HAAS CUSTOMER PRIVACY NOTICE

 

Haas Automation, Inc., of 2800 Sturgis Rd., Oxnard, CA 93030, USA (“the Company”), and its affiliates (together the “Group”, “we”, or “us”), collect and process personal information that is provided to us by you, as our customer or prospective customer, or generated by you in your purchase of our products and/or use of our services. This Privacy Notice is provided to you in accordance with applicable privacy laws, including, but not limited to, the General Data Protection Regulation 2016/679 (“GDPR”), the UK Data Protection Act 2018, and other laws implementing or supplementing the GDPR (together, the “Data Privacy Laws”). This Privacy Notice explains what information you provide to us, and how we use your information to provide our products and/or services to you. As we primarily do business with companies, rather than individuals directly, this Privacy Notice is primarily aimed at our business customers’ staff. This Privacy Notice is effective as of August 2019, and may be updated or replaced from time to time. The latest dated version is the applicable Privacy Notice.

Your personal information

Your personal information includes any information relating to you from which you are identified or identifiable. This includes your name, contact information, information about where you work and, if applicable, where you live, payment information, purchasing history, and about your use of our products, services, and website. We may also have information such as passport information, family details, and/or travel information in limited situations where, with your express consent, we are facilitating travel for you and/or your family members.

We collect various types of personal information from different sources, including:

  • information you provide directly to us when you use our website or obtain products or services provided by us, or otherwise provided about you by our business customers;
  • information we collect about your purchase of products or use of our services or through the use of our website;
  • third-party lead generation companies;
  • our distributors (Haas Factory Outlets or “HFOs”)
  • trade shows; and
  • service providers, such as search information providers, or providers of technical, payment, and delivery services.

 

Some of the personal information you provide to us may include health information, or other sensitive or special categories of personal information where provided by you, with your consent, such as disability information or religious data for purposes required by you, such as scheduling of meetings, travel arrangements, or access to Group premises.

What we do with your personal information

We use your personal information for the following key purposes:

  • to contact you: subject to applicable law, we and/or our third-party service providers may contact you and send you communications relating to your use of our services, website, or purchase of our products;
  • for marketing purposes: we rely on legitimate interests for marketing purposes (this is the interests of the Group and/or the business customer or, in limited circumstances and only where applicable, the interests of the individual data subject); this information is not shared with third-parties, other than HFOs, and you may unsubscribe from communications from us at any time via email or through our website;
  • for legal purposes: we may use and share personal information for legal purposes, including financial, regulatory, tax, and other legal obligations, and to respond to governmental or regulatory requests or subpoenas, or for litigation purposes;
  • for contractual purposes (including taking pre-contractual steps): we will use your personal information to perform our contractual requirements and obligations, and to take any required pre-contractual steps;
  • for our legitimate interests and those of a third party[1]: we may use your personal information to manage our legal, regulatory, financial, and business requirements, including obtaining legal advice, in the course of disputes and litigation, internal and/or regulatory investigations, and other reasonable business interests;
  • for our business purposes: we may use your personal information to help us manage the lawful requirements of our business;
  • for other purposes: subject to applicable law, we may use your personal information for additional purposes in connection with the website or our organization, where you have provided your prior consent, or where another lawful basis for using your personal information applies.

 

All the personal information we collect from you or which is generated by you is used to provide the services you have requested, or for communications to which you have subscribed, or otherwise as described in this Privacy Notice. The Group will safeguard the privacy and security of your personal information as required under Data Privacy Laws.  

Processing in the US

Some of your personal information is processed by us in the USA. By using our services, purchasing our products, and providing your personal information to us via the website or directly, you expressly acknowledge and agree to the transfer of some of your personal information to the USA, which may have a lower standard of data privacy laws than in your country of residence. Our security measures are described below in this Privacy Notice.

Sharing your personal information with third parties

We do not allow any third parties to have access to your personal information, except as required or permitted by applicable laws, or in accordance with this Privacy Notice. We may disclose your personal information to our subcontractors, agents, or payment service providers (who may be located in the USA or other countries that do not have stringent data privacy laws equivalent to the standards of the GDPR) with whom we contract to assist us in providing the products or services. We require such subcontractors or agents to agree in writing to comply with the privacy and security standards described in this Privacy Notice. We have safeguards in place to protect your personal information agreed with our business customers.

There may be instances when we disclose your personal information to other recipients:

  • to comply with the law or respond to compulsory legal process (such as a search warrant or court order) or a request for information from a regulator, or otherwise for legal purposes;
  • to verify or enforce compliance with the policies governing the services;
  • to fulfill contractual requirements, or for legitimate interests of the Group or a third-party (including HFOs); or
  • to protect the rights, property, or safety of the Company, or any of our respective affiliates, business partners, or customers, or otherwise in the legitimate business interests of the Company and/or our affiliates, and in accordance with Data Privacy Laws.

We may share your personal information with other entities in connection with the sale, assignment, merger, or other transfer of all or a portion of the Group’s business to that other entity.

In any instance where we need to share your personal information with third parties, such as legal or financial advisors, including auditors, distributors, vendors, suppliers, and other third parties, we will restrict the nature and categories of personal information to that which is required to comply with our contractual obligations to you, or our legal and/or regulatory requirements. We may de-identify your personal information to protect your privacy where appropriate to do so.

How we protect your personal information

The Group understands that storing data in a secure manner is essential. The Group stores personal information and other data using reasonable physical, technical, and administrative safeguards to secure data against foreseeable risks, such as unauthorized use, access, disclosure, destruction, or modification. Although we make good-faith efforts to store the information we collect in a secure operating environment that is not available to the public, we cannot guarantee complete security. Further, while we work to ensure the integrity and security of our network and systems, we cannot guarantee that our security measures will prevent third-party “hackers” from illegally obtaining this information.

How long we keep it

We retain your personal data relating to the use of our products and services for the duration of the customer relationship, and for seven years after the customer account is closed, for legal, regulatory, audit, and tax requirements, subject to our legal requirements to keep your personal information for a longer period. After this period has expired, the personal information relating to your account and your use of the services will be deleted. Any personal information you have provided to us for marketing purposes will be kept for these purposes until you notify us that you no longer wish to receive these communications.

European Data Privacy Information

The Group companies are the data controllers under the Data Privacy Laws. This European Data Privacy Information section applies to residents in the European Economic Area, Switzerland, and the UK who purchase our products and/or use our services, or who otherwise are resident in these territories, and whose personal information is used by the Group for commercial purposes, and also to other customers or prospective customers of our European affiliates.

Under the GDPR, you have some rights to make requests, which are all subject to exemptions and qualifications under the Data Privacy Laws. You have the right to ensure your personal information is accurate; we request that you let us know if your personal information changes. You have the right to request that we delete your personal information (although we may still need to retain your personal information as described above in this Privacy Notice for contractual and/or legal purposes). You have the right to request that we restrict the processing of your personal information (although we will still need to process your personal data during the duration of the contract and beyond for legal purposes). You have the right to access a copy of your personal information (this is limited to information that is your personal information only, not to the underlying document or remaining information, and subject to the exemptions and qualifications under the Data Privacy Laws). You may also object to the use of your personal information where we rely on legitimate interests in certain circumstances (we may still be able to process your personal information if we have compelling grounds to do so). If you wish to raise a complaint about how we have handled your personal information, you can contact us, and we will investigate the matter and respond to you promptly. If you are not satisfied with our response, or if you prefer not to engage with us first, you can complain to any applicable data privacy authority in your country of residence. The Belgian supervisory authority is the Data Protection Authority.

The transfer of personal data from the UK/EEA to the Group entities outside the EEA is governed by data transfer agreements, which are in the form of the standard contractual clauses approved by the European Commission (http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32004D0915).

California Data Privacy Information

California law permits users of our products and/or services who are California residents to request certain information regarding the categories of personal information, and the identity of third parties with whom we have shared that personal information for their own direct marketing purposes during the past calendar year, to the extent that it occurs. To make a request, California residents should send an e-mail to [email protected] ,or write to us at: 2800 Sturgis Rd., Oxnard, CA 93030, USA; Attn: Privacy Office.

In addition, if you are a California resident, you also have the right to access, or request that we delete, any personal information we have collected about you, and to inquire about our collection, sale, and disclosure of your personal information by calling us at +1-833-979-0006, or visiting our Data Request Form

Your exercise of these rights will have no adverse effect on the price and quality of goods and services provided to you.   

Further information

If you have any questions about this Privacy Notice, or about the Group’s handling of your information, please contact the Privacy Officer by email at: [email protected]

 

 

 

[1] The UK’s supervisory authority has provided the following guidance on the concept of legitimate interests: a wide range of interests may be legitimate interests. They can be a controller’s own interests or the interests of third-parties, and commercial interests as well as wider societal benefits. They may be compelling or trivial, but trivial interests may be more easily overridden in the balancing test. The GDPR specifically mentions use of client or employee data, marketing, fraud prevention, intra-group transfers, or IT security as potential legitimate interests, but this is not an exhaustive list. It also says that a controller has a legitimate interest in disclosing information about possible criminal acts or security threats to the authorities.