Privacy Statement

Ingram Micro Privacy Statement and Notice at Collection

 

General Principles for the Processing of Personal Data | Collection of Information | Cookies and Other Website Usage Information | Use of Personal Data | Personal Data Sharing | Your Choices | Your Privacy Rights | Additional California Privacy Disclosures | Other Important Privacy Information | International Data Transfers | Retention Period| Not for Children | Third-party Websites | Revisions and Updates | Additional Languages | Questions and Contact Information

 

Last updated December 27, 2022

Purpose and Scope

Ingram Micro is a distributor and reseller of IT products and services to other corporations and legal entities, headquartered in the United States but with Subsidiaries all around the world (a list of which is available upon request). Ingram Micro delivers global technology and supply chain services to support cloud aggregation, cybersecurity solutions, data center management, logistics, technology distribution, mobility device life-cycle, and training to our enterprise customers. For more information about Ingram Micro, please see the “About Us” section of our Website.

Ingram Micro provides enterprise customers with the ability to purchase or access a variety of product and service offerings made available by Ingram Micro and various third-party providers (“Offerings”) both directly from Ingram Micro and through resellers and distributors. EACH OFFERING MAY BE SUBJECT TO OFFERING-SPECIFIC PRIVACY POLICIES, WHICH MAY SUPERSEDE OR COMPLEMENT THE TERMS OF THIS PRIVACY STATEMENT. INGRAM MICRO ENCOURAGES YOU TO CAREFULLY READ THE PRIVACY POLICY OF ANY OFFERING BEFORE ACCESSING OR USING THAT OFFERING.

This Privacy Statement describes how we collect, use, store, and share your Personal Data, both offline and online, and your rights and choices in connection your Personal Data. If you are an employee, contractor, or job applicant, your Personal Data collected in those contexts will be subject to a separate privacy notice that we provide to you where and when appropriate. This Privacy Statement does not apply to any Personal Data we access or receive when acting as a data processor on behalf of our enterprise customers.

Although we encourage you to read this entire Privacy Statement, this is a summary of some of the more important aspects of the Privacy Statement:

  • Each Offering may include its own specific privacy policy. You should carefully read the privacy policy of any Offering before accessing or using that Offering.
  • We may collect both Personal Data and other information about you through a variety of sources, including Personal Data we have collected directly from you and your devices, whether online or offline. We may also combine it with information we receive about you from other sources, such as Subsidiaries, publicly available information sources (including information from your publicly available social media profiles), and other third parties.
  • We will not use or share your Personal Data except as described in this Privacy Statement.
  • The failure to provide us with your accurate and up-to-date Personal Data may interfere with our ability to conduct business with you, such as purchasing Offerings or process your transactions.
  • Where applicable, we honor opt out instructions from you for certain uses of your Personal Data under this Privacy Statement, such as, for example, when you opt out of receiving marketing email communications from us or request us to delete your Personal Data.
  • We use technical and organizational controls designed to secure and protect your Personal Data, but we cannot ensure or warrant that your Personal Data will be completely secure from misappropriation by hackers or from other nefarious or criminal activities.

1. General Principles for the Processing of Personal Data

Personal Data will be collected, stored, processed and transmitted in accordance with Ingram Micro’s established policies and applicable federal, state, local and international laws, rules and regulations.

The principles of Ingram Micro with respect to the processing of Personal Data are as follows: (1) Personal Data will be processed fairly and lawfully, (2) Personal Data will be collected for specified, explicit, and legitimate purposes and not further processed for incompatible purposes, (3) Personal Data collected by Ingram Micro will be adequate, relevant, and not excessive in relation to the purposes for which it is collected, (4) Personal Data collected by Ingram Micro will be accurate and, where necessary, kept up to date to the best of our ability, (5) Personal Data will be protected against unauthorized access and processing using appropriate technical and organizational security measures and controls; and (6) Personal Data collected by Ingram Micro will be retained as identifiable data for no longer than necessary to serve the purposes for which the Personal Data was collected.

If Ingram Micro engages in the processing of Personal Data for purposes other than those specified in this Privacy Statement, Ingram Micro will provide a notice of these changes, the purposes for which the Personal Data will be used, and the recipients of Personal Data.

2. Collection of Personal Data

Ingram Micro may collect Personal Data about you from a variety of sources, including, directly from you, from other users, from resellers and distributors, from our vendors, from our service providers, from third-party information providers, from our customers, from our Subsidiaries, and through the operation of the Website.

“Personal Data” collected by or on behalf of Ingram Micro includes, depending on the nature of your interactions with us:

  • “Identity Data” such as first name, last name, username or similar identifier, title, company name, and government issued identification number.
  • “Contact Data” such as billing address, shipping address, email address and telephone numbers.
  • “Financial Data” such as bank account, payment card details and credit history.
  • “Transaction Data” such as details about payments to and from you and other details of products and services you have purchased from us.
  • “Technical Data” such as internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our websites.
  • “Profile Data” such as your username and password to access the Website, account number, purchases or orders made by you, your interests, preferences, feedback and survey responses.
  • “Usage Data” such as information about how you use our Website, products and services, as well as information about what you type into web chats and form fields on our Website, as well as your keystrokes and mouse movements on our Website.
  • “Preference Data” such as your preferences in receiving marketing from us and our third parties, and your communication preferences.
  • “Professional Data” such as your company affiliation, job title, office location, and professional contact information if you interact with us on behalf of a business customer or vendor.
  • “Sensitive Personal Data” such as government issued identification number, username and password to access an Ingram Micro account, bank account information, payment card details. This information may be subject to additional protections and privacy rights, as described below.
  • Other information that we collect with your consent from time to time.

Ingram Micro collects Personal Data as follows and from the following categories of sources:

  • Information You Provide Voluntarily. We may collect Personal Data directly from you when you voluntarily provide it to us. For example, when you communicate with us over the telephone or through the Website by way of email, online chat, web form, or online account registration to obtain access to Offerings, register for an event or training, visit us at an event or trade show, sign up for marketing, promotional, or informational emails or communications, purchase an Offering, ask questions, attempt to resolve any issues related to the Website or Offerings, or submit feedback and comments.

    The Personal Data that you are asked to provide, and the reasons why you are asked to provide it, will be made clear to you at the point we ask you to provide your Personal Data.

  • Information that We Collect Automatically. When you visit our Website or interact with our online ads, content, or emails that we send to you, we collect certain information automatically from your Device.

    Specifically, the information we collect automatically may include information like your IP address, device type, unique device identification numbers, browser-type, your Media Access Control (MAC) Address, broad geographic location (e.g. country or city-level location) and other technical information. We may also collect information about how your Device has interacted with our Website, including the pages accessed and links clicked, whether you click on our ads or other digital content, and whether you open and click through our emails.

    Collecting this information enables us to better understand the visitors who come to our Website, where they come from, and what content on our Website, advertisements, and emails is of interest to them. We use this information for our internal analytics purposes and to improve the quality and relevance of our Website, digital content, and emails for our visitors.

    Some of this information may be collected using cookies and similar tracking technology, as explained further under the heading “Cookies and Other Website Usage Information” below.

    We, or our vendors acting on our behalf, also collect information using “session replay technology” that automatically logs your keystrokes, mouse movements, text entered into forms, and text entered into chat boxes on our Website, for example.

  • From Other Users. We may receive Personal Data about you from other users of the Website when they provide information to us. For example, we may receive information when they communicate with you or with us through the Website.

  • From Resellers and Distributors. We may obtain Personal Data about you from the resellers and distributors that purchase Offerings available from us and provide such Offerings to you.

  • From Our Vendors. We may obtain Personal Data about you from the third-party vendors that make Offerings available through us.

  • From Our Service Providers. We may obtain Personal Data about you from the service providers that help us operate our business. For example, service providers that host or maintain our Website or send promotional emails for us may give us Personal Data. Payment processing providers may collect your payment information. Our marketing agencies, advertising technology vendors, analytics providers, and other service providers may also provide us with Personal Data about you.

  • From Customers. We may obtain Personal Data about you from third-party customers that contract with us for services. For example, we may provide fulfillment services on behalf of other companies where we will pick, pack, and ship a physical product to you. In this scenario we will receive your name, mailing address, and order information, and will only process your Personal Data to facilitate the services on behalf of the customer.

  • From Data Providers. Ingram Micro may also obtain or license Personal Data from third parties that maintain information about you and that have the right to provide that Personal Data to us. For example, if you register for the Website using a third-party service or through a third-party website or service, the information you provide to that third-party will be provided to us to establish your account on the Website. We may also contract with companies that are in the business of providing information to businesses such as ours to verify certain information about you or obtain information.

  • From Publicly Available Sources. We may also obtain Personal Data from publicly-available sources such as open government databases or other data in the public domain.

  • From Affiliates and Subsidiaries. We may obtain Personal Data from our Affiliates and Subsidiaries.

3. Cookies and Other Website Usage Information

The Website, our digital content, and our emails may also monitor and collect information about how you access, use, and interact with them automatically through “cookies,” “web beacons,” and other automated tracking technology.

A “cookie” is a small text file that is stored on a user’s Device. Cookies allow us to collect information such as browser type, time spent on the Website, pages visited, and language preferences. We and our service providers use the information for security purposes, to facilitate navigation, display information more effectively, and to personalize your experience while using the Website.

Generally, the cookies that are used on the Website can be broken down into the following categories:

  • Strictly necessary cookies. These are cookies that are required for the operation of our Website. They include, for example, cookies that enable you to log into secure areas of our Website or use a shopping cart.
  • Analytical/performance cookies. These cookies are used to analyze how the Website is used and to monitor its performance, which allows us to improve your experience in using the Website. These cookies help us to tailor the content of Website to reflect what users find most interesting and to identify when technical issues with the Website arises. We may also use this data to compile reports to help us to analyze how the Website is used, what the most common issues are and how we can improve the Website.
  • Functional/tracking cookies. These cookies enable us to recognize repeat visitors to our Websites. By matching an anonymous, randomly generated identifier, a tracking cookie keeps track of where a user of our Websites came from, what search engine they may have used, what link they clicked on, what keyword they used and where they were in the world when they accessed the Website. By monitoring this data, we can make improvements to our Website.
  • Targeting cookies. These cookies record your visit to our Website, the pages you have visited and the links you have followed. We will use this information to make our Website and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.

The above cookies can be either session cookies or persistent cookies:

  • Session cookies. These cookies are used 'in-session' each time you visit and then expire when you leave a Website or shortly thereafter: they are not stored on your Device permanently, do not contain any Personal Data, and help by minimizing the need to transfer Personal Data across the internet. These cookies can be deleted, or you can refuse to allow their use, but this will hamper the performance and your experience in using the Website. These cookies also take time stamps that record when you access the Website and when you leave the Website.
  • Persistent Cookies. This type of cookie is saved on your Device for a fixed period (sometimes for a few hours, sometimes for a year or longer) and is not deleted when the browser is closed. Persistent cookies are used where we need to remember who you are for more than one browsing session. For example, this type of cookie can be used to store your language preferences, so that they are remembered for the next visit to the Website.

To learn how to change your cookie settings, please see the “Your Privacy Rights” section below.

A “web beacon” (also known as a clear pixel or pixel tag) includes an electronic image embedded in the Website interface that allows us to recognize when you visit that area of the Website. These may also be used in connection with some Website pages and HTML-formatted email messages to, among other things, track the actions of Website users and e-mail recipients, measure the success of our marketing campaigns, and compile statistics about Website usage and email response rates.

Our Website also allows you to intentionally interact with one or more third parties when you choose to affirmatively click their “widgets” on our Website (usually depicted by a third-party platform’s logo in the bottom or top corner of the Website). If you click on and activate a company’s widget, that company will automatically collect information about your activities on the Site.

4. Use of Personal Data

Ingram Micro uses Personal Data we collect to operate our business and provide you with Offerings, which includes using this data to improve our Offerings and personalize your experiences. We also may use the data to communicate with you, for example, informing you about your account and product information.

Depending on the nature of your interactions with us, Ingram Micro may use your Personal Data, including Sensitive Personal Data, for a variety of purposes (the “Purposes”), including to:

  • Register you as a new customer;
  • Provide, maintain, and improve the Website and our Offerings, including to operate certain features and functionality of the Website;
  • Understand user preferences to enhance users’ experience with Ingram Micro and its Subsidiaries, contractors, and business partners;
  • Research and analyze the effectiveness of the Website and the marketing, advertising and sales efforts of Ingram Micro, its Subsidiaries, contractors, and business partners including through the use of automated systems that analyze data using machine learning and other analytic techniques;
  • Collect account receivables owed by customers of Ingram Micro;
  • Process orders, deliveries and payments made through the Website;
  • Develop additional Offerings;
  • Comply with a legal obligation or respond to lawful requests by public authorities (including national security or law enforcement requirements);
  • Manage our everyday business needs;
  • Enforce compliance with our Terms of Use and applicable law;
  • Prosecute and/or defend a court, arbitration or similar legal proceedings;
  • For security and safety purposes, such as protecting the Website and our company against cyber threats, protecting our rights and the rights of our customers, and detecting, investigating, and preventing fraud or other illegal activities;
  • Communicate directly with you by sending you newsletters, surveys, promotions and special offers or information about new products and services on an ongoing basis in accordance with your marketing preferences. You can unsubscribe from our marketing communications at any time by clicking “Unsubscribe” at the bottom of the email or by contacting us using the “Questions and Contact Information” details below.
  • Communicate directly with you by phone to respond to customer service inquiries or comments through the Website, social media or otherwise, to discuss issues relating to your account or the Website, and to provide customer support.
  • Deliver advertising to you, including to help advertisers and publishers serve and manage ads on the Website or on third-party sites, and to tailor ads based on your interests and browsing histories. Please see the section on Cookies and Other Website Usage Information for additional information related to such advertising and your related controls;
  • Monitor and record your call, emails and text messages, social media messages, chat box and other communications (as permitted by local law) in relation to your dealings with us;
  • Verify your identity before responding to privacy requests you make regarding your Personal Data;
  • Comply with our contractual or legal obligations to share data with credit reference agencies, fraud prevention agencies and law enforcement agencies;
  • Compile aggregated statistics about the operation and use of our Website and to better understand the preferences of the visitors of our Website; and
  • Other Purposes: To carry out other legitimate business purposes, as well as other lawful purposes about which we will notify you.

We may combine and enhance the Personal Data we collect about you with other information we receive from third parties.

We may also use the Personal Data we collect about you through the Website to generate anonymized, aggregated data. When we do so, we ensure that the anonymized, aggregated data is no longer personally identifiable and may not later be used to identify you. This will include, by way of example, storing the anonymized, aggregated data separately from any Personal Data.

Change of Purpose. We will only use your Personal Data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.

If we need to use your Personal Data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

Please note that we may process your Personal Data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

Credit Reference Checks, Fraud Prevention, and Denied Parties. The Personal Data that we have collected from you when setting up an account may be shared with credit reference, fraud prevention, and denied party agencies who use it to prevent fraud and money laundering and to verify your identity.

We may access and use information from credit reference and denied party agencies when you open your account and periodically to:

  • manage and take decisions about your account, including assessing your creditworthiness;
  • prevent criminal activity, fraud and money laundering;
  • check your identity and verify the accuracy of the information you provide to us; and
  • trace debtors and recover debts.

Application decisions may be taken based solely on automated checks of information from credit reference agencies and internal records.

We will continue to share information with credit reference agencies about how you manage your account including any default in making payments, while you have a relationship with us. This information will be made available to other organizations so that they can take decisions about you.

If false or inaccurate information is provided and/or fraud is identified or suspected, details will be passed to fraud prevention agencies, law enforcement agencies and other organizations that may access and use this information.

If we, or a fraud prevention agency, determine that you pose a fraud or money laundering risk, we may refuse to provide services to you.

A record of any fraud or money laundering risk will be retained by the fraud prevention agencies and may result in others refusing to provide services or financing to you. Fraud prevention agencies can hold your information for different periods of time.

When credit reference, fraud prevention, and denied party agencies process your information, they do so on the basis that they have a legitimate interest in preventing fraud and money laundering, and to verify identity, in order to protect their business and to comply with laws that apply to them.

5. Information Sharing

We share your Personal Data with your consent or as necessary to complete any transaction or provide any Offering you have requested or authorized. We also share Personal Data with third-party vendors, resellers and distributors, third-party service providers, Subsidiaries and business units, when required by law or to respond to legal process, to protect our customers, to protect lives, to maintain the security of our Offerings, and to protect the rights or property of Ingram Micro.

Depending on the nature of your interactions with us, we may disclose your Personal Data, including Sensitive Personal Data, as follows:

With Vendors. Ingram Micro may share Personal Data about you with the third-party vendors that make Offerings available through us. For example, we may share your Personal Data with a third-party vendor if you purchase or access an Offering through us, or an Ingram Micro reseller or distributor, and that vendor requires verification of an Offering purchase in order to register that Offering. We may also share your Personal Data with a third-party vendor if that vendor co-sponsors a marketing activity with us to verify your participation in the marketing activity.

With Resellers and Distributors. Ingram Micro may share your Personal Data with the resellers and distributors that purchase Offerings available through the Website. For example, we may share your Personal Data if you purchase or access an Offering through a reseller or distributor, and that reseller or distributor leveraged our reseller tools and services.

With Service Providers. Ingram Micro may provide your Personal Data to vendors that provide services to assist us with running our business, operating the Website, and achieving the Purposes. For example, these service providers may include providers of customer service, payment processing, email and messaging support, hosting, management, maintenance, information analysis, offering fulfillment or delivery, or other services we may receive on an outsourced basis. A list of third-party service providers is available upon request.

With Subsidiaries and Business Units. Ingram Micro may share your Personal Data with our Subsidiaries and other business units. Our Subsidiaries and business units will use your Personal Data we share with them in a manner consistent with this Privacy Statement.

With Other Users. Ingram Micro may share your Personal Data with other users when you elect to interact with those users (or request that we communicate with them on your behalf) through the Website. This may include facilitating communications with other users or enabling posting of Personal Data to areas of the Website accessible by other users. You should be aware that any Personal Data (or other information) you provide in these areas may be read, collected, and used by others who access them.

With Law Enforcement and Safety. Ingram Micro may share your Personal Data with any competent law enforcement, regulatory, government agency, court, other governmental officials, or other third-party where we believe disclosure is necessary (i) as a matter of applicable law or regulation, (ii) to exercise, establish or defend our legal rights, or (iii) to protect your vital interests or those of any other person.

Sale or Acquisition of Assets. If Ingram Micro transfers ownership or control of any portion of Ingram Micro or the Website to an actual or potential buyer, whether in the context of an acquisition, merger, reorganization, or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings), we may transfer your Personal Data to that actual or potential buyer, provided that the use of your Personal Data by that third-party remains subject to applicable law.

With Advertisers and Advertising Companies. Ingram Micro may share your Personal Data with advertisers, advertising networks, advertising servers, and analytics companies or other third parties in connection with our and their marketing, promotional, and other offers, as well as product information.

With Others. We may share your Personal Data with any other person with your consent to the disclosure.

We may also share aggregated, anonymized data with third parties for other purposes. Such information does not identify you individually, but may include usage, viewing and technical information we collected through your use of our Website. If we are required under applicable law to treat such information as Personal Data, then we will only disclose it as described above.

6. Your Choices Regarding your Personal Data

Cookies. You can choose to accept or decline cookies. Many of our Websites include cookie banners that allow you to proactively choose the types of cookies you prefer. Additionally, most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. If you would prefer not to accept cookies, most browsers will allow you to: (i) change your browser settings to notify you when you receive a cookie, which lets you choose whether or not to accept it; (ii) disable existing cookies; or (iii) set your browser to automatically reject any cookies. However, please be aware that if you disable or reject cookies, some features and services on our Websites may not work properly because we may not be able to recognize and associate you with your account(s). In addition, the Offerings we provide when you visit us may not be as relevant to you or tailored to your interests.

Interest-Based Advertising. When you visit the Website, we and third-party cookie providers may place cookies and similar tracking technologies on your Device to collect information about your web-browsing activities over time and across different websites, for the purpose of serving you ads or other content personalized to your interests. You can opt out of being tracked online for interest-based advertising purposes by going to https://optout.aboutads.info or https://optout.networkadvertising.org, or by disabling advertising cookies by clicking the “Do Not Sell or Share my Personal Information” link in the footer of this webpage. Choices you make are device-specific and browser-specific. If you use different browsers on your computer, or multiple Devices, you will need to opt out of interest-based advertising from each browser on each of the Devices that you use.

Marketing Communications. You have the right to opt-out of marketing communications we send you at any time. You can exercise this right by clicking on the “unsubscribe” or “opt-out” link in the marketing emails we send you. To opt-out of other forms of marketing (such as postal marketing or telemarketing), then please contact us using the contact details provided under the “Questions and Contact information” heading below or access our preference center.

Do Not Track. Certain web browsers and other devices you may use to access the Website may permit you to indicate your preference that you do not wish to be “tracked” online. At this time, the Website does not respond to “Do Not Track” signals. We do not modify your experience on the Website or modify the Personal Data we collect from you through the Website, based on whether such a preference is indicated.

Preference Center. Many of our Subsidiaries utilize a preference center that allow you to opt out or opt down to receiving messages and communications from us. You can select or unselect your communication preferences at any time through the web form provided by that Affiliate.

7. Your Privacy Rights

Further below in this Section 7, we describe the privacy rights that may be available to you based on where you are located. We will respond to requests we receive from individuals wishing to exercise their privacy rights in accordance with applicable privacy laws. We may deny certain requests, or fulfill a request only in part, based on our legal rights and obligations. As noted earlier, if you are an employee, contractor, or job applicant, your rights with respect to your Personal Data collected in those contexts will be described in a separate privacy notice that we provide to you where and when appropriate.

You will not to be discriminated against for exercising your privacy rights. We will not deny you any products or services, nor charge you different prices, in retaliation for exercising your privacy rights.

Eligible individuals can request to exercise the below-described privacy rights by any of the following methods:

We will take reasonable steps to verify your identity prior to responding to your requests. The verification steps will vary depending on the sensitivity of the Personal Data and whether you have an account with us.

You may designate an authorized agent to make a request on your behalf. When submitting the request, please ensure the authorized agent identifies himself/herself/itself as an authorized agent.

United States Privacy Rights

Where provided for by the applicable privacy laws in your state, United States residents may be entitled to exercise some or all of the following privacy rights:

  • Access / Right to Know: You may have the right to confirm whether we process Personal Data about you and to request that we disclose to you the following: (i) the categories of Personal Data that we have collected about you (including Sensitive Personal Data); (ii) the categories of sources from which we have collected Personal Data about you; (iii) the business or commercial purpose for collecting or selling your Personal Data; (iv) the categories of Personal Data that we have sold about you and the categories of outside parties to whom the Personal Data was sold; (v) the categories of Personal Data that we have disclosed about you for our business purposes and the categories of service providers to whom the Personal Data was disclosed; (vi) a portable copy of the specific pieces of Personal Data that we have collected about you; and (vii) information about the logic involved in any automated decision-making processes used by us (if applicable), as well as a description of the likely outcome of the process with respect to you.
  • Correct or update your Personal Data: You may have the right to request that we correct, update, or modify the Personal Data we maintain about you.
  • Delete your Personal Data: You may have the right to request that we delete the copies of your Personal Data that we maintain, subject to certain exceptions and limitations.
  • Do Not Sell My Personal Data or Share my Personal Data for Behavioral Advertising: You may have the right to opt-out of the sale of your Personal Data and the sharing of your Personal Data for cross-context behavioral advertising by clicking the “Do Not Sell or Share My Personal Information” link in the footer of this webpage. If you would like to opt out of cookie-based tracking for advertising purposes (which could be a “sale” or “sharing” under applicable law), you will need to update your cookie preferences on this webpage or through the “Do Not Sell or Share My Personal Information” link in the footer of this page.
  • Opt-out of automated decision-making: You may have the right to request to opt-out of any profiling or automated decision-making, to the extent we engage in those processing activities and subject to any limitations under applicable privacy laws.
  • Limit the use of my Sensitive Personal Data: In relation to the Sensitive Personal Data identified in Section 2 above, you may be able to request that we limit our use and sharing of such data to those purposes specified under applicable privacy laws.

European Economic Area (EEA) / United Kingdom (UK) and Switzerland Privacy Rights

If you are a visitor from the European Economic Area, Switzerland or United Kingdom, please read this section for information about your data protection rights, the identity of the controller of your Personal Data, and our lawful basis for processing your Personal Data.

Data subjects in the EEA, Switzerland and UK can make the following requests regarding their Personal Data:

  • Access and portability of your Personal Data: You have the right to obtain access to your Personal Data (if we are processing it). You can obtain a portable copy of your Personal Data.
  • Rectification of your Personal Data: You can request that we correct, update, or modify the Personal Data we maintain about you.
  • Erasure of your Personal Data: You can request that we erase the copies of your Personal Data that we maintain, subject to certain exceptions and limitations.
  • Object to processing: You can object to the processing of your Personal Data where we carry out such processing on the grounds of our legitimate interests.
  • Restrict processing: You can ask us to restrict processing of your Personal Data or block the further use of your Personal Data. When processing is restricted, we can still store your Personal Data.
  • Refuse or withdraw consent: If we have collected and processed your Personal Data with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your Personal Data conducted in reliance on lawful processing grounds other than consent.
  • Complaints: You have the right to complain to a data protection authority about our collection and use of your Personal Data, including if you are not satisfied with our response to your privacy requests. For more information, please contact your local data protection authority. (Contact details for data protection authorities in the European Economic Area and the UK are available here.)

Identity of the Controller for purposes of European data protection law. The controller for any Personal Data processed by us is the Ingram Micro Affiliate in the European Economic Area country, UK or Switzerland collecting the Personal Data. If you have any questions about the Personal Data you have submitted to the respective Affiliate, please contact the relevant Affiliate.

Legal Basis for Processing Personal Data (EEA, Switzerland and UK Visitors). Our legal basis for collecting and using the Personal Data described above will depend on the Personal Data concerned and the specific context in which we collect it. However, we will normally collect Personal Data from you only (i) where we need the Personal Data to perform a contract with you (such as to fulfill your purchase of an Offering), (ii) where the processing is in our legitimate interests and not overridden by your rights, or (iii) where we have your consent to do so. In some cases, we may also have a legal obligation to collect Personal Data from you or may otherwise need the Personal Data to protect your vital interests or those of another person.

If we ask you to provide Personal Data to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your Personal Data is mandatory or not (as well as of the possible consequences if you do not provide your Personal Data).

If we collect and use your Personal Data in reliance on our legitimate interests (or those of any third-party), this interest will normally be to operate our platform and communicating with you as necessary to provide our services and Offerings to you, and for our legitimate commercial interest, for instance, when responding to your queries, improving our platform, undertaking marketing, or for the purposes of detecting or preventing illegal activities. We may have other legitimate interests, and if appropriate, we will make clear to you at the relevant time what those legitimate interests are.

If we collect and use your Personal Data based upon your consent, the consequences of denying or withdrawing consent will be made known at the time your consent is provided.

If you have questions about or need further information concerning the legal basis on which we collect and use your Personal Data, please contact us using the contact details provided under the “Questions and Contact Information” heading below.

Other Jurisdiction Privacy Rights

Depending on where you reside or access the Website or our services from, you may have certain privacy rights available to you, similar to the United States and EEA, Switzerland and UK rights described in Section 7 above (such as access/portability of a copy of your Personal Data, correction of your Personal Data, deletion of your Personal Data, objection to processing of your Personal Data, restriction of processing of your Personal Data, withdrawing consent to processing of your Personal Data, limiting the use and sharing of your Sensitive Personal Data, opting out of automated decision-making, and/or opting out the sale or sharing of your Personal Data for cross-context behavioral advertising).

You may submit a request by completing our online webform, sending an email to privacy@ingrammicro.com or calling 1-888-914-9661 and entering PIN 374445. We will respond in accordance with applicable data protection law.

8. Additional California Privacy Disclosures

For purposes of California privacy law, California residents should note the following:

  • We collect and use the following categories of personal information for the business and commercial purposes described in this Privacy Policy: identifiers and personal information categories listed in Cal. Civ. Code § 1798.80(e) (such as your name, contact information, government identification numbers, and IP address); commercial information (such as details of the Offerings and services you purchase, your marketing preferences, and your survey responses); internet or other electronic network activity information (such as your interactions with our Website); geolocation data (but not precise geolocation); professional information (such as your company affiliation and job title); sensitive personal information (namely, your payment card details, Ingram Micro account login details, and government identification numbers); and inferences. See Section 2 above for more details.
  • We use the above-described categories of personal information for our compliance, business and commercial purposes described in Section 4 above.
  • We collect these categories of personal information from the following categories of sources, as more fully described in Section 2 above: directly from you; automatically from your Devices; from other users of the Website, from resellers and distributors that resell our Offerings, from vendors that make Offerings available through us, from our service providers who help us run our business, from third-party customers that contract with us for services, from data providers and data licensors, from publicly available sources, and from our Affiliates and Subsidiaries.
  • We disclose each of the foregoing categories of personal information to our Affiliates and Subsidiaries, to our service providers who help us run our business, to advertisers who advertise on our Platform, to advertising networks, to resellers and distributors of the Offerings, to data analytics providers, to other Website visitors (at your direction), with entities for legal compliance purposes, and with potential acquirers of parts of our business. See Section 5 above for more details.
  • We may “sell” or “share” some of the following categories of personal information: identifiers; personal information categories listed in Cal. Civ. Code § 1798.80(e); commercial information; Internet or other electronic network activity; and geolocation data. We sell and share this personal information with advertisers, advertising networks, social networks, other business partners and Affiliates and Subsidiaries. We do not knowingly sell or share the personal information of individuals under 16 years of age.
  • We do not use or disclose sensitive personal information for purposes other than those specified under applicable California privacy regulations.
  • See Section 11 for information about how long we retain Personal Data.

California’s “Shine the Light” law also provides that California residents have a right to request that businesses tell them how their personal information has been shared with third parties for their direct marketing purposes. There is an exception to this requirement for businesses that have adopted and disclosed, in their privacy policy, a policy of not disclosing a person’s personal information to third parties for direct marketing purposes if that person has exercised an option to opt-out of the disclosure of their Personal Data to third parties for such purposes. We have adopted a policy of allowing you to opt-out of the disclosure of your personal information to third parties for direct marketing purposes and thus fall within this exception. To opt-out of the sharing of your personal information to third parties for direct marketing purposes or otherwise exercise your rights under this section, please contact us using the contact details provided under the “Questions and Contact information” heading below.

9. Other Important Privacy Information

Security of Personal Data. Ingram Micro uses technical and organization controls and measures designed to secure and protect your Personal Data from unauthorized loss, misuse, and disclosure, such as strong user access controls, segmented network architecture, and comprehensive employee policies and training. Unfortunately, no data transmitted over or accessible through the Internet can be guaranteed to be 100% secure. As a result, while Ingram Micro attempts to protect all Personal Data, Ingram Micro cannot ensure or warrant that Personal Data will be completely secure from misappropriation by hackers or from other nefarious or criminal activities, or in the event of a failure of computer hardware, software, or a telecommunications network. Ingram Micro will notify you in the event we become aware of a security breach involving your personally identifiable information (as defined by the applicable foreign, federal, state, and local laws) stored by or for us, in accordance with applicable laws.

Compliance. Ingram Micro will use a self-assessment approach to verify compliance with this Privacy Statement and periodically verify that the Privacy Statement is accurate, comprehensive for the information intended to be covered, prominently displayed, implemented and accessible. If you believe that your Personal Data has been processed or disclosed in violation of this Privacy Statement, Ingram Micro encourages you to raise any concerns using the contact information provided in this Privacy Statement under the “Questions and Contact information” heading below. Ingram Micro will investigate and attempt to resolve any complaints and disputes regarding use and disclosure of Personal Data.

Accuracy. It is your responsibility to provide Ingram Micro with accurate Personal Data. Except as otherwise set forth in this Privacy Statement, Ingram Micro shall only use Personal Data in ways that are compatible with the purposes for which it was collected or subsequently authorized by you. To the extent necessary for these purposes, Ingram Micro shall take reasonable steps to ensure that Personal Data is accurate, complete, current and relevant to its intended use.

10. International Data Transfers

Your Personal Data may be transferred to, and processed in, countries other than the country in which you are resident. These countries may have data protection laws that are different to the laws of your country.

Specifically, our primary Website servers are in the United States, and our Subsidiaries and third-party service providers and partners operate around the world. This means that when we collect your Personal Data we may process it in any of these countries. However, we have taken appropriate safeguards to require that your Personal Data will remain protected in accordance with this Privacy Statement. For Personal Data collected in the countries of the European Economic Area and/or the UK and transferred or accessed by Ingram Micro in the United States, Ingram Micro, Inc. has executed the European Commission’s Standard Contractual Clauses and their UK and Swiss equivalents in addition to appropriate technical and organization controls.

For additional transfers of Personal Data between our Subsidiaries outside the EEA and/or the UK and the United States we have implemented the European Commission’s Standard Contractual Clauses and their UK and Swiss equivalents in addition to appropriate technical and organization controls, which require us to protect Personal Data they process from the EEA or the UK in accordance with European Union and UK data protection law as applicable. We have implemented similar appropriate safeguards with our third-party service providers and partners .

11. Retention Period

We retain each of the categories of Personal Data (including Sensitive Personal Data) for as long as we have an ongoing legitimate business need to do so (for example, to provide you with an Offering you have requested or to comply with applicable legal, tax or accounting requirements). The criteria we use to determine whether we have an ongoing legitimate business need to retain Personal Data include among others: (i) regulatory requirements that we are subject to, including laws and regulations related to tax, employment, accounting, and securities, (ii) whether a legal claim might be brought against us, for which the Personal Data would be relevant, (iii) the necessity of the Personal Data to provide our services to our customers, and (iv) the types and sensitivity of Personal Data being processed.

When we have no ongoing legitimate business need to process your Personal Data, we will either delete or anonymize it or, if this is not possible (for example, because your Personal Data has been stored in backup archives), then we will securely store your Personal Data and isolate it from any further processing until deletion is possible.

If you are a resident of the European Union or the UK, all the Personal Data related to you and received and stored by Ingram Micro are erased after 5 years, save for any Personal Data in documents and files we must keep for a longer period under applicable laws. For example, we cannot erase personal data appearing on VAT invoices before we can delete the invoices from our systems.

12. Not for Children

The Website is intended solely for use by individuals 18 years of age and older and thus is not directed to children under 18 years of age. Ingram Micro does not knowingly solicit or collect Personal Data from children under 18 years of age.

13. Third-party Websites

In addition to providing access to Offerings, the Website may include links to other websites and web services. This Privacy Statement does not apply to those websites and services and the privacy practices of those websites and services may differ from those described in this Privacy Statement. If you submit Personal Data to any of those other websites or services, your Personal Data is governed by the privacy policies applicable to those websites and services. Ingram Micro encourages you to carefully read the privacy policy of any website or web service you visit.

14. Revisions and Updates to this Privacy Statement

Ingram Micro may from time to time revise this Privacy Statement in its sole and absolute discretion to reflect changes in our business practices or new disclosure requirements under applicable privacy laws. If we revise this Privacy Statement, we will notify you by posting the updated Privacy Statement on this Website and/or by sending you a notification by email, as required by applicable privacy laws. Changes to the Privacy Statement will become effective and will apply to the information collected starting on the date Ingram Micro posts the revised Privacy Statement on the Website. If we are required by applicable data protection laws to seek your consent to any changes in use of your Personal Data described in our updated Privacy Statement, then we will do that.

15. Additional Languages

This Privacy Statement is available in additional languages. To see all the additional languages, please see the full list available below.

Arabic

Bulgarian

Chinese

Croatian

Czech

Danish

Dutch

English

Finnish

French

German

Hebrew

Hungarian

Italian

Malay

Norwegian

Polish

Portuguese

Romanian

Russian

Serbian

Slovakian

Slovenian

Spanish

Swedish

Thai

Turkish

16. Questions and Contact Information

If you have any questions or concerns about this Privacy Statement, the privacy practices of Ingram Micro, our collection or use of your Personal Data, or you wish to exercise privacy rights with respect to your Personal Data, please contact us at privacy@ingrammicro.com. You can also make a request about your Personal Data by calling 1-888-914-9661 and entering PIN 374445.

Our Data Protection Officer can be contacted at ronald.sarian@ingrammicro.com.