II-VI INCORPORATED GLOBAL PRIVACY NOTICE
II-VI Incorporated and its subsidiaries (collectively, “II-VI”, “Company”, “we”, “us”, “ours”, “II-VI Group Entities”) are committed to protecting the privacy of those who visit our website, including the websites of our subsidiaries that have a hyper link to this II-VI Incorporated Global Privacy Notice (“Privacy Notice” or “Notice”). We have prepared this Privacy Notice to describe to you our practices regarding our collection and use of your Personal Data (as defined below). This Privacy Notice provides information about the types of information we collect from those interested in obtaining our products and services and who visit our website and what we may do with that information.
This website is operated by II-VI Incorporated, registered at World Headquarters, 375 Saxonburg Blvd., Saxonburg, Pennsylvania 16056-9499 (“II-VI Incorporated”). Some of our subsidiaries also operate public websites, and in this Notice, any reference to “website” or “websites” generally means the II-VI Incorporated website and the websites of our subsidiaries linked through the II-VI Incorporated website. Please see the list of the subsidiaries with websites by clicking http://www.ii-vi.com/contact/.
In this Notice, we outline and describe the following with respect to the Personal Data that we collect:
- What information we collect and its sources
- How we use your information
- With whom we share your information
- We disclose your information internationally
- How long we keep your information
- Your rights under the law
- The security of your information
You will note that throughout this Notice we use words that are capitalized. These are special terms that are defined. Those definitions are set forth at the end of this Notice in Section IX.
I. What information we collect and its sources
A. Information you provide:
If you create a login account on any of our websites that offers this option, the personal information that you provide includes your name, physical business address (including zip code), email address, phone number and e-mail content, if any is provided.
We also collect your Personal Data when you send us a text message (SMS message) or call us on our service number. This includes information, such as your name and contact information, your phone number as well as the content of your message.
We also collect other information about you that you choose to submit in the web-form on our website or when you subscribe to our newsletter, namely your contact information, including name, email address and phone number.
We also collect information about you in connection with a purchase you make of products or services from us. This includes your name, address, transaction data, including your transactions/purchases, your credit card number, CSC code and expiration date, when you purchase a product or service from us; and your feedback regarding your purchase and the products or services that you purchased from us, if any is provided.
B. Information collected automatically:
Whether or not you create an account with us, certain information that identifies you may be passively collected and stored on our or our service providers’ server logs, including your Internet Protocol (“IP”) address, browser type, operating system and information regarding what website pages you accessed and when, date and time of your visit to our website, and the information for which you searched and which you viewed.
C. Information collected from II-VI Group Entities:
II-VI Incorporated collects Personal Data from other II-VI Group Entities. This includes, for example, name, physical business address (including zip code), email address, phone number, purchase and sales information for our products or services, as well as feedback, if any is provided. Additionally, the II-VI Group Entities may share Personal Data among themselves for the purposes defined in Section III below.
D. Information collected from third parties:
We may also collect information about you from any social network or other platform (such as from Facebook, Twitter, LinkedIn or other third party social network sites) that you may have connected from, such as your login information and your user name, personal profiles, and the actual social media networks you used.
In addition to the information that we collect as described above, we also collect information about you from our third-party integrators and vendors. Personal Data that we collect through these channels includes for example, IP address, access times, browser type and language, device type, device identifiers and Wi-Fi information.
II. How we use your information
We may process your Personal Data on the various legal bases of i) your consent or explicit consent, as the case may be, ii) fulfilling a contract with you, iii) meeting our legal or statutory obligations, iv) legitimate interests as outlined below, v) in order to protect the vital interests of you or other individuals, or vi) for the establishment, exercise or defense of a legal claim.
We Process Personal Data for the following purposes:
- process information in connection with any questions or comments that you submitted to us on a web-form on our website;
- carry out our obligations arising from any contracts entered into by us with you, in particular in connection with a purchase you make of products or services from us;
- notify you of changes to our products and services;
- seek your views or comments on the products or services we provide and send you communications by post, e-mail or SMS which you have requested or that may be of interest to you, including newsletters, or promotions of our products or services or events;
- measure the adequate performance of our interactions with you;
- obtain or maintain insurance coverage, manage risks or obtain professional advice and defend our rights and establish, exercise and defend our legal claims;
- facilitate your use of your web account on the website; or
- provide, create and maintain a trusted and safe environment and comply with our legal obligations.
III. With whom we share your information
A. Within the II-VI Group Entities
The II-VI Group Entity responsible for its website shares Personal Data about you within the II-VI Group Entities depending on the purpose of Processing, for all the purposes described above in Section III. A list of all II-VI Group Entities is available at http://www.ii-vi.com/contact/.
Note – if you have specially documented agreements (such as nondisclosure agreements) with II-VI Incorporated or any of its subsidiaries that expressly restrict the sharing of your information within the II-VI Group Entities (whether Personal Data or business data), those agreements take precedence, and your information will not be shared except as otherwise provided in any such special agreement.
B. Third Party Processors
We use third party Processors (including contractors and service providers) to provide web services and to help with our operations on our behalf. These Processors need access to and use your Personal Data. Additionally, we use a third party to provide technical support, to receive additional Personal Data about you, and to perform analytics and other work that we may need to outsource. These Processors are bound by law and/or contract to protect the confidentiality and security of Personal Data. They only Process your Personal Data to provide requested services and only act on our documented instructions.
We also share your Personal Data with other companies, vendors and business partners that perform certain functions for us. These companies are themselves responsible to determine the purposes and/or means of the Processing and for the lawfulness of the Processing. They include insurance companies, online gateway payment providers, including credit card companies and banks.
C. Third Party websites:
D. De-identified information about you:
We also share aggregated or de-identified information (i.e., information that does not personally identify you directly), or statistical information about you, including statistical data and historical use data, with others for a variety of purposes, including for their own uses, for example, for improving their services for you and others.
E. As required by law or legitimate business interest:
In addition, we disclose your Personal Data to our insurers and/or professional advisers where such disclosure is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person insofar as reasonably necessary for these purposes, whether in court proceedings or in an administrative or out-of-court procedure. Also, we share your Personal Data in connection with a business transaction, to buyers, their lawyers or professional advisors, where needed to affect the sale or transfer of business assets (such as a merger or acquisition), but only under strict non-disclosure provisions that are at least as restrictive as those of II-VI. We also disclose your Personal Data to the same recipients to defend or enforce our rights and protect our property, assets or safety of others.
IV. We disclose your information internationally
Due to the global nature of our operations, some of the II-VI Group Entities that are recipients of your Personal Data, as described above, may be located in countries outside the EEA which do not provide an adequate level of Data protection. International transfers will be to countries where II-VI Group Entities have offices, namely the United States of America, China, Philippines, Japan, South Korea, Taiwan, Singapore, and Vietnam. The transfer of your Personal Data outside the EEA takes place on the basis of our data transfer agreement(s), which is based on the standard contractual clauses adopted by the European Commission.
B. Third Parties:
Some of the third parties with whom we share Personal Data are also located outside of the EEA. Certain third countries have been officially recognized by the European Commission as providing an adequate level of protection. (See here). Transfers to third parties located in other third countries outside the EEA take place using an acceptable Data transfer mechanism, such as the EU- U.S. Privacy Shield for transfers to self-certified US organizations (see here), the EU Standard Contractual Clauses (see here), Binding Corporate Rules (see here), approved Codes of Conduct and Certifications or in exceptional circumstances on the basis of permissible statutory derogations.
Please contact the II-VI GDPR Coordinator at the address or phone number listed below, in Section VIII, if you want to receive further information or, where available, a summary copy of the relevant Data transfer mechanism.
V. How long we keep your information
We retain your Personal Data collected as long as reasonably necessary to fulfill the purposes for which we collected it, as outlined in Section II above, to comply with our legal obligations, or for the establishment, exercise or defense of a legal claim. For more information on how long your Personal Data is stored, please contact the II-VI GDPR Coordinator (for contact details, see Section VIII).
VI. Your rights under the law
A. For United States Residents and others not living in the EEA:
You have the rights provided under the laws applicable to where you live. Additionally, you can ask us questions about the Personal Data that we have relating to you; ask us to correct any of that Personal Data, if it is wrong; and you can verify that with us; and, ask us to delete it from our systems. Further, our site allows you to choose to receive or stop receiving communications from us. To request removal from a II-VI mailing list, please contact the II-VI GDPR Coordinator and send a message with your request.
B. For Residents of the EEA or visitors of a website operated by a II-VI Group Entity located in the EEA
If you reside in the EEA or visit a website operated by a II-VI Group Entity located in the EEA or where it otherwise so provides, the GDPR applies. The GDPR provides certain rights for Data Subjects. Under the conditions set by the GDPR, you may exercise the following rights regarding your Personal Data (see also Section VIII on whom to contact to exercise those rights):
You have the right to obtain from us confirmation whether we Process your Personal Data, relevant information about such Processing as provided by the GDPR, and a copy of the Personal Data undergoing Processing.
You have the right to request us to correct inaccurate Personal Data and to have incomplete Personal Data completed.
You have the right to object to the Processing of your Personal Data on grounds relating to your particular situation. In addition, you have the right to object at any time where your Personal Data is Processed for direct marketing purposes.
You may request your Personal Data that you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit it to other Data Controllers without hindrance.
You may request to restrict Processing of your Personal Data.
You may request to have your Personal Data erased.
7. Right to lodge a complaint:
You also have the right to lodge a complaint with a supervisory authority, in particular in the EEA member state of your residence, place of employment, or the location where the issue that is the subject of the complaint occurred.
8. Right to refuse or withdraw consent:
Please note that in case we ask for your consent to certain Processing, you are free to refuse to give the consent and you can withdraw your consent at any time without any adverse negative consequences. The lawfulness of any Processing of your Personal Data that occurred prior to the withdrawal of your consent will not be affected.
VII. Security of your information
To help protect the privacy of your Personal Data collected by us, we maintain physical, technical and organizational measures. We update and test our security technology on an ongoing basis. We restrict access to your Personal Data to those II-VI employees who need to know that information to provide services to you. In addition, we train our employees about the importance of confidentiality and maintaining the privacy and security of your information. We commit to taking appropriate disciplinary measures to enforce our employees' privacy responsibilities.
VIII. Questions, concerns or complaints - Contact Details
If you have any questions about this Notice or wish to exercise any of your rights under Section VI above, please contact us as specified below. Be sure to include your name and clear instructions regarding any change to your Personal Data. The contact information for our II-VI GDPR Coordinator is:
By mail at:
5000 Ericsson Drive, Suite 300
Warrendale, PA 15086
Attn: II-VI GDPR Coordinator
By email at:
Words that are capitalized in this Notice have the following meanings:
“Controller” means any natural or legal person (including corporations, partnerships or other business entities) which, acting alone or jointly with others, determines the purposes and the means for Processing Personal Data.
“Data Subject” means you, or any natural person to whom any Personal Data relates.
“EU” means the European Union, and “EEA” means the European Economic Area, which includes the EU Member States, plus Iceland, Liechtenstein and Norway; for purposes of this Notice, any reference to the EEA will also include Switzerland, even though it is not a member of either the EU or the EEA.
“GDPR” means the General Data Protection Regulation, which is the EU regulation that governs the protection of the Personal Data and the free movement of that Data.
“Personal Data” or “Data” means any information relating to you, or any Data Subject who can be identified, directly or indirectly, by reference to identifiers such as a name, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
“Process” or “Processing” means any activity that involves the use of Personal Data. It includes obtaining, recording or holding the Data, or carrying out any operation or set of operations on it including organizing, amending, retrieving, using, disclosing, erasing or destroying it.
“Processor” means us or any other natural or legal person (including corporations, partnerships or other business entities) which, acting alone or jointly with others, Processes Personal Data for a Controller.
“Special Categories Personal Data” includes information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the Processing of genetic Data, biometric Data for the purpose of uniquely identifying a natural person, Data concerning health or Data concerning a natural person's sex life or sexual orientation. Personal Data as defined above includes Special Categories Personal Data.
X. Privacy of children
This website is not designed for, or directed to, children under the age of 18 and will not knowingly collect personally identifiable information from individuals in this age group.
XI. Changes and updates to the Privacy Notice
As our Company, membership and services may change from time to time, this Privacy Notice is expected to change as well but we will not reduce your rights. We will post an updated copy on our website.
Issued: May 25, 2018