THORLABS, INC. UNITED STATES/EUROPEAN UNION SAFE HARBOR PRIVACY STATEMENT (“PRIVACY STATEMENT”)
(Last Updated Nov 06, 2008)
(Effective Date Nov 06, 2008)
Thorlabs, Inc. (“Thorlabs”), comprised of the Internet sites Thorlabs.com (the “Sites”), is committed to protecting the privacy of users of the Sites. Thorlabs intends to give users as much control as possible over user’s personally identifiable information, including registration data. This Privacy Statement applies to each of the Sites and describes the information Thorlabs collects about users and how that information may be used.
Thorlabs reserves the right to update and change this Privacy Statement from time to time. If Thorlabs makes material changes to its privacy practices, a prominent notice will be posted on this web page. Each time a user uses the Sites, the current version of the Privacy Statement applies. Accordingly, a user should check the date of this Privacy Statement (which appears at the top) and review for any changes since the last version. If a user does not agree to the Privacy Statement, the user should not use the Sites.
Thorlabs complies with the United States (“US”)/European Union (“EU”) Safe Harbor framework as set forth by the US Department of Commerce regarding the collection, use, and retention of data from the EU. Individuals who wish to file a complaint or who take issue with Thorlabs's EU Safe Harbor policies should direct such communication to Thorlabs Legal Services - Privacy via written communication at the contact information provided below. Filing a complaint in English will expedite the process. Thorlabs will investigate and attempt to resolve complaints regarding use and disclosure of personal information in accordance with the principles contained in this Privacy Statement. For complaints that cannot be resolved between Thorlabs and the complainant, Thorlabs participates in the dispute resolution procedures of the panel established by the EU data protection authorities to resolve disputes pursuant to the Safe Harbor framework.
Thorlabs agrees to notify users of the following privacy principles: Notice, Choice, Onward Transfer, Security, Data Integrity, Access, and Enforcement.
Thorlabs provides this Privacy Statement to make users aware of Thorlabs privacy practices, and of the choices a user may make about the way the user’s information is collected and used.
Users represent they are of legal age to create binding and financial obligations for any liability users may incur as a result of their use of the Sites. The Sites are not directed to children under the age of 13, and Thorlabs will never request personally identifiable information from anyone whom it knows to be under the age of 13 without verifiable parental or guardian consent. Thorlabs does not knowingly collect, or wish to obtain, personally identifiable information from children. If Thorlabs becomes aware that a user is under the age of 13 and has provided personally identifiable information without prior verifiable parental or guardian consent, it will remove user’s personally identifiable information from its files.
What information Thorlabs collects
Thorlabs may collect two types of information from users of Sites: "personally identifiable information" (such as name, email address, postal address, telephone, birth date) and "aggregate information" (such as frequency of visits to Sites, IP address, Site pages most frequently accessed, browser type). Personally identifiable information is any piece of information which can potentially be used to uniquely identify, contact, or locate a user of the Sites. Aggregate information is non-personally identifiable/anonymous information about users of the Sites. Aggregate information is used in a collective manner and no single person can be identified by that compiled information.
On the Sites, users may order products or services, and register to receive materials. Personally identifiable information collected on the Sites includes community forum content, diaries, profiles, photographs, name, unique identifiers (e.g., passwords), contact and billing information (e.g., email address, postal address, telephone, fax), and transaction information.
In order to tailor Thorlabs’s subsequent communications to users and continuously improve the Sites’ products and services, Thorlabs may also ask users to provide information regarding their interests, demographics, experience with its products, and detailed contact preferences.
Thorlabs web servers may automatically log aggregate information, such as a user’s IP address, domain name, browser type, date and time of access, and other log file data. This information may be used to analyze trends or administer the Sites. Log files do not contain personally identifiable information.
With respect to Thorlabs.com, Thorlabs contracts with third party mirror providers, who deliver integrated communications services, including Internet access services, to deploy mirrors of downloads in order to make file downloading via Thorlabs.com faster and more convenient. Thorlabs has no control over the privacy or logging policies of mirror providers, or the implementation thereof, and such policies may differ from this Privacy Statement.
How Thorlabs uses the information collected
Thorlabs may use the personally identifiable information a user submits for any purposes related to Thorlabs’s business, including, but not limited to:
- To understand a user’s needs and create content that is relevant to the user;
- To generate statistical studies;
- To conduct market research and planning by sending user surveys;
- To notify user referrals of Thorlabs services, information, or products when a user requests that Thorlabs send such information to referrals;
- To improve services, information, and products;
- To help a user complete a transaction, or provide services or customer support;
- To communicate back to the user;
- To update the user on services, information, and products;
- To personalize a Site for the user;
- To notify the user of any changes with a Site which may affect the user;
- To allow the user to purchase products, access services, or otherwise engage in activities the user selects.
User names, identifications (“IDs”), and email addresses (as well as any additional information that a user may choose to post) may be publicly available on a Site when users voluntarily and publicly disclose personally identifiable information, such as when a user posts personally identifiable information in conjunction with content subject to an Open Source license, or as part of a message posted to a public forum or a publicly-released software application. Users may not be able to change or remove public postings once posted. Such personally identifiable information may be used by visitors of these pages to send unsolicited messages. Thorlabs is not responsible for any consequences which may occur from the use of personally identifiable information that a user chooses to submit to public pages.
With respect to surveys, in the event that responses are publicly disclosed, users will be notified at the time they take the survey. Thorlabs will disclose only aggregate information regarding its users, which as stated earlier is anonymous information that does not identify any specific individual. Circumstances under which Thorlabs would publicly disclose such aggregate information include, but are not limited to, sharing survey results with the site population, providing data to Thorlabs advertisers on user preferences and/or demographics, and publicizing overall usage data in press communications.
Where surveys allow users to submit written comments, and where Thorlabs advises users of the possibility of such disclosure at the time they take the survey, Thorlabs reserves the right to disclose any information provided by users, provided that no personal information identifying a specific user is disclosed. Participation in surveys is at a user's option; Thorlabs does not conduct mandatory surveys.
A user makes the decision whether to proceed with any activity that requests personally identifiable information. If a user does not provide requested information, the user may not be able to complete certain transactions.
Users who use the personally identifiable information of other users agree to use such information only for:
- Using services offered through a Site;
- Site transaction-related purposes and not for unsolicited commercial messages; or
- Other purposes that the other user expressly chooses.
Users are not licensed to add other users to a Site, even users who entered into transactions with them, or to their mail lists without consent.
Thorlabs encourages users to evaluate privacy and security policies of any of the Sites’ transaction partners before entering into transactions or choosing to disclose personally identifiable information.
Thorlabs will not use or share the personally identifiable information provided to it online in ways unrelated to the items described above without first letting a user know and offering the user a choice. If a user no longer wishes to receive direct marketing materials, Thorlabs will provide instructions in each of its emails on how to be removed from any lists. Thorlabs will make commercially reasonable efforts to honor such requests.
Profile or User ID Display
A user’s personally identifiable information may be publicly available through a user's profile or user ID display. In such cases, users have the option and discretion to opt out of publicly displaying their real names at any time by changing their display name under the Sites’ user preferences. Profile or user ID display may allow other users to see a user’s activities, including purchase and sales content, ratings, and comments.
Users may have the opportunity to use a service to send electronic mail to another user or email list. In such cases, a user's valid email address and real name will be included with such messages. In order to prevent abuse, users may not opt out of such a display, but may choose to refrain from using such service to transmit an email message.
Users may have the opportunity to submit photographs to the Sites for product promotions, contests, and other purposes to be disclosed at the time of request. In these circumstances, the Sites are designed to allow the public to view, download, save, and otherwise access the photographs posted. By submitting a photograph, users waive any privacy expectations users have with respect to the security of such photographs, and Thorlabs’s use or exploitation of users’ likeness. All photographs submitted to Thorlabs become the property of Thorlabs and will not be returned.
With whom may Thorlabs share information?
Thorlabs will not sell, rent, or lease a user’s personally identifiable information to others, except as described in this Privacy Statement. Unless Thorlabs has a user’s permission or as required by law, Thorlabs will only share the personally identifiable information a user provides online with other entities that are part of the Thorlabs corporate family and/or outside service providers who may be used to ship products, process credit cards, provide technical support, handle order processing, or otherwise act on Thorlabs’s behalf. These third parties are prohibited from using users’ information for any other purpose, including their own marketing.
When Thorlabs uses third parties to assist in processing a Site’s user personally identifiable information, Thorlabs requests that they comply with Thorlabs privacy practices, and other appropriate confidentiality and security measures.
Please be advised that in certain instances, it may be necessary for Thorlabs to disclose a user’s personally identifiable information without a user’s permission to government officials or otherwise as required by legal obligations. Thorlabs may disclose such personally identifiable information when responding to subpoenas, court orders, or legal process, or to establish or exercise legal rights or defend against claims, including fraud or infringement investigations.
Data collected online may be combined with information a user provides through other means of communication, such as postal mail or third parties to further carry out the purposes described above under the heading “NOTICE, How Thorlabs uses the information collected regarding users”.
When users choose to provide Thorlabs with personally identifiable information, users consent to the transfer and storage of such information by Thorlabs servers in the United States.
In addition, Thorlabs reserves the right to share aggregate information collected from users of the Sites, without prior notice, with entities that are part of the Thorlabs corporate family and unrelated third parties. As stated earlier, aggregate information is used in a collective manner and no single person can be identified by such compiled information.
To purchase services, users may be asked to be directed to a third party site, like PayPal, to pay for their purchases. If applicable, the third party site may collect payment information directly to facilitate a transaction. None of this information will be captured or stored by Thorlabs.
Links to third party web sites
Links to third party web sites on the Sites are provided solely as a convenience to the user. When a user uses these links, the user leaves the Sites. Thorlabs has not reviewed all of these third party sites, does not control, and is not responsible for, any of the third party sites, their content or privacy practices. Thorlabs does not endorse or make any representations about the third party sites, or any information, services, or products found on the sites. If a user decides to access any of the linked sites, Thorlabs encourages the user to read their privacy statements. The user accesses such sites at user’s own risk.
Bankruptcy or Sale of business
Thorlabs reserves the right to share or transfer personally identifiable information and aggregate information to a third party should Thorlabs ever file for bankruptcy or in the event of a sale, merger or acquisition of Thorlabs, provided such third party agrees to adhere to the terms of this Privacy Statement.
DATA INTEGRITY AND ACCESS
Should a user find inaccuracies in such user’s information, or desire to close an account or view the personally identifiable information Thorlabs may have regarding the user, the user may contact Thorlabs through the communication methods described below, or when technically feasible, directly on a Site. Thorlabs will make commercially reasonable efforts to respond to requests for access within thirty (30) days of receiving requests. Thorlabs may decline to process users’ access or update requests to their personally identifiable information if the requests require disproportionate technical effort, jeopardize the privacy of other users, or are impractical (for instance, requests concerning information residing on backup tapes).
To prevent unauthorized access or disclosure, maintain data accuracy, and ensure the appropriate use of information, Thorlabs implements physical, electronic, and managerial procedures to safeguard and secure the information Thorlabs collects. Thorlabs uses encryption when collecting or transferring sensitive personally identifiable information. However, Thorlabs does not guarantee that unauthorized third parties will never defeat measures taken to prevent improper use of personally identifiable information.
Internal Thorlabs access to users’ nonpublic personally identifiable information is restricted to Thorlabs’s administrators and individuals on a need-to-know basis. These individuals are bound by confidentiality agreements.
User passwords are keys to accounts. Use unique numbers, letters, and special characters for passwords and do not disclose passwords to other people in order to prevent loss of account control. Users are responsible for all actions taken in their accounts. Notify Thorlabs of any password compromises, and change passwords periodically to maintain account protection. In addition to passwords, Thorlabs.net users also obtain encryption keys for the release of files for download, development of web content, and other services. Users are responsible for all actions taken with encryption keys, and must promptly notify Thorlabs of any security compromises involving such encryption keys.
In the event Thorlabs becomes aware that the security of a Site has been compromised or user’s personally identifiable information has been disclosed to unrelated third parties as a result of external activity, including but not limited to security attacks or fraud, Thorlabs reserves the right to take reasonable appropriate measures, including but not limited to, investigation and reporting, and notification to and cooperation with law enforcement authorities.
If Thorlabs becomes aware that a user's personally identifiable information has been disclosed in a manner not permitted by this Privacy Statement, Thorlabs will make reasonable efforts to notify the affected user, as soon as reasonably possible and as permitted by law, of what information has been disclosed, to the extent that Thorlabs knows this information.
If a user has comments or questions about Thorlabs.com's privacy statement, please contact:
Attn: Thorlabs, Inc. Legal Services - Privacy
435 Route 206N
Newton, NJ 07860