Maxeon Global Privacy Policy

Effective Date: 1-February-2022

This Global Privacy Policy (“Privacy Policy” or “Policy”) applies to Maxeon Solar Technologies, Ltd. and our subsidiary companies including our Local Representative (collectively, “Maxeon”, “we”, “us”, or “our”) regarding your Personal Data (defined below). In markets outside of the United States of America, our subsidiaries may operate using the SunPower brand or a SunPower company name.

Maxeon Solar Technologies, Ltd. is a corporation registered in the Republic of Singapore with Registration No. 201934268H and has a registered office listed on our Corporate Contact Us page.

Our Local Representative is identified on our Office Locations page.

This Policy applies to individuals (“you”) and informs you how to access and update your Personal Data and make certain choices about how we use your Personal Data.

This privacy policy tells you how we collect, use, and share your Personal Data, including via our websites https://maxeon.com, https://www.sunpower.maxeon.com and careers.maxeon.com, as well as via interactions you have with us, including through mobile applications and digital services (collectively, the “Digital Platforms”) that link to or post this Policy, unless otherwise indicated. It also explains how you can contact us and exercise your legal rights.

We may collect your Personal Data through our Digital Platforms, which you may use in accordance with our Terms of Use, as well as through third party digital or social networking platforms, at trade shows or other events, at any time during the sales process, and whenever you interact with customer service representatives from Maxeon or a Maxeon dealer or service provider.

By using our Digital Platforms or otherwise giving us your Personal Data, you are indicating you have read, understood and accepted the practices described in this Policy. If you do not agree to this Policy, then please do not use our Digital Platforms or give us your Personal Data.

We may change this Policy from time to time. The “Effective Date” at the top of this page will let you know when it was last revised. Any changes to this Policy will become effective when we post the revised Policy on the Digital Platforms. If you have concerns about this Policy, then please contact us via the contact information provided in the “Contact Us” section below.

Click below to jump to a specific section of this Policy:

1. Minors
2. Personal Data and Definitions
3. Our collection of Personal Data
4. Purposes for processing your Personal Data
5. Legal bases for processing your Personal Data
6. Direct Marketing Communications and Unsubscribe or Opt-Out
7. Use of interactive features and copyright infringement notices
8. Disclosures of your Personal Data
9. Security
10. Storage and use of your Personal Data outside your jurisdiction
11. Changes to the Policy
12. Exercising your rights (under the PDPA)
13. Exercising your rights (European individuals)
14. Information for California residents (CCPA)
15. Contact Us

1. Minors

Our Digital Platforms and other data collection activities are not directed to and should not be used by minors. We do not knowingly collect, process or transfer Personal Data from minors (namely, individuals under the age of 18). In certain limited instances, e.g., where a minor is included in an advertising campaign, this will be done with the express, written consent of the minor’s parent or legal guardian.

2. Personal Data and Definitions

This Policy discloses our basis and purpose for collecting, processing, disclosing and otherwise using your
Personal Data in accordance with, as applicable, the data protection regulation(s) that apply to you, which may include one of the following regulations.

Singapore: Personal Data Protection Act (“PDPA”)

California: California Consumer Privacy Act (“CCPA”)

European Economic Area: General Data Protection Regulation (“GDPR”)

United Kingdom: United Kingdom General Data Protection Regulation (“UK GDPR”)

Switzerland: Swiss Federal Data Protection Act (“Swiss DPA”)

“Personal Data” is data about a person who can be identified from that data directly or indirectly and is sometimes referred to as “personal information”. Personal Data excludes information and data that is exempted from, as applicable, the regulation that applies to you. Other terms used in this Policy shall have the meanings given to them in the applicable regulation.

3. Our collection of Personal Data

1. The Personal Data we directly collect from you
   When you interact with us, including via the Digital Platforms, we collect information about you, including Personal Data that may directly or indirectly identify you. The following explains the categories of Personal Data we may collect from you and how we collect such information.

1. Online Forms: When you complete an online form to allow Maxeon, or a Maxeon authorized independent distributor or installer, to contact you or to submit a request for a system design proposal, we collect identifiers such as your name, address, telephone number, and email address. We may also collect information relating to your energy consumption, geolocation information, and images of your home or business from, including those from publicly available sources, such as Google Earth. This information will be used to provide you information about our products, services and, where applicable, opportunities with us or our independent distributors or installers. We may also collect information at the time the form is submitted, e.g., IP address, operating system, device identifiers, and location, to allow us to validate the authenticity/validity of the consents obtained through online forms and prevent fraud and abuse.

2. Communications with Maxeon: When you contact Maxeon by telephone, email or other electronic means, such as online chat, or social media accounts, including through private message features, we collect identifiers as set out above and any other Personal Data you choose to provide, as explained below.

   1. Telephone: When you contact Maxeon by telephone, we will collect the telephone number that you use to call us. During a call, Maxeon may additionally collect your name, address, email address, and information about your energy needs and usage, as well as information about your Maxeon system and any issues you may be experiencing. If you are representing a business contact for a commercial client or prospect, this may include your Personal Data. Maxeon records its telephone calls for training and quality assurance purposes. You have the option to proceed on a recorded or non-recorded line.

   2. Email and Electronic Means: When you communicate with Maxeon via email or other electronic means, including through any virtual assistant, we will collect identifiers as set out above, including your user or screen name, email address, location, name and any Personal Data you voluntarily choose to include in the communication, so that we can respond to your inquiry and provide you with quality service.

3. Business Contacts: Maxeon collects the personal or business contact information, including your title, business email and telephone number, you provide to us at trade shows or similar events, including through business card scans or drops, to allow us to contact you or to receive information about us, opportunities with us, or our products or services, either by email or phone via the phone numbers you provide us.

4. Testimonials: When you provide testimonials to Maxeon for us to publish on the Digital Platforms or in marketing materials, with your consent, we collect and may publish identifiers that may include your name, contact information, and information about your experience with Maxeon products and services.

5. Product Warranty Registrations: If you register a product warranty with Maxeon or authorize an independent distributor to do so on your behalf, we will collect your name, address, “Product Information”, and contact information, including telephone number and email address. Product Information includes model numbers, serial numbers, quantity of product, type of installation, location and address of installation, information related to other components used with or installed with the products, product usage, and how the products were purchased or acquired. To the extent that your warranty is registered through a third party, e.g., an independent distributor or installer, our records will reflect this relationship. The information collected during warranty registration will be used by us to service and manage our warranty and other product obligations, including notifying you about any product quality or safety issues and product recalls. This information will also be used to send you surveys about your product purchase, your installation experiences, and your overall satisfaction with our products (see the “Surveys” section, below). This information may also be used to send you marketing information about new products and to request reviews of your experience with us or our products. You may opt out to receiving surveys or marketing information by contacting us.

6. Social Media, Online Forum, Blogs, Message Boards, Chat Rooms: You may choose to interact with Maxeon via social media platforms on which Maxeon is active, including, but not limited to Facebook, LinkedIn, Twitter, or through blogs, chat or messaging features available through the Digital Platforms. Relating to these interactions, Maxeon may collect your screen name, real name and any information that you choose to provide such as posts, comments or feedback that you post or leave on pages, feeds or inboxes belonging to Maxeon. There are areas of the Digital Platforms and social media platforms that are visible to other users or the general public, e.g., blogs. We recommend that you do not post Personal Data to these areas of the Digital Platforms. YOU ASSUME ALL RESPONSIBILITY FOR ANY LOSS OF PRIVACY OR HARM RESULTING FROM YOUR VOLUNTARY DISCLOSURE OF PERSONAL INFORMATION OR POSITIONS TAKEN BY YOU IN PUBLIC AREAS, ON SOCIAL MEDIA OR FORUMS. YOU RECOGNIZE MAXEON MAY HAVE A LIMITED ABILITY TO DELETE OR OTHERWISE MODIFY/OBSCURE POSTS THAT YOU HAVE MADE TO SOCIAL MEDIA ACCOUNTS, WHICH ARE SUBJECT TO THE TERMS OF USE FOR THOSE VARIOUS SOCIAL MEDIA PLATFORMS.

7. Applications: When you sign up or use a Maxeon application or service, we collect the Personal Data you provide to create a profile or account. This may include identifiers such as your name, address, zip or postal code, telephone number, and e-mail address. For security and the prevention of fraud, we may collect additional information about you when you log into a Digital Platform or service, including IP address, length of session, activities performed, and device information.

8. Surveys: If you respond to surveys (surveys include consultations, testimonials, feedback and other responses to marketing activities) issued by Maxeon or by a third party on behalf of Maxeon, Maxeon or that third party will collect your e-mail address, name, and any information you provide in response to or relating to the survey. The survey will indicate whether Maxeon or a third party is collecting the information. Some surveys may not require you to provide any contact details, but we may still collect browser, cookie or other access details to identify the source of the survey results. If we disclose information relating to the survey to third parties, we will do so, where practicable, in non-identifying, aggregated form. We may disclose your feedback about the performance of an independent distributor or installer to that independent distributor or installer in an identified fashion, either with your consent or without your consent, if we deem doing so is necessary to facilitate the resolution of a service quality issue with that independent distributor or installer.

9. Lottery, lucky draws, prize draws, etc. (collectively, “prize draws”): Maxeon may offer a prize draw to encourage you to participate in a survey. The prize draw may be facilitated by a third party. In order to participate in the prize draw, you will need to provide your name and contact details, such as your e-mail address, telephone number and address to Maxeon and/or the third party facilitating the prize draw. The prize draw may be a free prize draw that does not require participation in the survey. Once the prize draw closes, the winner(s) will be randomly selected from the entries in accordance with the terms and conditions of the prize draw. The winner(s) will be contacted directly by Maxeon or the third party so that arrangements may be made to deliver the prize to you.

10. Careers Website: When you apply for a job with Maxeon using our Digital Platforms or https://careers.maxeon.com/, you will be required to acknowledge and consent to our Data Privacy Notice for Employees and Candidates. If you are unable to access this web page, then please request a copy by contacting askHR@maxeon.com. Information collected through the application process includes but is not limited to the following.

    1. Your Personal Details: Name; address; phone number; email address; language; residence status; work authorization or citizenship status; work permit type; nationality; and driver’s license information. We may also collect sensitive and/or other demographic information, such as medical or health information (including vaccination status and test results) and/or your racial or ethnic origin.

    2. Education and Talent Management Details: Recruitment and application materials (resume, CV, letters, experience, education, transcripts, or other information you provide to us); information you provide during an interview or screening; reference and interview notes; technical skills; professional certifications or registrations; language capabilities; and training records and certifications.

    3. Compliance-related Information: Any information required for us to comply with applicable laws and the requests and directions of law enforcement authorities or court orders (e.g., child support and debt payment information).

11. Health Information: We may collect health information from you, including vaccine and contact-tracing information, as permitted by local law to comply with local regulation, to mitigate the spread of disease and/or in accordance with occupational health and safety measures.

12. Consent: We may use your Personal Data for any other purpose for which you consent (including any purposes disclosed in this Policy).

13. Combining Information We Collect: We may combine any of the information we collect from or about you and use it in the manner described in this Policy.

We collect the above information from you, including where you are acting in your personal capacity on behalf of a third party whom you represent (e.g., as an employee, contractor or agent).

We do not seek sensitive information about you (such as health or medical history, ethnicity, political leanings, religious beliefs, trade union membership, sexual preferences, etc.) and you should not provide such information to us, except where such information is required to provide reasonable accommodations or comply with local regulation, to mitigate the spread of disease and/or in accordance with occupational health and safety measures.

Wherever practicable, we will enable you to deal with Maxeon anonymously or pseudonymously, however, in many cases it is not practicable to interact in this way. If you choose not to provide some of your Personal Data, this may prevent us from providing our products or services to you or limit our ability to provide the level of service you would normally expect from us.

2. Personal Data that we collect on the Digital Platforms

The Digital Platforms and our emails you may interact with use cookies, pixel tags, analytics tools, and other similar technologies to collect information about your equipment, browsing actions and patterns. These technologies collect the following information about you from your browser or device whenever you access or use the Digital Platforms: your IP address, pages visited, videos watched, links clicked on, emails received, opened or interacted with, documents downloaded, time spent on the site, geographic location, device type, your computer's operating system, and your browser name.

Data Analytics: We may use third-party data analytics service providers such as Google Analytics to measure the web traffic on different parts of our Digital Platforms in order to improve them. Google Analytics, which anonymously tracks users who have JavaScript enabled, uses technical tools like first-party cookies and JavaScript code to collect information about your interactions with our Digital Platforms. The tracking information may include detailed data about what you do on our Digital Platforms, such as the web pages you visit and for how long and the websites you visited directly before and after coming to our Digital Platforms. In addition, first-party cookies (such as the Google Analytics cookie) and third-party cookies (such as the DoubleClick cookie) are used to report how your ad impressions, uses of ad services, and other interactions are related to visits to our Digital Platforms. We use information from Google Analytics to administer and update our Digital Platforms, assess whether our users match the expected demographics, and determine how key audiences are navigating the content. Google may retain and use, subject to the terms of its privacy policy, information collected in your use of the Google Analytics Information Disclosures and Sharing. Google Analytics offers website visitors the ability to prevent Google from recording, processing, and using the data generated by the Google Analytics cookie. You may opt-out by downloading and installing the browser plug-in available through Google at the following link: https://tools.google.com/‌dlpage/gaoptout.

To learn more, including about how to control our use of cookies and similar technologies, please review our Cookie Policy.

The Digital Platforms contain links to other third-party websites. If you follow a link to any of those third-party websites, please note that they have their own privacy policies and practices. Maxeon does not accept any responsibility or liability for third-party websites’ policies or collection, use, disclosure or management of your Personal Data. Please check these policies before you submit any Personal Data to any third-party websites.

3. Personal Data Maxeon receives from third parties

1. Third Parties with Whom We Have a Relationship: Maxeon may receive your Personal Data from third parties with whom we have a relationship, including our authorized independent distributors, in connection with your purchase of a Maxeon system, e.g., a warranty registration.

2. Purchase of Personal Data from Unaffiliated Third Parties: Where permitted by applicable law, Maxeon may choose to purchase your Personal Data from third-parties, e.g., lead generators, and will use your information in accordance with applicable law (and with your consent, where required), to determine whether you are interested in purchasing a Maxeon product or service, whether that product or service is right for you, or whether the opportunity to become a Maxeon installer or distributor is of interest to you.

3. Referral Programs: Where permitted by applicable law, we may receive your Personal Data from third parties as part of a referral program, including our “Refer a Friend” or “Friends and Family” programs and offers. These may include programs offered by your employer, trade groups or affiliation groups. Your information will only be used for determining your interest in a Maxeon product. If you provide us with Personal Data about any third-party who is an individual, you must obtain that person’s permission to give us the information and inform them that you have given the information to us.

4. Third-Party Site Information: Some of our applications leverage data, including images, from third-party sites or databases, including “Google Earth” images included in our “design a system” or “estimator” functionalities or utility information provided to us by your utility company with your consent. We may also aggregate publicly available information about you, from social media or publicly available websites, e.g. position within a company. Where required, we will seek your consent to collect this data.

5. Links to Third-Party Sites: If you follow a link to any third-party sites or use sites of a third-party service provider, please note that they may have their own privacy policies and practices. Maxeon does not accept any responsibility or liability for their policies or processing of your personal information. Please check these policies before you submit any Personal Data to any third-party sites.

4. Monitoring Data: Personal Data Maxeon receives from monitoring your photovoltaic system

To the extent you have a Maxeon photovoltaic (PV) system that includes monitoring functionality, Maxeon and its service providers associated with monitoring activities will receive your Monitoring Data. Monitoring Data includes an account name or identifier associated with you or your PV system, together with data collected by monitoring products that is associated with you and the location of your PV system, including energy consumption and production information, energy use information, battery storage information, fault information, a precise geolocation or address, utility revenue information, and hardware and software information. We may receive this data directly from you or your PV system, or indirectly through a third party that provides monitoring services or equipment included with your PV system. The data may be displayed through our Digital Platforms, including our monitoring website and applications. We may share this data with third parties in providing monitoring and reporting services to you. These third parties include the monitoring equipment manufacturers, monitoring service providers, system installers, dealers, operations and maintenance providers, governmental regulatory agencies, and utility companies. We may also provide or sell data in aggregated form (in a form where the source cannot be identified) to third parties who are not connected to the monitoring system, such as government agencies and research firms. For more information about our use of your data and our Digital Platforms, please refer to our Terms of Use.

4.  Purposes for processing your Personal Data

We use your Personal Data or other information we collect to facilitate the business relationship we have with you, to comply with our legal and financial obligations, and to pursue our legitimate business interests. Our purposes for using your Personal Data our listed below.

1. To interact with you based on our relationship

To operate the Digital Platforms and provide you with the interactive features, information, products, services or support that you request.

To provide or deliver to you (either individually or in your professional capacity as an authorized representative of a business or organization) the information, products, services, support or transactions you requested from us, including through the Digital Platforms or at a trade show or similar event, such as information about Maxeon, a consultation/quote with Maxeon or an approved Maxeon installer or independent distributor (where available), blog or newsletter subscription, or our energy savings calculation/estimators, to process your order, to supply and/or install such products and related services, including product maintenance, product safety notices and warranty servicing, where applicable, and to provide monitoring services.

If you have provided your information to a distributor or installer that chooses to disclose your Personal Data to us, then to provide product warranty registration and servicing, and also to provide you with surveys about your product purchase and installation experiences and your overall satisfaction with our products.

To keep in contact with you regarding your purchase of our products and services, including providing product risk notifications and warranty servicing.

To keep in contact with you regarding your Digital Platforms registrations and to enforce our legal obligations and rights, including our Terms of Use.

To enforce, where applicable, our contractual rights (e.g., the collection of debt).

Where you have submitted your personal data relating to a job application, to process and evaluate your application.

To validate your identity in your interactions with us and to monitor, detect and prevent fraud.

2. To send you marketing materials or include you in events

To directly market our products and services to you and, where applicable, installer and distributor opportunities to you, including via SMS, phone call, email, fax, mail, social media and/or any other appropriate communication channels, in accordance with any consent requirements.

To gather further information about you from third party sources. For instance, we may use your email address to gather information about which social networks and other web services you subscribe to for analytical or personalization purposes to improve our products, services, marketing activities and the Digital Platforms.

To facilitate your participation in and our administration of any events, including contests, promotions or campaigns.

3. For internal business operations

If we communicate with you by telephone, we may record and monitor our call to help train our staff and to ensure a high quality of customer service.

For product development and to improve our products, services, Digital Platforms and the effectiveness of our marketing activities, we perform market research and surveys, internal marketing analysis, consumer profiling activities, analysis of consumer patterns and choices, and planning and statistical trend analysis in relation to our product and service offerings.

To better understand how you use the Digital Platforms and to produce statistical reports of aggregate website activity.

To identify patterns and trends related to your use of the Digital Platforms to enable us to improve the design and operation of the Digital Platforms, your browsing experience and to monitor, detect and prevent fraud on the Digital Platforms.

To conduct aggregate analysis and develop business intelligence that enable us to operate, protect, make informed decisions, and report on the performance of our business and to improve the effectiveness of our marketing activities.

From time to time, we may release in aggregate the browsing information we have gathered from visitors, such as by publishing a report on trends in the usage of the Digital Platforms.

To manage our contractual relationships with vendors, suppliers and other third parties with whom we do business.

4. For legal compliance

We use your Personal Data to comply with international laws and reporting obligations applicable to publicly traded companies, including those relating to the detection, prevention and monitoring of fraud, anti-corruption and money-laundering, including Know-Your-Customer.

5. With your consent

If you agree to receive direct marketing from other companies, we may disclose your email address and other contact details to other companies so that they can contact you directly about their products and services.

Where you have agreed, we may use your Personal Data to send you information promoting our and selected third parties’ products and services by post, fax, telephone, email, text and/or via social networks and other web-based services you subscribe to, and where required by law, we will ask for your consent at the time we collect your Personal Data to conduct any of these types of marketing.

5. Legal bases for processing your Personal Data

For individuals located in Europe (including the European Economic Area, the UK and Switzerland), the following table provides our legal bases for processing your Personal Data as described in this Policy.

Purpose See above descriptions for more details	Legal Basis
To interact with you based on our relationship	Our legitimate interests in, where applicable, providing the Digital Platforms to you, enforcing our contractual rights and the Terms of Use, providing you with requested information, products, services, support or transactions, maintaining and improving the customer relationship, and, as applicable, considering your application for employment and employing you. Our legitimate interest and legal obligations in informing you of any risks associated with the products or services we supply. To enter into and perform pre-contractual and contractual obligations that we have with you. Our legitimate interest in monitoring, detecting and preventing fraud.
To send you marketing materials and for your participation in events	Our legitimate interest to develop our business. Where we obtain your information from unaffiliated third parties, with your consent.
For internal business operations	Our legitimate interest in developing our employees and product and service offerings.
For legal compliance	To comply with our legal obligations.
With your consent	Processing is based on your consent and you may withdraw it at any time by contacting us in writing.

 

6.  Direct Marketing Communications and Unsubscribe or Opt-Out

We may send you marketing communications, including email communications about our products and services, invite you to our events, or otherwise communicate with you for direct marketing purposes, provided that we do so in accordance with applicable law, including any consent requirements. You may unsubscribe at any time.

We will provide an option to unsubscribe or opt-out of further communication on any electronic marketing communication sent to you or you may opt out by contacting us.

7. Use of interactive features and copyright infringement notices

The Digital Platforms may use interactive forums, blogs, message boards, chat rooms, etc. Unless clearly indicated to the contrary, any information that you post may be viewed by others and/or the general public. We urge you to use good judgment, to adhere to the Terms of Use and not disclose any Personal Data about you that you do not want other users to know. We are not responsible for the use of that information by other users or others who become aware of the Personal Data.

8.  Disclosures of your Personal Data

We may share your Personal Data with trusted third parties or in other instances, including where required by law. We will use contractual or other means, (e.g. Binding Corporate Rules (“BCRs”)), to protect Personal Data disclosed to third parties where required to ensure that the recipient keeps the Personal Data confidential and does not use it for any other purpose except performing the services.

1. Related Entities: We share Personal Data we collect amongst Maxeon related entities to provide our products and services and for internal business administrative purposes.

2. Business Partners: We share Personal Data with business partners, including independent distributors or installers, to provide our products and services.

3. Service Providers: We share Personal Data with service providers that: (1) process information on our behalf; (2) provide infrastructure, products or services to us or on our behalf or help us operate or improve our business, including mailing services, printing, archival and contract management services; (3) participate with us in the provision, maintenance, or operation of the Digital Platforms, including application, development and technical support, processing, storing, hosting and data analysis; and (4) provide you with information, products and/services relating to your Maxeon system or when it is necessary to provide information, products or services to you.

4. Our Professional Advisers: We share Personal Data with our professional advisers (such as lawyers, accountants or auditors) to the extent that is reasonably required.

5. Your representatives: We share Personal Data any persons acting on your behalf including those persons nominated by you, executors, trustees and legal representatives.

6. Corporate Transactions: In the event we enter into or intend to enter into a transaction that alters our business structure, such as a sale, reorganization, merger, joint venture, change of control or other disposition of all or any portion of our business, assets or stock, we may share your Personal Data with third parties to facilitate and/or complete the transaction.

7. Prevention of Harm: We may disclose Personal Data we collect about you to the necessary authorities if we believe you have abused a service offered by us via the Digital Platforms or otherwise by using it to attack other computer systems or to gain unauthorized access to any other computer system, to engage in spamming or otherwise to act in an unlawful manner or to breach the Terms of Use.

8. By Law, to Protect Rights and to Comply with Our Policies: We disclose your Personal Data if required or authorized to do so by applicable law, including when: (1) required to do so by law, e.g. in response to a subpoena or court order (domestic or overseas) or an inquiry by regulators anywhere in the world; (2) we believe, in our sole discretion, that disclosure is reasonably necessary to protect against fraud, or to protect the contractual or property or other rights of us or other users, third parties or the public at large; or (3) we believe that you have abused the Digital Platforms by using it to attack other systems or to gain unauthorized access to any other system, to engage in spamming or otherwise to violate applicable laws.

9.  Security

We store your Personal Data in different ways, including in paper and in electronic form, both at our own premises and with the assistance of our service providers.

We take all reasonable precautions and implement appropriate technical and organizational measures to ensure a level of security to protect the security and the confidentiality of your Personal Data against unauthorized access, disclosure, alteration or destruction. This includes, but is not limited to the following, where applicable: up-to-date antivirus protection, encryption, and disclosing Personal Data both internally and to our authorized third-party service providers and agents only on a need to know basis. Third parties who provide services related to our information technology systems are also obliged to protect the security and the confidentiality of your Personal Data against unauthorized access, disclosure, alteration or destruction. However, no data transmission over the Internet or from a website can be guaranteed to be secure from intrusion. Therefore, while we use reasonable efforts to protect your Personal Data in accordance with data protection legislation requirements, we cannot guarantee its absolute security. Any unauthorized access to or use of the Digital Platforms or the information stored by us should be reported to us immediately by sending an email to customers@maxeon.com.

All Personal Data you provide to us is stored on our secure servers (and the secure servers of our service providers), accessed and used subject to our security policies and standards (and the security policies and standards of our service providers). Where we have given you (or where you have chosen) a password and/or user name which enables you to access certain parts of the Digital Platforms, you are responsible for keeping this password and/or user name confidential and for complying with any other security procedures that we notify you of. We ask that you never share a password with anyone.

10.  Storage and use of your Personal Data outside your jurisdiction

Your Personal Data may be accessed by staff or suppliers in, transferred to, and/or stored at, a destination outside of Singapore or your jurisdiction in which data protection laws may be of a lower standard than in Singapore or your jurisdiction. We store the information we collect via the Digital Platforms and other sources (such as our customer call centers) on centralized computer systems hosted by or on behalf of Maxeon. Some of these systems are located outside of Singapore and outside the European Economic Area (EEA), including in the United States and the Philippines.

These countries may have different laws and data protection compliance requirements from those that apply in Singapore or in your jurisdiction. In such instances, Maxeon has engaged suppliers who are United States Privacy Shield certified and/or have otherwise agreed to protect such information in accordance with the standards in Singapore and European data protection laws, as applicable.

In addition, each of Maxeon’s operating subsidiaries has entered into an intra-group data transfer agreement that implements Standard Contractual Clauses; such intra-group data transfer agreement providing adequate protection to the flows of personal information within Maxeon’s group entities all over the world, even in case where Maxeon undertakings are established in countries where the level of data protection is not considered commensurate with the level offered by data protection offered by data protection laws in the European Union. The Standard Contractual Clauses that have been implemented can be obtained upon request by sending us an email at data-protection@maxeon.com.

In accordance with applicable data protection legislation, we will retain your Personal Data for as long as is necessary for the purposes for which it was collected. Certain transaction details and services and correspondence, such as those relating to your purchase of Maxeon products or the warranty on your Maxeon products, may be retained until the time limit for claims in respect of the transaction has expired or in order to comply with regulatory requirements regarding the retention of such Personal Data, and then archived in accordance with legal requirements, i.e. with statutory limitation requirements. Certain Personal Data, including those of individuals who provide Personal Data to Maxeon, but who do not purchase Maxeon products or services within two years of initial contact with Maxeon, will be deleted or otherwise archived after two years from the initial date of contact with Maxeon.

11.  Changes to the Policy

We reserve the right to make changes to our practices and this Policy at any time. The “Effective Date (Last Updated)” date at the top of this Policy will let you know when it was last revised. Any changes to this Policy will become effective when we make the revised version of this Policy available on our website, maxeon.com and update the links to the Policy on the Digital Platforms. We will not provide you with a notice advising of the change. It is therefore important that you regularly check our websites, maxeon.com, and the Digital Platforms for any changes affecting this Policy. You are deemed to have acknowledged and agreed to any amended version of this Policy of you continue to use the Digital Platforms or our services after changes have taken place pursuant to this section.

12.  Exercising your rights under the PDPA

To the extent the PDPA applies to your Personal Data, you can exercise the following rights by contacting us in writing at data-protection@maxeon.com, and including your full name, contact details, and the details of your request. Maxeon reserves the right to request additional identity verification and in certain cases may decline your request if your request or identity cannot be verified, or as otherwise permitted by law. 

1. Access: You have the right to access, review and request a copy of the Personal Data we hold about you subject to certain exceptions. For a request to access Personal Data, we will provide you with the relevant Personal Data within forty-five (45) days of the request. Where a request cannot be completed in the above time frame, we will notify you of the reasonably soonest time in which we will respond.

2. Correction or Deletion of Personal Data: You may request correction or deletion of the Personal Data we hold about you. Maxeon reserves the right not to change or delete Personal Data it considers to be accurate or necessary to be maintained. We reserve the right to request legal confirmation of changes. We are reliance on you to provide us with accurate information, including your timely communication of any corrections or changes thereto. We will not be responsible for relying on or using any inaccurate or incomplete personal data where you have provided such personal data and/or failed to update us of any changes in your personal data.

3. Withdrawal of Consent: If you consented to the collection, use or disclosure of your information, you may (in certain instances) withdraw that consent at any time, which will not affect the lawfulness of the collection, use or disclosure before your consent was withdrawn. We will process your request within a reasonable timeframe from the receipt of the request.

4. Complaints: If you have any complaint or grievance regarding how we are handling your Personal Data or about how we are complying with the PDPA, please contact us.

5. Fees: Depending on the nature of the work required to process your access request, we may impose a fee to recover our administrative costs. This will be assessed on a case-by-case basis by our Data Protection Officer. Where such a fee is imposed, we will provide you with a written fee estimate. We will only process your request when you agree to the payment of the fee, which will be due before any information is disclosed. In certain cases, we may require a deposit from you before we process the access request. You will be notified if a deposit is required when we provide you with the written estimate of the fee, if any.

13.  Exercising your rights (European individuals)

Under the GDPR, the UK GDPR and the Swiss DPA, you may have the following rights with regards to the Personal Data we hold about you.

1. Access – You can ask to see the Personal Data that Maxeon holds about you. Maxeon may validate your identity and access rights. We may charge you a fee to access your Personal Data. We will advise you of a fee in advance. Applicable law or regulatory requirements may prevent us from disclosing some or all the Personal Data we hold about you. Some Personal Data may have been destroyed, erased or made anonymous. Where we cannot provide you with your Personal Data, we will tell you why, subject to any legal or regulatory restrictions.

2. Correction or Deletion of Personal Data – You may request correction or deletion of the data we hold about you. We reserve the right not to change or delete Personal Data it considers to be accurate or necessary to be maintained. We reserve the right to request legal confirmation of changes. If Personal Data is inaccurate, we will revise it and, unless it proves impossible or involves disproportionate efforts or cost, inform agents, service providers or other third parties, which were provided with inaccurate information, so records in their possession may be updated.

3. Withdrawal of Consent – If you consented to the processing of your Personal Data, then you may (in certain instances) withdraw that consent at any time, which will not affect the lawfulness of the processing before your consent was withdrawn.

4. Objection to processing – You may (in certain instances) have the right to object to the processing of your Personal Data, including profiling, on grounds relating to your particular situation. When profiling is related to direct marketing you always have a right to object.

5. Limitation to processing – You have the right to obtain a restriction of processing in certain instances as provided by data protection law.

6. Data portability – You have the right to receive the Personal Data, which you have provided to us, in a structured, commonly used and machine-readable format when the processing is based on your consent or on a contract. Where technically feasible, you also have the right to ask us to transmit it to another data controller.

7. Complaints – You have the right to lodge a complaint to the data protection authority, if you believe Maxeon has not complied with the requirements of the data regulation with regard to your Personal Data.

You can exercise these rights by contacting us in writing at data-protection@maxeon.com, and including your full name, contact details, the details of your request, and a copy of your identity document. Maxeon reserves the right to request additional identity verification.

14.  Information for California residents (CCPA)

Solely for California consumers, Personal Data has the meaning of “personal information” in the CCPA and does not include information exempted from the CCPA. If you are a California consumer, you may exercise the following rights by contacting us in writing at data-protection@maxeon.com, including your full name, contact details, and the details of your request. Maxeon reserves the right to request additional identity verification and in certain cases may decline your request if your request or identity cannot be verified, or as otherwise permitted by law.

If you designate a third party to act on your behalf, then that third party must be registered with the California Secretary of State and must have valid written evidence of authority from you to act on your behalf, such as a validly executed Power of Attorney or some other written, notarized documentation that must be provided to Maxeon. Maxeon may deny third party requests that don’t include such documentation.

Once we receive, verify and confirm a request, we will respond to the request within forty-five (45) days of the request and, if applicable, provide records cover the 12-month period preceding the date of the request. Where a request cannot be responded to in the above time frame, we will notify you of the reasonably soonest time in which we will respond.

1. Right to Request Disclosure: You have the right to request disclosure about what categories of Personal Data that Maxeon has collected, sold, or disclosed for a business purpose about you and the categories of third parties to whom the Personal Data was sold or disclosed. Additionally, you have the right to request disclosure of specific pieces of information. If Maxeon discloses your Personal Data to a third party and conveys value, such disclosure can be considered a “sale” under the CCPA (Cal. Civ. Code 1798.140(t)(1), even though no monetary value is exchanged. Below is a full list of the information that you can include in your request.

   1. Categories of Personal Data that Maxeon has collected about you.

   2. Categories of sources from which Maxeon has collected the Personal Data.

   3. The business or commercial purpose for collecting or selling the Personal Data.

   4. The categories of third parties with whom Maxeon shares Personal Data.

   5. The specific pieces of Personal Data that Maxeon has collected about you. You have the right to receive this information in a portable and readily useable format.

   6. The categories of Personal Data that Maxeon has disclosed about you for a business purpose.

   7. The categories of Personal Data that Maxeon has sold about you, as well as the categories of third parties to whom Maxeon sold the information.

2. Right to Opt-Out of Sale: You have the right to opt-out of the sale of your Personal Data to third parties.

3. Right to delete: You have the right to request deletion of any of your Personal Data that we have collected from you and retained, subject to certain exceptions, such as when the deletion would create problems with the completion of a transaction or compliance with a legal obligation.

4. Right to Non-Discrimination: Maxeon will not discriminate against you (e.g., by denying you goods or services or providing goods or services at a different level, quality or price) for exercising your rights under the CCPA.

In the twelve (12) months preceding the Effective Date of this Policy, we have or may have disclosed your Personal Data to the following categories of third parties. The below categories are defined in the CCPA.

Categories of Personal Data Personal Information under the CCPA	Categories of Third Parties
Identifiers name, address, email, device or user identifier, cookie, pixel tag, telephone number, IP address, other identifiers, etc.	Maxeon group companies Maxeon affiliates and subsidiaries Business partners independent distributors, installers, builders, and developers Data Analytics Providers Service Providers professional or technical support providers, external auditors and law firms, financial services companies, etc. Utility providers and related agencies
Other Personal Information under Cal. Civ. Code § 1798.80 signature, social security number, driver’s license number, insurance policy number, financial information, employment information, etc.	Maxeon group companies Maxeon affiliates and subsidiaries Business partners independent distributors, installers, builders, and developers Service Providers professional or technical support providers, external auditors and law firms, financial services companies, etc. Utility providers and related agencies
Protected Classifications sex, age, marital status, military and veteran status, etc.	Maxeon group companies Maxeon affiliates and subsidiaries Service Providers professional or technical support providers, external auditors and law firms, financial services companies, etc. Utility providers and related agencies
Commercial Information records of products and services considered, purchased or serviced, etc.	Maxeon group companies Maxeon affiliates and subsidiaries Business partners independent distributors, installers, builders, and developers Data Analytics Providers Service Providers professional or technical support providers, external auditors and law firms, financial services companies, etc. Utility providers and related agencies
Online Activity browsing and search history, information regarding your interaction with Digital Platforms and marketing activities, etc.	Maxeon group companies Maxeon affiliates and subsidiaries Business partners independent distributors, installers, builders, and developers Data Analytics Providers Service Providers professional or technical support providers, external auditors and law firms, financial services companies, etc.
Location Data location of your mobile device or computer	Maxeon group companies Maxeon affiliates and subsidiaries Data Analytics Providers Service Providers professional or technical support providers, external auditors and law firms, financial services companies, etc.
Biometric Information biological information collected when, for example, your call may be recorded when you call us	Maxeon group companies Maxeon affiliates and subsidiaries Service Providers professional or technical support providers, external auditors and law firms, financial services companies, etc.
Inferences inferences we draw from a profile about you reflecting your preferences, characteristics, or predispositions	Not Applicable

 

15.  Contact Us

You may contact our Singapore Data Protection Officer (“DPO”) if you have any inquiries or feedback on our personal data protection policies and procedures by writing to Maxeon Singapore DPO, 8 Marina Boulevard #05-02, Marina Bay Financial Centre, Singapore 018981, or by email at data-protection@maxeon.com.

You can also reach out to Maxeon by contacting us.

 

 

---

 

 

 

 

SunPower Corporation Australia Pty Ltd Privacy Policy

 

 

Effective Date (Last Updated): 26 August 2020

This Global Privacy Policy ("Privacy Policy" or "Policy") applies to Maxeon Solar Technologies, Ltd. and Maxeon Solar Pte. Ltd. and their international subsidiaries, which are referred to collectively as "Maxeon", "SunPower", "we", "our" or "us", regarding your personal data. In markets outside of the United States of America, our international subsidiaries may use the SunPower brand or a SunPower company name.

In Australia, we operate through SunPower Corporation Australia Pty Ltd ("SunPower Australia"). This privacy policy tells you how SunPower Australia and its affiliates collect, use, and share personal information about you, including on its website, www.sunpower.maxeon.com/au, as well as any interactions you have with us, including through mobile applications and digital services (collectively, the "Digital Platforms") that link to or post this Policy, unless otherwise indicated. It also explains how you can contact us and exercise your legal rights.

To the extent that we use your personal data in ways not set out in this privacy policy, we will provide a specific notice at the time of collection, and obtain your consent, where required by applicable law.

To the extent your Personal Data or other personal information is covered by the Personal Data Protection Act ("PDPA"), refer to the Maxeon Data Protection and Privacy Policy, which discloses our basis and purpose for collecting, processing, disclosing and otherwise using your Personal Data in accordance with the PDPA.

We may change this Policy from time to time. The "Last Updated" date at the top of this page will let you know when it was last revised. Any changes to this Policy will become effective when we post the revised Policy on the Digital Platforms. If you have concerns about this Policy, please contact us via the contact information provided in the "Contact Us" section below.

Click below to jump to a specific section of this Privacy Policy:

1. Minors
2. Our collection of information about you
3. Our use of your personal information
4. Marketing
5. Use of interactive features and copyright infringement notices
6. Disclosures to group companies and other third parties
7. Security
8. Storage and use of information about you outside the European Union
9. Changes to the Privacy Policy
10. Cookies
11. Your rights of access, rectification, deletion and objection
12. Contact Us

1. Minors

The Digital Platforms are not directed to and should not be used by minors. We do not knowingly collect personal information on the Digital Platforms from minors. In certain limited instances, e.g. where a minor is included in an advertising campaign, this will be done with the express, written consent of the minor's parent or legal guardian.

2. Our collection of personal information

The personal information we directly collect from you
When you visit and interact with our Digital Platforms, we collect information about you, including personal data that may directly or indirectly identify you.

The following explains the categories of personal data we collect from you and how we collect such data:

• Online Forms: When you complete an online form to allow SunPower, or a SunPower authorized independent distributor or installer, to contact you or to submit a request for a system design proposal, we collect identifiers in the form such as your name, address, zip code, telephone number, and email address. We may also collect information relating to your energy consumption, geolocation information, and images of your home publicly available sources as Google Earth. This information will be used to provide you information about our products, services and, where applicable, opportunities with us. We may also collect information at the time the form is submitted, e.g. IP address, operating system, device identifiers, and location, to allow us to validate the authenticity/validity of the consents obtained through online forms and prevent fraud and abuse.

• Communications with SunPower: When you contact SunPower by telephone, email or other electronic means such as online chat, or social media accounts, including through private message features, we collect identifiers as set out above and any other personal data you choose to provide, as explained below.
  • Telephone: When you contact SunPower by telephone, we will collect the telephone number that you use to call SunPower. During a call, SunPower may additionally collect your name, address, email address, and information about your energy needs and usage, as well as information about your SunPower system and any issues you may be experiencing. If you are representing a business contact for a commercial client or prospect, this may include business personal information. SunPower records its telephone calls for training and quality assurance purposes. You have the option to proceed on a recorded or non-recorded line.
  • Email and Electronic Means: When you communicate with SunPower via email or other electronic means, including through any virtual assistant, we will collect identifiers as set out above, including your screen name, email address, location, name and any personal data you voluntarily choose to include in the communication, so that we can respond to your inquiry and provide you with quality service.

• Business Contacts: SunPower collects the personal or business contact information, including your title, business email and telephone number, you provide to us at trade shows or similar events, including through business card scans or drops, to allow us to contact you or to receive information about us, opportunities with us, or our product or services, either by email or telephonically to the telephone numbers you provide us.

• Testimonials, Marketing Content, Case Studies: When you provide testimonials to or participate in the production of marketing materials or case studies for SunPower to publish on the Digital Platforms or in marketing or promotional materials, with your consent, we collect and may publish identifiers that may include your name (in full or in part), contact information, and information about your experience with SunPower products and services, including the performance of your system.

• Product Warranty Registrations: If you register a product warranty with SunPower or authorize an independent distributor/installer to do so on your behalf, we will collect your name, address, information about products purchased, and contact information, including telephone number and email address. To the extent that your warranty is registered through a third party, e.g. an independent distributor or installer, our records will reflect this relationship. This information will be used by us to implement our warranty obligations, including, notifying you about any product quality or safety issues, such as product recalls, and for surveys to you about your product purchase and installation experiences and your overall satisfaction with our products.

• Social Media, Online Forum, Blogs, Message Boards, Chat Rooms: You may choose to interact with SunPower via social media platforms on which SunPower is active, including, but not limited to Facebook, LinkedIn, Instagram or the SunPower Blog, chat or messaging features available through the Digital Platforms. Relating to these interactions, SunPower may collect your screen name, real name and any information that you choose to provide such as posts, "likes", "follows", comments or feedback that you post or leave on pages, feeds or inboxes belonging to SunPower. There are areas of the Digital Platforms and social media platforms that are visible to other users or the general public, e.g., blogs. We recommend that you do not post personal details to these areas of the Digital Platforms. YOU ASSUME ALL RESPONSIBILITY FOR ANY LOSS OF PRIVACY OR HARM RESULTING FROM YOUR VOLUNTARY DISCLOSURE OF PERSONAL INFORMATION OR POSITIONS TAKEN BY YOU IN PUBLIC AREAS, ON SOCIAL MEDIA OR FORUMS. YOU RECOGNIZE THAT SUNPOWER MAY HAVE A LIMITED ABILITY TO DELETE OR OTHERWISE MODIFY/OBSCURE POSTS THAT YOU HAVE MADE TO SOCIAL MEDIA ACCOUNTS, WHICH ARE SUBJECT TO THE TERMS OF USE FOR THOSE VARIOUS SOCIAL MEDIA PLATFORMS.

• Applications: When you sign up or use a SunPower application or service, we collect the Personal Information you provide to create a profile or account. This may include identifiers such as your name, address, zip code, telephone number, and e-mail address. For security and the prevention of fraud, we may collect additional information about you when you log into a Digital Platform or service, including IP address, length of session, activities performed, and device information.

• Surveys: If you respond to surveys issued by SunPower, we will collect your e-mail address, name, and any information you provide in response to or relating to the survey. Generally, if we disclose information relating to the survey to third parties, including to independent distributors or installers, we will do so in non-identifying, aggregated form. We may disclose your feedback about the performance of an independent distributor or installer to that independent distributor or installer in an identified fashion, either with your consent or without your consent, if we deem doing so is necessary to facilitate the resolution of a service quality issue with that independent distributor or installer.

• Consent: We may use your Personal Information for any other purpose for which you consent.

• Combining Information We Collect: We may combine any of the information we collect from or about you and use it in the manner described in this Policy.

We do not seek sensitive information about you (such as health or medical history, ethnicity, political leanings, religious beliefs, trade union membership, sexual preferences, etc.) and you should not provide such information to us.

Personal information that we collect on the Digital Platforms
The Digital Platforms uses cookies, pixel tags, analytics tools, and other similar technologies to collect information about your equipment, browsing actions and patterns to help our Digital Platforms to function effectively and to improve the services we provide. These technologies collect the following information about you from your browser whenever you access or use the Digital Platforms: your IP address, your computer's operating system, your browser name, and language preferences the web pages that you viewed before, during and just after visiting our website. This browsing information is processed anonymously but may we may link it to your personal details if you have provided these, including for the purpose of documenting or validating the submission of online forms and consents.

Data Analytics
We may use third-party data analytics service providers such as Google Analytics to measure the web traffic on different parts of our Digital Platforms in order to improve them. Google Analytics, which anonymously tracks users who have JavaScript enabled, uses technical tools like first-party cookies and JavaScript code to collect information about your interactions with our Digital Platforms. The tracking information may include detailed data about what you do on our Digital Platforms, such as the web pages you visit and for how long and the websites you visited directly before and after coming to our Digital Platforms. In addition, first-party cookies (such as the Google Analytics cookie) and third-party cookies (such as the DoubleClick cookie) are used to report how your ad impressions, uses of ad services, and other interactions are related to visits to our Digital Platforms. We use information from Google Analytics to administer and update our Digital Platforms, assess whether our users match the expected demographics, and determine how key audiences are navigating the content. Google may retain and use, subject to the terms of its privacy policy, information collected in your use of the Google Analytics Information Disclosures and Sharing. Google Analytics offers website visitors the ability to prevent Google from recording, processing, and using the data generated by the Google Analytics cookie. You may opt-out by downloading and installing the browser plug-in available through Google at the following link: https://tools.google.com/dlpage/gaoptout.

To learn more, including about how to control our use of cookies and similar technologies, please review our Cookies Policy.

The Digital Platforms contains links to other third-party websites. If you follow a link to any of those third-party websites, please note that they have their own privacy policies and practices. SunPower does not accept any responsibility or liability for their policies or processing of your personal information. Please check these policies before you submit any personal information to any third-party websites.

Personal Information SunPower receives from third parties

• Third Parties with Whom We Have a Relationship – SunPower may receive your personal data from third parties with whom we have a relationship, including our authorized independent distributors or installers, in connection with your purchase of a SunPower system, e.g. a warranty registration, and our parent and affiliate companies, including in connection with sales referral opportunities.

• Purchase of Data from Unaffiliated Third Parties – Where permitted by applicable law, SunPower may choose to purchase your personal data from third parties, e.g. lead generators, and will process your data in accordance with applicable law (and with your consent, where required), to determine whether you are interested in purchasing a SunPower product or service, whether that product or service is right for you, or whether the opportunity to become a SunPower installer or distributor is of interest to you.

• Third-Party Site Information: Some of our applications leverage data, including images, from third-party sites or databases, including Google Earth images included in our design a system or estimator functionalities or utility information provided to us by your utility company with your consent. Where required, we will seek your consent to receive this data.

• Links to Third-Party Sites: If you follow a link to any third-party sites or use sites of a third-party service provider, please note that they may have their own privacy policies and practices. SunPower does not accept any responsibility or liability for their policies or processing of your personal information. Please check these policies before you submit any Personal Information to any third-party sites.

3. Our use of your personal information

We use the Personal Information or non-identifiable information we collect to facilitate the business relationship we have with you, to comply with our legal and financial obligations, and to pursue our legitimate business interests, which include the business purposes and in accordance with the legal basis set out below:

PURPOSES	LEGAL BASIS
To provide you, either individually or in your professional capacity as an authorized representative of a business or organization, with the information, products or services you have requested from us, including through the Digital Platforms, such as a consultation/quote with SunPower or an approved SunPower installer or independent distributor (where available), blog or newsletter subscription, or our energy savings calculation/ estimators, to process your order, and to supply and/or install such products and related services, including product maintenance, product safety notices and warranty servicing, where applicable. To provide you requested information, including information about SunPower independent distributor or installer opportunities. To respond to your queries, including where you have provided us your contact information at a trade show or similar event. To recover any payments due to us. To keep in contact with you regarding your purchase of our products and services, your Digital Platforms registrations and compliance with the terms and conditions of use of the Digital Platforms. To send periodic customer experience surveys about your experience with our company, our products, approved SunPower independent distributors or installers, and their services.	To execute the terms and conditions of use of the Digital Platforms. To enter into and perform pre-contractual and contractual obligations that we have with you. To enter into and perform pre-contractual and contractual obligations that we have with you. Our legitimate interest to answer your questions and develop and maintain our relationship with you. To perform and enforce contractual obligations and our legitimate interest in protecting our assets. Our legitimate interest to develop our business and ensure the quality and safety of our goods and services. Our legitimate interest to ensure a high-quality level of customer service and product performance and to improve these levels.
If we communicate with you by telephone (for instance, if we call you to conduct a consultation you have requested via the Digital Platforms or if you call our customer service center with a query about one of our products or services), we may record and monitor our call to help train our staff and to ensure a high quality of customer service.	Our legitimate interest to ensure a high-quality level of customer service and to improve this level. Our legitimate interest and legal obligation to validate your identity, including for security and fraud prevention purposes.
Where you have submitted your personal data relating to a job application, to process and evaluate your application.	The need to execute the terms and conditions of use. Our legitimate interest to evaluate your application and to take the necessary measures prior to concluding a contract with you.
To directly market our products, services and, where relevant, installer opportunities or distributorships, to you.	Our legitimate interest to develop our business. Where we obtain your information from unaffiliated third parties, your consent.
If you are interested in purchasing our products and services, to provide independent distributors/ installers of our products in your area with your information so they can contact you with purchasing and pricing details. Or if you have provided your information to an independent  distributor/installer that chooses to register this information with us, including for warranty registration and servicing purposes.	Our legitimate interest to develop our business and comply with your request for services or information. The need to comply with our legal and contractual obligations.
To better understand how you use the Digital Platforms and to produce statistical reports of aggregate website activity. To identify patterns and trends related to your use of the Digital Platforms to enable us to improve the design and operation of the Digital Platforms and your browsing experience. To improve our products and services. From time to time, we may release in aggregate the browsing information we have gathered from visitors, such as by publishing a report on trends in the usage of the Digital Platforms which may be anonymous. To validate/corroborate your identity in connection with any consents obtained from you via the Digital Platforms.	Our legitimate interest to improve the quality of the Website and of our products and services and to better communicate with you concerning our services and products. Our legitimate interest and legal obligation to secure the Digital Platforms and validate the authenticity and ensure the security of lead forms generated thereon.
To gather further information about you from third party sources. For instance, we may use your email address to gather information about which social networks and other web services you subscribe to for analytical or personalization purposes to improve our products and our Website for users.	Our legitimate interest to evaluate your personal interests and your behavior in order to improve our products and our website.
To conduct aggregate analysis and develop business intelligence that enable us to operate, protect, make informed decisions, and report on the performance of our business and to improve the effectiveness of our marketing activities.	Our legitimate interest to analyze and understand the performance of our business and report on same.
To allow you to participate in interactive features of our service, when you choose to do so.	Your consent.
Where you have agreed, we may use your information to send you information  promoting selected third parties' products and services by post, fax, telephone, email, text and/or via social networks and other web-based services you subscribe to, and where required by law, we will ask for your consent at the time we collect your data to conduct any of these types of marketing.	Your consent.
If you agree to receive marketing from other companies, we may disclose your email address and other contact details to other companies so that they can contact you directly about their products and services.	Your consent.
We use personal information to comply with international laws applicable to publicly traded companies, including those relating to the detection, prevention and monitoring of fraud, anti-corruption, and money-laundering, which including obligations like Know-Your-Customer and reporting obligations.	Our obligation to comply with laws, regulations and applicable industry standards. Our legitimate interest in monitoring, detecting and preventing fraud.

4. Marketing Communications and Unsubscribe or Opt-Out

We may send you marketing communications, including email communications about our products and services, invite you to our events, or otherwise communicate with you for marketing purposes, provided that we do so in accordance with applicable law, including any consent requirements.

We will provide an option to unsubscribe or opt-out of further communication on any electronic marketing communication sent to you, which includes a method to access your Preferences Center, or you may also opt out by contacting us as set out in paragraph 12 below. You may unsubscribe at any time.

5. Use of interactive features and copyright infringement notices

The Digital Platforms may use interactive forums, blogs, message boards, chat rooms, etc. Unless clearly indicated to the contrary, any information that you post may be viewed by others and/or the general public. We urge you to use good judgment, to adhere to the Terms of Use and not disclose any information about you that you do not want other users to know. We are not responsible for the use of that information by other users.

Copyright infringement notices submitted to us by you will be forwarded to the person responsible for the alleged infringement. Other complaints about the content of our Website may also be forwarded to any persons referred to in the complaint.

6. Disclosures of your information

We may share your Personal Information with trusted third parties or in other instances, including where required by law. We will use contractual or other means to protect Personal Information disclosed to third parties where required to ensure that the recipient keeps the Personal Information confidential and does not use it for any other purpose except performing the services.

We share the personal data with our parent and affiliated companies in order to provide our products and services and for our internal business purposes.

We share information we collect about you with our employees, partners, parent companies, affiliates, independent distributors, installers, partners, service providers, vendors and suppliers that:

• process information on our behalf;
• provide infrastructure, products or services to us or on our behalf or help us operate or improve our business;
• participate with us in the provision, maintenance, or operation of the Digital Platforms;
• provide you with information, products and/or services relating to your SunPower system, experience or when it is necessary to provide information, products or services to you.

Corporate Transactions - In the event we enter into or intend to enter into a transaction that alters our business structure, such as a sale, reorganization, merger, joint venture, change of control or other disposition of all or any portion of our business, assets or stock, we may share personal information with third parties for the purpose of facilitating and completing the transaction. In the event that we (or a part thereof) are subject to such an event, you agree that any of your personal information which we hold may be transferred to that reorganised entity or third party and used for the same purposes without further notice to you.

Surveys - If you choose to complete a customer experience survey, information you provide to us may be disclosed to other companies. Your information may be provided in identifiable format to your authorized independent SunPower distributor/installer; for other non-affiliated third parties, it will be anonymised and/or aggregated.

Compliance with Law - We may disclose information we collect about you if required, or authorised, in our sole discretion, to do so by applicable law (domestic or overseas) or in response to a court order or its equivalent and/or regulators anywhere in the world. We may also disclose your information in order to protect against fraud or to protect our contractual, property or other rights.

Prevention of Harm - We may disclose information we collect about you to the necessary authorities if we believe you have abused a service offered by us via the Digital Platforms or otherwise by using it to attack other computer systems or to gain unauthorised access to any other computer system, to engage in spamming or otherwise to act in an unlawful manner or to breach the terms of use of the service or the Digital Platforms.

7. Security

We take all reasonable precautions and implement appropriate technical and organizational measures to ensure a level of security to protect the security and the confidentiality of your personal information against unauthorized access, disclosure, alteration or destruction. However, no data transmission over the Internet or any website can be guaranteed to be secure from intrusion. Therefore, while we use reasonable efforts to protect your personal information in accordance with data protection legislation requirements, we cannot guarantee its absolute security. Any unauthorised access to or use of the Digital Platforms or the information stored by us should be reported to us immediately by sending an email to: data-protection@maxeon.com.

All information you provide to us is stored on our secure servers or cloud environments and accessed and used subject to our security policies and standards. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential and for complying with any other security procedures that we notify you of. We ask you not to share a password with anyone.

8. Storage and use of information about you outside the European Union

Your personal information may be accessed by staff or suppliers in, transferred to, and/or stored at, a destination outside the European Economic Area (EEA) in which data protection laws may be of a lower standard than in the EEA. We store the information we collect via the Digital Platforms and other sources (such as our customer call centres) on centralised computer systems hosted by or on behalf of Maxeon Solar Technologies, Ltd. These are located outside of the EEA, including in the United States, Singapore, and the Philippines.

Please be aware that data protection laws in the United States, Singapore and the Philippines do not currently offer the same level of protection as in European Union and you may have fewer statutory rights in respect of information stored and processed by Maxeon Solar Technologies, Ltd. about you. In such instances, Maxeon Solar Technologies, Ltd. has engaged suppliers who are US Privacy Shield certified and/or have otherwise agreed to protect such information in accordance with European data protection laws.

In addition, each of SunPower's operating subsidiaries have entered into an intra-group data transfer agreement that implements Standard Contractual Clauses; such intra-group data transfer agreement provide adequate protection to the flows of personal information within SunPower's group entities all over the world, even in case where SunPower undertakings are established in countries where the level of data protection is not considered commensurate with the level offered by data protection offered by data protection laws in the European Union. The Standard Contractual Clauses that have been implemented can be obtained upon request by sending us an email at data-protection@maxeon.com.

In accordance with applicable data protection legislation, we will retain your personal information for as long as is necessary for the processing purpose for which they were collected. Certain transaction details and services and correspondence, such as those relating to your purchase of SunPower products or the warranty on your SunPower products, may be retained until the time limit for claims in respect of the transaction has expired or in order to comply with regulatory requirements regarding the retention of such data, and then archived in accordance with legal requirements, i.e. with statutory limitation requirements. Certain data, including those of individuals who provide personal data to SunPower, but who do not purchase SunPower products or services within two years of initial contact with SunPower, will be deleted or otherwise archived after two years from the initial date of contact with SunPower.

9. Changes to the Privacy Policy

Due to changes in technology, applicable law and our activities or due to other business reasons, we may need to modify this privacy policy. We will put the new version of this privacy policy on this website and on the Digital Platforms without a notice advising of the change. It is therefore important that you regularly check this website and the Digital Platforms for any changes affecting this policy.

10. Cookies

Our website uses "web cookies" that it places on your computer whenever you visit the website in order to distinguish between and to log access by each visitor's browser. For detailed information on the cookies we use and the purposes for which we use them, please see our Cookies Policy.

11. Exercise of your rights

Under the General Data Protection Regulation ("GDPR") you may have the following rights with regards to the personal information we hold about you:

• Access – You can ask to see the personal data SunPower holds about you. SunPower may validate your identity and access rights. SunPower may charge you a fee to access your personal information. We will advise you of a fee in advance. Applicable law or regulatory requirements may prevent us from disclosing some or all the personal data we hold about you. Some personal data may have been destroyed, erased or made anonymous. Where we cannot provide you with your personal data, we will tell you why, subject to any legal or regulatory restrictions.

• Correction or Deletion of Personal Information –You may request correction or deletion of the data we hold about you. SunPower reserves the right not to change or delete personal data it considers to be accurate or necessary to be maintained. We reserve the right to request legal confirmation of changes. If personal data is inaccurate, we will revise it and, unless it proves impossible or involves disproportionate efforts or cost, inform agents, service providers or other third parties, which were provided with inaccurate information, so records in their possession may be updated.

• Withdrawal of Consent – If you consented to the processing of your data, you may (in certain instances) withdraw that consent at any time, which will not affect the lawfulness of the processing before your consent was withdrawn.

• Objection to processing – You may (in certain instances) have the right to object to the processing of your personal data, including profiling, on grounds relating to your particular situation. When profiling is related to direct marketing you always have a right to object.

• Limitation to processing – You have the right to obtain a restriction of processing in certain instances as provided by data protection law.

• Data portability – You have the right to receive the personal data, which you have provided to us, in a structured, commonly used and machine-readable format when the processing is based on your consent or on a contract. Where technically feasible, you also have the right to ask us to transmit it to another data controller.

• Complaints – You have the right to lodge a complaint to the data protection authority, if you believe that SunPower has not complied with the requirements of the GDPR with regard to your personal data.

You can exercise these rights by writing to us at SunPower Corporation Australia Pty Ltd, Suite 12, 214 Bay St., Brighton VIC 3186, Australia, or by sending an email to data-protection@maxeon.com, including your full name, contact details, the details of your request, and a copy of your identity document.

12. Contact Us

SunPower Corporation Australia Pty. Ltd. is the Data Controller in respect of your personal information processed by us under this Privacy Policy.

We can be contacted about this Privacy Policy or our processing of your personal information at the following addresses:

SunPower Corporation Australia Pty. Ltd.
Suite 207, 28 Riddell Parade
Elsternwick VIC 3185
 

Data Protection Authority
If you are not satisfied with the way in which we handle your query, concern or complaint, you can contact the Office of the Australian Information Commissioner by any of the following methods:

Phone: 1300 363 922 (calling from inside Australia)
Phone: +61 2 9284 9749 (calling from outside Australia)
TTY: 133 677 then ask for 1300 363 922
Fax: +61 2 9284 9666
Mail: GPO Box 5218, Sydney NSW 2001
Email: enquiries@oaic.gov.au
Web: https://www.oaic.gov.au/about-us/contact-us