EU-U.S. Privacy Shield

EU-U.S. Privacy Shield
Privacy Statement

Kingston Technology Company, Inc. (“Kingston”) recognizes that privacy is very important to our customers, and we pledge to protect the security and privacy of any Personal Data that customers provide to us. This includes customer's names, addresses, telephone numbers, email addresses, an online identifier (social media account or IP address), date of birth, bank account, financial information, documents used for ID purposes including driver licenses, passports and any information that can be linked to an individual. Not only does Kingston strive to collect, use and disclose, where individuals have consented, Personal Data in a manner consistent with the laws of the countries in which it does business, but it also has a tradition of upholding the highest ethical standards in its business practices. This Personal Data Protection Policy (the "Policy") sets forth the privacy principles that Kingston follows with respect to transfers of Personal Data from the European Union (EU) and other countries with which Kingston does business.

EU-U.S. Privacy Shield

The United States Department of Commerce have worked with the European Commission to develop the EU-U.S. Privacy Shield to allow U.S. companies to meet the EU law requirements that Personal Data transferred from the EU to the United States be adequately protected. Consistent with its pledge to protect personal privacy, Kingston adheres to the Privacy Shield Principles.

Scope

This Personal Data Protection Policy (the "Policy") applies to all Personal Data received by Kingston in the United States from the EU and/or other applicable countries, recorded in any form (including electronic, paper or verbal).

Definitions

The following definitions shall apply throughout this Policy:

  • "Agent" - any third party that uses Personal Data provided to Kingston to perform tasks on behalf of and under the instructions of Kingston.

  • “Kingston” - Kingston Technology Company, Inc. and its affiliates.

  • "Personal Data - Information or a set of information that identifies or could be used by or on behalf of Kingston to identify an individual. Personal Data does not include information that is encoded, anonymous, aggregated or publicly available information that has not been combined with non-public Personal Data.

  • "Sensitive Personal Data" - Personal Data that reveals racial, ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership or information that specifyings the health or sex life of the individual. In addition, Kingston will treat any information as Sensitive Personal Data which received from a third party where that third party treats and identifies the information as sensitive.

Privacy Principles

The privacy principles in this Policy are based on the Data Protection Directive and Privacy Shield Principles.

Notice

When Kingston collects Personal Data directly from individuals in the EU and/or other applicable countries, it will inform them about the purposes for which it collects and uses their Personal Data, the types of third parties (other than Agents), if any, to which Kingston discloses that information, and the choices and means, if any, that Kingston offers individuals for limiting the use and disclosure of their Personal Data. Notice will be provided in clear and conspicuous language when individuals are first asked to provide Personal Data to Kingston, or as soon as practicable thereafter, and in any event before Kingston uses the information for a purpose other than that for which it was originally collected. If Kingston receives Personal Data from its affiliates or other entities in the EU and other countries with which Kingston does business, it will use such information in accordance with the notices such entities provided and the choices made by the individuals to whom such Personal Data relates.

Choice

Kingston will offer individuals the opportunity to choose (opt-out) whether their Personal Data is (a) to be disclosed to a third party (other than an Agent), or (b) to be used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual.

For Sensitive Personal Data, Kingston will give individuals the opportunity to affirmatively and explicitly (opt-in) consent to (a) the disclosure of the information to a third party, or (b) the use of the information for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual. Kingston will provide individuals with reasonable methods to exercise their choices.

Accountability For Onward Transfers

Kingston is a global corporation and has developed global data security practices designed to ensure that Personal Data is properly protected. Personal Data may be transferred, accessed and stored globally as necessary for the uses and disclosed stated in accordance with this policy. By providing Personal Data, individuals consent to Kingston transferring their Personal Data to its affiliates global and third party entities that provide service to Kingston.

Kingston will obtain assurances from its Agents that they will safeguard Personal Data consistently with this policy. If Kingston has knowledge that an Agent is using or disclosing Personal Data in a manner contrary to this policy, Kingston will take reasonable steps to prevent or stop the use or disclosure.

Security

The security of Personal Data is important to Kingston. We have implemented reasonable security measures to protect Personal Data in its possession from loss, misuse and unauthorized access, disclosure, alteration and destruction.

Data Integrity & Purpose Limitation

Kingston will use Personal Data only in ways that are compatible with the purposes for which it was collected or subsequently authorized by the individual. Kingston will take reasonable steps to ensure that Personal Data is relevant to its intended use, accurate, complete, and current.

Kingston will retain Personal Data for as long as the account is active; as needed to provide individuals the products or service; as necessary to comply with legal obligations, resolve disputes and enforce agreements; or to the extent permitted by law.

Access

Upon request, Kingston will grant individuals reasonable access to Personal Data that it holds about them, and Kingston will take reasonable steps to permit individuals to correct, amend, or delete information that is demonstrated to be inaccurate or incomplete.

While the issues related to access right can be handled quickly, complex requests may take more research and time. In such cases, issues will be addressed, or individual will be contacted regarding the nature of the compliant, problem and appropriate next steps, within thirty (30) days.

Resource, Enforcement And Liability

Kingston will conduct compliance audits of its relevant privacy practices to verify adherence to this Policy. Any employee that Kingston determines is in violation of this Policy will be subject to disciplinary action up to and including termination of employment.

Dispute Resolution And Enforcement

Any questions or concerns regarding the use or disclosure of Personal Data should be directed to Kingston at the address given below. Kingston will investigate and attempt to resolve complaints and disputes regarding the use and disclosure of Personal Data in accordance with the principles contained in this Policy within thirty (30) days of receiving a complaint.

For complaints that cannot be resolved between Kingston and individuals, Kingston has further committed to cooperate with EU Data Protection Authorities (DPAs). If we have not addressed the complaint to the individual’s satisfaction, they can contact EU DPAs for more information or to file a complaint. The services of EU DPAs are provided at no cost to individuals.

Contact Information

Questions or comments regarding this Policy should be submitted to Kingston by mail or E-mail as follows:

  • Kingston Technology Company, Inc.

  • 17600 Newhope Street

  • Fountain Valley, CA. 92708 USA

  • Email: webmaster@kingston.com

Changes To Personal Data Protection Policy

This Policy may be amended from time to time, consistent with the requirements of the Data Protection Directive and/or Privacy Shield Principles. Kingston will provide appropriate public notice about such amendments.

        Back To Top