under relevant data protection law.
- An exception may apply, for example, in case of legal proceedings abroad, but also in cases of overriding public interest or if the performance of a contract requires disclosure, if you have consented, or if data has been made available generally by you and you have not objected against the processing.
Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA, the United Kingdom and Switzerland.
Any changes to the destinations to which we send personal data or in the transfer mechanisms we rely on to transfer personal data internationally will be notified to you in accordance with the ‘Updates to this GDPR Notice’ section.
7. EU-U.S. Data Privacy Framework (“EU-U.S. DPF”), UK Extension to the EU-U.S. DPF and Swiss-U.S. Data Privacy Framework program (“Swiss-U.S. DPF”)
Bel Fuse Inc. also complies with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF and Swiss-U.S. DPF, as set forth by the U.S. Department of Commerce. Bel Fuse Inc. has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. Bel Fuse Inc. has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Program Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please follow this link.
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Bel Fuse Inc. commits to resolve DPF Principles-related complaints about our collection or use of your personal data. European Union, United Kingdom and Swiss individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF should first contact us using the contact details under paragraph 1 above.
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Bel Fuse Inc. commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF to an independent dispute resolution mechanism, Data Privacy Framework Services, operated by BBB National Programs based in the United States. If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related compliant to your satisfaction, please visit this link for more information or to file a complaint. This service is provided at no cost to you.
If your DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. Please follow this link for further details. You also have the possibility, under certain conditions, to invoke binding arbitration for complaints regarding DPF compliance not resolved by any of the other DPF mechanisms. Please follow this link for additional information.
The U.S. entities and subsidiaries of our organisation that will adhere to the EU-U.S. DPF Principles and Swiss-U.S. Principles and are covered by our DPF certification are: (1)Bel Fuse Inc.; (2) Bel Power Solutions Inc.; (3) PAI Capital LLC; (4) Stratos International LLC; (5) Stratos Lightwave - Florida LLC; (6) Stratos Lightwave LLC; (7) Bel Transformer Inc.; (8) Transformer One; (9) Bel Power Inc.; (10) Cinch Connectivity Solutions Inc.; (11) Trompeter Electronics, Inc.; (12) Connector Ownership LLC; (13) Bel Connector Inc.; (14) Bel Ventures Inc.; (15) Bel Worksop LLC; and (16) Mil Power Source Inc.
Bel Fuse Inc. has responsibility for the processing of the personal data it receives under the DPF Principles and subsequently transfers to a third party acting as an agent on its behalf. Bel Fuse Inc. shall remain liable under the DPF Principles if its agent processes such personal data in a manner inconsistent with the DPF Principles, unless Bel Fuse Inc. is not responsible for the event giving rise to the damage.
If you have an inquiry regarding Bel Fuse Inc.'s privacy practices in relation to its EU-U.S. DPF, the UK Extension to the EU-U.S. DPF or Swiss DPF certification, we encourage you to contact us. The Federal Trade Commission (FTC) has jurisdiction over Bel Fuse Inc.’s compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF and Bel Fuse Inc. is subject to the investigatory and enforcement powers of the FTC.
8. Data Security
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. 此外,我们还将对您个人数据的访问权限制于员工、代理、承包商和其他具有业务需要的第三方。They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.
我们已制定处理任何可疑个人数据泄露的程序,并将在法律要求时向您和任何相关监管机构通知任何数据泄露情况。
9. 数据保留
贵公司将使用我的个人数据多长时间?
我们将仅在必要时保留您的个人数据,以实现我们收集的目的,包括满足任何法律、会计或报告要求。
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. Further information on specific retention periods for different types of personal data can be made available by contacting us using the contact details at section 1 above.
根据法律,出于税务目的,我们必须在与客户终止关系后的六年内保留客户的基本信息(包括联系、身份、财务和交易数据)。
In some circumstances we may anonymize your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
10. 您的法律权利
在某些情况下,根据数据保护法律,您拥有与您个人数据相关的权利。请点击以下链接,了解有关这些权利的更多信息:
- Request access to your personal data.
- 请求更正您的个人数据。
- 请求删除您的个人数据。
- 反对处理您的个人数据。
- 请求限制对您个人数据的处理。
- 请求转移您的个人数据。
- Right to withdraw consent.
- Right not to be subject to automated individual decision making.
如果您希望行使上述任何权利,请与我们联系。
通常不需要支付任何费用
您无需支付费用即可访问您的个人数据(或行使任何其他权利)。However, under the EU GDPR and UK GDPR we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive. 或者我们可能会在上述情况下拒绝您的请求。Under the Swiss DPA, similar rules apply, and we will let you know if we restrict, postpone or reject your request on such grounds.
我们可能需要您做什么
我们可能需要向您索取特定信息,以帮助我们确认您的身份,并确保您有权访问您的个人数据(或行使您的任何其他权利)。这是一项安全措施,以避免向任何无权接收个人数据的人员披露个人数据。我们也可能会与您联系,要求您提供有关您请求的更多信息,以加快我们的回应。
回应的时间限制
我们尝试在一个月内回复所有合法的请求。如果您的请求格外复杂,或者您提出了许多请求,则有时可能需要超过一个月的时间。在这种情况下,我们将通知您,并向您告知最新进展。
11. 词汇表
合法依据
Legitimate Interest means the interest of our business in conducting and managing our business to enable us to give you the best service/product and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us. We will carry out an assessment when relying on legitimate interests, to balance our interests against your own.
Performance of Contract means processing your data where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract.
Comply with a legal or regulatory obligation means processing your personal data where it is necessary for compliance with a legal or regulatory obligation that we are subject to.
第三方
内部第三方
Bel Fuse Inc. 集团旗下的其他公司,位于美国,提供管理、IT 和系统管理服务,并进行领导力报告。We may also share your personal data if required to provide our services with other entities within the global Bel Fuse group.
外部第三方
- Service providers based inside and outside the EEA, the United Kingdom and Switzerland who provide IT and system administration services, direct marketing, web analytics, order fulfilment, data storage, hosting services, sales support, credit card processors, Enterprise Resource Planning software vendors and logistics support companies.
- Suppliers of goods and services based inside and outside the EEA, the United Kingdom and Switzerland who provide component goods and services which form part of the goods and services we provide as part of any contract with you.
- Storage and fulfilment providers based inside and outside the EEA, the United Kingdom and Switzerland who provide storage and delivery services.
We or the third parties mentioned above occasionally also share personal data with:
- our and their external auditors, e.g. in relation to the audit of our accounts, in which case the recipient of the information will be bound by confidentiality obligations;
- our and their professional advisors (such as lawyers and other advisors), in which case the recipient of the information will be bound by confidentiality obligations;
- law enforcement agencies, courts, tribunals and regulatory bodies to comply with our legal and regulatory obligations; and
- other parties that have or may acquire control or ownership of our business (and our or their professional advisers) in connection with a significant corporate transaction or restructuring, including a merger, acquisition, asset sale, initial public offering or in the event of our insolvency—usually, information will be anonymized but this may not always be possible. The recipient of any of your personal data will be bound by confidentiality obligations
If you would like more information about who we share our data with and why, please contact us.
您的法律权利
您有权:
- Request access to your personal data (commonly known as a "data subject access request"). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
- Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data or corrections you provide to us.
- Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no lawful reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
- Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
- Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios: (a) if you want us to establish the data's accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
- Data portability - the right to receive the personal data you provided to us, in a structured, commonly used, and machine-readable format and/or transmit that data to a third party - in certain situations.
- Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
- Not to be subject to automated individual decision making where you do not want to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you.
- Under the Swiss DPA you have similar rights, subject to certain restrictions defined by law that we are entitled or even required to apply (e.g., to protect third party interests).