Cobham

 

 

Privacy Notice

This Website Privacy Notice ("Notice") describes to those individuals that interact with Cobham Advanced Electronic Solutions (CAES), either through the website or otherwise, how and why CAES processes their personal data and what rights they have in relation to their personal data.

  1. What is this notice and why should you read it? 
    1. This privacy notice explains how and why Cobham Advanced Electronic Solutions including each of its operating entities, subsidiaries and affiliates (also referred to as “CAES”, “we”, “our” and “us”) uses personal data about those individuals who purchase goods or services from us, supply goods or services to us, visit our websites (collectively the “Website”), or otherwise communicate or engage with us (referred to as “you”).
    2. You should read this notice, so that you know what we are doing with your personal data. Please also read any other privacy notices that we give you, that might apply to our use of your personal data in specific circumstances in the future.
  2. CAES' data protection responsibilities 
    1. Personal data” is any information that relates to an identifiable natural person. Your name, address and contact details are all examples of your personal data, if they identify you.
    2. The term “process” means any activity relating to personal data, including, by way of example, collection, storage, use, consultation and transmission.
    3. CAES is a so-called "controller" of your personal data. This means that we make decisions about how and why we process your personal data and, because of this, we are responsible for making sure it is used in accordance with data protection laws.
    4. CAES DOES NOT SELL your personal data.
  3. What types of personal data do we collect and where do we get it from? 
    1. We collect different types of personal data about you when you visit our Website, purchase something from us or otherwise communicate or engage with us. We also obtain some personal data from other sources and create some personal data ourselves.
    2. If any of the personal information you have given to us changes, such as your contact details, please inform us without delay.
    3. We collect your personal information from various sources. The different types of personal information that we collect and the sources we collect it from, can be reviewed in more detail in Schedule 1.
  4. What do we do with your personal data and why? 
    1. We process your personal data for particular purposes in connection with your use of Website, the provision of services or goods from us to you, your communication or other engagement with us and the management and administration of our business.
    2. We are required by law to always have a so-called “lawful basis” (i.e. a reason or justification) for processing your personal data. The purposes for which we process your personal data and the relevant lawful basis on which we rely for that processing, can be reviewed in more detail in Schedule 2.
    3. Please note that where our processing of your personal data is either:
      1. necessary for us to comply with a legal obligation; or
      2. necessary for us to take steps, at your request, to potentially enter into a contract with you, or to perform it, and you choose not to provide the relevant personal data to us, we may not be able to enter into or continue our contract or engagement with you.
    4. We may also convert your personal data into statistical or aggregated form to better protect your privacy, or so that you are not identified or identifiable from it. Anonymised data cannot be linked back to you.  We may use it to conduct research and analysis, including to produce statistical research and reports.  For example, to help us understand and improve the use of our Website.
  5. Sensitive Information and Supplier data 
    1. Except in relation to certain suppliers, we do not process ‘special categories of personal data’ and/or sensitive personal data (together, “Sensitive Information” – as set out in Schedule 1). This refers to sensitive or special categories of personal data which we are required to process with more care, according to applicable laws.
    2. In addition to the processing activities described above, for certain suppliers, we may conduct background checks for identity, fraud protection and money laundering purposes. Some of these checks may include the processing of personal data related to supplier directors or senior officers. These checks will either be conducted on the lawful basis of it being necessary to comply with a legal requirement or (where no such legal requirement exists), it being necessary for our legitimate business interests.
    3. Where the processing of supplier data does include the processing Sensitive Personal Data, this will either be only on the lawful basis of having obtained explicit consent or that it is necessary to establish, exercise or defend a legal claim.  
  6. Who do we share your personal data with, and why? 
    1. Sometimes we need to disclose your personal data to other people.
    2. Inside CAES:

    3. CAES operates globally. Therefore, we may need to share your personal data with various locations within CAES for our general business management purposes and, in some cases, to meet our customer needs where providing services across various locations and/or for authorizations/approvals with relevant decision makers, reporting and where systems and services are provided on a shared basis.
    4. Access rights between CAES are limited and granted only on a need to know basis, depending on job functions and roles.
    5. Where any CAES location process your personal data on our behalf (as our processor), we will make sure that they have appropriate security standards in place to make sure your personal data is protected.
    6. Outside CAES:

    7. From time to time we may ask third parties to carry out certain business functions for us, such as the administration of our Website and IT support. These third parties will process your personal data on our behalf (as our processor). We will disclose your personal data to these parties only to the extend needed to perform those functions. Before we disclose your personal data to these third parties, we will seek to ensure that they have appropriate security standards in place to protect your personal data. Examples of these third party service providers include our outsourced IT systems software and maintenance, back up, and server hosting providers.
    8. In certain circumstances, we will also disclose your personal data to third parties who will receive it as controllers of your personal data in their own right for the purposes set out above, where the relevant disclosure is in relation to:
      1. services provided to you or us by a third party acting independently to CAES but which has a relationship with CAES, for example certain payment fraud checking services;
      2. the purchase or sale of our business (or part of it) in connection with a share or asset sale, for which we may disclose or transfer your personal data to the prospective seller or buyer and their advisors; and
      3. the disclosure of your personal data in order to comply with a legal obligation, to enforce a contract or to protect the rights, property or safety of our employees, customers or others.
    9. We have set out below a list of the categories of recipients with whom we are likely to share your personal data:
      1. IT support, Website and data hosting providers and administrators;
      2. payment processors in relation to purchases you make with us;
      3. consultants and professional advisors including legal advisors and accountants;
      4. courts, court-appointed persons/entities, receivers and liquidators;
      5. business partners and joint ventures;
      6. insurers; and
      7. governmental departments, statutory and regulatory bodies including (in the UK) the Department for Work & Pensions, Information Commissioner’s Office, the police and Her Majesty’s Revenue and Customs.
  7. Where in the world is your personal data transferred to? 
    1. As part of a global organisation, CAES may transfer your personal data to recipients (either internally or externally, as set out above) that are established in jurisdictions other than your own. Please be aware that the data protection laws in some jurisdictions may not provide the same level of protection to your personal data as is provided to it under the laws in your jurisdiction.
    2. If any disclosures of personal data referred to above require your personal data to be transferred from within to outside the European Economic Area, we will only make that transfer if:
      1. The jurisdiction to which the personal data is to be transferred ensures an adequate level of protection for personal data;
      2. We have put in place appropriate safeguards to protect your personal data, such as an appropriate contract with the recipient;
      3. The transfer is necessary for one of the reasons specified in data protection legislation, such as the performance of a contract between us and you; or
      4. You explicitly consent to the transfer.
  8. How do we keep your personal data secure? 
    1. We will take specific steps (as required by applicable data protection laws) to ensure we take appropriate security measures to protect your personal data from unlawful or unauthorised processing and accidental loss, destruction or damage.
  9. How long do we keep your personal data for? 
    1. We will only retain your personal data for a limited period of time and for no longer than is necessary for the purposes for which we are processing it for. This will depend on a number of factors, including:
      1. any laws or regulations that we are required to follow;
      2. whether we are in a legal or other type of dispute with each other or any third party;
      3. the type of information that we hold about you; and
      4. whether we are asked by you or a regulatory authority to keep your personal data for a valid reason.
  10. How do we communicate with you? 
    1. We will use your personal data to communicate with you:
      1. In relation to any purchases you make with us;
      2. To administer our relationship with you;
      3. To respond to any questions or complaints that you may have; and
      4. To invite you to take part in market research or request feedback on our products and services.
    2. From time to time and with your opt-in consent (if required), we will provide you with information about our products, services, promotions and/or offers which may be of interest to you. Such communications will be sent either by email, text, post or telephone.
  11. Your rights 
    1. You can contact us to manage, change, limit or delete the personal data that we hold about you, in accordance with applicable law.
      1. Depending on the applicable privacy and data protection laws, you may have the following rights in relation to your personal data and you may, in some circumstances, ask us to:
        1. Provide you with access to the personal data that we hold about you;
        2. Correct your personal data;
        3. Erase your personal data;
        4. Restrict our processing of your personal data;
        5. Object to our processing of your personal data;
        6. Object specifically to us using your personal data for profiling for direct marketing purposes; or
        7. Provide a copy of your personal data in an easily accessible format; and
      2. Where you have specifically consented to our use of your personal data, you have the right to withdraw that consent at any time. Please contact us if you want to do this.
  12. Cookies 
    1. Find out about cookies here.

  13. Changes to our privacy policy 
    1. We may change this privacy policy from time to time without prior notice. Any changes we may make to our privacy policy in the future will be posted on this page.
  14. Exclusions 
    1. This policy applies only to this Website. Our Website may contain links to other sites not operated or controlled by CAES. The policies and procedures we have described here do not apply to these third party sites. The links from our website do not imply that CAES endorses or has reviewed any third party sites. We suggest contacting those sites directly for information on their privacy policies.
  15. Other terms and conditions 
    1. Your access to and use of this website is subject to the Terms of Use, available at /legal/terms-of-use/.
  16. Contact us and complaints 
    1. If you have any questions, comments or complaints about any aspect of this policy, or to exercise any of your rights in relation to your personal data, please submit this form here or contact:

      Cobham Advanced Electronic Solutions
      2121 Crystal Drive, Suite 800
      Arlington, VA 22202
      Attn: Legal & Compliance—Privacy Inquiries

    2. Depending on the applicable privacy and data protection laws, you may have the right to file a complaint about how we process your personal data to the relevant supervisory authority.

 

 

Schedules

Schedule 1 - Categories of Personal Data 

Category

Type of personal data

Collected from

Contact Information 

  • Name
  • Address
  • Telephone number
  • Email address
  • Organization details (eg your place of work, job title and organization contact information)
  • Your marketing preferences
  • You
  • Publicly available sources such as LinkedIn

Customer / Supplier Information

  • Contact Information (see above)
  • Individual Reference Number
  • Digital signature
  • Order information for goods and services purchased or sold by you (or your organization)
  • Payment information
  • You/your organization’s banking details
  • Fraud checks or flags raised about your transactions, payment card refusals
  • Delivery details
  • Communications we may have with you, whether relating to a transaction or not.
  • Any additional information that you provide to us voluntarily or for account security, including (for example) date of birth or mother’s maiden name
  • Responses to surveys or competition entries
  • Sensitive information (see sub-categories below)
  • You
  • Third party fraud checking service
  • Your/your organization’s bank

Website Information

  • Contact Information (see above)
  • IP address and other online identifiers / web beacons
  • Details of your online browsing activities on our website, such as the pages, products or areas of our website that you visit
  • Your account settings including any default preferences, any preferences we have observed, such as the types of offers that interest you, or the areas of our website that you visit.
  • Device used to access the Website
  • Our Website

Sensitive Information (only in relation to certain suppliers)

  • Racial or ethnic origin (including your nationality and passport information)
  • Information relating to actual or suspected criminal convictions and offences (pursuant to anti-money laundering and identity checks)
  • You
  • Third party systems used for our identity checks
 
 

Schedule 2 - Processing Activities and Lawful Basis 

 

Purposes of processing

Lawful basis

Your consent

To perform a contract with you

To comply with a legal obligation

For our legitimate interests

 

Contact Information

 

 

 

 

a)      

Responding to your enquiries and/or complaints

 

 

(It’s important that we can respond to you in relation to such matters)

b)      

Confirming and processing orders for goods or services that you may make with us (either as customer or supplier)

 

 

 

 

c)      

Sending you information (including direct marketing) as set out in the section “How do we communicate with you?”, below

 

 

 

(It is important to keep you updated of orders made with us and notified of factual updates to our engagement with you)

 

 

Website Information

PLEASE ALSO SEE THE COOKIES SECTION HERE

d)      

Ensure the operation and performance of the Website

 

 

 

(We need to ensure the Website functions correctly)

e)      

To improve the functionality of the Website

 

 

 

 

(It is in our interest to keep the Website up to date and improve its functionality for the benefit of users)

f)       

To enable you to create accounts and log-in to them via the Website

 

 

 

 

(It is in our interests to grant you access to a private log-in where you can access information relevant to you and your relationship with CAES)

 

Customer / Supplier Information

 

 

 

 

g)      

To take payment and deliver your goods to you or the recipient you indicate, to deal with any complaints or any after sales services, including for warranty purposes

 

 

 

 

h)      

To protect genuine customers and our business from fraud to minimise the risk of false details being used, and abuse of card details by fraudsters

 

 

 

(It is important that seek to limit incidents of fraud)

 

 

All categories

 

 

 

 

i)       

Establishing and enforcing our legal rights and obligations and monitoring to identify and record fraudulent activity

 

 

 

 

j)       

Complying with instructions from law enforcement agencies, any court or otherwise as required by law

 

 

 

 

k)      

For our general record-keeping and customer/supplier relationship management

 

 

(We need to store customer/supplier related information so we can refer back to it)

 

l)       

Managing the proposed sale, restructuring or merging of any or all part(s) of our business, including to respond to queries from the prospective buyer or merging organization

 

 

 

(We have a legitimate interest in being able to sell any part of our business)

m)     

To keep records required by law or to evidence our compliance with laws, including tax laws, consumer protection laws and data protection laws.

 

 

 

 

n)      

Resolving any complaints from or disputes with you

 

 

(We need to be able to try and resolve any complaint or dispute you might raise with us)

 

 
 

 

Do PostBack