HAAS CUSTOMER PRIVACY NOTICE
Haas Automation, Inc., of 2800 Sturgis Rd., Oxnard, CA 93030, USA (“the Company”), and its affiliates (together, the “Group”, “we”, or “us”), collect and process personal information that is provided to us by you, as our customer or prospective customer, or generated by you in your purchase of our products and/or use of our services. This Privacy Notice is provided to you in accordance with applicable privacy laws, including, but not limited to, the General Data Protection Regulation 2016/679 (“GDPR”), the UK Data Protection Act 2018, and other laws implementing or supplementing the GDPR (together, the “Data Privacy Laws”). This Privacy Notice explains what information you provide to us, and how we use your information to provide our products and/or services to you. As we primarily do business with companies, rather than individuals directly, this Privacy Notice is primarily aimed at our business customers’ staff. This Privacy Notice is effective as of December 20, 2019, and may be updated or replaced from time to time. The latest dated version is the applicable Privacy Notice. The collection and use of personal information on our websites are governed by a separate Website Privacy Notice, available at https://www.haascnc.com/about/terms/website_privacy.html.
Your Personal Information
Your personal information includes any information relating to you from which you are identified or identifiable. This includes your name, contact information, information about where you work and, if applicable, where you live, payment information, purchasing history, and about your use of our products, services, and website. We may also have information such as passport information, family details, and/or travel information in limited situations where, with your express consent, we are facilitating travel for you and/or your family members.
For the 12-month period prior to the date of this Privacy Notice, we explain here what categories of personal information we have collected, from where we collected the information, the purpose of collection and legal bases for processing, and with whom we have shared it:
Category of Personal Information Collected
|
Source
|
Purpose for Collection and Legal Bases for Processing
|
Categories of Recipients
|
Contact Data: name, contact information, information about where you work and, if applicable, where you live, and information about your use of our products, services and websites.
|
Provided by you directly to us when you use our website, or obtain products or services provided by us; or otherwise provided about you by our business customers or our distributors (Haas Factory Outlets or “HFOs”).
|
- To contact you: and send you communications relating to your use of our services, website, or purchase of our products;
- For marketing purposes: we rely on legitimate interests for marketing purposes (this is the interests of the Group and/or the business customer or, in limited circumstances and only where applicable, the interests of the individual data subject).
|
- Business partners, to make an initial determination of the services you may need, or to conduct other associated business activities;
- Haas HFOs;
- freight forwarders and shipping carriers;
- service providers, as necessary, for whose services you have requested our assistance; and
- government bodies that require us to report processing activities.
|
Communications: communications we have with you. Please note that we record calls to our customer service team for training and quality control purposes.
|
From you.
|
To handle your requests, to contact you when necessary or requested, including responding to your questions and comments and providing customer support, and to obtain customer feedback, and improve our customer service and customer shopping experience.
|
The Group and our HFOs, including service providers who help us communicate with our customers.
|
Purchase and order information: contact information, together with purchase details online and in store through e-receipts, delivery details, payment details, any communications we have received about your order or purchase.
|
From you when you purchase from us or through the HFOs
|
For contractual purposes: we will use your personal information to perform our contractual requirements and obligations, and to take any required pre-contractual steps.
|
- Service providers, as necessary, for whose services you have requested our assistance;
- Haas HFOs; and
- Freight forwarders and shipping carriers.
|
Payment information: name, card issuer and card type, credit or debit card number, expiration date, CVV code, and billing address.
|
From our clients and their payment card issuers.
|
Authorizing of credit card and other financial transactions for our customers.
|
Our service providers who process payments for us—they are prohibited from using personal information for any other purposes, and are contractually required to comply with all applicable laws and requirements, which includes the Payment Card Industry Data Security standards.
|
Travel, scheduling & sensitive information: Some of the personal information you provide to us may include health information, or other sensitive or special categories of personal information where provided by you, with your consent, such as disability information or religious data for purposes required by you.
|
Provided by you or your colleagues or business partners.
|
For purposes directed by you, such as scheduling meetings, travel and food arrangements, and access to Group premises.
|
Our business partners and service providers, including Haas HFOs, where necessary, based on the purpose provide.
|
On premises privacy: CCTV images of you in and around entrances and exits to our facilities and offices.
|
From you, our CCTV
|
To keep you, other customers, our staff, buildings, systems, and data safe and secure, to investigate potential theft, fraud, or misconduct.
|
Our service providers who help us with fraud protection, law enforcement, and other governmental authorities in accordance with applicable law.
|
Legal information: details of your identity, image, name, and address, suspected or alleged thefts, fraud, assault, or other criminal behavior.
|
From crime and fraud prevention agencies, from you, witnesses, and from the police
|
To protect customers, the public, and our business against risks and crime.
|
Law enforcement, professional advisors, including lawyers, bankers, auditors, and insurers.
|
In some jurisdictions, individuals may have the right to withdraw consent from certain uses. If you reside in such jurisdictions, you may have additional rights, which are detailed below.
All the personal information we collect from you, or which is generated by you, is used to provide the services you have requested, or for communications to which you have subscribed, or otherwise as described in this Privacy Notice. The Group will safeguard the privacy and security of your personal information as required under Data Privacy Laws.
Processing in the U.S.
Some of your personal information is processed by us in the USA. By using our services, purchasing our products, and providing your personal information to us via the website or directly, you expressly acknowledge and agree to the transfer of some of your personal information to the USA, which may have a lower standard of data privacy laws than in your country of residence. Our security measures are described below in this Privacy Notice.
Additional Information about Sharing Your Personal Information with Third Parties
We do not allow any third parties to have access to your personal information, except as required or permitted by applicable laws, or in accordance with this Privacy Notice. We may disclose your personal information to our subcontractors, agents, or payment service providers (who may be located in the USA or other countries that do not have stringent data privacy laws equivalent to the standards of the GDPR) with whom we contract to assist us in providing the products or services. We require such subcontractors or agents to agree in writing to comply with the privacy and security standards described in this Privacy Notice. We have safeguards in place to protect your personal information agreed with our business partners.
There may be instances when we disclose your personal information to other recipients:
- to comply with the law, or respond to compulsory legal process (such as a search warrant or court order) or a request for information from a regulator, or otherwise for legal purposes;
- to verify or enforce compliance with the policies governing the services;
- to fulfill contractual requirements, or for legitimate interests of the Group or a third-party (including HFOs); or
- to protect the rights, property, or safety of the Company, or any of our respective affiliates, business partners, or customers, or otherwise in the legitimate business interests of the Company and/or our affiliates, and in accordance with Data Privacy Laws.
We may share your personal information with other entities in connection with the sale, assignment, merger, or other transfer of all or a portion of the Group’s business to that other entity.
In any instance where we need to share your personal information with third parties, such as legal or financial advisors, including auditors, distributors, vendors, suppliers, and other third parties, we will restrict the nature and categories of personal information to that which is required to comply with our contractual obligations to you, or our legal and/or regulatory requirements. We may de-identify your personal information to protect your privacy, where appropriate to do so.
How We Protect Your Personal Information
The Group understands that storing data in a secure manner is essential. The Group stores personal information and other data using reasonable physical, technical, and administrative safeguards to secure data against foreseeable risks, such as unauthorized use, access, disclosure, destruction, or modification. Although we make good-faith efforts to store the information we collect in a secure operating environment that is not available to the public, we cannot guarantee complete security. Further, while we work to ensure the integrity and security of our network and systems, we cannot guarantee that our security measures will prevent third-party “hackers” from illegally obtaining this information.
How Long We Keep It
We retain your personal data relating to the use of our products and services for the duration of the customer relationship, and for seven years after the customer account is closed, for legal, regulatory, audit, and tax requirements, subject to our legal requirements to keep your personal information for a longer period. After this period has expired, the personal information relating to your account and your use of the services will be deleted. Any personal information you have provided to us for marketing purposes will be kept for these purposes, until you notify us that you no longer wish to receive these communications.
European Data Privacy Information
The Group companies are the data controllers under the Data Privacy Laws. This European Data Privacy Information section applies to residents in the European Economic Area, Switzerland, and the UK who purchase our products and/or use our services, or who otherwise are resident in these territories, and whose personal information is used by the Group for commercial purposes, and also to other customers or prospective customers of our European affiliates.
Under the GDPR, you have some rights to make requests, which are all subject to exemptions and qualifications under the Data Privacy Laws. You have the right to ensure your personal information is accurate; we request that you let us know if your personal information changes. You have the right to request that we delete your personal information (although we may still need to retain your personal information as described above in this Privacy Notice for contractual and/or legal purposes). You have the right to request that we restrict the processing of your personal information (although we will still need to process your personal data during the duration of the contract and beyond for legal purposes). You have the right to access a copy of your personal information (this is limited to information that is your personal information only, not to the underlying document or remaining information, and subject to the exemptions and qualifications under the Data Privacy Laws). You may also object to the use of your personal information where we rely on legitimate interests in certain circumstances (we may still be able to process your personal information if we have compelling grounds to do so). If you wish to raise a complaint about how we have handled your personal information, you can contact us, and we will investigate the matter and respond to you promptly. If you are not satisfied with our response, or if you prefer not to engage with us first, you can complain to any applicable data privacy authority in your country of residence. The Belgian Data Protection Authority is the supervisory authority.
The transfer of personal data from the UK/EEA to the Group entities outside the EEA is governed by data transfer agreements, which are in the form of the standard contractual clauses approved by the European Commission (http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32004D0915)
California Data Privacy Information
If you are a resident of the State of California, you have certain rights under California law.
California law permits California residents to request from a business with whom the California resident has an established business relationship, certain information about the types of personal data the business has shared with third parties for those third parties’ direct marketing purposes, and the names and addresses of the third parties with whom the business has shared such information during the immediately preceding calendar year.
To submit a request for this information, please refer to the “Contacting Us” section of this Website Privacy Notice.
If you are a California resident, California law provides you with the following additional rights with respect to your personal information:
- The right to know what personal information we have collected, used, disclosed and sold about you. To submit a request to know, you may call us at +1-833-979-0006, or visit our Data Request Form. You also may designate an authorized agent to make a request for access on your behalf using our Data Request Form.
- The right to request that we delete any personal information we have collected about you. To submit a request for deletion, you may call us at +1-833-979-0006, or visit our Data Request Form. You also may designate an authorized agent to make a request for deletion on your behalf using our Data Request Form.
When you exercise these rights and submit a request to us, we will verify your identity by asking you for your email address, telephone number, or the last four digits of a credit or debit card used to make purchases from us. We also may use a third-party verification provider to verify your identity.
Your exercise of these rights will have no adverse effect on the price and quality of our goods or services.
You may learn more about your rights under California’s privacy laws at https://oag.ca.gov/privacy.
Further Information
If you have any questions about this Privacy Notice, or about the Group’s handling of your information, please contact the Privacy Officer by email at: [email protected].
