CES-GROUP Privacy Statement
Last Updated: January 2020
Your privacy is important to us. This privacy statement explains what personal data CES-GROUP Co., Ltd. (hereinafter referred to as “CES-GROUP”) collects from you, through our interactions with you and through our products, and how we use that data.
CES-GROUP offers a wide range of products, from server products used to help operate enterprises worldwide, devices you use in your company, software for engineers use at factory, and services developers use to create and host what’s next. References to CES-GROUP products in this statement include CES-GROUP services, websites, software, servers and devices.
Please read the product-specific details in this privacy statement, which provide additional information about some of CES-GROUP products. This statement applies to CES-GROUP’s interactions with you and the CES-GROUP products listed below, as well as other CES-GROUP products that display this statement.
I. Official Platform: official website,
II. UFleet+ and UShop+
III. Third Party Platforms : Hubspot Siebel, Facebook, SalesForce.com, Live Chat
1. Personal Data We Collect
CES-GROUP collects data to operate effectively and provide you the best experiences with our products. You provide some of this data directly, purchase an CES-GROUP product, or contact us for support. We get some of it by recording how you interact with our products by, for example, using technologies like cookies, and receiving error reports or usage data from software running on your device.
We also obtain data from third parties. We protect data obtained from third parties according to the practices described in this statement, plus any additional restrictions imposed by the source of the data. These third-party sources vary over time, but have included:
- Data brokers from whom we purchase demographic data to supplement the data we collect.
- Social networks when you grant permission to an Advantech product to access your data on one or more networks.
- Service providers that help us determine a location based on your IP address in order to customize certain products to your location.
- Partners with which we offer co-branded services or engage in joint marketing activities, and
- Publicly-available sources such as open government databases or other data in the public domain.
You have choices about the data we collect. When you are asked to provide personal data, you may decline. But if you choose not to provide data that is necessary to provide a product or feature, you may not be able to use that product or feature.
The data we collect depends on the context of your interactions with Advantech, the choices you make, including your privacy settings, and the products and features you use. The data we collect can include the following:
- A. Name and contact data
We collect your first and last name, email address, postal address, phone number, and other similar contact data.
- B. Credentials
We collect passwords, password hints, and similar security information used for authentication and account access.
- C. Demographic data
We collect data about you such as your age, gender, country, and preferred language.
- D. Payment data
We collect data necessary to process your payment if you make purchases, such as your payment instrument number (such as a credit card number), and the security code associated with your payment instrument.
- E. Device and Usage data
We collect data about your device and how you and your device interact with Advantech and our products. For example, we collect:
- Product use data. We collect data about the features you use, the items you purchase, and the web pages you visit. This data includes your voice and text search queries or commands to Facebook, and our Live Chat. This also includes the settings you select and the software configurations you use most.
- Device, connectivity and configuration data. We collect data about your device and the network you use to connect to our products. It includes data about the operating systems and other software installed on your device, including product keys. It also includes IP address, device identifiers (such as the registration ID and phone numbers), and regional and language settings.
- Error reports and performance data. We collect data about the performance of the products and any problems you experience with them. This data helps us to diagnose problems in the products you use, and to improve our products and provide solutions. Depending on your product and settings, error reports (sometimes called “crash dumps”) can include data such as the type or severity of the problem, details of the software or hardware related to an error, contents of files you were using when an error occurred, and data about other software on your device.
- Troubleshooting and Help Data.When you engage Advantech for troubleshooting and help, we collect data about you and your hardware, software, and other details related to the incident. Such data includes contact or authentication data, the content of your chats and other communications with Advantech, data about the condition of the machine and the application when the fault occurred and during diagnostics, and system and registry data about software installations and hardware configurations.
- F. Interests and favorites
We collect data about your interests and favorites, such as the products you interested in, the Business application area you prefer, In addition to those you explicitly provide, your interests and favorites may also be inferred or derived from other data we collect.
- G. Contacts and relationships
We collect data about your contacts and relationships if you use an Facebook, or to communicate or interact with other people or organizations, for example Live Chat and worldwide trade show.
- H. Location data
For products with location-enhanced features, we collect data about your location, which can be either precise or imprecise. Precise location data can be Global Navigation Satellite System (GNSS) data (e.g., GPS), as well as data identifying nearby cell towers and Wi-Fi hotspots, we collect when you enable location-based products or features. Imprecise location data includes, for example, a location derived from your IP address or data that indicates where you are located with less precision, such as at a city or postal code level.
- I. Content
We collect content of your files and communications when necessary to provide you with the products you use. For example, if you transmit a file using Live Chat, we need to collect the content of that file to display it to you and the other user as you direct. If you receive a data using Live Chat, we need to collect the content of that data to deliver it to your inbox, display it to you, enable you to reply to it, and store it for you until you choose to delete it. Other data we collect to provide communication services to you include the:
- subject line and body of an email,
- text or other content of an instant message,
- audio and video recording of a video message, and
- audio recording and transcript of a voice message you receive or a text message you dictate.
- J. Video
If you enter CES-GROUP headquarters, office buildings or other facilities, or attend an CES-GROUP event, your image may be captured by our security cameras.
We also collect information you provide to us and the content of messages you send to us, such as feedback and product reviews you write, or questions and information you provide for customer support. When you contact us, such as for customer support, phone conversations or chat sessions with our representatives may be monitored and recorded.
Product-specific sections below describe data collection practices applicable to use of those products.
CES-GROUP will not collect any personal data about you (e.g. your name, address, telephone number or e-mail address), unless you voluntarily choose to provide us with it (e.g. by registration, surveys, etc.). CES-GROUP is the sole owner of the information collected on our web sites. Under no circumstances will we share your customer information with anyone other than those directly involved with the purchase and shipment of your order, unless you explicitly give us permission to do so.
- K. Non-Personal Data Collected Automatically
When you access our Web site, we may automatically (i.e., not by registration) collect non-personal data (e.g. type of Internet browser and operating system used, IP address, domain name of the Web site from which you came, number of visits, average time spent on the site, pages viewed). We use this data to monitor web interaction, analyses trends improve performance and content and study the needs of customers more closely. This will be performed in accordance with the applicable data privacy protection legal framework.
- L. EU-U.S. & Swiss-U.S. Privacy Shield
CES-GROUP adheres to the principles of the EU-U.S. and Swiss-U.S. Privacy Shield frameworks.
2. Lawful Bases for Processing
We will only collect and process personal data about you where we have lawful bases. Lawful bases include:
- A. Legitimate interest of CES-GROUP
We will rely on legitimate interests as a basis for data processing where the processing of your data is not overridden by your interests or fundamental rights and freedoms. CES-GROUP may process your personal data for the purposes of our legitimate interests or for the legitimate interests of third parties (e.g. your employer). For example, CES-GROUP may process your personal data to enable CES-GROUP to carry its business, such as:
- conclusion and execution of agreements with your employer, supplier or business partners;
- to record and financially settle delivered Services and Products;
- sales, marketing and promotions;
- account management;
- customer service, finance and accounting;
- research and development;
- internal management and control;
- quality control, consolidated reporting;
- corporate transactions, such as a sale of a business or a part of a business to another company, or any reorganization, merger, joint venture, or other disposition of Advantech’s business, assets, or stock (including in connection with any bankruptcy or similar proceeding)
- understand and improve our business or customer relationships generally
Please note that where we rely on legitimate interests, you have the right to object to the processing of your data.
- Compliance with legal obligations to which CES-GROUP is subject to;
- Protect you, CES-GROUP or others from threats (such as security threats or fraud)
- Contract where processing is necessary for the performance of a contract with you (e.g. to deliver the Products or Services you have requested). Where we rely on contract, we will ask that you agree to the processing of personal data that is necessary for entering into or performance of your contract with CES-GROUP.
- If none of the criteria listed in a)-d) above applies or if consent is required by the applicable local legislation, CES-GROUP shall obtain consent from you before processing your data. Where we process data based on consent, we will ask for your explicit consent. When seeking for consent, CES-GROUP shall inform you;
- Of the purpose of the processing for which consent is requested and;
- Any other relevant details to seek to ensure legal processing.
- Of the purpose of the processing for which consent is requested and
- Any other relevant details to seek to ensure legal processing.
Where we rely on your consent to process personal data, you have the right to withdraw or decline your consent at any time. You may withdraw your consent at any time, but that will not affect the lawfulness of the processing of your personal data prior to such withdrawal.
3. How long do we keep your personal data?
We keep your Personal Data for the period necessary to fulfill the purposes for which it has been collected and we may retain and use your personal data.
The criteria used to determine our retention periods include:
- Are we subject to a legal, contractual, or similar obligation to retain the personal data? Examples can include mandatory data retention laws in the applicable jurisdiction, government orders to preserve personal data relevant to an investigation, or personal data that must be retained for the purposes of litigation;
- do we have a contract in place with your employee or a business partner or are we engaged with you in any negotiation for the conclusion of a contract or any other operation or transaction;
- Do you have an account with us? In this case we will keep the personal data while your account is active or for as long as needed to provide services to you. However, if you haven’t logged onto our website for 10 (ten) years we will delete your information from our systems provided that there are no other reasons including but not limited to prevention of fraud and abuses, enforce the contract we have with you or your employer, legal or regulatory requirements, resolve disputes, when we may also keep hold of some of your information as required, even after you have closed your account or it is no longer needed to provide the services to you.
- Have you consented that we can retain your personal data?
4. Your information and countries outside Europe
Due to its international position, Advantech may need to transfer your personal data outside the European Union or European Economic Zone, including but not limited to Taiwan. Taiwan is not a country in respect of which there is a European Commission decision of adequacy, but we have put in place adequate measures to protect your privacy and your rights through the use of the European Commission’s standard data protection clauses.
You may also obtain a copy of these measures by contacting Advantech at Privacy.email@example.com
You have the following rights relating to your personal data:
- (i) The right to be informed about how your personal information is being used (an example of information is this policy)
- (ii) The right to access the personal data we process about you
- (iii) The right to request the correction of inaccurate personal information we process about you (although you can probably do most of this through your account)
- (iv) The right to request that we delete your data, or stop processing it or collecting it, in some circumstances
- (v) The right to stop direct marketing messages and to withdraw consent for consent-based processing at any time
- (vi) The right to request that we transfer or port elements of your data either to you or another service provider, in case we collect personal data based on your consent.
- (vii) The right to complain to your data protection regulator.
* California Residents – Please see Section 10: Privacy Notice for California Consumers of this policy for more details on your additional rights.
6. How to Contact Us
A. Questions and Comments
By visiting CES-GROUP’s website, you consent to the practices described in the Privacy notice and your visit and any dispute over privacy is subject to this notice.
We always want to hear from our customers. If you:
- Have any questions or feedback about this policy
- Would like us to stop using your personal data
- Want to exercise any of your rights as set out above, or have a complaint
please don’t hesitate to contact our team, who will be happy to answer any questions you may have.
You can contact our privacy team by dropping us a line at Privacy.firstname.lastname@example.org
7. Privacy Notice For California Consumers
This section provides more information about your rights under the California Consumer Privacy Act or “CCPA” (California Civil Code Section 1798.100 et seq.). The CCPA provides rights to California consumers to be informed about the collection and use of their personal information, request access to their personal information, request for the deletion of their personal information, and to not be discriminated against for exercising such rights.
CES-GROUP does not sell your personal information and has not sold your information in the last 12 months. You can request access to or deletion of your personal information by using the online DO NOT SELL INFORMATION form [Link to form]. If you request the deletion of your personal information, please note that we may still need to retain certain information for recordkeeping purposes, and/or to complete any transactions that you began prior to requesting such deletion. Your information may also remain within our systems and other records where necessary for compliance with applicable law.
The chart below outlines the categories of Personal Information (which are defined by the CCPA, not us) that we have collected and/or disclosed for a business purpose in the preceding twelve months. The examples of Personal Information provided for each category are taken from the CCPA and are included to help you understand what the categories mean. The examples are not meant to indicate what we actually collect or disclose.
|Category||We Collect||We Disclose||We Sell|
|Examples: Name, alias, postal address, unique personal identifier, online identifier, internet protocol address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers.|
|B. Categories of Personal Information in Cal. Civ. Code 1798.80(e)||Yes||Yes||No|
|Examples: Name, signature, social security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.|
|C. Characteristics of Protected Classifications under California or Federal Law||No||No||No|
|Examples: Race or color, ancestry or national origin, religion or creed, age (over 40), mental or physical disability, sex (including gender and pregnancy, childbirth, breastfeeding or related medical conditions), sexual orientation, gender identity or expression, medical condition, genetic information, marital status, military and veteran status.|
|D. Commercial Information||Yes||Yes||No|
|Examples: Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.|
|E. Biometric Information||No||No||No|
|Examples: Physiological, biological, or behavioral characteristics, including DNA, that can be used, singly or in combination with each other or with other identifying data, to establish individual identity, such as imagery of the iris, retina, fingerprint, face, hand, palm, vein patterns, and voice recordings, from which an identifier template, such as a faceprint, a minutiae template, or a voiceprint, can be extracted, and keystroke patterns or rhythms, gait patterns or rhythms, and sleep, health, or exercise data that contain identifying information.|
|F. Internet or Other Electronic Network Activity Information||Yes||Yes||No|
|Examples: Browsing history, search history, and information regarding a consumer’s interaction with an internet website, application or advertisement.|
|G. Geolocation Data||Yes||Yes||No|
|Example: Precise physical location.|
|H. Sensory Information||No||No||No|
|Examples: Audio, electronic, visual, thermal, olfactory, or similar information.|
|I. Professional or employment-related information||No||No||No|
|Examples: Job application or resume information, past and current job history, and job performance information.|
|J. Non-Public Education Information (as defined in 20 U.S.C. 1232g; 34 C.F.R. Part 99)||No||No||No|
|Examples: Records that are directly related to a student maintained by an educational agency or institution or by a party acting for the agency or institution.|
|K. Inferences Drawn from Personal Information||Yes||Yes||No|
|Examples: Consumer profiles reflecting a consumer’s preferences, characteristics, psychological trends, preferences, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.|
Use of Personal Information
- Auditing related to a current interaction with you and concurrent transactions, including, but not limited to auditing compliance with this specification and other standards.
- Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity.
- Debugging to identify and repair errors that impair existing intended functionality.
- Short-term, transient use.
- Contracting with service providers to perform services on our behalf, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing advertising or marketing services, providing analytic services, or providing similar services on behalf of the business or service provider.
- Undertaking internal research for technological development and demonstration.
- Undertaking activities to verify or maintain the quality or safety of our services, and to improve, upgrade, or enhance our services.
- Otherwise enabling or effecting, directly or indirectly, a commercial transaction.
- For other purposes for which we provide specific notice at the time the information is collected.
Your California Privacy Rights
If you are a California resident, you may exercise the following rights;
- Right to Know and Access. You may submit a verifiable request for information regarding the: (1) categories of Personal Information collected or disclosed by us; (2) purposes for which categories of Personal Information are collected by us; (3) categories of sources from which we collect Personal Information; and (4) specific pieces of Personal Information we have collected about you during the past twelve months.
- Right to Delete. Subject to certain exceptions, you have the option to delete Personal Information about you that we have collected from you.
- Verification. Requests for access to or deletion of Personal Information are subject to our ability to reasonably verify your identity in light of the information requested and pursuant to relevant CCPA requirements, limitations, and regulations.
- Right to Equal Service and Price. You have the right not to receive discriminatory treatment for the exercise of your CCPA privacy rights, subject to certain limitations.
- Shine the Light. We do not rent, sell, or share your Personal Information with nonaffiliated companies for their direct marketing purposes, unless we have your permission.