As we operate internationally, and many of our computer systems are currently based in the U.S., your Personal Data may be processed in the U.S. and in other parts of the world where we or our service providers have facilities. By using the Services you understand that your information will be transferred to countries outside of your country of residence, including the United States, which may have data protection rules that are different from those of your country. In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities in those other countries may be entitled to access your Personal Information.
We only transfer Personal Data to various jurisdictions as necessary for the purposes described above, including to jurisdictions that may not provide the same level of data protection as your home country. We implement appropriate protections for cross-border data transfers as required by applicable law.
Residents of the European Economic Area (EEA), the United Kingdom or Switzerland
If you are a resident of the European Economic Area (EEA), the United Kingdom or Switzerland, you may have the right to (a) request access to your Personal Data; (b) request erasure of your Personal Data; (c) request restrictions on the processing your Personal Data; (d) object to processing your Personal Data; and/or (e) request data portability of your Personal Data to another data controller. You also have the right to lodge a complaint with a supervisory authority.
Data Privacy Framework Notices
On July 10, 2023, the European Commission’s adequacy decision for the EU-U.S. Data Privacy Framework (EU-U.S. DPF) entered into force. On October 12, 2023, UK Extension to the EU-U.S. DPF became effective. On September 15, 2024, Swiss-U.S. DPF transfer of personal information from Switzerland became effective.
Compliance
onsemi complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. onsemi has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of Personal Data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. onsemi has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF Principles) with regard to the processing of Personal Data received from Switzerland in reliance on the Swiss-U.S. DPF. The following U.S. subsidiaries of our organization are also adhering to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of Personal Data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. and/or Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF Principles) with regard to the processing of Personal Data received from Switzerland in reliance on the Swiss-U.S. DPF and are covered by the onsemi certifications: (a) Aptina, LLC, (b) Fairchild Semiconductor Corporation, and (c) Semiconductor Components Industries, LLC. If there is any conflict between the terms in this Privacy Policy and the EU-U.S. DPF Principles and/or Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certifications, please visit https://www.dataprivacyframework.gov/.
Accountability for Onward Transfer
If you are an EU, UK, or Swiss Individual, where we transfer your personal data to third party service providers who perform services for us or on our behalf, we are responsible for the processing of that data by them and shall remain liable if they process your personal data in a manner inconsistent with the DPF Principles referred to above, unless we prove that we are not responsible for the event giving rise to the damage.
Choice
If personal data covered by this Privacy Policy is to be used for a new purpose that is materially different from that which the personal data was originally collected or subsequently authorized, or is to be disclosed to a non-agent third party in a manner not specified in this Policy, onsemi will provide you with an opportunity to choose whether to have your personal data so used or disclosed. Requests to opt out of such uses or disclosures of Personal Data should be sent to us as specified in the “How to Contact Us” section below.
Certain personal data, such as information about medical or health conditions, racial or ethnic origin, political opinions, and religious or philosophical beliefs, is considered “Sensitive Information.” onsemi will not use Sensitive Information for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual unless onsemi has received your affirmative and explicit consent (opt in).
How to Contact Us with any Inquiries
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, onsemi commits to resolve DPF Principles-related complaints about your privacy and our collection and use of your Personal Data transferred to the United States pursuant to the DPF Principles. EU and UK individuals and Swiss individuals with inquiries or complaints regarding our handling of Personal Data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF should first contact onsemi by email at privacy@onsemi.com or by phone at +1 800-905-4574.
How to Contact Us with any Complaints
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, onsemi commits to refer unresolved complaints concerning our handling of Personal Data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, to JAMS, an alternative dispute resolution provider based in the United States. If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit JAMS at https://www.jamsadr.com/file-a-dpf-claim for more information or to file a complaint. The services of JAMS are provided to you at no cost.
If your DPF complaint cannot be resolved through the above channels, under certain conditions you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms.
Additional Information Regarding EEA, the United Kingdom and Switzerland
You may also:
- Contact our Data Protection Officer (DPO) responsible for your country or region, if applicable. For a list of DPOs, please click here.
- Lodge a complaint with an EEA, United Kingdom or Swiss data protection authority, as appropriate, for your country or region where you have your habitual residence or place of work or where an alleged infringement of applicable data protection law occurs. A list of data protection authorities is available at: http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080.
- In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, onsemi commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs), the UK Information Commissioner’s Office (ICO), and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of human resources data received in reliance on the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF in the context of the employment relationship.
Additional Information Regarding Non-EEA Countries
Some non-EEA countries are recognized by the European Commission as providing an adequate level of data protection according to EEA standards (the full list of these countries is available here https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en). For transfers from the EEA to countries not considered adequate by the European Commission, we have put in place adequate measures, such as standard contractual clauses adopted by the European Commission and binding corporate rules to protect your personal information. You may obtain a copy of these measures by contacting us in accordance with the “Contact Us” section below.
Vietnamese Citizens Data Subject Rights - Addendum
If you are a Vietnamese citizen or using the Services while in Vietnam, you may have further or separate rights pursuant to Vietnamese Personal Data Protection Decree 13/2023. The Privacy Policy will continue to apply to you, except for the parts that are conflict with this Addendum. In such a case, this Addendum will apply and prevail over the Privacy Policy, but only to the extent needed for the changes made by this Addendum to have effect.
Collection
Under the laws of Vietnam, “Personal Data” is defined as any information in the forms of symbols, letters, figures, images, sounds or similar forms in the electronic environment that is associated with a particular person or may lead to the identification of a particular person and is classified as basic and sensitive data.
We collect the following basic Personal Data when you use the Services:
- Identifiers
- Demographic information
- Commercial information
- Professional, employment-related, or education information
- Other content or information you share on the website
- Internet or other electronic network activity information
- Cookies and tracking technologies
- Information from outside sources
We may also collect “Sensitive Personal Data” which is defined “as data associated with an individual’s privacy that when violated will directly affect the individual’s legitimate rights and interest.” Examples of Sensitive Personal Data under Vietnamese laws include:
- Geolocation data;
- Payment information;
- Political opinions, religious opinions;
- Health status and private information recorded in the health record, excluding the information about blood type; and
- Information relating to racial origin, ethnic origin.
Rights and Obligations for Vietnam's Data Subjects
You have the right to: (a) request access to your Personal Data; (b) request erasure of your Personal Data; (c) request restrictions on the processing your Personal Data; (d) right to withdraw your consent; and (e) object to processing your Personal Data.
You have the right to obtain a copy of your Personal Data. Note that for any requests to obtain a copy of your personal data, you must use a mandated form imposed by the government of Vietnam. Please contact us at privacy@onsemi.com to request the appropriate form to submit your request.
You have the right: (f) to lodge a complaint with a supervisory authority, to denounce and initiate a lawsuit, (g) to claim damages and (h) to self-defense.
You also have the obligation to protect your own Personal Data, provide complete and accurate Personal Data and to comply with any other personal data protection obligations you may have under the applicable laws.
Use
We will be processing your Personal Data from the moment we collect it and until the end of the retention period (please refer to the section “Data Retention”).
We collect and process Personal Data based on your consent, to the extent it is required by applicable law, for a variety of business and commercial purposes such as to:
- Provide, and maintain, and improve our Services, as well as to develop new content and features, which we do to manage our contractual relationship with you;
- Process or fulfill orders and transactions, which we do to manage our contractual relationship with you;
- Provide customer service (e.g., to resolve disputes, feedback, problems with your account/profile or the Services), which we do to manage our contractual relationship with you and/or to comply with a legal obligation;
- Process payments, which we do to manage our contractual relationship with you and/or to comply with a legal obligation;
- Complete the transactions you request, perform our contractual obligations, and, as otherwise anticipated within the context of our relationship, which we do to manage our contractual relationship with you and/or to comply with a legal obligation;
- Create and manage your account, which we do to manage our contractual relationship with you and/or to comply with a legal obligation;
- Send notifications related to your account and purchases, which we do to manage our contractual relationship with you and/or to comply with a legal obligation;
- Send newsletters and promotional messages you request, which we do to manage our contractual relationship with you;
- Enable you to participate in public platforms or other interactive features of the Services (such as post comments to blog entries), which we do to manage our contractual relationship with you and/or to comply with a legal obligation;
- Conduct internal research and development, which we do to manage our contractual relationship with you;
- Analyze traffic and user activities on our Services, identify popular areas or features, and optimize and personalize the Services, which we do to manage our contractual relationship with you;
- Target advertisements to you both on and off of our Services;
- Debug, identify and repair errors that impair the functionality of our Services, which we do to manage our contractual relationship with you;
- Process and evaluate applications for positions as an employee or contractor with us, which we do to manage our contractual relationship with you ;
- Protect the rights and property of onsemi and others and comply with our legal obligations, including to detect, investigate, and prevent fraud and other illegal activities and to enforce our agreements and when we have a legal obligation; and
- Accomplish other business and reasonable internal purposes, including to determine the effectiveness of promotional campaigns and to conduct audits to verify that our internal process function as intended and to address legal, regulatory or contractual requirements, which we do to manage our contractual relationship with you and/or to comply with a legal obligation.
You may agree to the above processing purposes in full or in part by ticking the boxes of the consent form.
Data Incident
We maintain reasonable technical, physical, and administrative security measures designed to help protect the security of your personal information against loss, misuse, unauthorized access, disclosure, or alteration (“Data Incident”). In the case of a Data Incident affecting your Personal Data, you may experience consequences or damages such as exposure of your personal information (which may include sensitive information), identity theft, financial harm, reputational damage, and increased vulnerability to targeted scams or fraud attempts.
You can raise a complaint by contacting us at: privacy@onsemi.com
Communication Preferences and Marketing
We may communicate with you after obtaining your prior written consent (opt-in). Our communications may include marketing communications which may include promotional offers, newsletters, updates, and other relevant information. We may communicate with you in the form of emails, text messages, phone calls, chatbot, or other means. We send communications that we deem are relevant and that are tailored to your interests. Our communications will remain reasonable, avoiding excessive or intrusive messaging. You will need to opt-in to receive marketing messages from us through your account/profile settings. If you do not wish to receive marketing communications from us, you can indicate your communications preference within the direct communication from us or through your account/profile settings. In case you opt-in, note that you may opt-out of the marketing communications at any time.
Ad Tech
We may share your Personal Data and other information we collect with ad tech vendors to the extent permitted by applicable laws and with your prior consent.
Relating to the Services, we may work with third parties who serve advertisements, provide us with data collection, reporting, and ad response measurement and assist with delivery of relevant marketing messages and advertisements to the extent permitted by applicable law.
To the extent permitted by applicable laws, these third parties may view, set, or edit their own tracking technologies/cookies that are deployed when you visit our Services. The use of these technologies by these third parties is subject to their own privacy policies and we encourage you to review them.
Sale of Personal Information
We do not sell your Personal Data for money but we and our business partners use tracking technologies to help us to understand our customers and visitors to the Services, to enhance your online experience, and customize our offerings in ways that may be deemed a “sale” of personal information under the applicable law. This includes working with third parties such as ad networks that collect personal information via tracking technologies to personalize advertisements on and off our Services and to provide us with data collection, reporting, and ad response measurement. We will obtain your prior written consent (opt-in) prior to using any technologies on the Services that could be considered a “sale” of personal data. In all cases, the sale of Personal Data will only apply to the extent permitted by the applicable law.
Tracking Technologies
To the extent permitted by applicable law, we use tracking technologies (including cookies) to recognize you, customize your experience on the Services, and target the content/advertising you see, including providing videos customized to your interests. For more information about the use of cookies and similar technology on our online services please review the Privacy Policy and our Cookies and Tracking Technologies Policy.
Personal Information Obtained from Other Sources
To the extent permitted by law, we may collect Personal Data about you from other sources. For example, we may collect Personal Data about you from analytics companies, advertising networks, demographic companies, publicly available databases, joint marketing partners, and other vendors that provide us with information, so we can better understand you and provide you with information, offers, and products and services that may be of interest to you. If you apply for a position with us as an employee or contractor, we may obtain information about you from former employers, schools, references, and credit bureaus.
Other International Transfers
onsemi will comply with regulatory filing obligations and other legal requirements to the extent required by the applicable law when transferring data overseas to the US and elsewhere in the world.
Notification Regarding Updates
We will notify you about material changes to this Privacy Policy by posting notices on the Services.
We will also notify you of any changes to the Privacy Policy or to this Addendum that could impact the validity of your consent and will obtain new consent from you before any such changes are implemented.
Indian Citizens Data Subject Rights - Addendum
Residents of India
If you are a resident of India, the following Addendum shall apply to you in consonance with the Digital Personal Data Protection Act 2023 (DPDPA) and any corresponding rules or regulations. The Privacy Policy will continue to apply to you, except for the parts that are conflict with this Addendum. In such a case, this Addendum will apply and prevail over the Privacy Policy, but only to the extent needed for the changes made by this Addendum to have effect.
In sharing any Personal Data with us, you expressly agree that you are competent to contract under the provisions of applicable Indian law, and have achieved the age of majority.
Definitions:
- Personal Data: shall have the same meaning as assigned to it under the DPDPA.
- The term Data Subject as used in the Privacy Policy shall have the same meaning as the term Data Principal as defined in Section 2(i) of the DPDPA.
Collection, Processing and Justification
As mentioned in the contents of the Privacy Policy above, we may collect and process your information for a number of reasons, and place our reliance on your consent, and on certain other legitimate uses permitted under the provisions of the DPDPA, including under Section 7. Where you are a job applicant, we rely on the provisions of Sections 7(a) and 7(i) of the DPDPA to the extent permitted, and on your consent if required in the alternative if permitted under the law. We may additionally collect information that you choose to share with us voluntarily, through your communications to us, including the information you share when you visit us, communicate by email, text, social media interactions or through telephonic communications.
Types of Personal Data and Purpose for Processing
We collect the following categories of Personal Data from you for the purposes specified in the table below: