Accuride Privacy Policy
PRIVACY POLICY - Accuride Corporation
We take your privacy very seriously. Please read this privacy policy carefully as it contains important information on who we are, how and why we collect, store, use, and share your personal information. It also explains your rights in relation to your personal information and how to contact us or supervisory authorities in the event you have a complaint. This Privacy Policy applies globally to the Accuride Group (defined below). However, certain jurisdictions may require different rules, and in certain cases, Accuride Group has adopted local policies that are compliant with local jurisdictional requirements. In the event of a conflict between a local policy and this Policy, the local policy complies. Local policies may be found at https://www.accuridecorp.com/local-privacy
We collect, use and are responsible for certain personal information about you. When we do so we are subject to various laws in the countries in which we do business, and certain members of the Accuride Group are responsible as “controller” of that personal information for the purposes of those laws.
1. Key Terms. It would be helpful to start by explaining some key terms used in this policy:
We, us, our, Accuride, or the Accuride Group: Accuride Corporation and our affiliates, including Gunite Corporation, KIC LLC, Accuride Wheels Europe & Asia GmbH, Accuride Wheels Troyes S.A.S., Accuride Wheels Solingen GmbH, Accuride Wheels Ebersbach GmbH, Accuride Wheels Ronneburg GmbH, Accuride Wheels ASIA Limited, Accuride Wheels (Shandong) Co., Ltd, Accuride Wheels RUSSIA, Accuride EMI, LLC, Accuride Distributing, LLC, Accuride Henderson, LLC, AOT, LLC, Accuride Canada Inc., Accuride Erie, LP, and Accuride Wheels Bilecik Jant Sanayl Anonim Kirketi. The contact information for these Accuride companies is listed at https://www.accuridecorp.com/aboutaccuride/facilities-and-locations.
Our representative: For all Accuride companies not based in the EEA, our representative is: Accuride Wheels Solingen GmbH
Our data protection officer: For purposes of the GDPR, the data protection officer may be contacted at the following email address: privacy@accuridecorp.de
Personal information: Any information relating to an identified or identifiable individual
2. Personal Information We Collect About You. We may collect and use the following personal information that identifies, relates to, describes, is reasonable capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household:
2.1 Use of Our Website If you use our website (www.accuridecorp.com, “our website”), we process your personal information as follows:
a. Calling up our website / access data
Each time you use our website, we collect the access data that your browser automatically transmits to enable you to visit the website. The access data includes in particular:
- IP address of the requesting device,
- Date and time of the request,
- Address of the accessed website and the requesting website,
- Information about the browser and operating system used,
- Online identifiers (e.g. device identifiers, session IDs).
The data processing of this access data is absolutely necessary to enable the visit of the website, to ensure the permanent operability and security of our systems as well as for the general administrative maintenance of our website. The access data is also temporarily stored in internal log files for the purposes described above, for example in order to find the cause of repeated or criminal calls that endanger the stability and security of our website and to take action against them.
The legal basis is Art. 6 (1) (b) of the European General Data Protection Regulation ((EU) 2016/679; “GDPR”), insofar as the page view occurs in the course of the initiation or execution of a contract, and otherwise Art. 6 (1 ) (f) GDPR due to our legitimate interest in enabling the website view and permanent functionality and security of our systems.
b. Making Contact
You have various options for contacting us. These include our contact form. In this context, we process data exclusively for the purpose of communicating with you.
The legal basis for such processing of your personal information is Art. 6 (1) (b) GDPR, insofar as your information is required to answer your inquiry or to initiate or execute a contract, and otherwise Art. 6 (1) (f) GDPR based on our legitimate interests in processing your enquiry and communicating with you for this purpose. We only use your personal information for marketing and promotional purposes (such as sending you promotional materials or contacting you by telephone for promotional purposes) if you have given your respective informed consent. If you are not an existing customer, we will also only send you promotional e-mails on the basis of your consent. The legal basis for processing your personal information in these cases is Art. 6 (1) (a) GDPR.
The data we collect when you contact us will be automatically deleted after we have fully processed your request, unless we still need your request to fulfil contractual or legal obligations.
c. Use of Cookies and Similar Technologies
This website uses cookies and similar technologies (collectively, “Tools”) provided either by us or by third parties.
A cookie is a small text file that is stored on your device by the browser. Cookies are not used to run programs or download viruses onto your computer. Comparable technologies are in particular web storage (local / session storage), fingerprints, tags or pixels. Most browsers are set by default to accept cookies and similar technologies. However, you can usually adjust your browser settings so that cookies or similar technologies are rejected or only stored with your prior consent. If you refuse cookies or similar technologies, not all of our offers may function properly for you.
In the following, we list the tools we use by category, informing you in particular about the providers of the tools, the storage period of the cookies and the transfer of data to third parties. In addition, we explain in which cases we obtain your voluntary consent to use the tools and how you can revoke this consent.
Should - even despite the greatest care - the information in the cookie banner contradict that in this data protection declaration, the information in this data protection declaration shall take precedence.
i. Legal Basis
We use tools necessary for website operation based on our legitimate interest pursuant to Art. 6 (1) (f) GDPR (as the case may be, in conjunction with applicable national law such as, for Germany, Sec. 25 (2) of the German Federal Act on Data Privacy in Telecommunications and Telemedia Services (“TTDSG”)) to enable you to use our website more conveniently and individually and to make use as time-saving as possible. In certain cases, these tools may also be necessary for the performance of a contract or for the implementation of pre-contractual measures, in which case the processing is carried out in accordance with Art. 6 (1) (b) GDPR (where applicable in conjunction with Sec. 25 (2) TTDSG).
We use all other tools, in particular those for marketing purposes, on the basis of your consent pursuant to Art. 6 (1) (a) GDPR, where applicable in conjunction with applicable national law such as Sec. 25 (1) TTDSG. Data processing with the help of these tools only takes place if we have received your consent in advance.
To the extent personal data is transferred to third countries, please refer to the below section 10. (“Transferring Your Personal Information Out of the Country of Origin”), also with regard to the possible associated risks. We will inform you if we have concluded standard contractual clauses or other guarantees with the providers of certain tools. If you have given your consent to the use of certain tools, we will (also) transfer the data processed when using the tools to third countries on the basis of this consent.
ii. Obtaining of Your Consent
We use Drupal to obtain and manage your consent. Drupal generates a banner informing you about data processing on our website and giving you the option to consent to all, some or no data processing through optional tools. This banner will appear the first time you visit our website and when you revisit to change your choices or withdraw consent. The banner will also appear on subsequent visits to our website if you have deactivated the storage of cookies or if the cookies or information in our local storage have been deleted or have expired.
iii. Withdrawal of Your Consent:
You can revoke your consent for certain tools at any time. To do so, click on the “Privacy Settings” tab at the bottom of the Accuridecorp.com homepage. There you can also change the selection of the tools you wish to consent to using, as well as obtain additional information on the cookies and the respective storage period. Alternatively, you can assert your revocation for certain tools directly with the respective provider
iv. Necessary tools
We use certain tools to enable the basic functions of our website (“necessary tools”). Without these tools, we could not provide our service. Therefore, necessary tools are used without You can revoke your consent for certain tools at any time. To do so, click on the “Privacy Settings” tab at the bottom of the Accuridecorp.com homepage. There you can also change the selection of the tools you wish to consent to using, as well as obtain additional information on the cookies and the respective storage period. Alternatively, you can assert your revocation for certain tools directly with the respective provider 5 consent based on our legitimate interests pursuant to Art. 6 (1) (f) GDPR or for the performance of a contract or for the performance of pre-contractual measures pursuant to Art. 6 (1) (b) GDPR. The reading and storing of information on your personal device are necessary for us to provide you with the requested online service and in pursuance with national law like the German § 25 (2) Nr. 2 TTDSG.
- Our Own Cookies
We use our own necessary cookies in particular
- to save your language settings,
- to indicate that information placed on our website has been displayed to you - so that it will not be displayed again the next time you visit the website.
- Google Tag Manager
Our website uses Google Tag Manager, a service provided for users from the European Economic Area and Switzerland by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland and for all other users by Google LLC 1600 Amphitheatre Parkway Mountain View, CA 94043, USA (together “Google”).
The Google Tag Manager is used exclusively to manage website tools by integrating socalled website tags. A tag is an element that is stored in the source code of our website in order to execute a tool, for example through scripts. If these are optional tools, they will only be integrated by the Google Tag Manager with your consent.
Google Tag Manager sets the following cookies for technical debugging purposes: “_ga”, “_gid”, and “_gat”.
Legal basis is Art. 6 (1) (f) GDPR, based on our legitimate interest to integrate and manage multiple tags in an uncomplicated way on our website.
For the purpose of ensuring stability and functionality, Google collects information on which tags are integrated by our website within the framework of the use of the Google Tag Manager, but in principle no personal data, in particular no data on user behaviour, the IP address or the pages visited.
We have concluded an order processing agreement with Google. In the event that personal data is transferred to the USA or other third countries, we have concluded standard contractual clauses with Google pursuant to Art. 46 (2) lit. c GDPR. For further information, please refer to section 10. (“Transferring Your Personal Information Out of the Country of Origin”). For more information, see Google’s information on TagManager.
v. Analysis tools
In order to improve our website, we use tools for the statistical collection and analysis of general usage behaviour based on access data (“analysis tools”). We also use analytics services to evaluate the use of our various marketing channels.
The legal basis for the use of these analysis tools is - unless otherwise stated - your consent according to Art. 6 (1) (a) GDPR. For the revocation of your consent, please see the above section “Revoking your consent or changing your selection”. In the event that personal data is transferred to the USA or other third countries, your consent expressly extends to the transfer of data (Art. 49 (1) (a) GDPR). Please refer to section 10. (“Transferring Your Personal Information Out of the Country of Origin”) for the associated risks. We only read and store information on your personal device with your informed and explicit consent and in pursuance with national law like the German § 25 (1) TTDSG.
- Google Analytics
Our website uses Google Analytics, which for users from Europe, the Middle East and Africa (EMEA) is provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland and for all other users is provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (collectively “Google”).
Google Analytics uses cookies and similar technologies to analyse and improve our website based on your user behavior. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. The data accruing in this context may be transferred by Google to a server in the USA for evaluation and stored there. Please refer to section 10. (“Transferring Your Personal Information Out of the Country of Origin”) for the associated risks.
We have made the following privacy settings for Google Analytics:
- IP anonymization (shortening of the IP address before evaluation, so that no conclusions can be drawn about your identity)
- Automatic deletion of old logs / limitation of storage time
- Disabled Remarketing
- Disabled User-ID Policy
The following data is processed by Google Analytics:
- Anonymized IP address;
- Referrer URL (previously visited page);
- Pages viewed (date, time, URL, title, length of stay);
- Downloaded files; • Clicked links to other websites;
- If applicable, achievement of certain goals (conversions);
- Technical Information: Operating system; browser type, version and language; device type, brand, model and resolution;
- Approximate location (country and city, if applicable, based on anonymized IP address).
Google Analytics sets the following cookies for the specified purpose with the respective storage period:
- “_ga” for 2 years and “_gid” for 24 hours (both used to recognize and distinguish website visitors by user ID);
- “_gat” for 1 minute (to reduce requests to Google servers);
We have concluded an order processing agreement with Google for the use of Google Analytics as well as standard contractual clauses in the event that personal data is transferred to the USA or other third countries. Please refer to section 10. (“Transferring Your Personal Information Out of the Country of Origin”) for the associated risks.
You can find more information about this in Google’s privacy policy.
2.2 Processing Data of Our Business Partners
If you work with one of our business partners and act as our contact person, we may process the following of your personal information:
- your master data (first and surname, title, alias, title, employer, postal business address, business email address and phone number);
- your signature and signing dates on business documents (esp. on contracts);
- Vehicle ID (VIN)
- Commercial information (e.g., records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies)
The purpose of the processing of this data is the initiation and fulfillment of contracts between us and your enterprise as our customer as well as the performance of obligations and assertion of rights under such contracts. Also, we may process your abovementioned personal data for operational reasons, such as improving efficiency, training and quality control in our business operations, to administrate warranty and deliver important product information. In some cases, we may also process your personal information in anonymized form in order to perform statistical analysis to help us manage our business, e.g. in relation to customer base, product range or other efficiency measures. In each of these cases, the legal basis for the processing of your personal information are our legitimate interests (for the purpose of Art. 6 (1) (f) GDPR) in pursuing the purposes set out in this paragraph.
You are not legally or contractually obligated to provide your personal information as set out above. However, if you choose not to provide your personal information for processing as described above, this may impede our ability to conclude and fulfill contracts with your enterprise as our customer or to perform any obligations we may have thereunder.
2.3 Processing Data of Job Applicants
You can apply with us for open job positions via a number of different channels, such as, for example, our applicant management system (e.g., for Germany: https://www.accuridecorp.com/de/karrieremoeglichkeiten).
The purpose of collection of your personal information in this respect is the selection of applicants for the possible establishment of an employment relationship and the aptitude of the particular job applicant for the respective job.
For the receipt and processing of your application, we collect such personal information on you as stated and requested in the respective job offering or as provided by you. Such personal information may include, without limitation, the following data in particular: First name and surname, date of birth, application portraits, contacting information (such as postal address, email address, telephone number), application documents (e.g. certificates, resume, CV, further professional and employment related information as well as, all as stated, Education information, defined as information that is not publicly available personally identifiable information as defined in the Family Educational Rights and Privacy Act (FERPA)), date of earliest possible employment and salary expectations.
The legal basis for the processing of your personal information for recruitment purposes is Art. 6 (1) (b) and Art. 88 (1) GDPR in conjunction with the applicable provision in the national law of the respective country (e.g., for Germany: Sec. 26 (1) of the Federal Data Protection Act, “BDSG”).
You are not legally or contractually obligated to provide your personal information as set out above. However, if you choose not to provide your personal information for processing as described above, we may not be able to consider your application for a particular job offer you may be interested in.
3. How Your Personal Information is Collected.
We collect most of this personal information directly from you—in person, by telephone, text or email or via our website and business applications. However, we may also collect information:
- Directly from a third party (e.g., sanctions screening providers, credit reporting agencies, or customer due diligence providers);
- From a third party with your consent (e.g., your bank, trade shows);
- From cookies on our website.
4. How and Why We Use Your Personal Information.
Under data protection law, we can only use your personal information if we have a proper reason for doing so, e.g.:
- To comply with our legal and regulatory obligations;
- For the performance of our contract with you or to take steps at your request before entering into a contract;
- For our legitimate interests or those of a third party; or
- Where you have given consent.
A legitimate interest is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests.
The table in Section 2 above explains what we use (process) your personal information for and our reasons for doing so.
The above table does not apply to special category personal information, which we will only process if and to the extent permitted by applicable data protection law and – where required – on the basis of your prior and express consent.
5. Promotional Communications.
We may use your personal information to send you updates (by email, text message, telephone or post) about our products or services, including exclusive offers, promotions or new products or services.
We have a legitimate interest in processing your personal information for promotional purposes (see above “How and why we use your personal information”). This means we do not usually need your consent to send you promotional communications. However, where consent is required by applicable law, we will ask for this consent separately and clearly.
We will always treat your personal information with the utmost respect and never sell or share it with other organizations outside the Accuride Group for marketing purposes.
You have the right to opt out of or, as applicable, withdraw your consent to receiving promotional communications at any time by:
- Contacting us at https://www.accuridecorp.com/contact; or
- Using the “unsubscribe” link in emails.
Any withdrawal of your consent shall not affect the lawfulness of processing of your data based on such consent before its withdrawal.
We may ask you to confirm or update your marketing preferences if you instruct us to provide further products or services in the future, or if there are changes in the law, regulation, or the structure of our business.
6. Who We Share Your Personal Information With.
We only disclose or transfer your personal information if and to the extent this is permissible under applicable law. Under GDPR, this may – in particular – be the case, if:
- you have given your respective express and informed consent in accordance with Art. 6 (1) (a) GDPR;
- the disclosure of your personal information is necessary in accordance with Art. 6 (1) (f) GDPR for the assertion, exercise or defence of legal claims and there is no indication to assume that you have an overriding interest in the not having your data disclosed;
- we are under a binding legal obligation by applicable mandatory law to pass on your personal information in accordance with Art. 6 (1) (c) GDPR or
- disclosure or transfer of your personal information is legally permissible and necessary according to Art. 6 (1) (b) GDPR for the processing of contractual relationships with you or for the implementation of pre-contractual measures, which take place upon your request.
Within the limits described above, we routinely share personal information with such of our partners, suppliers and service providers that are mentioned in this privacy policy as well as with the following recipients:
- Our affiliates, including companies within the Accuride Group;
- Service providers we use to help deliver our products or services to you, such as payment service providers, warehouses and delivery companies;
- Other third parties we use to help us run our business, such as marketing agencies or website hosts or website analytics providers, including platform.sh for the hosting of our website as well as the other service providers that are mentioned in this privacy policy;
- Third parties approved by you, including social media sites you choose to link your account to or third-party payment providers;
- Hosted application providers such as Plex Systems to maintain appropriate details for business transactions.
We only allow our service providers to handle your personal information if we are satisfied they take appropriate measures to protect your personal information. We also impose contractual obligations on service providers to ensure they can only use your personal information to provide services to us and to you. We may also share personal information with external auditors.
To the extent permissible under applicable data privacy law, we may disclose and exchange information with law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations.
We may also need to share some personal information with other parties, such as potential buyers of some or all of our business or during a re-structuring, provided that such disclosure of personal data is allowed by applicable data privacy law. We will typically anonymize information, but this may not always be possible. The recipient of the information will be bound by confidentiality obligations.
7. Notice of Personal Information We Sold or Disclosed for a Business Purpose as Required by the CCPA. For purposes of the CCPA, please be advised that we have not sold to a third party any personal information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.
In the preceding 12 months, we have disclosed for a business purpose to one or more third parties the following categories of personal information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household:
- Identifiers (e.g., a real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers);
- Information that identifies, relates to, describes, or is capable of being associated with, a particular individual, including, but not limited to, his or her name, signature, social security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information;
- Characteristics of protected classifications under California or federal law;
- Commercial information (e.g., records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies); • Internet or other electronic network activity information (e.g., browsing history, search history, and information regarding a consumer’s interaction with an Internet Web site, application, or advertisement);
- Geolocation data;
- Professional or employment-related information;
- Education information, defined as information that is not publicly available personally identifiable information as defined in the Family Educational Rights and Privacy Act (FERPA); and
- Inferences drawn from any of the information identified above to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
Business purposes for which we have disclosed such information include:
- Auditing related to a current interaction with the consumer and concurrent transactions, including, but not limited to, counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with this specification and other standards.
- Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity.
- Debugging to identify and repair errors that impair existing intended functionality.
- Short-term, transient use, provided that the personal information is not disclosed to another third party and is not used to build a profile about a consumer or otherwise alter an individual consumer’s experience outside the current interaction, including, but not limited to, the contextual customization of ads shown as part of the same interaction.
- Performing services on behalf of the business or service provider, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing advertising or marketing services, providing analytic services, or providing similar services on behalf of the business or service provider.
- Undertaking internal research for technological development and demonstration.
- Undertaking activities to verify or maintain the quality or safety of a service or device that is owned, manufactured, manufactured for, or controlled by the business, and to improve, upgrade, or enhance the service or device that is owned, manufactured, manufactured for, or controlled by the business.
8. Where Your Personal Information is Held.
Information may be held at our offices and those of the Accuride Group, third party agencies, service providers, representatives and agents as described above (see above: “Who We Share Your Personal Information with”). Some of these third parties may be based outside the European Economic Area. For more information, including on how we safeguard your personal information when this occurs, see below: “Transferring Your Personal Information Out of Country of Origin”.
9. How Long Your Personal Information Will Be Kept.
We will keep your personal information while we are providing products or services to you. Thereafter, we will keep your personal information for as long as is legally allowed and necessary to pursue the respective purposes for which your data has been processed, in particular (without limitation):
- To respond to any questions, complaints or claims made by you or on your behalf;
- To show that we treated you fairly; or
- To keep records required by law.
10. Transferring Your Personal Information Out of the Country of Origin.
To deliver services to you, it is sometimes necessary for us to share your personal information outside the country of origin, including outside the European Economic Area (EEA), e.g.:
- With offices of Accuride Group members outside the country of origin;
- With your and our service providers located outside the country of origin;
- If you are based outside the country of origin; or
- Where there is an international dimension to the services we are providing to you. These transfers are subject to special rules under European, UK, Russian, and Turkish data protection law.
Countries to which such information may be transferred do not have the same data protection laws as the United Kingdom, EEA, Russia, and Turkey. We will, however, ensure the transfer complies with data protection law and all personal information will be secure. Our standard practice is to use standard data protection contract clauses that have been approved by the European Commission, as well as to implement adequate additional technical measures to protect your data. To obtain a copy of those clauses, or if you would like further information, please contact our Data Protection Officer (see “How To Contact Us” below).
Where it is not possible to achieve adequate protection of your data by means of suitable contractual, organizational and technical measures, we base the data transfer on exceptions of Art. 49 GDPR, in particular your explicit consent or the necessity of the transfer for the performance of the contract or for the implementation of pre-contractual measures.
If a transfer to a non-EEA member state is provided for and no adequacy decision by the European Commission or suitable safeguards are in place, it is possible and there is a risk that authorities in the respective third country (e.g. intelligence services) may gain access to the transferred data in order to collect and analyze it, and that the enforceability of your data subject rights cannot be guaranteed. When obtaining your consent via the cookie banner, you will also be informed of this.
11. Your Rights Under the GDPR.
Right to Access (Art. 15 GDPR) - The right to be provided with a copy of your personal information (the right of access)
Right to Rectification (Art. 16 GDPR) - The right to require us to correct any mistakes in your personal information or to supplement incomplete personal data
Right to be Forgotten (Art. 17 GDPR) - The right to require us to delete your personal information—in certain situations
Right to Restriction of Processing (Art. 18 GDPR) - The right to require us to restrict processing of your personal information—in certain circumstances, e.g. if you contest the accuracy of the data
Right to Data Portability (Art. 20 GDPR) - The right to receive the personal information you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party—in certain situations
Right to Object (Art. 21 GDPR) - The right to object:
- at any time to your personal information being processed for direct marketing (including profiling);
- in certain other situations to our continued processing of your personal information, e.g. processing carried out for the purpose of our legitimate interests.
Right to Withdraw your Consent (Art. 7 (3) GDPR) - The right to withdraw your consent you may have previously declared with respect to the processing or your data by us; the withdrawal of your consent shall not affect the lawfulness of processing based on consent before its withdrawal.
Right Not to be Subject to Automated Individual Decision-Making (Art. 22 GDPR) - The right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you
Right to lodge a complaint with a competent Data Protection Authority (Art. 77 GDPR) - The right to file a complaint with respect to the processing of your personal information by us with a competent Data Protection Authority (please refer to below section 15.)
12. Your Rights Under the CCPA.
You have the right under the California Consumer Privacy Act of 2018 (CCPA) and certain other privacy and data protection laws, as applicable, to exercise free of charge:
Disclosure of Personal Information We Collect About You - You have the right to know:
- The categories of personal information we have collected about you;
- The categories of sources from which the personal information is collected;
- Our business or commercial purpose for collecting or selling personal information;
- The categories of third parties with whom we share personal information, if any; and
- The specific pieces of personal information we have collected about you.
- Please note that we are not required to:
- Retain any personal information about you that was collected for a single one-time transaction if, in the ordinary course of business, that information about you is not retained;
- Reidentify or otherwise link any data that, in the ordinary course of business, is not maintained in a manner that would be considered personal information; or
- Provide the personal information to you more than twice in a 12-month period.
Personal Information Sold or Used for a Business Purpose - In connection with any personal information we may sell or disclose to a third party for a business purpose, you have the right to know:
- The categories of personal information about you that we sold and the categories of third parties to whom the personal information was sold; and
- The categories of personal information that we disclosed about you for a business purpose.
- You have the right under the California Consumer Privacy Act of 2018 (CCPA) and certain other privacy and data protection laws, as applicable, to opt-out of the sale of your personal information. We do not sell your personal information.
Right to Deletion - Subject to certain exceptions set out below, on receipt of a verifiable request from you, we will:
- Delete your personal information from our records; and
- Direct any service providers to delete your personal information from their records.
- Please note that we may not delete your personal information if it is necessary to:
- Complete the transaction for which the personal information was collected, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, provide a good or service requested by you, or reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform a contract between you and us;
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible for that activity;
- Debug to identify and repair errors that impair existing intended functionality;
- Exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law;
- Comply with the California Electronic Communications Privacy Act;
- Engage in public or peerreviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when our deletion of the information is likely to render impossible or seriously impair the achievement of such research, provided we have obtained your informed consent;
- Enable solely internal uses that are reasonably aligned with your expectations based on your relationship with us;
- Comply with an existing legal obligation; or
- Otherwise use your personal information, internally, in a lawful manner that is compatible with the context in which you provided the information.
Protection Against Discrimination - You have the right to not be discriminated against by us because you exercised any of your rights under the CCPA. This means we cannot, among other things:
- Deny goods or services to you;
- Charge different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties;
- Provide a different level or quality of goods or services to you; or
- Suggest that you will receive a different price or rate for goods or services or a different level or quality of goods or services.
Please note that we may charge a different price or rate or provide a different level or quality of goods or services to you, if that difference is reasonably related to the value provided to our business by your personal information.
13. Keeping Your Personal Information Secure.
We have appropriate security measures in place to prevent personal information from being accidentally lost or used or accessed in an unauthorized way. We limit access to your personal information to those who have a genuine business need to access it. Those processing your information will do so only in an authorized manner and are subject to a duty of confidentiality. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
14. How to Exercise Your Rights. If you would like to exercise any of your rights as described in this Privacy Policy, please:
- Complete a data subject request form available on our website at https://www.accuridecorp.com/contact
- Call us, toll-free, at 800-626-7096; or
- Email/write to us at the following:
- North America/CCPA
- Email:
- privacy@accuridecorp.com
- Postal Mail
- Accuride Corporation – Attn: Legal Dept., 7140 Office Circle, Suite 200, Evansville, Indiana 47715
- Email:
- Europe/GDPR
- Email:
- privacy@accuridecorp.de
- Postal Mail
- Accuride Corporation – Attn: Legal Dept., 7140 Office Circle, Suite 200, Evansville, Indiana 47715 OR
- Accuride Wheels Europe & Asia GmbH, Weyerstraße 112 – 114, Solingen, 42697 Attn: Human Resources.
- Email:
- North America/CCPA
Please note that you may only make a CCPA-related data access or data portability disclosure request twice within a 12-month period.
If you choose to contact directly by any method (i.e. website/email/phone/in writing), you will need to provide us with:
- Enough information to identify you (e.g., your full name, address and customer or matter reference number);
- Proof of your identity and address (e.g., a copy of your driving license or passport and a recent utility or credit card bill); and
- A description of what right you want to exercise and the information to which your request relates.
We are not obligated to make a data access or data portability disclosure if we cannot verify that the person making the request is the person about whom we collected information, or is someone authorized to act on such person’s behalf.
Any personal information we collect from you to verify your identity in connection with you request will be used solely for the purposes of verification.
15. How to File a GDPR Complaint.
We hope that we or our Data Protection Officer can resolve any query or concern you raise about our use of your information.
The General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority, in the European Union (or European Economic Area) state where you work, normally live, or where any alleged infringement of data protection laws occurred. The supervisory authorities in Germany and France are set forth below:
France
Commission Nationale de l’Informatique et des Libertés - CNIL
3 Place de Fontenoy
TSA 80715 – 75334 Paris, Cedex 07
Tel. +33 1 53 73 22 22
Fax +33 1 53 73 22 00
email:
Website: http://www.cnil.fr/
Germany
state of North Rheine-Westfalia:
Landesbeauftragte für Datenschutz und Informationsfreiheit
Nordrhein-Westfalen
Kavalleriestr. 2 - 4 40213 Düsseldorf Germany email: poststelle@ldi.nrw.de
state of Thuringia:
Thüringer Landesbeauftragte für den Datenschutz und die Informationsfreiheit (TLfDI)
Häßlerstrasse 8
99096 Erfurt
Germany
email: poststelle@datenschutz.thueringen.de
16. Changes to This Privacy Notice.
This privacy notice was published on March 22, 2022 and last updated on March 22, 2022.
We may change this privacy notice from time to time–when we do, we will inform you via our website.
17. How to Contact Us.
Please contact us or our Data Protection Officer by postal mail, email or telephone if you have any questions about this privacy policy or the information we hold about you. Our contact details are set forth in Section 14.
18. Do You Need Extra Help?
If you would like this notice in another format (for example: audio, large print, braille) please contact us (see “How to contact us” above).