Privacy Policies GENTEX CORPORATION PRIVACY POLICIES Jump to: U.S. Privacy Policy Third-Party GDPR Data Protection and Cookie Notice Gentex Corporation Web Site Privacy and Cookie Policy EFFECTIVE DATE: November 20, 2023 Gentex Corporation (“Gentex” or “we”), headquartered at 324 Main Street, Simpson, Pennsylvania 18407, is committed to maintaining the integrity and privacy of your personal data collected through the gentexcorp.com website (the “Site”). This privacy and cookie usage policy (“Privacy Policy”) discloses Gentex’s information collection and processing practices in connection with the Site and applies solely to the information that we collect through the Site. By using the Site you signify your acceptance of the terms in this Privacy Policy. If you do not agree to any of the terms of this Privacy Policy, you should not use the Site. CHANGES TO PRIVACY POLICY Gentex may amend this Privacy Policy at any time. All amended terms automatically take effect 30 days after the date when they are posted on the Site. You agree that notice on the Site of changes to the policy is sufficient notice. Your continued use of the Site following the posting of changes to this Privacy Policy will mean that you accept those changes. COLLECTION OF YOUR PERSONAL DATA The amount and type of information we collect depends on how you use the Site. Gentex may collect information—some of which relates to you as an individual—(“Personal Data”) from a variety of sources, including (a) information you provide directly; (b) information we collect about you when you visit our Site, use our services, or view our online advertisements; and (c) information we receive from other sources. Information We Collect Directly From You. We may collect information directly from you when you visit our Site, purchase products from our Site, choose to use services or participate in programs or otherwise provide information directly to us. Information we collect directly from you includes your name, postal address, email address, phone number, employer, and other information about you such as product and service size, preferences and/or behaviors; and future communication preferences. Information We Collect About You. We may automatically collect information about you when you visit our Web Site, purchase our products, use our services, or view online advertisements. We may log data or use tracking technologies such as cookies and web beacons to collect this information about you. For more information about our use of tracking technologies, see the section below on our use of cookies. We may collect the following information about you: Technical information, including your IP address, browser type and version, browser plug-in types and versions, operating system and platform, and device-specific information, such as time zone setting and mobile network information (including location information); and Information about your visit, including, web pages you view, links you click, web sites you visited before coming to our Site, page response times, download errors, and page interaction information (such as lengths of visits to certain pages, scrolling, clicks and mouse-overs). Information We Receive From Other Sources. We work closely with third parties (including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers) and may receive information about you from them. Please keep in mind that any information provided to us by a third-party may also be subject to that third-party’s privacy policy and their applicable data protection laws and regulations. Gentex does not assume, and expressly disclaims, any liability for third parties that have been provided with information as permitted by this Privacy Policy or who have collected information as permitted by this Privacy Policy. When ordering products through the Site, you may be asked to provide credit card or other payment information. Such information is collected directly by a third-party service provider and is never stored in any manner by Gentex. AUTOMATICALLY COLLECTED INFORMATION Each time a visitor comes to the Site, Gentex collects some information to improve the overall quality of the visitor’s online experience. Such information may include referral data (e.g., the address of the last URL a user visited prior to clicking through to the Site) and your web browser and operating platform type. Aggregated Data. In addition to collecting these types of information, Gentex collects aggregate queries for internal reporting. Gentex also counts, tracks, and aggregates the visitor’s activity into Gentex’s analysis of general traffic flow at the Site. To these ends, Gentex may merge information about you into aggregated group data. Gentex also may remove personal identifiers from Personal Data and maintain it in aggregate form that may later be combined with other information to generate aggregated statistical information. Such data may be shared on an aggregated basis with Gentex’s affiliates, business partners, distributors, service providers and/or vendors; if it does so, Gentex will not disclose your individual identity. Web Server Logs and IP Addresses. An Internet Protocol (“IP”) address is a number that automatically identifies the computer/machine you have used to access the Internet. The IP address enables our server to send you the webpages that you want to visit, and it may disclose the server owned by your Internet Service Provider. Gentex may use IP addresses to conduct Site analyses and performance reviews and to administer the Site. Cookies and Web Beacons. We use cookies and other tools, described in this Privacy Policy, to give you the best possible experience on our Site. By continuing to browse this Site, you give consent for cookies to be used. We do not control the use of cookies by third parties. For more details, including how you can amend your preferences, please see the above section on our use of cookies. International Transmission. You acknowledge that the Internet is a global environment and using the Internet to collect and process data can involve the transmission of data on to countries outside of the United States. As described above, we may share your Personal Data with third parties and Gentex subsidiaries and affiliates. We may also share your Personal Data with governmental or regulatory authorities or otherwise to prevent illegal activities. These companies or authorities may be located in, or store Personal Data in, countries different to that in which you are located. Marketing. We may use information we collect for marketing of Gentex services and products to you as you interact with websites on the internet. Gentex, or a third party distributor or service provider we select, may serve ads according to information we collect during your visits to the Site. If you do not want to receive marketing communications, you can opt out of such marketing communications by emailing us at customerinfo@gentexcorp.com. HOW WE USE THIS INFORMATION Personal Data We use the Personal Data and other information we collect to provide you the services and products you request, information about such services and products, and to tell you about other services and products that may be available to you. We may use it at some point in the future to fulfill business transactions related to the service and products you have ordered. Otherwise, we will ask for your prior consent. We also use the Personal Data to manage our Site. Specifically, we may use the Personal Data as follows: We may use the Personal Data for: fulfilling our obligations arising from any contracts entered between you and us and providing you with the information, products and services you request; fulfilling product orders made through the Site; customer or other inquiries by you; providing you with important administrative information regarding the site and the services, such as changes to this Privacy Policy; creating and managing your account; developing and providing advertising tailored to your interests; providing feedback, sizes, preferences, and other information to third-party service providers and distributors; sending you product-related or service-related communications; ensuring that content from the Site is presented in the most effective way for you and your computer; administering and improving our Site, including troubleshooting, data analysis, testing, research, statistical and survey purposes; and measuring the effectiveness of the advertising we serve to you and others. SHARING YOUR INFORMATION Gentex will not sell, rent, license, or trade your Personal Data with third parties other than as specified in this Privacy Policy unless we receive your express consent to do so. Unless you give your informed consent to do so, Gentex will not share your Personal Data other than as specified in this Privacy Policy. When you provide Personal Data to Gentex we may make it accessible to our product distributors and certain third-party service providers to perform a variety of services on our behalf. These service providers include business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you; advertisers and advertising networks for selecting and serving relevant adverts to you and others; and analytics and search engine providers for assisting us in the administration and improvement of the Site. Please note that we provide our distributors and service providers with only the Personal Data necessary for them to perform services and only for use for such purposes and, as necessary, will enter into agreements with then to ensure that they provide an adequate level of protection to these Personal Data. Gentex may also disclose Personal Data in connection with conducting audits, responding to legal and/or regulatory requirements and information requests (e.g. for civil litigation), enforcing Gentex’s policies, or in responding to complaints or safety, fraud preventions, hacking or other security concerns. Gentex may also share your Personal Data with: members of Gentex corporate family and any successors; other companies that work with, or on behalf of Gentex to provide products and services, including distributors (as described below); law enforcement or other governmental officials, in response to a request relating to a criminal investigation or alleged illegal activity; and/or other business entities, in connection with the sale, assignment, merger or other transfer of Gentex’s business to such business entity. COOKIES AND OTHER TECHNOLOGY Cookies are text files containing a small amount of data, usually a unique string of letters and numbers. They are commonly used throughout the Internet and are stored on and accessed from your device when you visit a website (including the Site). This allows the website to recognize your visit from those of other users of the Site. You can find more information at http://www.allaboutcookies.org and http://www.youronlinechoices.eu. We may also use pixels, web beacons, or clear gifs which are small graphics with a unique identifier that function similar to cookies, used to track the online movements of Site users. Gentex these technologies, either directly or indirectly, to assist us with your requests and make your browsing experience easier (i.e., by remembering your preference) and providing you with a seamless experience on our Site. They allow us to gauge where our visitors come from (e.g., Google search), recognize and count the number of visits to our Site, as well as how visitors move around the Site. Cookies help us to improve not only the way our website works, but to ensure you find what you’re looking for easily as well. The technology also allows us to target you with specifically tailored advertising based on your visit(s) along with carry out business analytics, other statistic activities and traffic. If you would like to learn more about cookies and other tools you can do so by visiting www.allaboutcookies.org or https://thenai.org/about-online-advertising/what-are-my-options/, which include additional useful information on cookies and can show you how to block these tools using different types of browsers. For more information on how you can control cookies and other tools used for advertising, please see the below section “Online Advertising & Preferences” Google Analytics: These cookies are used to collect information about how visitors use the Site. The cookies collect information, including the number of visitors to the Site, where visitors have come to the Site, and third-party audience data (such as age, gender, and interests, and the pages they visited). We use the information to compile reports of our users’ browsing patterns so that we can improve the Site. You can opt-out of Google Analytics tracking by visiting their ad settings page: http://www.google.com/settings/ads. This Site is being monitored by one or more third-party monitoring software(s), and may capture information about your visit that will help us improve the quality of our service. You may opt-out from the data that https://doublesmart.digital is collecting on your visit through a universal consumer options page located at https://doublesmart.digital/Unsub/unsub.html ONLINE ADVERTISING & PREFERENCES We may allow third-party companies to serve ads or collect certain information about you when you visit the Site. These companies may use browsing information (e.g., click stream information, Web browser type, time and date, subject of advertisements clicked or scrolled over) during your visits to the Site and other web sites in order to provide advertisements about products and services likely to be of interest to you. These companies typically use a cookie or other technology describe in the section above to collect this information. You have several options to control and opt-out of these tools: You can learn more about targeted and behavioral advertising practice and opt-out of this type of advertising from participating third parties’ providers, by visiting http://www.networkadvertising.org. Typically, you can control the collection of information about your visit to our and other websites through website browser tools. You can click on the Cookie Declaration on our website to learn about the different types of cookies and other tools used on our Site and, if you reside in certain states, you can change the settings to opt-out of collection of information used for behavioral or targeted advertising. You can also use the Global Privacy Control (“GPC”) to signal your opt-out preference. To learn more about the GPC, please visit https://globalprivacycontrol.org. If you delete cookies or reset your device, you may need to set your preference again to ensure we continue to honor your preferred choice. LINKS TO OTHER SITES The Site contains links to third-party web sites that may offer information of interest. This Privacy Policy does not apply to those web sites, and Gentex recommends reviewing those web sites’ privacy policies individually. Gentex is not responsible for the content at these third-party sites. In particular, we are not responsible for removing your Personal Data from the lists of any third-party who has previously been provided your Personal Data in accordance with this Privacy Policy. SECURITY Gentex has established reasonable precautions to protect collected Personal Data from loss, misuse, unauthorized access, disclosure, alteration or destruction, which include contractual, administrative, physical, and technical steps. Technical measures include use of firewall protection and encryption technology where appropriate. Although Gentex takes reasonable precautions to assess the reliability of such technology, it relies on the statements of the vendors of those products and services as part of its security evaluation. Please note that although Gentex has endeavored to create a secure and reliable Site for users, the confidentiality of any communication or material transmitted to/from the Site cannot be guaranteed. However, we do not promise, and you should not expect, that your Personal Data are always safe against cyber-attacks, involuntary data loss or hacking, as such activities are common. Gentex urges you to take every precaution to protect your Personal Data when you are on the Internet. Change your passwords often, use a combination of letters and numbers, and make sure you use a secure browser. This Site is a general audience site and does not target or intend to collect Personal Data from children. CHILDREN’S PRIVACY Under Age 13 Our Site is not specifically directed toward children, and we do not knowingly collect personal information from persons under the age of 13 on our Site without verifiable parental consent. If we learn that a child under the age of 13 has submitted personally identifiable information online without parental consent, we will take all reasonable measures to delete such information from our databases and to not use such information for any purpose (except where necessary to protect the safety of the child or others as required or allowed by law). If you become aware of any personally identifiable information we have collected from children under 13, please contact us at customerinfo@gentexcorp.com or by calling 888-894-1755. Under Age 18 Minors under 18 years of age may have the Personal Data that they provide to us through the Site deleted by sending an email to customerinfo@gentexcorp.com requesting deletion. Please note that, while we make reasonable efforts to comply with such requests, deletion of your personal information does not ensure complete and comprehensive removal of that data from all systems. YOUR PRIVACY RIGHTS If you are a resident of California or other jurisdictions or states when applicable, you have the following rights with respect to your personal information: The right to know what personal information we have collected, used, disclosed and sold about you. The right to correct inaccurate personal information we have collected about you. The right to request that we delete any personal information we have collected about you. You also have the right to opt-out of the sale of your personal information or sharing of your personal information for targeted or cross-contextual advertising. For more information on Gentex’s use of online advertising and your choices, please see above. Gentex does not sell personal information for money. You have a right to appeal any decision that Gentex makes regarding your privacy rights. To exercise your rights described above, you can contact Gentex at customerinfo@gentexcorp.com or by calling 888-894-1755. You also may designate an authorized agent to make these requests. When you exercise these rights and submit a request to us, we may verify your identity by asking for information about your relationship with Gentex, such as email address on file, address, phone number or recent order information. Your exercise of these rights will have no adverse effect on the price and quality of our goods or services. CALIFORNIA SHINE THE LIGHT DISCLOSURE This Privacy Policy describes how we may share your information for marketing purposes. You may contact us with any questions and, to the extent applicable, to request once a calendar year a list of third parties to whom we may disclose information for their own marketing purposes and the categories of information we may disclose. Please contact us at customerinfo@gentexcorp.com. CROSS BORDER TRANSFERS To facilitate our global operations, Gentex may transfer, store, and process information collected by our subsidiary located in the United Kingdom. In such cases and if you access the Site abroad, you consent to understand that your information may be transferred to and stored in the United States, which may have different data privacy laws and may not provide the same protections. CONTACT DETAILS If you have any questions or concerns regarding this privacy policy, or you wish to contact us by phone or postal mail, our contact information is as follows: Mailing address: 324 Main Street, Simpson, Pennsylvania, 18407 Phone: 888-894-1755. Email: customerinfo@gentexcorp.com Gentex Corporation Third-Party GDPR Data Protection and Cookie Notice LAST UPDATED: December 12, 2024. INTRODUCTION AND SCOPE This data protection and cookie notice (this “Notice“) describes how Gentex Corporation, headquartered at 324 Main Street, Simpson, Pennsylvania 18407 USA, and its respective affiliates (“us“, “we“, or “our“) collect, handle, share and use the personal data of data subjects who are both resident in the European Economic Area (“EEA“) or the United Kingdom (“UK“) and who: visit or interact with our website at https://www.gentexcorp.com/ (the “Website“) and/or use any of the services available through the Website; are a director, officer, employee, or contact at: one of our customers; and/or a Service Provider (as such term is defined in Part C of Schedule 1 (Definitions)), collectively, the “Data Subjects“. If you are not a Data Subject, this Notice does not apply to you. We recommend that Data Subjects read this Notice in full to ensure that they are fully informed. If you are a Service Provider or customer, please provide this Notice to your directors, officers, employees, or contacts who have dealings with us. We shall act as a controller of Data Subjects’ personal data under the EU General Data Protection Regulation, the UK General Data Protection Regulation, and related data protection laws in the EEA and the UK (collectively, the “GDPR“) in relation to the processing activities covered by this Notice. We have set out our contact details in section 12 (How to Contact Us) below. If we process personal data as a data processor, we will process such personal data in accordance with the terms of the contract we have with the third party for whom we act as data processor, and this Notice shall not apply to the processing of such personal data. Capitalised terms not defined in the main body of this Notice have been defined in Schedule 1 (Definitions). WHAT PERSONAL DATA DO WE PROCESS AND HOW IS IT COLLECTED? In this section, we set out the types of personal data we may collect and the potential sources of such information. We may also receive any or all the types of personal data referred to in this section from our Affiliates. What personal data do we collect when you visit our Website? Data Subject Provided Personal Data Data Subjects may provide to us (whether by uploading, email, telephone, post or otherwise) the following types of personal data through their use of the Website (and/or any of the services available through the Website), which we may then collect, use, store and/or transfer in accordance with this Notice: Contact and Professional Data Marketing and Communications Data Voluntarily Provided Data Automatically Collected Personal Data The following types of personal data may be automatically collected or logged when Data Subjects access and use the Website (and/or any of the services available through the Website), which we may then collect, use, store and/or transfer in accordance with this Notice: Cookie and Technical Data Usage Data What personal data do we collect from our customers? AML/KYC Data Contact and Professional Data Demographic Data Government Issued Data Financial Data Transaction Data Voluntarily Provided Data What personal data do we collect from our Service Providers? AML/KYC Data Contact and Professional Data Demographic Data Government Issued Data Voluntarily Provided Data Special Categories of Personal Data We do not request any special categories of personal data from Data Subjects with respect to the data processing activities covered by this Notice (this includes details about race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information concerning health, and genetic and biometric data). However, Data Subjects may provide these types of personal data to us as Voluntarily Provided Personal Data. We will rely on “conditions” (including explicit consent) provided for in the GDPR to process such special category data. Criminal Convictions and Offences Personal Data With respect to Data Subjects visiting or interacting with our Website, or using any of the services available through the Website, we do not also request any personal data relating to criminal convictions and offences with respect to the data processing activities covered by this Notice. However, such personal data may be provided to us as Voluntarily Provided Personal Data. We will rely on “conditions” provided for in the GDPR to process such criminal convictions and offences data. We may process personal data relating to criminal convictions and offences with respect to directors, officers, employees, or contacts (as the case may be) at a Service Provider or customer to the extent that such data forms part of AML/KYC Data. Such Data Subjects may also provide these types of personal data to us as Voluntarily Provided Personal Data. We will rely on “conditions” provided for in the GDPR to process such criminal convictions and offences data. Children Our Website (and the services available on our Website) are not intended for children. We do not knowingly collect personal data from children under the age of 13. Parents or guardians of a child under the age of 13 who believe such child has disclosed personal to us, should contact us using the contact details at section 12 (How to Contact Us) below. A parent or guardian of a child under the age of 13 may review and request deletion of such child’s personal data as well as prohibit the use thereof. HOW WE USE PERSONAL DATA This section sets out how we use the personal data that we obtain or receive and our lawful basis under the GDPR for doing so (as defined in Part B of Schedule 1). PURPOSE OF DATA PROCESSING TYPE OF PERSONAL DATA LAWFUL BASIS FOR PROCESSING To register you as a new customer · Contact and Professional Data · AML/KYC Data · Performance of a Contract Condition for any special category personal data: · Article 9(2)(f) GDPR (AML/KYC Data) · Article 9(2)(g) GDPR (AML/KYC Data) To process and deliver orders from our customer · Contact and Professional Data · Financial Data · Transaction Data · Marketing and Communications Data · Performance of a Contract · Legitimate Interest (i.e., to recover debts due to us) To manage our relationship with our customers and Service Providers · Contact and Professional Data · Marketing and Communications Data · Legitimate Interest (i.e., to keep our records updated and manage our relationship with customers and Service Providers) · Performance of a Contract Operating, evaluating, developing, promoting, and growing our and our Affiliate’s business (including developing new products and services), including evaluating, entering into, and performing corporate transactions (including those involving raising capital, whether equity or debt, mergers and acquisitions, joint ventures, the sale, transfer, or merger of all or parts of our business or our assets) · Contact and Professional Data · Marketing and Communications Data · Voluntarily Provided Data · Legitimate Interests (i.e., in developing our and our Affiliate’s business) · Performance of a Contract Condition for any special category personal data: · Article 9(2)(a) GDPR (Voluntarily Provided Data) Complying with legal and regulatory obligations, including: · maintaining accurate books and records · facilitating internal and external audits · conducting internal investigations · conducting verification, “know your client”, terrorist financing, sanctions, and anti-money laundering checks · preventing and detecting fraud · investigating and addressing any complaints, claims, proceedings, or disputes · responding to requests and directions from Governmental Authorities; and · seek advice from Professional Advisors, including legal advice. · Contact and Professional Data · Cookie and Technical Data · Marketing and Communications Data · Voluntarily Provided Data · AML/KYC Data · Demographic Data · Compliance with a Legal Obligation Condition for any special category personal data: · Article 9(2)(a) GDPR (Voluntarily Provided Data) · Article 9(2)(f) GDPR (AML/KYC Data, Demographic Data) · Article 9(2)(g) GDPR (AML/KYC Data, Demographic Data) Condition for any criminal offences personal data: · Article 10 GDPR and applicable UK and/or EU member state law Preparing for and addressing investigations and disputes (including those involving Affiliates, Professional Advisors and Governmental Authorities) · All types of data set out in Part A of Schedule 1 (Definitions) to the extent relevant to the investigation or dispute · Legitimate Interests (i.e., in resolving investigations and disputes) · Performance of a Contract · Compliance with a Legal Obligation Condition for any special category personal data: · Article 9(2)(a) GDPR (Voluntarily Provided Data) · Article 9(2)(f) GDPR (AML/KYC Data, Demographic Data) · Article 9(2)(g) GDPR (AML/KYC Data, Demographic Data) Condition for any criminal offences personal data: · Article 10 GDPR and applicable UK and/or EU member state law Responding to Data Subjects who request such contact · Contact and Professional Data · Consent Managing and protecting our business and our Website, employees and staff from risks and threats, including identifying and preventing virtual threats such as cyber-attacks · Contact and Professional Data · Cookie and Technical Data · Usage Data · Voluntarily Provided Data · Legitimate Interests (i.e., to prevent fraud and for the proper running of our business) · Compliance with a Legal Obligation To deliver relevant website content and measure or understand the effectiveness of the advertising we serve to you · Contact and Professional Data · Cookie and Technical Data · Usage Data · Legitimate Interests (i.e., to grow our business and develop our products/services) Sending electronic marketing and promotional materials to Data Subjects in a business-to-business context and enabling Data Subjects to complete surveys · Contact and Professional Data · Marketing and Communications Data · Legitimate Interests (i.e., to grow our business and develop our products/services) · Consent Participating and recording audio and video content of virtual and physical meetings (including webinars, training sessions and other events) · Contact and Professional Data · Monitoring Data · Voluntarily Provided Data · Legitimate Interests (i.e., to improve our services) · Consent Condition for any special category personal data: · Article 9(2)(a) GDPR (Voluntarily Provided Data) If a Data Subject has provided consent to processing and subsequently withdraws that consent, we may still process that Data Subject’s personal data where we have another lawful basis for doing so, provided that the Data Subject has not expressly asked us to stop processing their personal data in accordance with section 10 (Data Protection Rights). Where we need to collect personal data by law or under the terms of a contract that we have with a Data Subject and the Data Subject fails to provide that personal data when requested, we may not be able to perform the contract we have with the Data Subject (for example, to provide access to the Website or our services). SHARING OF PERSONAL DATA We may share Data Subjects’ information with the following categories of third parties: Affiliates Business Partners Governmental Authorities Professional Advisors Service Providers We require all our data processors and any other third party that we provide Data Subjects’ personal data to respect the security of Data Subjects’ personal data and to treat it in accordance with applicable law. We do not allow our data processors to use Data Subjects’ personal data for their own purposes and only permits them to process Data Subjects’ personal data for specified purposes and in accordance with our instructions. Please see Section 7 (International Transfers) below for information on international transfers to such third parties. MARKETING We may send Data Subjects marketing communications (including newsletters) if they have requested such communications from us or if we are otherwise allowed to do so under applicable law. Third Party Marketing Companies We will obtain Data Subjects’ consent before we share their personal data with any company outside of our group of companies for marketing purposes. Opt-Out If a Data Subject does not wish to receive marketing information from us, the Data Subject can opt-out by contacting us using the contact details at section 12 (How to Contact Us) below or by clicking the opt-out link in our electronic marketing communications. COOKIES We deploy and use cookies on our Website. Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site. We use certain cookies on our Website and platforms. There are four types of cookies that we use: Necessary Cookies Functional Cookies Analytics Cookies Advertising Cookies. These cookies perform different functions as explained in Part D of Schedule 1 (Definitions). We use both first party and third-party cookies. First party cookies are set by the website you are visiting. Third party cookies are set by a domain which is different to the website you are visiting. Cookies can be either session cookies or persistent cookies. Session cookies are cookies which are deleted when you close your internet browser. Persistent cookies stay in place after you have closed your browser, for example, a cookie which tracks whether you are a new or return visitor to the Website. Necessary Cookies will always be active on your device, but we ask for your consent to place Functional, Analytics and Advertising Cookies and other similar technologies on your device. If at any time you want to change your cookie settings, including withdrawing your consent to this processing, we would encourage you to do this via the links below. You may need to refresh the page before the changes to the settings take effect. Please see our cookie banner on our Website for more details. Many web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set, visit www.aboutcookies.org or www.allaboutcookies.org. To opt out of being tracked by Google Analytics across all websites, visit http://tools.google.com/dlpage/gaoptout. INTERNATIONAL TRANSFERS Personal data may be transferred, stored, and accessed within the EEA or the UK or transferred to, stored in, and accessed from countries outside the UK or EEA in order to fulfil the purposes described in this Notice. For transfers to countries outside the UK and the EEA, the data protection regime may be different than in the country in which the Data Subject is located and may not provide the same level of data protection. Therefore, whenever we transfer personal data out of the UK and the EEA, we will rely on, to the extent necessary under the GDPR, appropriate “adequacy decisions”, safeguards (including Standard Contractual Clauses), or derogations. Where the jurisdiction to which we transfer your personal data from the UK and/or the EEA is not recognised as a jurisdiction deemed as providing adequate protection by the European Commission or the Information Commissioner’s Office, the appropriate safeguards that we rely on and have in place, where necessary, are the EU 2021 Standard Contractual Clauses (“SCCs“), the UK International Data Transfer Agreement and the UK Addendum to the SCCs (as applicable). If, however, an adequacy decision does apply, we will rely on that adequacy decision. Data Subjects can obtain more information about the countries to which their personal data is transferred and copies of the additional measures put in place by contacting us using the contact details at section 12 (How to Contact Us) below. AUTOMATED DECISION MAKING We do not make any decisions regarding Data Subjects solely using automated decision making (including profiling) based on Data Subjects’ personal data. RETENTION OF PERSONAL DATA We will only retain Data Subjects’ personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, regulatory requirements, the potential risk of harm from unauthorized use or disclosure of the personal data, the purposes for which we process the personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. Details of retention periods for personal data are available from us on request using the contact details at section 12 (How to Contact Us) below. LEGAL RIGHTS If you are a Data Subject, you may have the following rights under the GDPR in relation to your personal data: Request access to your personal data Request correction of the personal data that we hold about you Request erasure of your personal data Object to processing of your personal data Request restriction of processing of your personal data Request the transfer of your personal data to you or to a third party Withdraw consent at any time where we are relying on consent to process your personal data To exercise any of the rights set out above, please contact us using the contact details provided in section 12 (How to Contact Us) below. There are exceptions and exemptions that apply to some of the rights, which we will apply in accordance with the applicable data protection laws. Where you have any such rights under applicable laws, we will respond to any such rights that you want to exercise within one (1) month of receiving the request, unless the request is complex, in which case it may take longer. In addition to the above rights, you have the right to lodge a complaint with a supervisory authority. We may need to request specific information from you to help us confirm your identity and your right to access the personal data (or to exercise any of the other rights). LINKS TO OTHER WEBSITES Our Website may contain links to other websites. These websites may have separate privacy and data collection practices, independent of our practices, and data subjects’ use and access to such sites is subject to those terms and policies. We have no responsibility or liability for these independent policies or actions and we are not responsible for the privacy practice or the content of such websites. HOW TO CONTACT US To ask any questions regarding this Notice or to exercise any rights, please contact us using the following contact details: Address: 324 Main Street, Simpson, Pennsylvania 18407 USA, Attn: Legal Department Email: legal@gentexcorp.com AMENDMENTS TO THIS NOTICE This Notice may be revised from time to time, including where we add new features and services, as laws change, and as industry privacy and security best practices evolve. We display a “Last Updated” date in at the top of this Notice so it is clear when there has been a change. If we make any change to this Notice regarding use or disclosure of personal data, we will provide notice on the Website and as otherwise required. Small changes or changes that do not significantly affect Data Subjects’ privacy interests may be made at any time and without prior notice. SCHEDULE 1 (DEFINITIONS) TYPES OF PERSONAL DATA THAT WE PROCESS TYPE OF PERSONAL DATA DETAILS Anti-Money Laundering and Know Your Customer Data (“AML/KYC Data”) · Personal data contained in government issued identification documents · Financial and banking information (including investment history and source of funds) · Information relating to political exposure if revealed during AML, KYC, fraud checks, or transaction-related due diligence · Criminal convictions and offences data if revealed during AML, KYC, fraud checks, or transaction-related due diligence Contact and Professional Data · First name · Last name · Name of employer or the organization represented · Title and position · E-mail address, and physical address · Telephone numbers · Date and country of birth · Country of residence, nationality, and citizenship Cookie and Technical Data · Our cookie banner sets out details of the cookie and related data which we collect and process. · Internet protocol (IP) address · Browser type and version · Time zone setting and location · Browser plug-in types and versions · Operating system and platform · Information regarding how the website is used · Other technology on the devices used to access the Website Demographic Data · Data and country of birth · Gender · Country of residence, nationality, and citizenship Financial Data · Bank account details · Payment card details Government Issued Data · Social Security number · Driver’s license number · Passport number · National identification number · Tax identification number Marketing and Communications Data · Preferences in receiving marketing from us and third parties · Communication preferences Monitoring Data · Recording of telephone and video calls · Photographic or video images of Data Subjects (including CCTV) Transaction Data · Details about payments to and from you and other details of products and services you have purchased from us Usage Data · Information about how the Website is used Voluntarily Provided Data · Any other personal data provided by the Data Subject, including “special category” personal data or criminal convictions or offences data. GDPR LAWFUL BASES FOR PROCESSING LAWFUL BASIS DESCRIPTION Compliance with a Legal Obligation We may process personal data to the extent necessary for us for us to comply with applicable laws. Consent We may process personal data where the Data Subject has provided consent for us to do so. Legitimate Interests We may process personal data for our legitimate interests as a business or those of a third party where our processing does not prejudice the Data Subject’s rights so as to override our legitimate interest. We have provided examples where applicable in section 3 (How we use personal data). Performance of a Contract We may process personal data where it is necessary for us to do so in order to exercise our rights or satisfy our obligations under a contract we have with the Data Subject. THIRD PARTY DATA SOURCES AND RECIPIENTS THIRD PARTY DESCRIPTION STATUS OF THIRD PARTY Affiliates Refers to our affiliates, subsidiaries, or entities under common management or subject to common control as us. Joint controller with our other Affiliates. Business Partners Refers to current or prospective business partners which we undertake commercial, corporate, or other business transactions (involving mergers, acquisitions, equity, debt, or credit). Independent controller. Governmental Authorities Refers to governmental authorities in the EEA, UK, or other countries, including law enforcement agencies, tax authorities, and supervisory authorities, and regulators. Independent controller. Professional Advisors Refers to current or prospective professional advisors including lawyers, accountants, bankers, auditors, and insurers. Independent controller. Service Providers Refers to current or prospective party providers of services such as IT services, hosting services, administration services, and other business process and marketing services. Our Service Providers may also include funds administrators and financial institutions. Typically, data processors. However, Service Providers who are independently regulated will be independent controller. COOKIE FUNCTIONS Cookie Type Details Necessary These cookies are essential in order to provide you with the services you request on our Website and in order that we can comply with legal obligations such as our security obligations under data protection law. We do not need to ask for your consent in order to use these cookies as without them we would not be able to provide the services requested by you. These are always active on the Website. Functional These cookies allow us to provide a better user experience on this site, such as by remembering your log-in details or optimizing video performance. Functional cookies are only used if you consent to it via our cookie banner. Analytics These cookies collect information about things like how many people visit our Website, what parts of the Website people look at and how many new visitors we have to the Website. These cookies help us to monitor how effective our Website is and to improve it, tailoring it to our visitors. Analytics cookies are only used if you consent to it via our cookie banner. Advertising These cookies are used to provide you with access to content and information that you may be interested in. Advertising cookies are only used if you consent to it via our cookie banner.