CORPORATE PRIVAY STATEMENT
Effective Date: November 2020
HM Electronics, Inc. and each of its affiliates (collectively, "HME", "we", "us" or "our") respect your privacy and are committed to processing your personal data in accordance with the law. This Privacy Statement (hereinafter the "Statement" or "Privacy Statement") applies to all applications, websites and domains owned by HME linking to or posting this Statement, including www.hme.com; www.hme.com/qsr; www.jtech.com; www.clearcom.com; www.clearcom50.com; myclearcom.com; partners.clearcom.com; www.trilogycomms.com; www.cerepairs.com; www.hmedtcloud.com; customerservice.hme.com; customerservice.jtech.com; customerservice.cerepairs.com; and customerservice.clearcom.com ("Website" or "Websites").
This Privacy Statement describes how we use, store, disclose and process personal data that we obtain through or in connection with the use of our Websites, including through or in connection with purchases of our products and services, through or in connection with use of the HME Careers Portal, the Customer Portal, the HME Cloud, our drive-thru products and services including the Zoom® drive-thru system, the Clear-Com Partner/Consultant Portal, the Clear-Com Agent-IC® app, the JTECH HostConcepts® Portal and the JTECH SmartCall Messenger Tool, or when you otherwise contact us and/or we collect your personal data.
HME reserves the right to change, modify and update this Privacy Statement from time to time by posting a revised version on our Websites and by revising the "Effective Date" at the top of this Statement. If considered necessary, we will also notify you directly of any change. Therefore, we recommend you regularly consult this Statement to make sure that you are aware of any changes.
1.1. The term "personal data" as used in this Statement shall mean any information (including "personal information" as that term may be defined in applicable privacy law) that actually enables, or is capable of enabling us to identify you, directly or indirectly, by reference to an identifier such as your name, identification number, location data, online identifier or one or more factors specific to you.
1.2. For the purposes of the General Data Protection Regulation 2016/679 (the "GDPR") and other laws globally, the HME entity that is responsible for your personal data ("data controller") is the HME entity from which you have purchased products and/or services, or with which you have applied for a job or entered into communications, or which has otherwise collected your personal data. For further details on each HME data controller, please see below.
1.3. If you have questions about this Privacy Statement or the manner in which HME collects, uses or otherwise processes your personal data, please contact the Privacy Team at the relevant HME data controller using the contact details below:
HM Electronics, Inc.
By post: 2848 Whiptail Loop, Carlsbad, CA 92010, USA
By email: Privacy@hme.com
JTECH, an HME Company
By post: 1400 Northbrook Parkway, Suite 320, Suwanee, GA 30024, USA
By email: firstname.lastname@example.org
Clear-Com LLC ("Clear-Com")
By post: 1301 Marina Village Parkway, Suite 105, Alameda, California 94501, USA
By email: email@example.com
Trilogy Communications Limited
By post: 2000 Beach Drive, Cambridge Research Park, Cambridge CB25 9TP, United Kingdom
By email: trilogycomms.com/en/contact
Commercial Electronics, Inc.
By post: 3787 Rider Trail S., Earth City, MO 63045, USA
By email: Privacy@ceinstl.com
1.4. The Websites may, from time to time, contain links to and from the websites of our partner networks, advertisers, and other third parties. If you follow a link to any of these websites, please note that these websites may have their own privacy statements and that we do not accept any responsibility or liability for these statements. Please check these statements before you submit any personal data to these websites.
2. Careers with HME
2.1. HME's Careers Portal (accessible by following the 'careers' link on our applicable Websites) allows you to apply for positions with HME. Moreover, it offers you the opportunity, without application to a particular position, to submit the information that will allow HME to contact you if suitable openings arise in the future (provided you have given your consent to be contacted in such an event).
2.2. Registering for the Careers Portal requires you to submit specific personal data. You are under an obligation to provide only personal data which is accurate, complete and up to date at the time at which you submit it to the Careers Portal.
2.3. The open career opportunities published on our Websites do not constitute an offer or promise of employment and HME may eliminate, modify or change without notice any aspect(s) of the employment positions, compensation, and benefit plans described therein. Our Websites provide descriptions of possible positions within HME, and do not provide binding offers nor terms and conditions of employment. Any employment offer that may follow as a result of the identification of a potential opportunity by an applicant or submission of information to HME is in accordance with the specific terms of that offer.
2.4. Please note, by entering your eSignature and clicking "submit", you acknowledge and agree that your personal data will be processed in order to process your employment application in accordance with this Statement. If your application is unsuccessful, we will store your personal data for up to six (6) months in the Careers Portal following the conclusion of the unsuccessful application, in order to respond to any questions you might have about your application and in order to protect ourselves from legal claims. With your consent, we may retain your personal data for the purposes of identifying and contacting you about other suitable recruitment opportunities within HME globally for a further five (5) year period, unless you withdraw your consent or deactivate your profile, which you may do at any time. Deactivating your profile will withdraw all your applications from all the positions you have applied to within HME and will remove your profile from the Careers Portal. However, if you have applied for a position within HME, your personal data may be retained for a temporary period of time in an "inactive" status as required by applicable law and may not be deleted immediately. While you may request that we delete your personal data, we will not be able to process your job application as a result.
3. Categories of Personal Data HME Collects
3.1. We may collect and process the following categories of personal data:
Suppliers, vendors, customers, authorized users of our products and/or services, partners and Website visitors provide personal data to us in many ways, for example by filling in online feedback and contact forms, requesting information, purchasing HME products, subscribing to materials and newsletters, participating in surveys, signing up for the Customer Portal, the HME Cloud, our drive-thru products and services including the Zoom® drive-thru system, the Clear-Com Partner/Consultant Portal, the Clear-Com Agent-IC® and Station-IC™ apps, the JTECH HostConcepts® Portal or the JTECH SmartCall Messenger Tool. This includes personal data, such as:
If you sign up for the Careers Portal and apply for work with us, we may collect, store, and use the following categories of personal data that you have provided to us in your curriculum vitae, a covering letter, on an application form or during an interview, or that we have received from a recruitment agency or background check provider:
We also collect the following information indirectly from you when you access our Websites, use our interactive chat function, or otherwise correspond with us by post, phone, email or otherwise:
We may collect such internet or other similar network activity data using cookies and similar technologies. When you first access our Websites from certain jurisdictions, you will receive a message advising you that cookies and similar technologies are in use. By clicking "accept cookies", you signify that you understand and agree to the use of these technologies, as described in our Cookie Notice. For more information about our practices in this area for a particular Website, please see our Cookie Notice linked in the footer of such Website.
We may also allow select third parties to collect information about our Website visitors to provide us with better insights into the use of our Websites or user demographics or to provide relevant advertising to you. These third parties may collect information about a consumer's online activities over time and across different websites when he or she uses our Websites. Again, please see our Cookie Notice for further details.
4. How HME Uses Personal Data
4.1. We will only process your personal data in accordance with this Statement and the applicable law.
4.2. We will process personal data for the following purposes as is necessary for the performance of a contract between you and us or to answer questions or take steps at your request prior to entering into a contract, where you are a:
4.3. We will process personal data for the following purposes as necessary for certain legitimate interests, or where you have given your informed consent to such processing if required by applicable law (such consent can be withdrawn at any time), where you are a:
4.4. We will process personal data for the following purposes as is reasonably necessary for our legitimate business interests, provided such interests are not overridden by your interests or fundamental rights, where you are a:
4.5. We may process your personal data in order to protect your vital interests or the vital interests of another person, for example in order to lessen or prevent a serious threat to the life, health or safety of any individual, or to public health or safety.
5. Clear-Com Agent-IC® APP
5.1. Certain features of the Clear-Com Agent-IC® app can and do access data from the device on which it is hosted. Such data is not captured or stored by Clear-Com or the app, but such audio data is typically sent to another device through the app’s functionality. However, such audio data could be captured or stored by third party equipment to the extent such equipment is connected to the applicable audio ports. Audio data that is transmitted by the Clear-Com Agent-IC® app will be encrypted using AES-128 technology for added security. The Clear-Com Agent-IC® app collects technical data including operating system and platform, device type, and location. This information is used to measure user engagement and may be used to develop and improve the app but is not associated with other identifiers. While certain other features of the app may have access to other personal or sensitive user data from your device, neither Clear-Com nor the app collect, transmit, store or otherwise use such data.
6. Drive-thru products and services
6.1. We may from time to time offer products and services to our customers which enable them to, amongst other things:
6.2. These products and services may collect personal data relating to individuals which we may combine with technical performance data to provide analytics and other services to our customers. Our customers are responsible for ensuring that their use of these products and services, and their collection and processing of personal data, complies with all applicable privacy laws.
6.3. The above data is hosted in HME Cloud servers located in the United States. By accessing HME Cloud from outside the United States, you acknowledge that your personal data will be accessed by us and stored in the United States.
7. The Zoom® drive-thru system in HME Cloud
7.1. To provide the Zoom® drive-thru system in HME Cloud, we collect two main categories of data:
7.2. The above data is hosted in HME Cloud servers located in the United States. By accessing HME Cloud from outside the United States, you acknowledge that your personal data will be accessed by us and stored in the United States.
8. How Long HME Retains Personal Data
8.1. We will store your personal data, in a form that permits us to identify you, for no longer than is necessary for the purpose for which the personal data is processed. We store your personal data as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements and rights, or if it is not technically and reasonably feasible to remove it. Otherwise, we will seek to delete your personal data within a reasonable timeframe upon request.
8.2. If you choose a direct payment gateway to complete a purchase on the Websites, then PayPal Gateway stores your credit card data. Your purchase transaction data is stored in accordance with PayPal's retention practices.
9. Where HME stores personal data
9.1. We are headquartered in the United States. Your personal data will be accessed by us or transferred to us in the United States or to our affiliates, partners, or service providers who are located worldwide. By visiting our Websites from outside the United States, you acknowledge that your information may be transferred to, stored, and processed in the United States where our servers are located, and our central database is operated.
9.2. Where personal data is transferred from the European Economic Area or Switzerland to a country that has not received an adequacy decision by the European Commission, we rely on appropriate safeguards, such as the European Commission-approved Standard Contractual Clauses, as well as any supplementary measures that may be necessary, to transfer the data in compliance with applicable law.
10. How HME Shares Personal Data
10.1. We will not sell, hire out, disclose, transfer or pass on your personal data to third parties, except in the situations provided for in this Statement or unless you provide prior consent. We may share personal data in the following ways:
11. Your Rights as a Data Subject
11.1. General rights
11.2. European data subject rights
If you are a resident of the European Union, you may have the following rights in relation to your personal data:
Exercising your rights
To exercise the above-mentioned rights, or to raise a question, comment or complaint, send an email with an enclosed copy of the front side of your identity card, driving license or passport to the Privacy Team at the relevant HME data controller using the contact details above. We reserve the right to request the provision of additional information necessary to confirm the identity of the enquirer.
11.3. Privacy rights for residents of California only
Shine the Light Under California law, a California customer with whom HME has an established relationship has the right to request certain information with respect to the types of personal data that we have shared with third parties for direct marketing purposes and the identities of those third parties during the prior calendar year.
Exercising your rights
To exercise your Shine the Light rights, or to raise a question, comment or complaint, send an email with an enclosed copy of the front side of your identity card, driving license or passport to the Privacy Team at the relevant HME data controller using the contact details above. We reserve the right to request the provision of additional information necessary to confirm the identity of the enquirer.
11.4. California Consumer Privacy Act Rights
The California Consumer Privacy Act of 2018 ("CCPA") provides "consumers" (California residents) with specific rights regarding their "personal information." This section describes your CCPA rights and explains how to exercise those rights.
During the previous twelve (12) months, we have collected the categories of personal information listed in Section 3 of this Statement.
Sale of personal information
In the preceding twelve (12) months, HME has sold the following categories of personal information:
Your rights and choices
As of January 1, 2020, if you are a verified California resident, you have the right to obtain certain information about our collection and use of personal information over the past twelve (12) months, including:
You have the right to request that we do not sell personal information about you, and to request that we delete (and direct our service providers to delete) your personal information subject to certain exceptions.
Personal Information Sales Opt-Out and Opt-In Rights
If you are sixteen (16) years of age or older, you have the right to direct us to not sell your personal information at any time (the "right to opt-out"). We do not sell the personal information of individuals we actually know are less than sixteen (16) years of age. To exercise the right to opt-out, you (or your authorized representative) may submit a request to us by visiting the following page: Do Not Sell My Personal Information.
Once you make an opt-out request, we will wait at least twelve (12) months before asking you to reauthorize personal information sales.
Exercising your rights
You can exercise any of these rights by contacting us using the contact details set out above or you may submit a request to us by visiting the following page Website Request Page. You may also call us on the following toll-free telephone number: 800-978-3514. You may make a request up to twice within a twelve (12) month period.
We will ask you for information that allows us to reasonably verify your identity (that you are the person about whom we collected personal information) and we will use that information only for that purpose. We cannot respond to your request or provide you with personal information if we cannot verify your identity and confirm that the personal information relates to you.
Response timing and format
We will endeavor to respond within forty-five (45) days of receipt of your request, but if we require more time (up to an additional forty-five (45) days) we will notify you of the reason and extension period in writing.
Where you request a copy of your personal information, we will endeavor to provide the information in a format that is readily useable, including by mailing you a paper copy or providing an electronic copy. Any disclosures we provide will only cover the twelve (12) month period preceding the receipt of your verified request.
We do not charge a fee to process or respond to your request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request. We will not discriminate against you as a result of your exercise of any of these rights.
11.5. Notice to Nevada Residents. If you would like to tell us not to sell your information, please email us at firstname.lastname@example.org with your name, postal address, telephone number and email address with "Nevada do not sell" in the subject line.
12. Safety and confidentiality
12.1. HME takes steps to maintain the security of your personal data and to prevent unauthorized access to it through the use of appropriate technology and internal procedures.
12.2. If you choose a direct payment gateway to complete your purchase, then PayPal Gateway stores your credit card data. PayPal Gateway is encrypted through the Payment Card Industry Data Security Standard ("PCI-DSS"). All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.