Cohu, Inc. and its affiliates in the Cohu group of companies (including, without limitation, Delta Design, Inc., Rasco GmbH), herein referred to as “Cohu”, is a supplier of test handling, burn-in and thermal solutions used by the global semiconductor industry, microwave communications and video equipment. Cohu is committed to respecting the privacy of our and our affiliate’s employees, officers and directors, as well as of our affiliates’ customers, clients, consultants, vendors and their respective employees, officers and directors. Due to the international nature of our business, we may need from time to time to transfer from the European Economic Area (“EEA”) to our offices in the U.S., or to maintain at our offices in the U.S., information regarding such individuals and entities.
SAFE HARBOR OVERVIEW:
The European Commission’s (“EC”) comprehensive privacy legislation requires that transfers of personal information take place only to countries that provide an “adequate” level of privacy protection. In order to bridge the differences in approaches to privacy employed by the United States and Europe, the U.S. Department of Commerce has made separate agreements with the EC on a set of data protection principles (the “Safe Harbor Principles”) to enable U.S. companies to satisfy the requirement that adequate protection be given to personal information transferred from European Union countries (“EU”) to the U.S. Cohu adheres to the Safe Harbor Principles.
Personal Information: Any information or set of information that identifies, or could reasonably be used to identify, an individual. Personal information does not include information that is encoded or anonymized, or publicly available information that has not been combined with non-public personal information.
Sensitive Personal Information: Any personal information specifying medical or health conditions; personal sexuality; racial or ethnic origin; political opinions; religious, ideological, or philosophical beliefs; or trade union-related views, activities, or membership; information on social security measures; or information on administrative or criminal proceedings and sanctions, which are treated outside pending proceedings. Additionally, Cohu will treat as sensitive any personal information received from a third party where the third party identifies and treats it as sensitive.
The following privacy principles are based on the Safe Harbor Principles.
Notice: Cohu will inform individuals about the purposes for which Cohu collects and uses personal information about them, how to contact Cohu with any inquiries or complaints, the types of non-agent third parties to which Cohu discloses the personal information, and the choices and means Cohu offers individuals for limiting the use and disclosure of their personal information. Notice will be provided in clear and conspicuous language when individuals are first asked to provide personal information to Cohu, or as soon thereafter as practicable, but in any event before Cohu uses or discloses such personal information for a purpose other than that for which it was originally collected.
Choice: Cohu will provide individuals the opportunity to choose (opt out) whether their personal information is to be disclosed to a non-agent third party or to be used for a purpose that is incompatible with the purposes for which it was originally collected or subsequently authorized by the individual. Individuals will be provided with clear and conspicuous, readily available, and affordable mechanisms to exercise choice
For sensitive personal information, Cohu will provide individuals the opportunity to affirmatively or explicitly choose (opt out) whether their sensitive personal information is to be disclosed to a non-agent third party or to be used for a purpose that is incompatible with the purposes for which it was originally collected or subsequently authorized by the individual.
Onward Transfer (Transfers to Third Parties): Cohu will apply the Notice and Choice privacy principles when disclosing personal information to any non-agent third party. Cohu may use agents (third parties that perform tasks on behalf of and under the instructions of Cohu) to process personal information. In these cases, Cohu will only transfer personal information to the agent after obtaining assurances from the agent that they will safeguard personal information consistently with this policy. This may include ascertaining that the agent has certified to the Safe Harbor Principles or they otherwise subscribe to privacy standards that are compatible with the EU’s laws on data protection. Where Cohu has knowledge that an agent is processing personal information inconsistent with this policy, Cohu will take reasonable steps to prevent or stop such processing. .
Access: Cohu will provide individuals with reasonable access to their personal information to be able to correct, amend, or delete personal information where it is demonstrated to be inaccurate or incomplete, except where the burden or expense of providing access would be disproportionate to the risks to the individual’s privacy in the case in question, or where the rights of persons other than the individual would be violated.
Data Security: Cohu will take reasonable precautions to protect personal information from loss, misuse, unauthorized access, disclosure, alteration, and destruction.
Data Integrity: Cohu will process personal information only in ways that are relevant and consistent with the purposes for which it was originally collected or subsequently authorized by the individual, and will take reasonable steps to ensure that the personal information is reliable for its intended use, accurate, complete and current.
Enforcement: Cohu has put in place processes to ensure and verify compliance with this policy and will remedy any failure to comply with the Safe Harbor Principles. Cohu will investigate and attempt to resolve any complaints and/or disputes regarding the use and disclosure of personal information in accordance with the principles of this policy. For complaints and/or disputes that cannot be resolved between Cohu and the complainant, Cohu has agreed to cooperate and comply with the European Union Data Protection Authorities to resolve disputes pursuant to the Safe Harbor Principles
Cohu will provide an annual self-certification to the U.S. Department of Commerce as to its adherence to the Safe Harbor Principles.
LIMITATION ON APPLICATION OF THE SAFE HARBOR PRINCIPLES:
Adherence by Cohu to the Safe Harbor Principles may be limited (a) to the extent necessary to meet national security, public interest, or law enforcement requirements, (b) by statute, government regulation, or case law that creates conflicting obligations or explicit authorizations, provided that, in exercising any such authorization, an organization can demonstrate that its noncompliance with the Safe Harbor Principles is limited to the extent necessary to meet the overriding legitimate interests furthered by such authorization, or (c) if the effect of applicable privacy legislation is to allow exceptions or derogations, provided they are applied in comparable contexts.
Cohu will regularly review this policy to ensure that it provides an appropriate level of protection for personal information. Cohu reserves the right to amend this policy from time to time, consistent with the requirements of the Safe Harbor Principles. Appropriate notice will be given concerning such amendments, including the timely posting on Cohu’s website. Please check back periodically for updates to this policy. This policy was last updated on June 10, 2010.
Any questions, complaints, access requests, comments regarding this policy, or the reporting of any inappropriate disclosure or use of personal information, should be directed to Cohu’s Privacy Officer at:
Attn: Privacy Officer
12367 Crosthwaite Circle
Poway, CA USA 92064