TTM Technologies, Inc. – General Data Protection Regulation (“GDPR”) Privacy Notice
TTM Technologies, Inc. and its affiliates and subsidiaries (referred to as “TTM Tech,” “we,” “us” and “our” in this GDPR Privacy Notice), a company incorporated in the state of Delaware and whose principal office address is 200 East Sandpointe, Suite 400, Santa Ana, California 92707.
The information set out in this GDPR Privacy Notice is provided to individuals who are based in the European Union (“EU”) and United Kingdom (“UK”) whose personal data we process (“you” or “your”) as data controller, in compliance with our obligations under the General Data Protection Regulation 2016/679 and the UK Data Protection Act 2018 (collectively the “GDPR”). This GDPR Privacy Notice outlines how we use Personal Data that we collect, receive and store about you in connection with your use of GDPR Privacy Notice is linked, including, without limitation our sales portal (each, together with its sub-domains, content and services, a "Site").
2. Data Controller Details
We are the data controller in relation to the processing of personal data as described in this GDPR Privacy Notice.
Our contact details are as follows:
- Address: 200 East Sandpointe, Suite 400, Santa Ana, California 92707
- Telephone number: 314-727-2087
- Email address: email@example.com (please include “Personal Data Request” in your subject heading to ensure it receives the correct attention).
3. What personal data do we collect, what do we use it for, and what is our lawful basis?
We collect personal data about our customers, business contacts, website users, employees, consultants, job applicants, and other individuals who have provided us with their information.
The personal data we collect may include:
- Contact details such as your name, home/work addresses, email address, landline/mobile phone or fax numbers.
- Employment information such as your position/title, employment history, professional specialisms and qualifications.
- Payment information such as bank details and transaction history.
- Information collected automatically by means of various technologies, including but not limited to cookies and web beacons. Please see our cookies notice for more information about these technologies and how we use them.
To the extent permitted by applicable law, we may use your personal data to:
- operate the Site and provide support to our business functions;
- fulfill customer requests, such as to create an account or complete customer purchases;
- protect against criminal activity, claims and other liabilities;
- send you information about our company, products, services, and promotions;
- respond to reviews, comments, or other feedback provided to us;
- support and personalize the Site and our advertising efforts;
- protect the security and integrity of the Site;
- provide customer support;
- the extent required for benchmarking, data analysis, audits, developing new products, enhancing the Site, facilitating product, software and applications development, improving the Site or our services, conducting research, analysis, studies or surveys, identifying usage trends, as well as for other analytics purposes;
- meet our contractual requirements;
- comply with applicable legal or regulatory requirements and our policies;
- respond to inquiries related to employment opportunities;
- market, advertise, and provide the Site and our services; and
- the extent necessary for any other lawful purpose for which the Personal Information is collected
Depending on the nature of our processing activities, we process personal data under the following legal bases:
- Contractual Obligation: for example, for the purpose of negotiating and entering into contractual agreements with you, in the course of providing our products or services.
- Consent: for example, if we process your personal data to send you marketing communications.
- Legal Compliance: for example, to comply with any of our legal or regulatory requirements.
- Legitimate Business Interest: for example, for our internal record keeping for administration purposes, for the purpose of retaining evidence of payment transactions, for insight purposes (e.g. to analyse market trends and demographics in relation to our fees), or to develop the service which we offer to you or other individuals in the future.
4. Disclosures of personal data
We may share your personal data with our affiliated companies for the purposes set out in this GDPR Privacy Notice only.
We may also share your personal data with:
- Regulators or other third parties for the purposes of monitoring and/or enforcing our compliance with any legal and regulatory obligations, including statutory or regulatory reporting or the detection or prevention of unlawful acts.
- Any third party in the context of actual or threatened legal proceedings, provided we can do so lawfully (for example in response to a court order).
- Our own professional advisers and auditors for the purpose of seeking professional advice or to meet our audit responsibilities.
- Our service providers and agents (including their subcontractors) or third parties which process information on our behalf.
If we are involved in a merger, acquisition, or any form of transfer or sale of some or all of our business, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, your personal data may be transferred along with the business.
5. International transfers
We will not transfer personal data relating to you to a country which is outside the EEA unless:
The country or recipient is considered to provide adequate protections for personal data, or appropriate safeguards have been put in place which meet the requirements of GDPR, such as using the European Commission’s Standard Contractual Clauses (SCCs). For occasional transfers we may also rely on other legal mechanisms for transfer, such as your consent.
6. Retention of Personal Data
We will retain your personal data where we have an ongoing legitimate business need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax, or accounting requirements). When we have no ongoing legitimate business need to process your personal data, we will either delete or anonymize it or, if this is not possible, we will securely store your personal data and isolate it from further processing until deletion is possible.
7. Your Privacy Rights
Depending on where you live, and subject to certain exceptions, you may have the following rights:
- Right to Access: the right to request certain information about, access to and copies of the personal data about you that we are holding (please note that you are entitled to request one copy of the personal data that we hold about you at no cost, but for any further copies, we reserve the right to charge a reasonable fee based on administration costs);
- Right to Rectification: the right to have your personal data rectified if it is inaccurate or incomplete.
- Right to Erasure / “Right to be Forgotten”: the right to withdraw your consent to our processing of your processing data (if the legal basis for processing is based on your consent) and the right to request that we delete or erase your personal data from our systems;
- Right to Restriction of Use of Your Personal Data: the right to restrict us from using your personal data or limit the way in which we can use it;
- Right to Data Portability: the right to request that we return your Personal Data in a structured, commonly used and machine-readable format, or that we send it directly to another company, where technically feasible; and
- Right to Object: the right to object to our use of your personal data.
If you consider our use of your personal data to be unlawful, you have the right to lodge a complaint with the data protection authority in the country where you live. We encourage you to first reach out to use at firstname.lastname@example.org so we have an opportunity to address your concerns directly before you do so.
To exercise your privacy rights, please email us at email@example.com, or write to us at:
TTM Privacy Office
200 East Sandpointe, Suite 400
Depending on where you are located, you may have a right to lodge a complaint with a supervisory authority or other regulatory agency if you believe that we have violated any of the rights concerning your Personal data. We encourage you to first reach out to us, so we have an opportunity to address your concerns directly before you do so.
We use our commercially reasonable efforts to protect the confidentiality and security of the personal data we process. However, despite these efforts to store personal data in a secure operating environment, we cannot guarantee the security of personal data during its transmission or its storage on our systems. Further, while we attempt to ensure the integrity and security of personal data, we cannot guarantee that our security measures will prevent third parties such as hackers from illegally obtaining access to it.
9. Changes to this GDPR Privacy Notice
If we update this GDPR Privacy Notice, we will take appropriate measures to inform you. These measures will be consistent with the significance of the changes we make. You can see when this GDPR Privacy Notice was last updated by checking the “last updated” date displayed below.
Last updated: January 2023