OBJECTIVE AND SCOPE
This Policy is issued by E Ink Holdings Inc., with its address at No.3, Lixing 1st Rd, Hsinchu Science Park, Hsinchu 300, Taiwan, ("E Ink", "we", "our", or "us"). E Ink is committed to protecting the privacy and personal data of individuals and strives to maintain the security of such data. Unless otherwise noted, this Policy applies to:
(1) employees of our customers, suppliers, and contractors;
(2) users of our products or services;
(3) visitors to our website;
(4) visitors to or our offices or sites; and
(5) job applicants.
hereinafter referred to as "you".
Certain sections of this Policy only apply to the Processing of personal data of residents of the European Union (“EU”) or where applicable EU or EU Member State data protection laws so provide or to residents of the State of California as indicated below.
RESPONSIBILITY, DATA CONTROLLER, AND E INK WEBSITES
Please read the information below to learn more about our data collection policies and practices.
TYPES OF PERSONAL DATA AND SENSITIVE PERSONAL DATA THAT WE PROCESS
Personal Data (also called personal information) is information that identifies, relates to, describes, is reasonably capable of being associated with, or could be reasonably linked, directly or indirectly, with you (the “data subject”) or, in some instances and in accordance with applicable law, your household. “Sensitive Personal Data” (also called sensitive personal information) is a subset of Personal Data. Sensitive Personal Data is information that reveals your government identification number; account log-in; financial account; debit or credit card number in combination with any required security access code, password or credentials allowing access to the account; geolocation data; biometric information; and other personal information concerning your health, sex life, or sexual orientation. We do not seek to collect or Process your Sensitive Personal Data unless it is necessary for a legitimate business purpose as described below.
You may provide us with Personal Data or Sensitive Personal Data in several ways, including, for example, when you use the Site or apply for employment with us, or if you contact us and disclose Personal Data.
We may collect Personal Data and Sensitive Personal Data in multiple ways, including in person, in writing, over the phone or email, online through the Site or social media, etc. We collect and Process Personal Data solely for business purposes.
The following are the types of Personal Data we process :
Information You Provide Us / Identifiers
We may ask you to provide us with certain information, including identifying information (such as your name, mailing address, email address, phone number, or zip code, and company name), unique identifiers (such as your user ID and password), demographic information, products you may be interested in or similar information you may disclose to us from time-to-time.
Site Usage Information; Internet or Other Network Activity
We receive and store certain types of data whenever you visit the Site. For example, we collect clickstream data, your IP address and information about your device, operating system, browser type, browser settings, language settings, dates and times of connecting to the Site, username, password, security login details and usage data.
We keep track of what emails we send you and what emails you may be receiving from us and our subsidiaries and affiliates. Additionally, we keep a record of what types of emails you have opted to and not to receive.
Transaction data is collected when you purchase a product or service from us and includes order form information, the goods or services that you order, general contact and shipping information as well as bank account details and other payment information necessary to carry out online/offline credit card transactions or payments using third-party payment systems.
Biometric information is collected when you visit an E Ink or E Ink affiliate facility and includes images and videos of the face and body and voice recordings.
Professional or Employment Related Information; Non-Public Education Information
Professional, employment, and non-public education information is collected when you apply for a job with E Ink and includes your former employers and job positions, alma maters, and educational records.
Sensitive Personal Data
In some instances, and only when required for a legal basis described below, we may need to collect the following Sensitive Personal Information: government identifiers (social security number, driver’s license, state or government identification card, passport number); racial or ethnic origin; health information; religious or philosophical beliefs; and *financial information.
SOURCES OF PERSONAL DATA
We collect information about or related to you from various sources :
Personal Data provided by you to E Ink
You may disclose Personal Data to us when you contact us via e-mail or telephone, or provide your Personal Data as part of an application for employment at E Ink. When using our Site, you may provide personal data when completing a registration form or completing a transaction.
Personal Data obtained as part of a business relationship or proposed business relationship
We may obtain your Personal Data directly from you when you collaborate with us as part of a business relationship or proposed business relationship such as research projects, in an advisory/consultancy capacity, or providing goods or services to E Ink.
Site data, Contests, and Sweepstakes; Newsletters and other Emails
We may obtain your Personal Data from your registrations or browsing of the Site. We may provide contests and sweepstakes through the Site or in person that require registration and the use of your Personal Data to contact you for winner notification, prize delivery confirmation or other related purposes. From time-to-time, we may request Personal Data from you via surveys or voting polls. Participation is voluntary and you will have the opportunity to decide whether or not to disclose information. At times, you may have to register to vote or to take part in a survey. We may offer free newsletters to share information with you about the Site, about us and our affiliates and subsidiaries, or about our business partners and advertisers and sponsors. You may receive a newsletter either by registering for a particular newsletter or in conjunction with a special feature or membership for which you have registered on the Site. You may cancel your free email subscription by following the instructions provided on the Site or, in some instances, in the designated area of certain newsletters or emails.
Cookies and other tracking technologies
If you order any information from our Site, buy any of our products or subscribe for any of the services offered on our Site, we ask you to complete an order form that will request certain information from you, including general contact and shipping information. We use this information to complete the transaction that you have requested, i.e., to deliver the information, products or other services that you order. This information is collected and stored through encrypted means for your protection.
Social Media Information
We may receive Personal Data that you post or otherwise make directly available on independent social media sites and networks, including but not limited to Facebook, Twitter, YouTube, Pinterest, Weibo, and LinkedIn, where E Ink may have an official E Ink presence.
Information from Our Service Providers
We may receive information about you from our service providers, namely software and marketing service providers that help us manage our email communication with you or, in certain circumstances, such as when required for an employment application and with all required prior notice, from credit reporting agencies or law enforcement officials.
Information from Our Marketing Partners
We may receive information about you from our marketing partners that help us manage our email communication with you.
WHAT WE USE THE PERSONAL DATA FOR AND LEGAL BASIS FOR PROCESSING YOUR PERSONAL DATA
We process your personal data on the various legal bases of i) your consent or explicit consent, as the case may be, ii) fulfilling a contract with you, iii) meeting our legal statutory obligations, iv) legitimate interests as outlined below, v) in order to protect the vital interests of you or other individuals, or vi) for the establishment, exercise or defense of a legal claim.
E Ink processes your personal data for the following purposes, namely:
Confirming or fulfilling an order you have made
Shipping the good to you or providing the service.
Managing our relationship with you
Establishing and verifying the identity and eligibility of users.
Providing company updates, and support.
Opening, maintaining, administering, managing, and servicing user profiles, accounts, and memberships.
Processing and responding to inquiries.
Operating and communicating with you about or through our official E Ink forums, and official social media accounts.
Managing the Site
Managing or modifying any content that you choose to post or otherwise provide to us, whether through the Site, official E Ink forums, and official social media accounts, or other official E Ink means of interacting with us.
Ensuring that the Site is operating properly.
Improving Products and Services
Analyzing our products and services.
Performing market research.
Performing data analytics.
Improving our products (related to electrophoretic displays and associated technology) and our Site (including developing new products and services) based on aggregate data.
As part of a merger, acquisition, bankruptcy, transfer, sale, corporate change, or any other transaction involving all or a portion of E Ink’s assets.
Direct Marketing and Events
Conducting special events, sweepstakes, surveys, programs, contests.
Announcing/promoting the prizes that we award.
Providing other offers (and communicating with you about this) of our products or services (related to electrophoretic displays and associated technology and our Site), our affiliates’ or business partners’ products and services.
Personalizing the content of our offers to your preferences and interests.
Warranty, Product Repairs and Product Liability
Addressing any warranty and guarantee questions and claims.
Tracking any quality and service issues.
Defending and protecting our interests or those of our affiliates and subsidiaries or business partners or other individuals such as our employees in case of a dispute or legal claim.
Network and Information Security; Technical Support
Ensuring network and information security.
Providing technical support for the Site.
Maintaining the security and integrity of the Site and our systems.
Detecting and preventing security and other incidents related to this Site.
Maintaining internal records about relevant incidents and other security related information.
Regulatory Requirements, Security, and other Legal Obligations
Conforming to legal requirements and industry standards, complying with legal process, detecting and preventing fraud and misuse, defending our legal rights, and protecting others.
Maintenance of our physical and electronic security measures in our facilities or those of our affiliates.
Obtaining your feedback on our products or services
Obtaining your views on the Site, our products, or our services.
Recruitment and job applications
Recruitment and interview activities and hiring, offer, and acceptance records.
NO SALES; WITH WHOM WE SHARE THE PERSONAL DATA
We employ other businesses, certain services and individuals to perform functions on our behalf. Examples include webhosting, fulfilling orders, sending e-mail, removing repetitive information from customer lists, Site analysis, auditing, accounting, analyzing data, providing marketing assistance, and providing customer service. These entities have access to personal data needed to perform their functions, but may not use it for their own or other purposes.
Subsidiaries and Affiliate
We may share your information (including, without limitation, Personal Data) with our subsidiaries and affiliates. If you do not want us to share your information with our subsidiaries and affiliates, you may tell us by sending an email to firstname.lastname@example.org with your request (please write "Affiliates" in the subject line of your email).
Parties to a Transaction
In the event that all or substantially all of our assets are sold or transferred to another party, or another transaction occurs in which your Personal Data is one of the business assets transferred, all Personal Data that has been collected and saved may be one of the business assets we transfer in accordance with applicable laws.
Participants in Legal Process
In the event we are required to respond to subpoenas, court orders or other legal process or to defend our property, rights or the safety of our employees or others, your Personal Data may be disclosed pursuant to such subpoena, court orderor legal process, including to other parties of the proceedings, adverse parties, external counsel, tribunals and courts, which may be without notice to you.
We may share on social media or otherwise publicly announce prize winners.
Your Appointed Representatives
When appropriate and with your consent.
If we engage a third-party Processor to Process your Personal Data, the Processor will be subject to binding contractual obligations to (1) only Process the Personal Data in accordance with prior written instructions; and (2) use measures to protect the confidentiality and security of the Personal Data; together with any additional requirements under applicable law.
Our operations, including our operating subsidiaries and affiliates as described above, are located in countries such as China, Taiwan, South Korea, Japan and the U.S. It is important to note that some of the third parties with whom we share Personal Data are located countries which have not been officially recognized by the EU as providing an adequate level of data protection and which may not provide the same protection as your country of residence.
If the recipients of Personal Data are not located in a country which has been officially recognized as adequate under EU data protection law, we rely on safeguards to protect your Personal Data such as the EU Standard Contractual Clauses, Binding Corporate Rules, approved Codes of Conduct and Certifications or in exceptional circumstances on permissible statutory derogations.
In order to avoid information leakage and protect intellectual property rights, it is recommended that you avoid disclosing your sensitive Personal Data, or other confidential information.
CROSS-BORDER TRANSFER OF PERSONAL DATA
Due to the international nature of our business, we may transfer your Personal Data within the E Ink group of companies, including Taiwan, the United States, Japan, South Korea, or other places where E Ink has business operations and to third parties as specified in Section 7 above, in connection with the purposes set out in this Policy. For this reason, we transfer Personal Data to the other countries that may have different laws and data protection compliance requirements to those that apply in the country in which you are located.
PROTECTION OF MINORS
Our services and products are aimed at adults who meet the legal requirements, not minors. If you are a minor under the laws of your country, you can only use our services or products under the supervision of a parent or guardian. E Ink does not knowingly collect Personal Data from children under the age of 16. If E Ink discovers that it has inadvertently collected Personal Data from children under the age of 16, E Ink will delete such information as required by applicable law.
The Site is not directed at, and is not intended for minors and children under the age of 16 or otherwise defined by applicable law.
We will use a reasonable standard of care to store and protect your Personal Data. We employ a number of technical, organizational, and physical safeguards designed to protect the Personal Data we collect from accidental or unlawful destruction, loss, alteration, unauthorized disclosure, unauthorized access, and other unlawful or unauthorized forms of Processing, in accordance with applicable law.
However, due to the public nature of the Internet, the transmission of information via the internet is not completely secure. Although we will implement all reasonable measures to protect your Personal Data, we cannot guarantee the security of your data transmitted to us using the internet. You bear the possible risks of this transmission process. We suggest that you confirm that there is no security problem in the process of transmitting your Personal Data to E Ink.
We endeavor to take reasonable steps to ensure that the Personal Data Processed by E Ink is accurate and correct. To ensure the accuracy of your Personal Data, we may ask you to confirm the accuracy of your Personal Data.
THE PRINCIPLE OF MINIMIZING THE PROCESSING OF PERSONAL DATA
We take all reasonable steps to limit the volume of Personal Data that we Process to what is necessary.
LENGTH OF TIME WE KEEP YOU RPERSONAL DATA
Please contact us using the contact details listed below, if you would like to know more about the criteria we use to determine the relevant retention periods.
COOKIES AND OTHER SIMMILAR TECHNOLOGIES
YOUR CALIFORNIA PRIVACY RIGHTS
If you reside in the State of California, various California privacy laws afford you particular rights. Under California Civil Code Section 1798.83, the “Shine the Light” law, users of thi Site that are California residents may request certain information regarding the types of information shared by us with other companies for those companies’ direct marketing purposes. If you are a California resident, you can make a request for the information described above by emailing email@example.com or by mail sent to the address below.
PERSONAL INFORMATION RIGHTS UNDER THE CALIFORNIA CONSUMER PRIVACY ACT
The California Consumer Protection Act (“CCPA”) and California Privacy Rights Act (“CPRA”), provide Consumers (defined below) with specific rights regarding their personal information. This subsection describes your CCPA/CPRA rights and explains how to exercise those rights. This subsection only applies to solely to all visitors, users, and others who reside in the State of California (“Consumers”). This subsection does not apply to E Ink employees or employment candidates whose information is collected by E Ink for employment purposes.
Consumers have the following rights under the CCPA and CPRA:
Access and Portability
Correction and Deletion
You may request that we correct inaccurate personal information maintained by us. You may request that we erase (delete) your personal information, subject to certain exceptions. Once we receive and confirm a verifiable request we will, as applicable correct the erroneous personal information or delete (and direct our service providers to delete) your personal information from our records unless we must keep the data in order to: complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you; detectsecurity incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities; debug products to identify and repair errors that impair existing intended functionality; exercise free speech, ensure the right of another to exercise their free speech rights, or exerciseanother right provided for by law; comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. Seq.); engage in public or peer-reviewed scientific, historical, or statistical research in the public interest thatadheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent; enable solely internal uses that are reasonably aligned with Consumer expectations based on their relationship with us; comply with a legal obligation; or make other internal and lawful uses of that information that are compatible with the context in which you provide it.
Personal Information Sales Opt-Out and Opt-In Rights; No Sale
Additionally, we do not intend to market to any individual under the age of 18, and we expressly prohibit anyone under the age of 16 from disclosing or submitting any personal information to us throughout the Site or other means. Therefore, we do not sell any information of any individual under the age of 18.
Right of Non- Discrimination
We will not discriminate against you for exercising any of your CCPA/CPRA rights. Unless permitted by the CCPA/CPRA, we will not:
Deny you goods or services;；
Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties;
Provide you a different level or quality of goods or services; or
Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
Limited Disclosure of Sensitive Personal Information
You have the right to limit how your Sensitive Personal Information is disclosed or shared with third parties, as defined in the CCPA and CPRA.
PERSONAL DATA RIGHTS UNDER EUROPEAN UNION DATA PROTECTION LAW
If you reside in the European Union (EU), EU data protection law, in particular the General Data Protection Regulation (GDPR), affords you particular rights. Under the conditions and subject to the exceptions set by EU data protection law, you may exercise the following rights:
You have the right to obtain from us confirmation as to whether or not your Personal Data are being Processed, relevant information about such Processing as provided by applicable EU data protection law, and a copy of the Personal Data undergoing Processing.
You have the right to obtain from us the rectification of inaccurate Personal Data concerning you and to have incomplete Personal Data completed.
You have the right to object to the Processing of your Personal Data on grounds relating to your particular situation.
You can also object at any time to the Processing of your Personal Data for marketing purposes. (Please note that even if you object to our use of Personal Data for direct marketing purposes, we will still send you transactional messages in relation to goods or services that you have purchased from us. These include responses to your questions and information about a good or service you have purchased from us.)
You have the right to receive the Personal Data concerning you which you have provided to the controller in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller.
You may request to restrict Processing of your Personal Data.
Erasure; Right to be Forgotten
You may request to erase (delete) your Personal Data.
Right to lodge a compliant
You have the right to lodge a complaint with a supervisory authority, in particular the EU Member State of your residence, place of employment, or the location where the issues that is the subject of the complaint occurred.
Right to refuse or withdraw consent
You are free to refuse to give consent and you can withdraw (with effect for the future) your previously provided consent to the Processing at any time without any adverse consequences. The lawfulness of any Processing of your Personal Data that occurred prior to the withdrawal of your consent will not be affected.
EXERCISING YOUR RIGHTS
E INK HOLDINGS INC.
No.3 Lixing 1st Rd. Hsinchu Science Park Hsinchu 300 Taiwan
E INK CORPORATION
1000 Technology Park Drive Billerica, MA 01821 USA For the E Ink blog and social media sites (other than Weibo and WeChat)
JOHNSON LEE CHIEF PRIVACY OFFICER ( ONLY FOR SOUTH KOREA )
E Ink Holdings Inc. No.3 Lixing 1st Rd. Hsinchu Science Park Hsinchu 300 Taiwan
means the natural or legal person, public authority, agency or any other body which alone or jointly with others determines the purposes and means of the processing of personal data; where the purposes and means of processing are determined by the relevant regulations and laws of that jurisdiction;
is an identified or identifiable natural person; an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural, or social identity;
has the meaning ascribed to it in Section 4;
means any operation or set of operations performed upon personal data, whether or not by automatic means, such as collection, recording, organization, storage, adaptation, or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, blocking, erasure, or destruction;
shall mean a natural or legal person, public authority, agency, or any other body which processes personal data on behalf of the data controller.
“Sensitive Personal Data”
has the meaning ascribed to it in Section 4.