Additional Information for European Union Users
Controller and Data Protection Officer
PLEXSYS Interface Products, Inc., whose mailing address is 4900 NW Camas Meadows Drive, Camas, WA 98607 USA, is the controller of your personal information for purposes of European data protection legislation. Our Data Protection Officer can be reached at email@example.com.
Legal Bases for Processing
We only use your personal information as permitted by law. We are required to inform you of the legal bases of our processing of your personal information, which are described below. If you have questions about the legal basis of how we process your personal information, contact us at firstname.lastname@example.org.
- We may use or process your data to provide the goods or services you request.
- We may use or process your data to communicate with you.
- We may use or process your data for compliance, fraud protection, and safety purposes.
- We may use or process your data to comply with our legal obligations.
- We may use or process your data for other purposes with your consent. Where use is based on your consent, you may withdraw it at any time by contacting us at email@example.com.
We assert that the aabove-described activities constitute our legitimate interests. We seek to consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal information for our legitimate interests. We do not use your personal information for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
Use for New Purposes
We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.
By law and for tax purposes, we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Information) for up to six years after they cease being customers.
In some circumstances, we may anonymize your personal information (so that it can no longer be associated with you) in which case we may use this information indefinitely without further notice to you.
European data protection laws give you certain rights regarding your personal information. You may ask us to take the following actions in relation to your personal information that we hold:
- Opt-out – Stop sending you direct marketing communications. You may continue to receive Service-related and other non-marketing emails.
- Access – Provide you with information about our processing of your personal information and give you access to your personal information.
- Correct – Update or correct inaccuracies in your personal information.
- Delete – Delete your personal information.
- Transfer – Transfer a machine-readable copy of your personal information to you or a third party of your choice.
- Restrict – Restrict the processing of your personal information.
- Object – Object to our reliance on our legitimate interests as the basis of our processing of your personal information that impacts your rights.
You can submit the above requests by email to firstname.lastname@example.org or our postal address provided above. We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions. If you would like to submit a complaint about our use of your personal information or response to your requests regarding your personal information, you may contact us at email@example.com or submit a complaint to the data protection regulator in your jurisdiction. You can find your data protection regulator here: http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm.
Cross-Border Data Transfer
Whenever we transfer your personal information out of the EEA to countries not deemed by the European Commission to provide an adequate level of personal information protection, the transfer will be based on one of the following safeguards recognized by the European Commission as providing adequate protection for personal information, where required by EU data protection legislation:
Contracts approved by the European Commission which impose data protection obligations on the parties to the transfer. For further details, see European Commission Model contracts for the transfer of personal information to third countries.
For transfers to third parties in the United States, ensuring they participate in the E.U.-U.S. Privacy Shield Framework. Please Contact us if you want further information on the specific mechanism used by us when transferring your personal information out of the EEA.
The above EEA privacy addendum is subject to modification by us at any time with or without advance notice. The terms of our most recent EEA privacy addendum will be posted at this web site and shall control.