Effective date: April 15, 2019
Vertiv is a corporation established in the State of Delaware in the United States. As the controller of personal data, Vertiv shall, together with various Vertiv group companies that may collect your personal information, serve as joint data managers with respect to managing your data and fulfilling your requests.
Our personal information security principles:
Reasonable necessity: We process only the minimum categories and volume of personal information required to fulfill the purposes for which you provided consent and authorization. After the agreed-upon purpose is achieved, we will delete personal information or anonymize information as agreed.
- Security and reliability: We will take sufficiently effective measures and technical means to ensure the confidentiality, integrity, and usability of personal information.
- Clarity and transparency: We process your personal information in a clear, easily understood, and reasonable manner, and we are subject to the external supervision of the Cyberspace Administration of China, Public Security Bureau, State or Local Administration for Market Regulation, and other public bodies.
- Independent choice: We provide you with information management options so that you can make appropriate choices to manage your personal information.
Collection of information
When collecting your information, we will obey the lawfulness principle, meaning that we collect lawful information through lawful means. At the same time, we also obey the minimization principle, meaning that we collect only the minimum personal information required. We may collect your personal information in the following scenarios should you choose to provide it:
- Employee management: Based on employee management needs, we will obtain your personal identity information (including name, sex, age, and identity card number), contact information (including cell phone number, emergency contact, personal email, and home address), personal account information (including bank card account number), and health and biological information (including medical records submitted when requesting time off) when you go through recruiting, join our employment, leave our employment, request time off, undergo medical check-ups, attend training, complete procedures for entering and exiting the country, and apply for housing subsidies and employee apartments.
- Supplier management: In the supplier management and bidding management stage, we will enter supplier contact information (including business card and email addresses) into the company’s internal system.
- Customer opportunity management: In the opportunity negotiation stage, we will retain the customer contact information (including name, address, email address, phone number, and other personal data) you fill in and submit through the official website, event microsite, official microblog, third-party cloud data collection tools, and offline activities.
- Customer service management: To provide you with better service, we will collect your business contact information and payment information (including company name, name of the legal representative, contact information, address, business license, bank account number, and title) during on-site business delivery reporting, service sales expansion, promotional exhibition, customer training, partner information collection, general product service partner cooperation, access channel information, service sales opportunity reporting, and service sales contract signing.
- With respect to sensitive information that may involve the safety of your person or property, we will only collect such information after obtaining your prior consent.
Use of information
The only employees within our company that process your information are those who have been specially authorized to do so. We will also minimize the number of employees authorized to access your information in order to alleviate concerns regarding the leakage of personal information while enjoying our service.
Storage of information
We will comply with the requirements of all relevant laws and regulations, and data stored domestically will be retained within China.
After collecting personal information, we will immediately take technical and administrative measures to protect your information.
With respect to sensitive information that could endanger your person or property if leaked, provided unlawfully, or abused, we will store the information after processing through technical measures.
Generally speaking, we retain your personal information only for the minimum amount of time necessary to achieve the designated purpose. However, if required for compliance with applicable laws and regulations; requirements of court decisions, rulings, or other legal procedures; demands from relevant government agencies or legally authorized organizations; or for the protection of the safety of person, property, or other lawful interest of the customer, Vertiv, other users, or employees; we may change the retention period of personal information as necessary to ensure compliance with such legal requirements.
Deletion of personal information
In circumstances where our product or service ceases to be in operation, we shall take measures such as the following: notify you through push notifications, announcements, etc. and delete or anonymize your personal information within a reasonable period of time.
Sharing your information with third parties
After obtaining your express consent, we may collect your personal information or usage data from third parties, including the following;
- When you request that Vertiv contact you through a third party, your email address and other relevant personal information collected about you may be forwarded to Vertiv by the third-party website.
- When you choose to participate in third-party applications or functions (such as online chat, one of our social media webpages, or similar applications or functions on a third-party website), your personal information may be provided to Vertiv.
- Other personal information may be provided to Vertiv by a third party, enabling us to combine that information with the information we collect when you use this service, thereby enhancing our ability to serve you; based on the information collected, we will focus on providing you with products or services that we believe may interest you.
When we share your information with a third party, we will take the following measures to protect your personal information:
- After we obtain your consent, sensitive information that involves the safety of your person or property will be encrypted before transmission.
- We undertake a personal information security impact assessment prior to sharing information with third parties. We will implement effective measures based on the assessment results to protect your personal information.
- We will accurately document and preserve the instances where your personal information is shared or transferred.
We may disclose your personal information under the following circumstances:
- When directly related to national security or national defense.
- When directly related to public safety, public health, or significant public interests.
- When directly related to a criminal investigation, litigation, hearing, execution of judgments, etc.
- When required to protect your or another’s person, property, or other significant lawful interest, but we are unable to reach you in a timely manner.
- You voluntarily disclose your personal information to the public.
- We collect your information from lawfully published information, including lawful news reports, publication of government information, and other channels.
How we protect your personal information
Information security is Vertiv’s lifeline. We take the following measures to protect the security of your personal information:
- We have taken industry-standard security measures to protect the personal information you provide and prevent the unauthorized access, public disclosure, use, modification, damage, or loss of data. We will take all reasonably practicable measures to protect your personal information, including encryption measures, security measures, employee training, authorization to process personal data, and implementation of a network security responsibility framework within the company.
- The internet is not a completely safe environment, and email inboxes, instant messaging, and communications between users are not encrypted. We strongly suggest that you do not send personal information using these methods. To help us ensure the security of your account, please use a complex password and do not share your password with others.
- We will periodically update and publish information related to security risk reports, personal information security impact assessments, and other reports. You can obtain the information through the following: email@example.com
- The internet is not 100% safe. We will do our best to ensure or guarantee the security of any information you send to us. If your lawful interests are harmed as a result of unlawful access, public disclosure, alteration, or destruction of information due to our physical, technical, or administrative protective measures being damaged, we will bear the corresponding legal responsibility.
- After the occurrence of any unfortunate personal information security incident, in accordance with the requirements of laws or regulations, we will promptly notify you of the following: the basic circumstances and potential impact of the security incident, the measures we have taken or will take to address the incident, measures you can take directly or recommendations to mitigate the risk, any remedial measures, etc. We will promptly provide you with relevant information about the incident via email, letter, telephone, push notification, public announcement, or other means.
According to relevant Chinese laws, regulations, and standards, you have the following rights:
- You can access and correct your personal information: You can access and correct your personal information by contacting firstname.lastname@example.org.
- You can delete your personal information or de-activate your personal account: If you no longer use the service we provide and would like us not to store your information, you can request deletion of your information by contacting us at email@example.com, the blog, the message board, or the discussion forums. You can also de-activate your account through firstname.lastname@example.org. After you deactivate your account, we will delete or anonymize your personal information.
- You may change the scope of your authorizations: Provision of our service requires some basic personal information. With respect to personal information we collect, you can grant or revoke your authorization and consent at any time. You can do this yourself through the ways posted in the website, system or application, if you cannot achieve the purpose, you may contact us at email@example.com.
- You can obtain a copy of your personal information: You can obtain a copy of your personal information through the ways posted in the website, system or application, if you cannot achieve the purpose, you may contact us at firstname.lastname@example.org.
We will only use or disclose information relating to children aged 14 or younger where permitted by law, where the parent or guardian has expressly consented, or where required for child protection.
If we find that a child’s information has been collected without first obtaining the consent of the parent or guardian, we will endeavor to delete the relevant data.