IMPORTANT NOTE: This policy has been updated on September 30, 2016
The United States Department of Commerce has replaced the United States-European Union Safe Harbor Certification with the United States-European Union Privacy Shield program (“Privacy Shield”). On September 30, 2016, Silicon Laboratories self-certified with the U.S. Department of Commerce to participate in the Privacy Shield program. Therefore, any Personal Data that we receive from the EU will be handled in accordance with our separate Privacy Shield Policy, not this policy. Although the Privacy Shield bears many of the same features as the Safe Harbor program, it also requires Silicon Laboratories to take additional steps to safeguard the data that we receive from EU persons. This policy will continue to govern the treatment of Personal Data that we receive from Switzerland, as the U.S.-Swiss Safe Harbor program remains in effect.
Effective Date: December 31, 2013, updated September 30, 2016
Silicon Laboratories Inc. (“Silicon Labs”) has adopted this Safe Harbor Policy (“Policy”) to establish and maintain an adequate level of Personal Data privacy protection. This Policy applies to the processing of Personal Data that Silicon Labs obtains from Employees and Customers located in the European Union and Switzerland.
.This Policy complies with the United States–European Union and United States–Switzerland Safe Harbor Principles (collectively “Safe Harbor Principles”), which can be found at http://www.export.gov/safeharbor.
All Silicon Labs Employees who handle Personal Data from Europe are required to comply with the Principles stated in this Policy.
Capitalized terms are defined in Section 13 of the Policy.
This Policy applies to the processing of Employee Personal Data and Customer Personal Data that Silicon Labs receives in the United States concerning Employees and Customers who reside in Europe.
This Policy does not cover data from which individual persons cannot be identified, or situations in which pseudonyms are used. (The use of pseudonyms involves the replacement of names or other identifiers with substitutes, so that identification of individual persons is not possible.)
Responsibilities and Management
Silicon Labs has designated the offices of the General Counsel and the Chief Information Officer to oversee its information security program. The General Counsel and Chief Information Officer shall review and approve any material changes to this program as necessary. Any questions, concerns, or comments regarding this Policy also may be directed to DL.Privacy@silabs.com.
Silicon Labs will maintain, monitor, test, and upgrade information security policies, practices, and systems to assist in protecting the Personal Data that it collects. Silicon Labs personnel will receive training, as applicable, to effectively implement this Policy. Please refer to section 6 for a discussion of the steps that Silicon Labs has undertaken to protect Personal Data.
Collection and Use of Personal Data
Employees: Silicon Labs may receive Personal Data concerning European Employees including, but not limited to: (1) directly or indirectly from the Employee; (2) from a European affiliate or subsidiary; or (3) through other means. This information may include contact information, such as name, address, email, work email address, and phone number. On an as-needed basis, and as permitted by local law, we also may collect age (or date of birth), national identification number, gender, prior employment history, and salary. Currently, compensation-related information (e.g., salary and bank account information) about EU employees is stored in the EU, and is not transferred to the United States. We also may collect information about your use of our network automatically, including, IP address, log files, and browser type.
Silicon Labs uses Employee Personal Data for business and employment purposes, including without limitation: (1) filling positions and analyzing staffing needs; (2) managing employees from another country; (3) conducting performance evaluations, salary, bonus and equity reviews, and other Employee reviews (e.g., talent reviews, succession planning and career planning); (4) managing employee benefits; (5) satisfying governmental reporting and tax requirements; (6) satisfying security, and health and safety concerns: (7) planning and implementing potential acquisitions and mergers; (8) storing and processing data, including Personal Data, in computer databases and servers located in the United States; (9) implementing and maintaining Silicon Labs information technology, including providing access to and support for information systems and technology; (10) for other employment-related and business related purposes permitted and/or required under applicable local law and regulation; and (11) as otherwise required by law.
In limited circumstances, Silicon Labs also may process Personal Data of its Employees’ immediate family members in connection with normal and legitimate employment-related activities.
Customers: Silicon Labs, either directly or through its affiliates, provides various products and services to its customers, which are predominantly business customers. Silicon Labs may come into contact with Personal Data in the course of providing such products and services and in responding to partner or customer inquiries. Specifically, for each Customer (whether purchased directly through us or through a distributor), we will collect contact information, including, but not limited to, Customer’s name, work contact details (e.g., address, email, and phone number), job title/position and company name. When a customer makes a direct purchase from Silicon Labs (as opposed to purchasing from one our authorized distributors), we will collect information about purchased volumes, shipping destination, the Customer’s industry and the end-use of the product. When Customers interact with our website, by downloading software or documentation, for example, we also may collect their IP address and browser type. We may associate IP address and browser type with a specific customer.
We also may collect Personal Data from persons who contact us through our website to request additional information, request technical support or participate in one of our online forums; in that situation, we would collect contact information (as discussed above) and any other information that the person chooses to submit through our website. Silicon Labs uses Personal Data that it collects directly from its Customers for the following business purposes, without limitation: (1) maintaining and supporting its products, and complying with its contractual obligations related thereto; (2) satisfying governmental reporting and tax requirements; (3) storing and processing data, including Personal Data, in computer databases and servers located in the United States; (4) implementing and maintaining Silicon Labs information technology; (5) for other business-related purposes permitted or required under applicable local law and regulation; and (6) as otherwise required by law.
Disclosures/Onward Transfers Of Personal Data
Except as provided herein, Silicon Labs discloses non-employee Personal Data only to Third Parties who reasonably need to know such data. Such recipients must agree to abide by confidentiality obligations.
Silicon Labs may provide non-employee Personal Data to Third Parties that act as agents, consultants, and contractors to perform tasks on behalf of and under the instructions of Silicon Labs. Third Parties must agree to use such Personal Data only for the purposes for which they have been engaged by Silicon Labs and they must either: (1) comply with the Safe Harbor principles or another mechanism permitted by the applicable European data protection law(s) for transfers and processing of Personal Data; or (2) agree to provide adequate protections for the Personal Data that are no less protective than those set out in this Policy. Silicon Labs may also disclose Personal Data for other purposes or to other Third Parties, when an Individual has consented to or requested such disclosure.
Silicon Labs generally does not collect Sensitive Data from its European Employees; if it collects such Data, it is not transferred to the United States. If, however, Silicon Labs transfers Employee Sensitive Data to the United States, it will do so with appropriate notice and consent of the Employee, as permitted by law.
Silicon Labs only will use Sensitive Data: (1) the purpose for which it was originally provided, (2) a purpose expressly consented to by the Individual, or (3) a purpose expressly described below.
Silicon Labs may use or disclose Sensitive Data (as well as Personal Data) where such disclosure or use: (a) is necessary for the establishment of legal claims or defenses; (b) is necessary to carry out the organization's obligations in the field of employment law; or (c) as otherwise required or permitted by law.
Data Integrity and Security
Silicon Labs uses reasonable efforts to maintain the accuracy and integrity of the Personal Data that it collects directly and to update it as appropriate. Customers, however, are responsible for ensuring the accuracy of the Personal Data that they collect from their employees, and, if applicable, their own end user customers. Silicon Labs has implemented physical and technical safeguards to protect Personal Data from loss, misuse, and unauthorized access, disclosure, alternation, or destruction. For example, all electronically stored Personal Data is stored on a secure network with firewall protection, and access to Silicon Labs electronic information systems requires user authentication via password or similar means.
Despite these precautions, no data security safeguards guarantee 100% security all of the time.
Accessing Personal Data
Silicon Labs personnel may access and use Personal Data only if they are authorized to do so and only for the purpose for which they are authorized.
Right to Access, Change or Delete Personal Data
9.1 Right to Access Individuals have the right to know what Personal Data about them is included in the databases and to ensure that such Personal Data is accurate and relevant for the purposes for which Silicon Labs collected the Personal Data. Individuals may review their own Personal Data stored in the databases and correct, erase, or block any data that is incorrect, as permitted by applicable law. Upon reasonable request and as required by the Safe Harbor principles, Silicon Labs allows Customers access to their Personal Data, in order to correct or amend such data where inaccurate.
9.1.1 Employee Access For information stored in the HRIS employee database, an Employee may update certain information (e.g., address, personal contact information, education, training) by logging into the system and updating their information in iVantage or Employee Self Service on the intranet. Employers also may contact their local Human resources representative to request access to or modification of their Personal Data held by Silicon Labs that cannot be accessed through the HRIS employee database. In addition, we use third party service providers to assist us in providing certain administrative functions. Where available, our Employees may log into their password-protected account with the vendor to update their information. In making modifications to their Personal Data, Individuals must provide only truthful, complete, and accurate information.
9.1.2 Customer Access Customers may update their Personal Data by contacting Sales Support or by contacting the Customer’s local sales representative or distributor, as applicable. In making modifications to their Personal Data, Individuals must provide only truthful, complete, and accurate information.
9.2 Requests for Personal Data Silicon Labs will track each of the following and will provide notice to the appropriate parties under law and contract when either of the following circumstances arise: (a) legally binding request for disclosure of the Personal Data by a law enforcement authority unless prohibited by law or regulation; or (b) requests received from the Individual. If Silicon Labs receives a request for access to his/her Personal Data from a Customer’s customer or employee, then, unless otherwise required under law or by contract with such Customer, Silicon Labs will refer such Individual to Customer.
9.3 Satisfying Requests for Access, Modifications, and Corrections Silicon Labs will endeavor to respond in a timely manner to all reasonable written requests to view, modify or inactivate Personal Data.
Changes to this Policy
This Policy may be amended from time to time, consistent with the Safe Harbor Principles and applicable data protection and privacy laws and principles. We will notify our Employees of changes to this Policy through email. We will notify Customers if we make changes that materially affect the way we handle their Personal Data previously collected, and allow them to choose whether their Personal Data may be used in any materially different manner.
Questions or Complaints
Employees or Customers may contact Silicon Labs with questions or complaints concerning this Policy at the following address:
In the Americas:
400 W. Cesar Chavez
Austin, TX 78701
Director Europe HR
P.O. Box 4633
Sandakerveien 1180484 Oslo
Or the local Human Resources representative for EMEA
Enforcement and Dispute Resolution
Silicon Labs has established internal mechanisms to verify our ongoing adherence to this Policy. As part of our annual Safe Harbor re-certification process, Silicon Labs periodically reviews this Policy for accuracy, as well as for conformity with the Safe Harbor Principles.
An Employee with any questions, complaints, or disputes regarding the manner in which Silicon Labs handles or protects Personal Data should bring it to the attention of his or her local Human Resources representative. Complaints or disputes that cannot be remedied by a local Human Resources representative should be forwarded to the Office of the General Counsel. Silicon Labs will promptly investigate and attempt to resolve complaints and disputes in a manner that complies with the principles described in this Policy. With respect to any complaints or disputes from Employees of Silicon Labs that cannot be resolved through our internal processes, we agree to participate in dispute resolution procedures with the competent European Data Protection Authorities (“DPAs”). Silicon Labs will cooperate with such DPA in the investigation and resolution of complaints brought under this Policy. If Silicon Labs or the DPA conclude that we did not comply with this Policy, we will take appropriate steps to remedy any adverse effects and assure future compliance. If the Employee’s complaint cannot be resolved through this process, or in the event that dispute resolution through a competent DPA is not available, Silicon Labs will refer the dispute to a JAMS arbitrator.
Individuals with any questions, complaints, or disputes regarding the manner in which Silicon Labs handles or protects Personal Data should bring it to the attention of the individual set forth in Section 11. Silicon Labs will promptly investigate and attempt to resolve complaints and disputes in a manner that complies with the principles described in this Policy. If the Individual’s complaint cannot be resolved through this process, Silicon Labs agrees to participate in the following dispute resolution process: JAMS arbitration.
“Customer” means a prospective, current, or former partner (distributor or reseller), vendor, supplier, customer, or client of Silicon Labs. The term also shall include any individual agent, employee, representative, customer, or client of a Silicon Labs customer where Silicon Labs has obtained his or her Personal Data from such Customer as part of its business relationship with the Customer.
“Employee” means an employee (whether temporary, permanent, part-time or contract), former employee, independent contractor, or job applicant of Silicon Labs or any of its affiliates or subsidiaries, who is also a resident of a country within the European Economic Area.
“Europe” or “European” refers to a country in the European Economic Area.
“Individual” means an identified or identifiable natural living person. An identifiable person is one who can be identified, directly or indirectly, by reference to a name, or to one or more factors unique to his or her personal physical, psychological, mental, economic, cultural or social characteristics. For Customers residing in Switzerland, an Individual also may include a legal entity.
“Personal Data” as defined under the European Union Directive 95/46/EC means data that personally identifies or may be used to personally identify a person, including an individual’s name in combination with country of birth, marital status, emergency contact, salary information, terms of employment, job qualifications (such as educational degrees earned), address, phone number, e-mail address, user ID, password and identification numbers. Personal Data does not include data that is de-identified, anonymous or publicly available. For Switzerland, the term “person” includes both a natural person and a legal entity, regardless of the form of the legal entity.
“Sensitive Data” means Personal Data that discloses an Individual’s medical or health condition; race or ethnicity; political, religious or philosophical affiliations or opinions; sexual orientation; or trade union membership.
“Third Party” means any individual or entity that is neither Silicon Labs nor a Silicon Labs employee, agent, contractor or representative.