Ingram Micro Privacy Statement
(as of Dec. 8, 2017)
Purpose and Scope
This Ingram Micro Privacy Statement (the "Privacy Statement") governs how Ingram Micro Inc., a Delaware corporation, and companies that we own or control ("Affiliates") (collectively, "Ingram Micro", "we", or "us") collect, use, store, process, disclose, and delete Personal Data (as defined in this Privacy Statement) you provide directly to us or that we receive from your authorized third parties including, without limitation, that you provide to us via our website, located at the ingrammicro.com domain, or any website of any one of our Affiliates that post or link to this Privacy Statement (individually and collectively, "Website"), accessed through any medium, including via computer, mobile device, or other device (collectively, "Device").
Although we encourage you to read this entire Privacy Statement, this is a summary of some of the more important aspects of the Privacy Statement:
- We may collect both Personal Data and other information from you through a variety of sources, including Personal Data we have collected from you, whether on- or offline. We may also combine it with information we receive about you from other sources, such Affiliates, publicly available information sources (including information from your publicly available social media profiles), and other third parties.
- We will not use or share your Personal Data except as permitted by this Privacy Statement.
- Where applicable, We honor opt out instructions from you for certain uses of your Personal Data under this Privacy Statement, such as, for example, when you opt out of receiving marketing email communications from us.
- We use commercially reasonable technical and organizational controls to secure and protect your Personal Data, but we cannot ensure or warrant that your Personal Data will be completely secure from misappropriation by hackers or from other nefarious or criminal activities.
1. General Principles for the Processing Of Personal Data
Personal Data will be collected, stored, processed and transmitted in accordance with Ingram Micro's established policies and applicable federal, state, local and foreign laws, rules and regulations.
The principles of Ingram Micro with respect to the processing of Personal Data are as follows: (1) Personal Data will be processed fairly and lawfully, (2) Personal Data will be collected for specified, explicit, and legitimate purposes and not further processed for incompatible purposes, (3) Personal Data collected by Ingram Micro will be adequate, relevant, and not excessive in relation to the purposes for which it is collected, (4) Personal Data collected by Ingram Micro will be accurate and, where necessary, kept up to date to the best of our ability, (5) Personal Data will be protected against unauthorized access and processing using commercially reasonable technical and organizational security measures and controls; and (6) Personal Data collected by Ingram Micro will be retained as identifiable data for no longer than necessary to serve the purposes for which the Personal Data was collected.
If Ingram Micro engages in the processing of Personal Data for purposes other than those specified in this Privacy Statement, Ingram Micro will provide notice of these changes, the purposes for which the Personal Data will be used, and the recipients of Personal Data.
2. Information that Ingram Micro Collects
Ingram Micro may collect different types of information from you when you access or use the Website:
"Personal Data" refers to any information that directly identifies you or information otherwise defined as "personally identifiable" under applicable law. This includes, but is not limited to, your first and last name; billing or shipping address; credit card or payment information; government issued identification number; email address; phone number; purchase information and history; your geo-location information; your account number; resume information; and a combination of your username and password used to access the Website.
"Additional Usage Information" refers to any additional information that may not by itself reasonably identify you as the source. This includes, non-user specific information regarding your computer, your IP address, your Media Access Control (MAC) address, the type and version of Internet browser you are using, screen resolution, the location from which you access the Website, the type of computer operating system you are using (Windows or Mac OS), the domain name of the website from which you linked to the Website, or the areas of the Website you visited and actions performed on the Website. We may collect similar information, such as your device type and identifier, if you access the Website through a mobile device.
3. Collection of Information
Ingram Micro may collect Personal Data and Additional Usage Information about you from a variety of sources, including, for example:
Directly from You. We may collect Personal Data directly from you when you voluntarily provide it to us. For example, when you communicate with us over the telephone or through the Website by way of email, online chat, web form, or online account registration to obtain access to Offerings, register for an event or training, purchase an Offering, ask questions, attempt to resolve any issues related to the Website or Offerings, submit a job application, or submit feedback and comments.
From Other Users. We may receive Personal Data about you from other users of the Website when they provide information to us. For example, we may receive information when they communicate with you or with us through the Website.
From Resellers and Distributors. We may obtain Personal Data about you from the resellers and distributors that purchase Offerings available from us and provide such Offerings to you.
From Our Vendors. We may obtain Personal Data about you from the third party vendors that make Offerings available through us.
From Our Service Providers. We may obtain Personal Data about you from third party service providers that provide services to us. For example, when we rely on third party services to support our Website or facilitate emails or other messages sent through the Website, we may receive Personal Data about you from those third parties.
From Third Party Information Providers. Ingram Micro may also obtain Personal Data from third parties that have obtained or collected information about you and that have the right to provide that Personal Data to us. For example, if you register for the Website using a third party service or through a third party website or service, the information you provide to that third party will be provided to us to establish your account on the Website. We may also contract with third parties that are in the business of providing information to businesses such as ours to verify certain information about you or obtain information about you. We may use the Personal Data about you we receive from a third party outside of the Website in accordance with the terms we establish with that third party. We may also obtain Personal Data from publicly-available sources such as open government databases or other data in the public domain.
From Our Affiliates and Business Units. We may obtain Personal Data about you from our Affiliates regardless of whether these entities share the "Ingram Micro" brand. We may also obtain information about you from other business units that also offer products or services under the Ingram Micro brand or one of our other brands. We may use any information about you that we obtain from our Affiliates, or business units in accordance with the terms under which that information was collected by that Affiliate or business unit.
Through the Operation of the Website. The systems we use to provide the Website may automatically log and record Additional Usage Information about your use of the Website. For example, our systems may record the information you enter on the Website, the areas of the Website you visit, your activities on the Website, your IP address, or information about the computer or software you are using to access the Website.
4. Cookies and Other Website Usage Information
The Website may also monitor and collect Additional Usage Information about how you access, use, and interact with the Website automatically through "cookies," "flash cookies", "web beacons," and other automated tracking technology.
A "cookie" is a small text file that is stored on a user's Device. Cookies allow us to collect information such as browser type, time spent on the Website, pages visited, and language preferences. We and our service providers use the information for security purposes, to facilitate navigation, display information more effectively, and to personalize your experience while using the Website.
Generally, the cookies that are used on the Website can be broken down in to the following categories:
- Strictly necessary cookies. These are cookies that are required for the operation of our Website. They include, for example, cookies that enable you to log into secure areas of our Website or use a shopping cart.
- Analytical/performance cookies. These cookies are used to analyze how the Website is used and to monitor its performance, which allows us to improve your experience in using the Website. These cookies help us to tailor the content of Website to reflect what users find most interesting and to identify when technical issues with the Website arises. We may also use this data to compile reports to help us to analyze how the Website is used, what the most common issues are and how we can improve the Website.
- Functional/tracking cookies. These cookies enable us to recognize repeat visitors to our Websites. By matching an anonymous, randomly generated identifier, a tracking cookie keeps track of where a user of our Websites came from, what search engine they may have used, what link they clicked on, what keyword they used and where they were in the world when they accessed the Website. By monitoring this data, we can make improvements to our Website.
- Targeting cookies. These cookies record your visit to our Website, the pages you have visited and the links you have followed. We will use this information to make our Website and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.
- Session cookies. These cookies are used 'in-session' each time you visit and then expire when you leave a Website or shortly thereafter: they are not stored on your Device permanently, do not contain any Personal Data and help by minimizing the need to transfer Personal Data across the internet. These cookies can be deleted or you can refuse to allow their use, but this will hamper the performance and your experience in using the Website. These cookies also take time stamps that record when you access the Website and when you leave the Website.
- Persistent Cookies. This type of cookie is saved on your Device for a fixed period (sometimes for a few hours, sometimes for a year or longer) and is not deleted when the browser is closed. Persistent cookies are used where we need to remember who you are for more than one browsing session. For example, this type of cookie can be used to store your language preferences, so that they are remembered for the next visit to the Website.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. If you would prefer not to accept cookies, most browsers will allow you to: (i) change your browser settings to notify you when you receive a cookie, which lets you choose whether or not to accept it; (ii) to disable existing cookies; or (iii) to set your browser to automatically reject any cookies. However, please be aware that if you disable or reject cookies, some features and services on our Websites may not work properly because we may not be able to recognize and associate you with your account(s). In addition, the Offerings we provide when you visit us may not be as relevant to you or tailored to your interests.
A "flash cookie" is a file similar to a cookie, except that they can store more complex data. Our use of Adobe Flash technology (including Flash Local Stored Objects ("Flash LSOs")) allows us to, among other things, serve you with more tailored information, facilitate your ongoing access to and use of the Website, and collect and store information about your use of the Website. If you do not want Flash LSOs stored on your computer, you can adjust the settings of your Flash player to block Flash LSO storage using the tools contained in the Adobe Flash Website Storage Settings Panel available on the Internet. You can also control Flash LSOs by going to the Adobe Flash Global Storage Settings Panel available on the Internet and following the instructions (which may include instructions that explain, for example, how to delete existing Flash LSOs (referred to as "information" on the Adobe site), how to prevent Flash LSOs from being placed on your computer without your being asked, and (for Flash Player 8 and later) how to block Flash LSOs that are not being delivered by the operator of the page you are on at the time). Please note that setting the Flash Player to restrict or limit acceptance of Flash LSOs may reduce or impede the functionality of some Flash applications, including, potentially, Flash applications used in connection with this Website or our online content.
A "web beacon" (also known as a clear pixel or pixel tag) includes an electronic image imbedded in the Website interface that allows us to recognize when you visit that area of the Website. These may also be used in connection with some Website pages and HTML-formatted e-mail messages to, among other things, track the actions of Website users and e-mail recipients, measure the success of our marketing campaigns, and compile statistics about Website usage and response rates.
5. Use of Information
Additional Usage Information. Ingram Micro may use Additional Usage Information in any way that it determines appropriate, except where we are required to do otherwise under applicable law (for example, if we are required to treat such information as Personal Data). This may include, by way of example, providing Additional Usage Information to authorized third parties, developing products, services or other Offerings based on such information, or conducting research and analysis using such information. In addition, we may use and disclose information that is not in personally identifiable form (such as anonymized, masked or de-identified information) for any purpose. If we combine information that is not in personally identifiable form with information that is (such as combining your name with your geographical location), we will treat the combined information as Personal Data as long as it is combined.
Personal Data. Ingram Micro may use your Personal Data for a variety of purposes (the "Purposes"), including, but not limited to:
- Provide users with Offerings that have been requested or purchased;
- Contact users directly (such as through email) or indirectly (such as through web based advertising) with marketing messages regarding Offerings offered by Ingram Micro and its Affiliates, contractors, and business partners;
- Understand user preferences in order to enhance users' experience with Ingram Micro and its Affiliates, contractors, and business partners;
- Research the effectiveness of the Website and the marketing, advertising and sales efforts of Ingram Micro, its Affiliates, contractors, and business partners;
- Collect account receivables owed by users to Ingram Micro;
- Process orders and payments made through the Website;
- Develop additional Offerings;
- Conduct research and analysis;
- Process job applications;
- Comply with legal obligations; and
- Manage our everyday business needs.
We may combine and enhance the Personal Data we collect about you with other information we receive from third parties. We may also combine and enhance Personal Data using Additional Usage Information. In each case, we will treat the combined information as Personal Data and use it in accordance with this Privacy Statement.
We may also use the Personal Data we collect about you through the Website to generate Additional Usage Information. When we do so, we will take reasonable measures to ensure that the Additional Usage Information is no longer personally identifiable and may not later be easily used to identify you except in the case of fraud checks or as otherwise required by applicable law. This will include, by way of example, storing the Additional Usage Information separately from any Personal Data. Once we generate Additional Usage Information from any Personal Data, we will not attempt to again make that information into Personal Data (i.e., to make it personally identifiable). However, we may combine and enhance that Additional Usage Information with other Additional Usage Information (including information we obtain third parties) and use the Additional Usage Information in accordance with this Privacy Statement.
6. Information Sharing
We may disclose your Personal Data as follows:
Third Party Vendors. Ingram Micro may share Personal Data about you with the third party vendors that make Offerings available through us. For example, we may share your Personal Data with a third party vendor if you purchase or access an Offering through us, or an Ingram Micro reseller or distributor.
Resellers and Distributors. Ingram Micro may share your Personal Data with the resellers and distributors that purchase Offerings available through the Website. For example, we may share your Personal Data if you purchase or access an Offering through a reseller or distributor.
Third Party Service Providers. Ingram Micro may provide your Personal Data to third parties that provide services to assist us with the Website and with achieving the Purposes. For example, these third parties may include providers of customer service, payment processing, email and messaging support, hosting, management, maintenance, information analysis, Offering fulfilment or delivery, or other services we may receive on an outsourced basis. We will endeavor to require that these third parties use your Personal Data only as necessary for such reasons and protect your Personal Data consistent with this Privacy Statement and applicable law.
Affiliates and Business Units. Ingram Micro may share your Personal Data with our Affiliates, regardless of whether these entities share the Ingram Micro brand. We may also share your Personal Data with other business units that also offer products or services under the Ingram Micro brand or one of our other brands. Our Affiliates and business units will use your Personal Data we share with them in a manner consistent with this Privacy Statement.
Other Users. Ingram Micro may share your Personal Data with other users when you elect to interact with those users (or request that we communicate with them on your behalf) through the Website. This may include facilitating communications with other users or enabling posting of Personal Data to areas of the Website accessible by other users. You should be aware that any Personal Data (or other information) you provide in these areas may be read, collected, and used by others who access them.
Law Enforcement and Safety. Ingram Micro may share your Personal Data with law enforcement or other governmental officials if it relates to a criminal investigation, alleged illegal activity, or regulatory enforcement. Ingram Micro may share your Personal Data as required or permitted by law, whether in response to subpoenas, court orders, other legal processes, or as we believe necessary to exercise or enforce our rights, including to defend against potential or actual legal claims brought against us. Ingram Micro may disclose your Personal Data if we believe that such action is necessary to protect or defend the rights, property, interests, or safety of Ingram Micro, any of our users, resellers or vendors, or any other third parties or to act under urgent circumstances to protect the safety of Ingram Micro or its employees or a member of the public.
Sale or Acquisition of Assets. If Ingram Micro transfers ownership or control of any portion of Ingram Micro or the Website to a third party, whether in the context of an acquisition, merger, reorganization, or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings), we may transfer your Personal Data to that third party, provided that the use of your Personal Data by that third party remains subject to applicable law.
7. Security of Personal Data
Ingram Micro uses commercially reasonable technical and organization controls and measures to secure and protect your Personal Data from unauthorized loss, misuse, and disclosure. Unfortunately, no data transmitted over or accessible through the Internet can be guaranteed to be 100% secure. As a result, while Ingram Micro attempts to protect all Personal Data, Ingram Micro cannot ensure or warrant that Personal Data will be completely secure from misappropriation by hackers or from other nefarious or criminal activities, or in the event of a failure of computer hardware, software, or a telecommunications network. Ingram Micro will notify you in the event we become aware of a security breach involving your personally identifiable information (as defined by the applicable foreign, federal, state, and local laws) stored by or for us. By disclosing your email address to us for any reason, you expressly consent to receive electronic notice from us in the event of such a security breach.
8. Access to Personal Data
If you contact Ingram Micro and request that Ingram Micro provide you with access to the Personal Data held about you or delete your Personal Data from Ingram Micro's system and records, subject to this Privacy Statement and applicable law, Ingram Micro will use commercially reasonable efforts to honor your request. Due to technical constraints and the fact that Ingram Micro backs up its systems, your Personal Data may continue to reside within Ingram Micro's systems after deletion for some period of time and you should not expect that your Personal Data will be completely removed from Ingram Micro's systems in response to any accepted request for deletion.
If your Personal Data changes, you may correct, update, or delete it through the Website or by contacting us as indicated in this Privacy Statement.
Ingram Micro reserves the right to decline requests to access or delete Personal Data if: (1) disclosure or deletion of the information requested is not required or permitted by applicable law; or (2) the request is, in the sole discretion of Ingram Micro, repetitious or vexatious.
If information will not or cannot be disclosed, the individual making the request will be provided with the reasons for non-disclosure.
To guard against fraudulent requests for access, Ingram Micro reserves the right to require sufficient information to allow it to confirm the identity of the party making the request before granting access or making corrections.
It is your responsibility to provide Ingram Micro with accurate Personal Data. Except as otherwise set forth in this Privacy Statement, Ingram Micro shall only use Personal Data in ways that are compatible with the purposes for which it was collected or subsequently authorized by you. To the extent necessary for these purposes, Ingram Micro shall take reasonable steps to ensure that Personal Data is accurate, complete, current and relevant to its intended use.
10. Retention Period
We retain your Personal Data for the period necessary to fulfill the purposes outlined in this Privacy Statement, unless a longer retention period is required or allowed by law or to otherwise fulfill a legal obligation.
11. Additional Provisions
Children. The Website is intended solely for use by individuals 18 years of age and older and thus is not directed to children under 13 years of age. Ingram Micro does not knowingly solicit or collect Personal Data from children under 13 years of age.
Do Not Track. Certain web browsers and other devices you may use to access the Website may permit you to indicate your preference that you do not wish to be "tracked" online. At this time, the Website does not respond to "Do Not Track" signals. We do not modify your experience on the Website, or modify the Personal Data we collect from you through the Website, based on whether such a preference is indicated.
Your European Union Privacy Rights. The controller for any Personal Data processed by us is the Ingram Micro Affiliate in the European Economic Area country or Switzerland collecting the Personal Data. If you have any questions about the Personal Data you have submitted to the respective Affiliate, please contact the relevant Affiliate. You have no direct access to the Persona Data stored in our servers. If you wish to modify or delete your Personal Data, or want to know what Personal Data is stored on your behalf, please contact us at: email@example.com. We will make all reasonable efforts to reply within 15 working days. All Personal Data received and stored by Ingram Micro are erased after 5 years, save for any Personal Data in documents and files we have to keep for a longer period under applicable laws. For example, we cannot erase Personal Data appearing on VAT invoices before we can delete the invoices from our systems.
Compliance with Local Laws. This Privacy Statement is meant to guide Ingram Micro with respect to Personal Data collected from or about you at this Website. While this Privacy Statement applies to Personal Data generally, the local laws, rules and regulations of jurisdictions that are applicable to Ingram Micro ("Local Laws") may require standards which are stricter than this Privacy Statement and, in such event, Ingram Micro will comply with applicable Local Laws. Specific privacy policies may be adopted to address the specific privacy requirements of particular jurisdictions.
Cross-Border Data Transfer. Your Personal Data may be stored and processed in any country where we have facilities or service providers, and by using our Website or by providing consent to us (where required by law), you agree to the transfer of Personal Data to countries outside of your country of residence, including to the United States, which may provide for different data protection rules than in your country.
Cross-Border Data Transfers from the EU. For Personal Data collected in the countries of the European Economic Area and Switzerland and transferred or accessed by Ingram Micro in any other jurisdiction, Ingram Micro uses approved Model Contractual Clauses for the international transfer of Personal Data. Ingram Micro has legal entities around the world in different jurisdictions, and each of these entities is responsible for the Personal Data it collects, controls, or processes under the laws of its respective country on behalf of Ingram Micro. By way of example, Personal Data collected from customers may reside on servers in the United States or other countries.
Sensitive Information. Unless we specifically request or invite it, we ask that you not send us, and you not disclose, any sensitive personal data (e.g., information related to racial or ethnic origin, political opinions, religion or other beliefs, health, criminal background or trade union membership) on or through this Website or otherwise to us. In those cases where we may request or invite you to provide sensitive personal data, we will do so with your express consent.
Compliance. Ingram Micro will use a self-assessment approach to verify compliance with this Privacy Statement and periodically verify that the Privacy Statement is accurate, comprehensive for the information intended to be covered, prominently displayed, implemented and accessible.
If you believe that your Personal Data has been processed or disclosed in violation of this Privacy Statement, Ingram Micro encourages you to raise any concerns using the contact information provided in this Privacy Statement. Ingram Micro will investigate and attempt to resolve any complaints and disputes regarding use and disclosure of Personal Data.
Revisions. Ingram Micro may from time to time revise this Privacy Statement in its sole and absolute discretion to reflect changes in our business practices. If we revise this Privacy Statement, we will notify you by posting the updated Privacy Statement on this Website. Changes to the Privacy Statement will become effective and will apply to the information collected starting on the date Ingram Micro posts the revised Privacy Statement on the Website. Your continued use of the Website after any change has become effective will constitute your acceptance of any change.
Questions. If you have any questions or concerns about this Privacy Statement, the privacy practices of Ingram Micro, our collection or use of your Personal Data, or you wish to access your Personal Data, please contact us at: firstname.lastname@example.org or https://corp.ingrammicro.com/Contact-Us.aspx. If we need or are required to contact you concerning any issue or event that involves this Privacy Statement, your Personal Data, or the Website, then we may do so using the email address, telephone number, or physical mailing address we have on file for you.