1. Our commitment to protecting your privacy.
2. What information do we collect?
3. What are the different types of Information?
General Information is information that does not itself reveal your identity. General Information may include, without limitation: generic business type; SIC code; information derived from publicly available databases (such as Dun and Bradstreet); user behavior on our Web site; and aggregated generic information.
Non-Public Personal Information is any non-public information you provide to us or our Partners that is proprietary or identifies or can be used to identify, contact, or locate you or someone at your business. Non-Public Personal Information may include, without limitation: name; address; phone number; e-mail address; credit card number; account information; voting behavior; spending patterns; and individual tastes and preferences.
Partners are individuals or entities we engage to help us carry out our mission.
4. What do we use web visitor’s information for?
We collect personal data for legitimate business purposes, which may include:
- To personalize your experience (your information helps us to better respond to your individual needs)
- To improve our website (we continually strive to improve our website offerings based on the information and feedback we receive from you)
- To improve customer service (your information helps us to more effectively respond to your customer service requests and support needs)
- To process transactions
- To send periodic emails (the email address you provide may be used to send you information, respond to inquiries, and/or other requests or questions)
- To meet government, national security, public interest, or law enforcement requirements
- In an emergency where the health or security of an individual may be endangered
Other purposes disclosed at the time of collection or otherwise compatible with the above, the EU-U.S. Privacy Shield Framework, and the Swiss – U.S. Privacy Shield Framework
5. How do we protect your information?
We implement a variety of security measures to maintain the safety of your personal information when you place an order or enter, submit, or access your personal information. These precautions may include password protections for online information systems and restricted access to personal data.
All inquiries from outside the company concerning identity, employment record, or performance of a current or terminated employee are referred to the Human Resources department (Hresources@dukeempirical.com) and/or an attorney in the Law Department, who will verify the credentials of the agency representative before releasing information about a current or terminated employee. DUKE Extrusion takes reasonable and appropriate measures to secure your personal data. Our publicly available website is hosted on a secure server.
Yes. Cookies are small files that a site or its service provider transfers to your computer’s hard drive through your Web browser (if you allow) that enables the sites’ or service providers’ systems to recognize your browser and capture and remember certain information. Our Cookie Notice conforms to GDPR standards and provides information on the cookies we apply.
7. Do we disclose any information to outside parties?
We do not sell, trade, or otherwise transfer information to outside parties. This excludes third parties who assist us with human capital management, in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. We may also release your information when we believe release is necessary to comply with the law, enforce our site policies, or protect our or other’s rights, property, or safety, or share personal information as necessary to other corporate entities as part of a business transition such as a merger, acquisition, or sale of assets.
However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses. Because we value your privacy, we have taken the necessary precautions to comply with the California Online Privacy Protection Act. We will not distribute your personal information to outside parties without your consent.
8. Choice, Data Integrity & Access
DUKE Extrusion takes reasonable steps to ensure that personal data is accurate, complete, and current. DUKE Extrusion provides employees the opportunity to opt out from allowing the company to disclose his or her personal information to a third party or to use it for any purpose. DUKE Extrusion reserves the right to maintain any personal information that it is required to keep or maintain for compliance purposes or to protect itself or preserve its legal rights under pending, threatened or potential legal action. All employees are asked to inform the Human Resources or Payroll departments, or his or her manager, immediately in the event of changes in personal information. If any information is inaccurate or incomplete, the individual may request that inaccurate information be corrected.
9. Collection of Personal Information from Children
We do not collect any information from anyone under 13 years of age. Our website, products and services are all directed to people who are at least 13 years old or older.
11. EU-U.S. Privacy Shield and Swiss – U.S. Privacy Shield
12. Inquiries/Contact Us
DUKE Extrusion commits to resolve complaints about your privacy and our collection or use of your personal information. Individuals may contact DUKE Extrusion: email@example.com
Date Updated: August 28, 2020
Privacy Shield Policy for European Economic Area and Swiss Visitors to DUKE Extrusion’s Website
"Controller" means a person or organization which, alone or jointly with others, determines the purposes and means of the Processing of EU Personal Data.
"EU Personal Data" for the purposes of this Privacy Shield Policy means all data about an identified or identifiable individual visitor to DUKE Extrusion’s website that are within the scope of Directive 95/46/EC, or equivalent law currently in effect in the EU or Switzerland, which are received by the Company from the European Economic Area and/or Switzerland for Processing, and are recorded in any form.
"DUKE Extrusion" or "Company" means DUKE Extrusion Corporation and all its subsidiaries worldwide.
"DUKE Extrusion U.S." means DUKE Extrusion Corporation and its U.S. subsidiaries.
"Privacy Shield" means the EU-U.S. Privacy Shield Framework as agreed between the European Commission and the U.S. Department of Commerce, which came into effect on July 12, 2016.
"Privacy Shield Policy" means the EU-U.S. Privacy Shield Framework as agreed between the European Commission and the U.S. Department of Commerce, which came into effect on July 12, 2016 and the Swiss-U.S. Privacy Shield Framework as agreed between the Swiss Federal Data Protection and Information Commissioner the U.S. Department of Commerce, which came into effect on April 12, 2017.
"Processing" of EU Personal Data means any operation or set of operations which is performed upon EU Personal Data, whether or not by automated means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure or dissemination, and erasure or destruction. "Process", "Processing" and "Processed" shall be construed accordingly.
B. Scope & Application
DUKE Extrusion U.S. commits to subject to the Privacy Shield Principles and the Supplemental Principles (collectively, the "Principles" and each a "Principle") all EU Personal Data received in reliance on the Privacy Shield.
The controlled U.S. subsidiaries of DUKE Extrusion U.S., as identified in the DUKE Extrusion Corporation self-certification listing available here, also adhere to the Privacy Shield Principles.
C. Compliance with EU-U.S. and Swiss-U.S. Privacy Shield Framework
DUKE Extrusion U.S. complies with the Privacy Shield regarding the collection, use, and retention of EU Personal Data transferred from the European Economic Area and Switzerland to the United States. DUKE Extrusion adheres to the Principles of:
- Accountability for Onward Transfer
- Data Integrity and Purpose Limitation
- Recourse, Enforcement and Liability.
If there is any conflict between the terms in this Privacy Shield Policy and the Principles, the Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/.
- DUKE Extrusion U.S. adheres to the Notice Principle regarding all EU Personal Data received in reliance on the Privacy Shield.
- What EU Personal Data do we collect?
- What do we use your EU Personal Data for?
- Who do we disclose your EU Personal Data to?
- Your EU Personal Data may be Processed and stored in the U.S. and other countries where DUKE Extrusion’s affiliates, subsidiaries or agents are located. DUKE Extrusion utilizes a range of methods to transfer EU Personal Data across country borders. These methods include consent, contractual methods, and/or regulatory authority certifications.
- DUKE Extrusion U.S. adheres to the Choice Principle and the Choice – Timing of Opt Out Supplemental Principle.
3) Accountability for Onward Transfer of EU Personal Data
- DUKE Extrusion U.S. adheres to the Accountability for Onward Transfer Principle and the Obligatory Contracts for Onward Transfer Supplemental Principle.
- DUKE Extrusion U.S. shares EU Personal Data with third-party suppliers based on contractual arrangements which, among other things, ensure that the Principles are respected as required, that the third-party supplier acts only on its instructions and that the data are appropriately secured by the third-party supplier.
- In the context of onward transfers, DUKE Extrusion U.S. is responsible for the Processing of the EU Personal Data it receives and subsequently transfers to a third-party agent acting on its behalf. DUKE Extrusion remains liable under the Principles if its agent Processes such EU Personal Data in a manner inconsistent with the Principles, unless DUKE Extrusion proves that it is not responsible for the event giving rise to the damage.
- *Please also see Section 2 article C.
- DUKE Extrusion U.S. adheres to the Security Principle.
5) Data Integrity and Purpose Limitation
- DUKE Extrusion U.S. adheres to the Data Integrity and Purpose Limitation Principle.
- DUKE Extrusion takes reasonable steps to ensure that the EU Personal Data it holds is accurate, complete, and current. We rely on you to update and correct your EU Personal Data, where necessary. If you wish to make a request to update or correct your EU Personal Data, please use the DUKE Extrusion Contact Details provided in Section 7 below.
- Where DUKE Extrusion U.S. is acting as a data Controller, DUKE Extrusion may retain EU Personal Data as long as necessary for the Company to: (a) complete the purpose for which it was collected; (b) meet any applicable legal requirements; or (c) protect its legitimate interests, including with respect to actual or potential legal claims.
- DUKE Extrusion U.S. adheres to the Access Principle and Access Supplemental Principle.
- You may obtain access to EU Personal Data that DUKE Extrusion holds which is relevant to you. You may also correct, amend ,or delete that information where it is inaccurate, or has been Processed in violation of the Principles. If you wish to request access to your EU Personal Data, please use the DUKE Extrusion Contact Details provided in Section 7 below.
- DUKE Extrusion may limit or deny access as provided in the Principles, including where: (a) the rights of persons other than the requesting individual would be violated; or (b) the burden or expense of providing access would be disproportionate to the risks to the individual’s privacy in the case in question.
7) DUKE Extrusion Contact Details
- In compliance with the Principles, DUKE Extrusion U.S. commits to resolve complaints about our collection or use of your EU Personal Data. If you have queries or complaints about this Privacy Shield Policy or wish to exercise your rights under Sections 2, 5, 6 or 8, you should first contact DUKE Extrusion by: email at: firstname.lastname@example.org; or by telephone: (US) and ask for the DUKE Extrusion data protection officer.
8. Recourse, Enforcement and Liability
- DUKE Extrusion U.S. adheres to the Recourse, Enforcement and Liability Principle, as well as the Verification and Dispute Resolution and Enforcement Supplemental Principles.
- DUKE Extrusion has implemented a self-assessment procedure to verify its adherence to the Principles. If you have a query, concern or complaint about the application of this Privacy Shield Policy or the Processing of EU Personal Data by DUKE Extrusion U.S., we encourage you to first use the DUKE Extrusion Contact Details provided in Section 7 above.
- DUKE Extrusion U.S. has further committed to refer unresolved Privacy Shield complaints to JAMS, an alternative dispute resolution provider in the United States. If you do not receive timely acknowledgement of your complaint from us, or if we have not resolved your complaint, please contact or visit JAMS (http://www.jamsinternational.com/) for more information or to file a complaint using the complaint submission form found here: http://www.jamsinternational.com/file-a-privacy-shield-safe-harbor-claim. The services of JAMS are provided at no cost to you. The JAMS complaint and recourse mechanism described here is available to individuals whose EU Personal Data has been collected or Processed by DUKE Extrusion under the Principles. The JAMS complaint and recourse mechanism is not available to individuals whose EU Personal Data has been collected or Processed by DUKE Extrusion under any other EU data transfer adequacy mechanism.
- If your complaint is not resolved through DUKE Extrusion’s internal complaint procedure, or JAMS, you may be able, under certain conditions, to invoke binding arbitration pursuant to Annex I to the Principles. For further information, visit: https://www.privacyshield.gov/article?id=ANNEX-I-introduction.
- DUKE Extrusion is also subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission, which has jurisdiction over DUKE Extrusion U.S.’s compliance with the Privacy Shield.