Maxeon Global Privacy Policy

Effective Date: 1-April-2024

This Global Privacy Policy (“Privacy Policy” or “Policy”) applies to Maxeon Solar Technologies, Ltd. and our subsidiary companies including our Local Representative (collectively, “Maxeon”, “we”, “us”, or “our”) regarding your Personal Data (defined below). In markets outside of the United States of America, our subsidiaries may operate using the SunPower brand or a SunPower company name.

Maxeon Solar Technologies, Ltd. is a corporation registered in the Republic of Singapore with Registration No. 201934268H and has a registered office listed on our Corporate Contact Us page.

SunPower GmbH is a company registered in Germany and has a registered address at Schumannstraße 27, 60 325 Frankfurt am Main, Germany. SunPower GmbH is a subsidiary company of Maxeon Solar Technologies, Ltd. and is the data controller for Customer Data, which is Personal Data relating to a current or potential customer.

Our Local Representatives are identified on our Office Locations page. Each Local Representative is the data controller for its respective Employee Data, which is Personal Data relating to an employee or candidate of the Local Representative.

This Policy describes how we collect, use, and share your Personal Data and applies to: (i) our websites and subdomains associated with our domain maxeon.com, including https://maxeon.com, https://www.sunpower.maxeon.com, https://partners.sunpower.maxeon.com, https://one.sunpower.maxeon.com, and https://careers.maxeon.com, and our mobile applications and digital services that link to or post this Policy, unless otherwise indicated. Collectively, we refer to our hosted systems, websites, subdomains, applications, and digital services as our “Digital Platforms.”

This Policy describes how you can: (i) contact us; (ii) access and update your Personal Data; (iii) make certain choices about how we use your Personal Data; and (iv) exercise your legal rights (including objecting to certain Personal Data processing).

We may collect your Personal Data through our Digital Platforms, which you may use in accordance with our Terms of Use, as well as through third party digital or social networking platforms, at trade shows or other events, at any time during the sales process, and whenever you interact with customer service representatives from Maxeon or a Maxeon dealer or service provider.

By using our Digital Platforms or otherwise giving us your Personal Data, you are indicating you have read, understood, and accepted the practices described in this Policy. If you do not agree to your Personal Data being handled in accordance with this Policy, then please do not use our Digital Platforms or give us your Personal Data.

We may change this Policy from time to time. The “Effective Date” at the top of this page will let you know when it was last revised. Any changes to this Policy will become effective when we post the revised Policy on the Digital Platforms. If you have concerns about this Policy, then please contact us via the contact information provided in the “Contact Us” section below.

Click below to jump to a specific section of this Policy:

  1. Minors
  2. Personal Data and Definitions
  3. Our collection of Personal Data 
  4. Purposes for processing your Personal Data
  5. Legal bases for processing your Personal Data
  6. Direct Marketing Communications and Unsubscribe or Opt-Out
  7. Use of interactive features and copyright infringement notices
  8. Disclosures of your Personal Data
  9. Security
  10. Storage and use of your Personal Data outside your jurisdiction
  11. Changes to the Policy
  12. Exercising your rights under the PDPA
  13. Exercising your rights (European individuals)
  14. California Consumer Privacy Act (CCPA) Disclosures
  15. Information for residents of Australia
  16. Contact Us

1. Minors

Our Digital Platforms and other data collection activities are not directed to and should not be used by minors. We do not knowingly collect, process, or transfer Personal Data from minors (namely, individuals under the age of 18). In certain limited instances, e.g., where a minor is included in an advertising campaign, this will be done with the express, written consent of the minor’s parent or legal guardian.

2. Personal Data and Definitions

This Policy discloses our basis and purpose for collecting, processing, disclosing and otherwise using your    
Personal Data in accordance with, as applicable, the data protection regulation(s) that apply to you, which may include one of the following regulations.

Singapore: Personal Data Protection Act (“PDPA”)

California: California Consumer Privacy Act (“CCPA”)

European Economic Area: General Data Protection Regulation (“GDPR”)

United Kingdom: United Kingdom General Data Protection Regulation (“UK GDPR”)

Switzerland: Swiss Federal Data Protection Act (“Swiss DPA”)

Australia: Privacy Act 1988 (“Privacy Act”) and Australian Privacy Principles (“APPs”)

“Personal Data” is data about a person who can be identified from that data directly or indirectly and is sometimes referred to as “personal information.” Personal Data excludes information and data that is exempted from, as applicable, the regulation that applies to you. Other terms used in this Policy shall have the meanings given to them in the applicable regulation.

3. Our collection of Personal Data

We collect Personal Data from various sources, which are described below. We may combine your Personal Data and other information and use it in the manner described in this Policy.

  1. Direct Data: The Personal Data we directly collect from you   
    When you interact with us, including via the Digital Platforms, we collect information about you, including Personal Data that may directly or indirectly identify you. The following sections explain the categories of Personal Data we may collect from you and how we collect such information.
  2. Online Forms. When you complete an online form to allow Maxeon, or a Maxeon authorized independent distributor or installer, to contact you or to submit a request for a system design proposal, we collect identifiers such as your name, address, telephone number, and email address. We may also collect information relating to your energy consumption, geolocation information, and images of your home or business from, including those from publicly available sources, such as Google Earth. This information will be used to provide you information about our products, services and, where applicable, opportunities with us or our independent distributors or installers. We may also collect information at the time the form is submitted, e.g., IP address, operating system, device identifiers, and location, to allow us to validate the authenticity/validity of the consent obtained through online forms and prevent fraud and abuse.
  3. Communications with Maxeon. When you contact Maxeon by telephone, email or other electronic means, such as online chat, or social media accounts, including through private message features, we collect identifiers as set out above and any other Personal Data you choose to provide, as explained below.
    1. Telephone. When you contact Maxeon by telephone, we will collect the telephone number that you use to call us. During a call, Maxeon may additionally collect your name, address, email address, and information about your energy needs and usage, as well as information about your Maxeon system and any issues you may be experiencing. If you are representing a business contact for a commercial client or prospect, this may include your Personal Data. Maxeon records its telephone calls for training and quality assurance purposes. You have the option to proceed on a recorded or non-recorded line.
    2. Email and Electronic Means. When you communicate with Maxeon via email or other electronic means, including through any virtual assistant, we will collect identifiers as set out above, including your user or screen name, email address, location, name and any Personal Data you voluntarily choose to include in the communication, so that we can respond to your inquiry and provide you with quality service.
  4. Business Contacts. Maxeon collects the personal or business contact information, including your title, business email and telephone number, you provide to us at trade shows or similar events, including through business card scans or drops, to allow us to contact you or to receive information about us, opportunities with us, or our products or services, either by email or phone via the phone numbers you provide us.
  5. Testimonials. When you provide testimonials to Maxeon for us to publish on the Digital Platforms or in marketing materials, with your consent, we collect and may publish identifiers that may include your name, contact information, and information about your experience with Maxeon products and services.
  6. Product Warranty Registrations. If you register a product warranty with Maxeon or authorize an independent distributor to do so on your behalf, we will collect your name, address, “Product Information”, and contact information, including telephone number and email address. Product Information includes model numbers, serial numbers, quantity of product, type of installation, location and address of installation, information related to other components used with or installed with the products, product usage, and how the products were purchased or acquired. To the extent that your warranty is registered through a third party, e.g., an independent distributor or installer, our records will reflect this relationship. The information collected during warranty registration will be used by us to service and manage our warranty and other product obligations, including notifying you about any product quality or safety issues and product recalls. This information will also be used to send you surveys about your product purchase, your installation experiences, and your overall satisfaction with our products (see the “Surveys” section, below). This information may also be used to send you marketing information about new products and to request reviews of your experience with us or our products. You may opt out of receiving surveys or marketing information by contacting us.
  7. Social Media, Online Forum, Blogs, Message Boards, Chat Rooms. You may choose to interact with Maxeon via social media platforms on which Maxeon is active, including, but not limited to Facebook, LinkedIn, Twitter, or through blogs, chat or messaging features available through the Digital Platforms. Relating to these interactions, Maxeon may collect your screen name, real name and any information that you choose to provide such as posts, comments or feedback that you post or leave on pages, feeds or inboxes belonging to Maxeon. There are areas of the Digital Platforms and social media platforms that are visible to other users or the general public, e.g., blogs. We recommend that you do not post Personal Data to these areas of the Digital Platforms. YOU ASSUME ALL RESPONSIBILITY FOR ANY LOSS OF PRIVACY OR HARM RESULTING FROM YOUR VOLUNTARY DISCLOSURE OF PERSONAL INFORMATION OR POSITIONS TAKEN BY YOU IN PUBLIC AREAS, ON SOCIAL MEDIA OR FORUMS. YOU RECOGNIZE MAXEON MAY HAVE A LIMITED ABILITY TO DELETE OR OTHERWISE MODIFY/OBSCURE POSTS THAT YOU HAVE MADE TO SOCIAL MEDIA ACCOUNTS, WHICH ARE SUBJECT TO THE TERMS OF USE FOR THOSE VARIOUS SOCIAL MEDIA PLATFORMS. 
  8. Applications. When you sign up or use a Maxeon application or service, we collect the Personal Data you provide to create a profile or account. This may include identifiers such as your name, address, zip or postal code, telephone number, and e-mail address. For security and the prevention of fraud, we may collect additional information about you when you or your device logs into a Digital Platform or service, including IP address, length of session, activities performed, and device information. See sections 2.b. and 2.d. for more information.
  9. Surveys. If you respond to surveys (surveys include consultations, testimonials, feedback and other responses to marketing activities) issued by Maxeon or by a third party on behalf of Maxeon, Maxeon or that third party will collect your e-mail address, name, and any information you provide in response to or relating to the survey. The survey will indicate whether Maxeon or a third party is collecting the information. Some surveys may not require you to provide any contact details, but we may still collect browser, cookie or other access details to identify the source of the survey results. If we disclose information relating to the survey to third parties, we will do so, where practicable, in non-identifying, aggregated form. We may disclose your feedback about the performance of an independent distributor or installer to that independent distributor or installer in an identified fashion, either with your consent or without your consent, if we deem doing so is necessary to facilitate the resolution of a service quality issue with that independent distributor or installer.
  10. Lottery, lucky draws, prize draws, etc. (collectively, “prize draws”). Maxeon may offer a prize draw to encourage you to participate in a survey. The prize draw may be facilitated by a third party. In order to participate in the prize draw, you will need to provide your name and contact details, such as your e-mail address, telephone number and address to Maxeon and/or the third party facilitating the prize draw. The prize draw may be a free prize draw that does not require participation in the survey. Once the prize draw closes, the winner(s) will be randomly selected from the entries in accordance with the terms and conditions of the prize draw. The winner(s) will be contacted directly by Maxeon or the third party so that arrangements may be made to deliver the prize to you. 
  11. Careers Website. When you apply for a job with Maxeon using our Digital Platforms or https://careers.maxeon.com, you will be required to acknowledge and consent to our Data Privacy Notice for Employees and Candidates. If you are unable to access this web page, then please request a copy by contacting askHR@maxeon.com. Information collected through the application process includes but is not limited to the following.
    1. Your Personal Details. Name; address; phone number; email address; language; residence status; work authorization or citizenship status; work permit type; nationality; and driver’s license information. We may also collect sensitive and/or other demographic information, such as medical or health information (including vaccination status and test results) and/or your racial or ethnic origin.
    2. Education and Talent Management Details. Recruitment and application materials (resume, CV, letters, experience, education, transcripts, or other information you provide to us); information you provide during an interview or screening; reference and interview notes; technical skills; professional certifications or registrations; language capabilities; and training records and certifications.
    3. Compliance-related Information. Any information required for us to comply with applicable laws and the requests and directions of law enforcement authorities or court orders (e.g., child support and debt payment information).
  12. Health Information. We may collect health information from you, including vaccine and contact-tracing information, as permitted by local law to comply with local regulation, to mitigate the spread of disease and/or in accordance with occupational health and safety measures.
  13. Consent. We may use your Personal Data for any other purpose for which you consent (including any purposes disclosed in this Policy).

We collect the above information from you, including where you are acting in your personal capacity on behalf of a third party whom you represent (e.g., as an employee, contractor, or agent).

We do not seek sensitive information about you (such as health or medical history, ethnicity, political leanings, religious beliefs, trade union membership, sexual preferences, etc.) and you should not provide such information to us, except where such information is required to provide reasonable accommodations or comply with local regulation, to mitigate the spread of disease, and/or in accordance with occupational health and safety measures.

Wherever practicable, we will enable you to deal with Maxeon anonymously or pseudonymously, however, in many cases it is not practicable to interact in this way. If you choose not to provide some of your Personal Data, this may prevent us from providing our products or services to you or limit our ability to provide the level of service you would normally expect from us.

  1. Tracking Data: Personal Data that we collect on the Digital Platforms

The Digital Platforms and our emails you may interact with use cookies, pixel tags, analytics tools, and other similar tracking technologies to collect tracking information about your equipment, browsing actions and patterns, and in some instances, this information is linked to your email address and/or your account(s) with Maxeon. These tracking technologies collect the following tracking information about you from your browser or device whenever you access or use the Digital Platforms: your IP address, pages visited, videos watched, links clicked on, emails received, opened or interacted with, documents downloaded, time spent on the site, geographic location, device type, your device’s or computer's operating system, and your browser name. To the extent you are logged in to the Digital Platforms, interact with the Digital Platforms via an email or otherwise provide Personal Data in your interactions with the Digital Platforms, these tracking technologies may also collect such Personal Data (such as your email address or your account identifier), thereby linking the tracking information to your Personal Data.

Data Analytics. We may use third-party data analytics service providers such as Google Analytics to measure the web traffic on different parts of our Digital Platforms in order to improve them. Google Analytics uses technical tools like first-party cookies and code to collect information about your interactions with our Digital Platforms. The tracking information may include detailed data about what you do on our Digital Platforms, such as the web pages you visit and for how long and the websites you visited directly before and after coming to our Digital Platforms. In addition, first-party cookies (such as the Google Analytics cookie) and third-party cookies (such as the DoubleClick cookie) are used to report how your ad impressions, uses of ad services, and other interactions are related to visits to our Digital Platforms. We use information from Google Analytics to administer and update our Digital Platforms, assess whether our users match the expected demographics, and determine how key audiences are navigating the content. Google may retain and use, subject to the terms of its privacy policy, information collected in your use of Google Analytics. Google Analytics offers website visitors the ability to prevent Google from recording, processing, and using the data generated by the Google Analytics cookie. You may opt-out by downloading and installing the browser plug-in available through Google at the following link: http://tools.google.com/‌dlpage/gaoptout.

Your Personal Data will be encrypted if it is collected and transferred using Google Analytics in accordance with Google Analytics requirements. To learn more about how Google uses information from sites or apps that use Google services, see https://policies.google.com/technologies/partner-sites.

To learn more, including about how to control our use of cookies and similar technologies, please review our Cookie Policy.

The Digital Platforms contain links to other third-party websites. If you follow a link to any of those third-party websites, please note that they have their own privacy policies and practices. Maxeon does not accept any responsibility or liability for third-party websites’ policies or collection, use, disclosure or management of your Personal Data. Please check these policies before you submit any Personal Data to any third-party websites.

  1. Third Party Data: Personal Data Maxeon receives from Third Parties
  2. Third Parties with Whom We Have a Relationship. Maxeon may receive your Personal Data from third parties with whom we have a relationship, including our authorized independent distributors or your installer, in connection with your purchase of a Maxeon system for warranty registration or support.
  3. Purchase of Personal Data from Unaffiliated Third Parties. Where permitted by applicable law, Maxeon may choose to purchase your Personal Data from third-parties, e.g., lead generators, and will use your information in accordance with applicable law (and with your consent, where required), to determine whether you are interested in purchasing a Maxeon product or service, whether that product or service is right for you, or whether the opportunity to become a Maxeon installer or distributor is of interest to you.
  4. Referral Programs. Where permitted by applicable law, we may receive your Personal Data from third parties as part of a referral program, including our “Refer a Friend” or “Friends and Family” programs and offers. These may include programs offered by your employer, trade groups or affiliation groups. Your information will only be used for determining your interest in a Maxeon product. If you provide us with Personal Data about any third-party who is an individual, you must obtain that person’s permission to give us the information and inform them that you have given the information to us.
  5. Third-Party Site Information. Some of our applications leverage data, including images, from third-party sites or databases, including “Google Earth” images included in our “design a system” or “estimator” functionalities or utility information provided to us by your utility company with your consent. We may also aggregate publicly available information about you, from social media or publicly available websites, e.g. position within a company. Where required, we will seek your consent to collect this data.
  6. Links to Third-Party Sites. If you follow a link to any third-party sites or use sites of a third-party service provider, please note that they may have their own privacy policies and practices. Maxeon does not accept any responsibility or liability for their policies or processing of your personal information. Please check these policies before you submit any Personal Data to any third-party sites.
  7. System Data: Data Maxeon receives from your system and devices
  8. Maxeon offers various systems comprised of different components, including photovoltaic (PV) or solar panel systems, battery systems, and electric vehicle charging systems. If your system includes a monitoring component, network connectivity, or is otherwise connected to the Digital Platforms, then corresponding System Data will be collected and processed by our Digital Platforms. This System Data relates to the system and to any of your personal devices you utilize to connect to the Digital Platforms or the system, such as a mobile phone through a mobile software application. To the extent Personal Data is included in the System Data, the System Data will be considered Personal Data. To the extent you directly provide Personal Data to Maxeon through registration, account creation, and similar processes on our Digital Platforms, some of the following data categories can also be considered Direct Data.
  9. Data Categories.
  10. System, Component, and Device Information and Identifiers. Network connection information, including IP addresses, WiFi information, device ID, system ID, serial number, location, operating system, network carrier, device type, software and hardware attributes, and software versions.
  11. System Installation and Grid Connection Information. Delivery, installation, and grid connection information, including installation date, installation location or street address, grid connection date, system layout and configuration, and installer or technician contact information.
  12. Account Information. Your login information, name, user ID, e-mail address, password, account ID, and language.
  13. Contact Information. E-mail address, phone or mobile number, language, country, city, street, postal code, and other contact information or Personal Data included in messages.
  14. Warranty Registration Information. A combination of the other data categories, including: System, Component, and Device Information and Identifiers, including serial numbers; System Installation and Grid Connection Information, including delivery, installation, and grid connection dates, locations, and addresses; Account Information, including your name, user ID, e-mail address, password, and language preferences; and Contact Information.
  15. Household Information. Property information including property type, size, age, roofing material, homeowner/renter status, postal code, relationship of residents, number of residents, and details of house appliances and equipment.
  16. Energy Usage Information. Energy and electricity tariff data, consumption data, serial numbers, battery capacity and usage information, inverter usage information, household grid telemetry data, monetary performance details, electricity and energy generation data, charging data, and data indicating the connection and usage of appliances, electric vehicles, systems, products, and devices. Energy Usage Information can be combined with information from other categories, namely your account ID, to form Monitoring Data (further information on Monitoring Data is included below).
  17. Analytics and Behavioral Data. Software application usage data (e.g., date, time, and request), contents viewed, content favorites, consumer profiles, and inference data. Some of the Product and Energy Information, including data indicating the connection and usage of appliances, electric vehicles, systems, products, and devices, can also be characterized as Analytics and Behavioral Data to the extent it indicates your or your household’s use of such equipment.
  18. Preferences. Information relating to your preferences for receiving marketing communications from us (including your marketing consent status) and cookies and tracking technologies consent choices.
  19. Monitoring Data. To the extent you have a Maxeon system that includes monitoring functionality, Maxeon and its service providers associated with monitoring activities will receive your Monitoring Data. Monitoring Data generally includes an account name or identifier associated with you, your system, and/or a component of your system, together with data collected by monitoring products that are associated with you and the location of your system, including energy consumption and production information, energy use information, battery storage information, fault information, a precise geolocation or address, utility revenue information, and hardware and software information. We may receive this data directly from you or your system, or indirectly through a third party that provides monitoring services or equipment included with your system. The data may be displayed through our Digital Platforms, such as a monitoring website or a software application. We may share this data with third parties in providing monitoring and reporting services to you. These third parties include the monitoring equipment manufacturers, monitoring service providers, system installers, dealers, operations and maintenance providers, governmental regulatory agencies, and utility companies. Monitoring Data, to the extent it qualifies as Personal Data under applicable regulations, will include the applicable System Data, namely the Energy Usage Data and your account ID. We may also provide or sell Monitoring Data in aggregated or anonymized form (in a form where the source cannot be identified or a person cannot be identified from the Monitoring Data) to third parties who are not connected to the monitoring system, such as government agencies and research firms. Such Monitoring Data may no longer be considered “personal data” under your applicable data protection regulation. For more information about our use of your data and our Digital Platforms, please refer to our Terms of Use.
  20. Control Data. To the extent you have a Maxeon system that includes control functionality, Maxeon and its service providers associated with control activities will process Control Data corresponding to your system. Control Data includes an account name or identifier associated with you and/or your system and instruction data that includes commands to operate or configure your system. We may receive this data directly from you or your system, or indirectly through a third party that provides corresponding services or equipment included with your system. We may share this data with third parties in providing monitoring and reporting services to you. For more information about our use of your data and our Digital Platforms, please refer to our Terms of Use.

4.  Purposes for processing your Personal Data

We use your Personal Data or other information we collect to facilitate the business relationship we have with you, to comply with our legal and financial obligations, and to pursue our legitimate business interests. Our purposes for using your Personal Data are listed below.

  1. To interact with you based on our relationship 

To operate the Digital Platforms and provide you with the interactive features, information, products, services, or support that you request. For some of our Digital Platforms, we cooperate with third-party software and application providers to enhance your experience. We transfer data with each other in order to facilitate the use of our products and services by, for example, introducing a common login system. The transfer of data only takes place if you have subscribed to certain services. See our Terms of Use.

To provide or deliver to you (either individually or in your professional capacity as an authorized representative of a business or organization) the information, products, services, support or transactions you requested from us, including through the Digital Platforms or at a trade show or similar event, such as information about Maxeon, a consultation/quote with Maxeon or an approved Maxeon installer or independent distributor (where available), blog or newsletter subscription, or our energy savings calculation/estimators, to process your order, to supply and/or install such products and related services, including product maintenance, product safety notices and warranty servicing, where applicable, and to provide monitoring services.

If you have provided your information to a distributor or installer that chooses to disclose your Personal Data to us, then to provide product warranty registration and servicing, and also to provide you with surveys about your product purchase and installation experiences and your overall satisfaction with our products.

To keep in contact with you regarding your purchase of our products and services, including providing product risk notifications and warranty servicing.

To keep in contact with you regarding your Digital Platforms registrations and to enforce our legal obligations and rights, including our Terms of Use.

To enforce, where applicable, our contractual rights (e.g., the collection of debt).

Where you have submitted your personal data relating to a job application, to process and evaluate your application.

To validate your identity in your interactions with us and to monitor, detect, and prevent fraud.

  1. To send you marketing materials or include you in events

To directly market our products and services to you and, where applicable, installer and distributor opportunities to you, including via SMS, phone call, email, fax, mail, social media and/or any other appropriate communication channels, in accordance with any consent requirements.

To gather further information about you from third party sources. For instance, we may use your email address to gather information about which social networks and other web services you subscribe to for analytical or personalization purposes to improve our products, services, marketing activities and the Digital Platforms.

To facilitate your participation in and our administration of any events, including contests, promotions or campaigns.

  1. For internal business operations

If we communicate with you by telephone, we may record and monitor our call to help train our staff and to ensure a high quality of customer service.

For product development and to improve our products, services, Digital Platforms and the effectiveness of our marketing activities, we perform market research and surveys, internal marketing analysis, consumer profiling activities, analysis of consumer patterns and choices, and planning and statistical trend analysis in relation to our product and service offerings.

To better understand how you use the Digital Platforms and to produce statistical reports of aggregate website activity.

To identify patterns and trends related to your use of the Digital Platforms to enable us to improve the design and operation of the Digital Platforms, your browsing experience and to monitor, detect and prevent fraud on the Digital Platforms.

To conduct aggregate analysis and develop business intelligence that enable us to operate, protect, make informed decisions, and report on the performance of our business and to improve the effectiveness of our marketing activities.

From time to time, we may release in aggregate the browsing information we have gathered from visitors, such as by publishing a report on trends in the usage of the Digital Platforms.

To manage our contractual relationships with vendors, suppliers and other third parties with whom we do business.

  1. For legal compliance

We use your Personal Data to comply with international laws and reporting obligations applicable to publicly traded companies, including those relating to the detection, prevention and monitoring of fraud, anti-corruption and money-laundering, including Know-Your-Customer.

  1. With your consent

If you agree to receive direct marketing from other companies, we may disclose your email address and other contact details to other companies so that they can contact you directly about their products and services.

Where you have agreed, we may use your Personal Data to send you information promoting our and selected third parties’ products and services by post, fax, telephone, email, text and/or via social networks and other web-based services you subscribe to, and where required by law, we will ask for your consent at the time we collect your Personal Data to conduct any of these types of marketing.

5. Legal bases for processing your Personal Data

The following provides further information on our legal bases for processing your Personal Data as described in this Policy. In each case, we limit the scope of the processing of your Personal Data to such portion of the Personal Data this required to accomplish the purposes.

  1. General legal bases

The following table provides our general legal bases for processing your Personal Data as described in this Policy.

Purpose

See above descriptions for more details

Legal Basis


 

To interact with you based on our relationship

Our legitimate interests in, where applicable, providing the Digital Platforms to you, enforcing our contractual rights and the Terms of Use, providing you with requested information, products, services, support or transactions, maintaining and improving the customer relationship, and, as applicable, considering your application for employment and employing you.

Our legitimate interest and legal obligations in informing you of any risks associated with the products or services we supply. 

To enter into and perform pre-contractual and contractual obligations that we have with you. 

Our legitimate interest in monitoring, detecting and preventing fraud.

To send you marketing materials and for your participation in events

Our legitimate interest to develop our business. 

Where we obtain your information from unaffiliated third parties, with your consent.

For internal business operations

Our legitimate interest in developing our employees and product and service offerings.

For legal compliance

To comply with our legal obligations.

With your consent

Processing is based on your consent and you may withdraw it at any time by contacting us in writing.



 

  1. Legal bases for individuals located in the European Economic Area, Switzerland, and the UK

The following description and table provide our legal bases for processing your Personal Data as described in this Policy, and is specific to individuals located in the European Economic Area, Switzerland, and the UK.

Contractual performance. We have obligations which are related to making our services available to you. To fulfil these obligations, we have to use your Personal Data.

Consent. In certain limited cases, we ask for your consent to use your Personal Data. Whenever we ask for your consent, we will explain the situations where we use your Personal Data and for what purposes.

Legitimate interest. We can process your Personal Data when necessary for us to achieve a business purpose, or where this is necessary for someone else to achieve their purpose. We explain below what interests we, or others, are trying to achieve when we process your Personal Data. We will not process your Personal Data for the stated purposes if your interests in protecting your Personal Data outweigh our interests in processing your Personal Data, except where you have provided consent or we are otherwise entitled or required to do so by law.

Legal obligation. We have obligations to comply with legal, regulatory, and other requirements under the laws of all of the jurisdiction in which we operate. In certain cases, we may have to process or transfer your Personal Data to meet these obligations.



 



 

Purposes.

Purpose

GDPR Legal Basis

Personal Data

Recipients

Sources

Registration and basic use of the Digital Platforms

Art. 6 (1) b GDPR

Account Information

Analytics and Behavioral Data 

Preferences 

Tracking Data

Hosting providers

Installers; directly from user, user system, and devices

Monitoring of energy usage

Art. 6 (1) b GDPR

System Data, especially Energy Usage Information and account ID

Tracking Data

Monitoring Data

Hosting providers; third party providing monitoring services and hardware 

Directly from user system or through third party monitoring system

Communication with the user

Art. 6 (1) b GDPR

Contact Information

System Data, to the extent required to address issues or questions from the user

Hosting providers; third party service providers

Directly from user

Energy usage recommendations

Art. 6 (1) b GDPR

System Data, especially Energy Usage Information and account ID

Household Information

Hosting providers; third party service providers

Directly from user system or through third party monitoring system

Analyze application usage 

Art. 6 (1) f GDPR



 

Legitimate interest:

Improvement of our services and products

Account Information

Analytics and Behavioral Data

Preferences

Hosting providers 

Directly from user and user system interactions with Digital Platforms, analytical tool providers

Developing new products and services

Art. 6 (1) a GDPR 



 


 

Direct Data

Tracking Data

Third Party Data

System Data

Hosting providers, Analytics tool providers

Directly from user and user system (or through third party monitoring system); analytical tool providers

Newsletter

Art. 6 (1) f GDPR

Legitimate interest: Providing information on our products and services 

Contact Information

System Data

Hosting providers 

Directly from user and user system (or through third party monitoring system) 

Behavioral Advertising 

Art. 6 (1) a GDPR or Art. 6 (1) f GDPR if consent is not required 

Legitimate interest: Marketing of our products and services

Contact Information

System Data

Preferences

Registration Information

Household Information

Hosting providers; Advertising partners

Directly from user and analytical tool providers 



 

  1. Behavioral Advertising. We and our partners collect personal data via cookies and similar technologies. For more information please see: Privacy and Security in Firebase (google.com). Generally, cookies and similar technologies will only be used (i) with your consent or (ii) without your consent only where those cookies and similar technologies are strictly necessary to provide our services to you. You can object to the use of these cookies and revoke your relevant consents by using your settings on your mobile device. 



 



 

6.  Direct Marketing Communications and Unsubscribe or Opt-Out

We may send you marketing communications, including email communications about our products and services, invite you to our events, or otherwise communicate with you for direct marketing purposes, provided that we do so in accordance with applicable law, including any consent requirements. You may unsubscribe at any time.

We will provide an option to unsubscribe or opt-out of further communication on any electronic marketing communication sent to you or you may opt out by contacting us.

7. Use of interactive features and copyright infringement notices

The Digital Platforms may use interactive forums, blogs, message boards, chat rooms, etc. Unless clearly indicated to the contrary, any information that you post may be viewed by others and/or the general public. We urge you to use good judgment, to adhere to the Terms of Use and not disclose any Personal Data about you that you do not want other users to know. We are not responsible for the use of that information by other users or others who become aware of the Personal Data.

8.  Disclosures of your Personal Data

We may share your Personal Data with trusted third parties or in other instances, including where required by law. We will use contractual or other means (e.g. Binding Corporate Rules) to protect Personal Data disclosed to third parties where required to ensure that the recipient keeps the Personal Data confidential and does not use it for any other purpose except performing the services.

  1. Related Entities: We share Personal Data we collect amongst Maxeon related entities to provide our products and services and for internal business administrative purposes.
  2. Business Partners: We share Personal Data with business partners, including independent distributors or installers, to provide our products and services.
  3. Service Providers: We share Personal Data with service providers that: (1) process information on our behalf; (2) provide infrastructure, products or services to us or on our behalf or help us operate or improve our business, including mailing services, printing, archival and contract management services; (3) participate with us in the provision, maintenance, or operation of the Digital Platforms, including application, development and technical support, processing, storing, hosting and data analysis; and (4) provide you with information, products and/services relating to your Maxeon system or when it is necessary to provide information, products or services to you.
  4. Our Professional Advisers: We share Personal Data with our professional advisers (such as lawyers, accountants or auditors) to the extent that is reasonably required.
  5. Your representatives: We share Personal Data any persons acting on your behalf including those persons nominated by you, executors, trustees and legal representatives.
  6. Corporate Transactions: In the event we enter into or intend to enter into a transaction that alters our business structure, such as a sale, reorganization, merger, joint venture, change of control or other disposition of all or any portion of our business, assets or stock, we may share your Personal Data with third parties to facilitate and/or complete the transaction.
  7. Prevention of Harm: We may disclose Personal Data we collect about you to the necessary authorities if we believe you have abused a service offered by us via the Digital Platforms or otherwise by using it to attack other computer systems or to gain unauthorized access to any other computer system, to engage in spamming or otherwise to act in an unlawful manner or to breach the Terms of Use.
  8. By Law, to Protect Rights and to Comply with Our Policies: We disclose your Personal Data if required or authorized to do so by applicable law, including when: (1) required to do so by law, e.g. in response to a subpoena or court order (domestic or overseas) or an inquiry by regulators anywhere in the world; (2) we believe, in our sole discretion, that disclosure is reasonably necessary to protect against fraud, or to protect the contractual or property or other rights of us or other users, third parties or the public at large; or (3) we believe that you have abused the Digital Platforms by using it to attack other systems or to gain unauthorized access to any other system, to engage in spamming or otherwise to violate applicable laws.

9.  Security

We store your Personal Data in different ways, including in paper and in electronic form, both at our own premises and with the assistance of our service providers.

We take all reasonable precautions and implement appropriate technical and organizational measures to ensure a level of security to protect the security and the confidentiality of your Personal Data against unauthorized access, disclosure, alteration or destruction. This includes, but is not limited to the following, where applicable: up-to-date antivirus protection, encryption, and disclosing Personal Data both internally and to our authorized third-party service providers and agents only on a need to know basis. Third parties who provide services related to our information technology systems are also obliged to protect the security and confidentiality of your Personal Data against unauthorized access, disclosure, alteration or destruction. However, no data transmission over the Internet or from a website can be guaranteed to be secure from intrusion. Therefore, while we use reasonable efforts to protect your Personal Data in accordance with data protection legislation requirements, we cannot guarantee its absolute security. Any unauthorized access to or use of the Digital Platforms or the information stored by us should be reported to us immediately by sending an email to customers@maxeon.com.

All Personal Data you provide to us is stored on our secure servers (and the secure servers of our service providers), accessed and used subject to our security policies and standards (and the security policies and standards of our service providers). Where we have given you (or where you have chosen) a password and/or user name that enables you to access certain parts of the Digital Platforms, you are responsible for keeping this password and/or user name confidential and for complying with any other security procedures that we notify you of. We ask that you never share a password with anyone.

10.  Storage and use of your Personal Data outside your jurisdiction

Your Personal Data may be accessed by staff or suppliers in, transferred to, and/or stored at, a destination outside of Singapore or your jurisdiction where data protection laws may be of a lower standard than in Singapore or your jurisdiction. We and our service providers store the information we collect via the Digital Platforms and other sources (such as our customer call centers) on centralized computer systems hosted by or on behalf of Maxeon. Some of these systems are located outside of Singapore and outside the European Economic Area (EEA), including in the United States and the Philippines.

These countries may have different laws and data protection compliance requirements from those that apply in Singapore or in your jurisdiction. In such instances, Maxeon has engaged suppliers who have agreed to protect such information in accordance with the standards in Singapore and European data protection laws, as applicable.

In addition, each of Maxeon’s operating subsidiaries has entered into an intra-group data transfer agreement that implements Standard Contractual Clauses; such intra-group data transfer agreement providing adequate protection to the flows of personal information within Maxeon’s group entities all over the world, even in case where Maxeon undertakings are established in countries where the level of data protection is not considered commensurate with the level offered by data protection offered by data protection laws in the European Union. The Standard Contractual Clauses that have been implemented can be obtained upon request by sending us an email at dpo@maxeon.com.

In accordance with applicable data protection legislation, we will retain your Personal Data for as long as is necessary for the purposes for which it was collected. Certain transaction details and services and correspondence, such as those relating to your purchase of Maxeon products or the warranty on your Maxeon products, may be retained until the time limit for claims in respect of the transaction has expired or in order to comply with regulatory requirements regarding the retention of such Personal Data, and then archived in accordance with legal requirements, i.e. with statutory limitation requirements. Certain Personal Data, including those of individuals who provide Personal Data to Maxeon, but who do not purchase Maxeon products or services within two years of initial contact with Maxeon, will be deleted or otherwise archived after two years from the initial date of contact with Maxeon.

11.  Changes to the Policy

We reserve the right to make changes to our practices and this Policy at any time. The “Effective Date (Last Updated)” date at the top of this Policy will let you know when it was last revised. Any changes to this Policy will become effective when we make the revised version of this Policy available on our website, www.maxeon.com, and update the links to the Policy on the Digital Platforms. We will not provide you with a notice advising of the change. It is therefore important that you regularly check our websites, www.maxeon.com, and the Digital Platforms for any changes affecting this Policy. You are deemed to have acknowledged and agreed to any amended version of this Policy of you continue to use the Digital Platforms or our services after changes have taken place pursuant to this section.

12.  Exercising your rights under the PDPA

To the extent the PDPA applies to your Personal Data, you can exercise the following rights by contacting us in writing at data-protection@maxeon.com, and including your full name, contact details, and the details of your request. Maxeon reserves the right to request additional identity verification and in certain cases may decline your request if your request or identity cannot be verified, or as otherwise permitted by law. 

  1. Access: You have the right to access, review and request a copy of the Personal Data we hold about you subject to certain exceptions. For a request to access Personal Data, we will provide you with the relevant Personal Data within forty-five (45) days of the request. Where a request cannot be completed in the above time frame, we will notify you of the reasonably soonest time in which we will respond.
  2. Correction or Deletion of Personal Data: You may request correction or deletion of the Personal Data we hold about you. Maxeon reserves the right not to change or delete Personal Data it considers to be accurate or necessary to be maintained. We reserve the right to request legal confirmation of changes. We are reliance on you to provide us with accurate information, including your timely communication of any corrections or changes thereto. We will not be responsible for relying on or using any inaccurate or incomplete personal data where you have provided such personal data and/or failed to update us of any changes in your personal data.
  3. Withdrawal of Consent: If you consented to the collection, use or disclosure of your information, you may (in certain instances) withdraw that consent at any time, which will not affect the lawfulness of the collection, use or disclosure before your consent was withdrawn. We will process your request within a reasonable timeframe from the receipt of the request.
  4. Complaints: If you have any complaint or grievance regarding how we are handling your Personal Data or about how we are complying with the PDPA, please contact us at data-protection@maxeon.com.
  5. Fees: Depending on the nature of the work required to process your access request, we may impose a fee to recover our administrative costs. This will be assessed on a case-by-case basis by our Data Protection Officer. Where such a fee is imposed, we will provide you with a written fee estimate. We will only process your request when you agree to the payment of the fee, which will be due before any information is disclosed. In certain cases, we may require a deposit from you before we process the access request. You will be notified if a deposit is required when we provide you with the written estimate of the fee, if any.

13.  Exercising your rights (European individuals)

Under the GDPR, the UK GDPR and the Swiss DPA, you may have the following rights with regards to the Personal Data we hold about you.

  1. Access – You can ask to see the Personal Data that Maxeon holds about you. Maxeon may validate your identity and access rights. We may charge you a fee to access your Personal Data. We will advise you of a fee in advance. Applicable law or regulatory requirements may prevent us from disclosing some or all the Personal Data we hold about you. Some Personal Data may have been destroyed, erased or made anonymous. Where we cannot provide you with your Personal Data, we will tell you why, subject to any legal or regulatory restrictions.
  2. Correction or Deletion of Personal Data – You may request correction or deletion of the data we hold about you. We reserve the right not to change or delete Personal Data it considers to be accurate or necessary to be maintained. We reserve the right to request legal confirmation of changes. If Personal Data is inaccurate, we will revise it and, unless it proves impossible or involves disproportionate efforts or cost, inform agents, service providers or other third parties, which were provided with inaccurate information, so records in their possession may be updated.
  3. Withdrawal of Consent – If you consented to the processing of your Personal Data, then you may (in certain instances) withdraw that consent at any time, which will not affect the lawfulness of the processing before your consent was withdrawn.
  4. Objection to processing – You may (in certain instances) have the right to object to the processing of your Personal Data, including profiling, on grounds relating to your particular situation. When profiling is related to direct marketing you always have a right to object.
  5. Limitation to processing – You have the right to obtain a restriction of processing in certain instances as provided by data protection law.
  6. Data portability – You have the right to receive the Personal Data, which you have provided to us, in a structured, commonly used and machine-readable format when the processing is based on your consent or on a contract. Where technically feasible, you also have the right to ask us to transmit it to another data controller.
  7. Complaints – You have the right to lodge a complaint to the data protection authority, if you believe Maxeon has not complied with the requirements of the data regulation with regard to your Personal Data. You may lodge a complaint with your local data protection authority in the EEA (Art. 77 GDPR) if you believe we have not complied with applicable data protection laws. The relevant local authority differs depending on your country of residence. You may refer to the website of the European Data Protection Board to find out more about how to contact your local data protection authority. You may under certain circumstances also seek a remedy through local courts, if you believe your rights have been breached.

You can exercise these rights by contacting us in writing at data-protection@maxeon.com, and including your full name, contact details, the details of your request, and a copy of your identity document. Maxeon reserves the right to request additional identity verification.

If you are based in France, you also have the right to set guidelines regarding the use of your Personal Data after your death (Art. 85 French Data Protection Act) and register on the Bloctel list of objections to cold calling, which is a free service (Art. 223-1 French Consumer Code). 

14.  California Consumer Privacy Act (CCPA) Disclosures

The disclosures in this section apply to you only if you reside in California. These disclosures do not reflect our practices where an exception or exemption applies under the CCPA.

  1. Notice at Collection Online

Section 3 explains the categories of Personal Data we collect from you when you use the Digital Platforms. These categories of Personal Data correspond to the following categories of “personal information” and “sensitive personal information” defined by the CCPA.

Categories of “personal information”:

  1. Identifiers, such as a real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, or other similar identifiers.
  2. Any information that identifies, relates to, describes, or is capable of being associated with, a particular individual, including, but not limited to, his or her name, address, telephone number, bank account number, credit card number, debit card number, or any other financial information, but excluding publicly available information that is lawfully made available to the general public from federal, state, or local government records.
  3. Commercial information, including records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
  4. Internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding a consumer’s interaction with an Internet website application, or advertisement.
  5. Geolocation data.
  6. Audio, electronic, visual, thermal, or similar information.
  7. Inferences drawn from any of the information identified in this subdivision to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

Categories of “sensitive personal information” as defined in the CCPA:

  1. A consumer’s account log-in in combination with any required security or access code, password, or credentials allowing access to an account.

Section 4 describes the purposes for which we use your personal information. We only use your sensitive personal information for purposes referenced at Subsection 1798.121(a) of the CCPA, namely to perform the services or provide the goods reasonably expected by an average California resident who requests those goods or services, and we do not use sensitive personal information to infer characteristics about you.

We do not monetize personal information about California residents in the sense of exchanging personal information for money. However, we disclose certain personal information about users of the Digital Platform to advertising networks and their partners to provide the users with more interesting and customized information, promotions, and advertising, which is considered “selling” and “sharing” under the CCPA. This information includes California residents’ identifiers, commercial information, Internet or other electronic network activity information and geolocation data. To opt-out of such “sales” and “sharing”, please follow the instructions in our website notice of right to opt-out of selling/sharing. If you opt out of “sharing”, we may continue to disclose your personal information to third parties for purposes outside of cross-context behavioral advertising. In addition, if you opt out of “selling” and “sharing”, you may still be presented with contextual and other advertisements that are not based on cross-context behavioral analysis.

We retain each of the categories of personal information collected under this Notice at Collection as long as necessary to fulfill the purposes for which it was collected in accordance with this Privacy Policy, provide the services you requested from us, resolve any disputes with you, enforce our agreements with you, and comply with applicable laws.

  1. CCPA Privacy Policy
  2. Information Practices over the Preceding 12 months

Below are the categories of “personal information” and “sensitive personal information” (as defined by the CCPA) that we have collected about California residents in the preceding 12 months and, for each category of personal information collected, the categories of sources from which that information was collected, whether we “sold” or “shared” such personal information and to whom and for what purpose if so, and other categories of third parties to whom we disclosed the personal information and the purposes of such disclosures. The table is followed by a description of the purposes for which we collected personal information. “Consumer” refers to a California resident. "Business contact" means our business customers including prospective customers and corporate representatives of our vendors and other partners. "Online user" means users of our Digital Platforms. "Worker" means our employees, candidates, independent contractors, and other personnel.

Please note that we do not monetize personal information about California residents in the sense of exchanging personal information for money. However, as detailed in the table below, we disclosed certain personal information about users of the Digital Platforms to advertising networks and their partners to provide the users with more interesting and customized information, promotions, and advertising, which is considered “selling” and “sharing” under the CCPA.

Categories of Personal Information under the CCPA.

Categories of Personal Data 

Personal Information under the CCPA

Did we collect? If so, from what source?

Did we sell? If so, to whom and for what purpose?

Did we share? If so, to whom and for what purpose?

Did we disclose apart from selling or sharing? If so, to whom and for what purpose?

Identifiers   
name, address, email, device or user identifier, cookie, pixel tag, telephone number, IP address, other identifiers, etc.

Yes, from business contacts, online users, and workers.

Yes, we “sold” to third-party advertising networks for purposes of cross-context behavioral advertising.

Yes, we “shared” to third-party advertising networks for purposes of cross-context behavioral advertising.

Maxeon group companies   
Maxeon affiliates and subsidiaries

Business partners   
independent distributors, installers, builders, and developers

Service Providers   
professional or technical support providers, external auditors and law firms, financial services companies, etc.

Utility providers and related agencies

Other Personal Information under Cal. Civ. Code § 1798.80

signature, social security number, driver’s license number, insurance policy number, financial information, employment information, etc.

Yes, from business contacts, online users, and workers.

No.

No.

Maxeon group companies   
Maxeon affiliates and subsidiaries

Business partners   
independent distributors, installers, builders, and developers

Service Providers   
professional or technical support providers, external auditors and law firms, financial services companies, etc.

Utility providers and related agencies

Protected Classifications

sex, age, marital status, military and veteran status, etc.

Yes, from workers.

No.

No.

Maxeon group companies   
Maxeon affiliates and subsidiaries

Service Providers   
professional or technical support providers, external auditors and law firms, financial services companies, etc.

Utility providers and related agencies

Commercial Information

records of products and services considered, purchased or serviced, etc.

Yes, from business contacts, online users, and workers.

Yes, we “sold” to third-party advertising networks for purposes of cross-context behavioral advertising.

Yes, we “shared” to third-party advertising networks for purposes of cross-context behavioral advertising.

Maxeon group companies   
Maxeon affiliates and subsidiaries

Business partners   
independent distributors, installers, builders, and developers

Service Providers   
professional or technical support providers, external auditors and law firms, financial services companies, etc.

Utility providers and related agencies

Internet or other electronic network activity information

browsing and search history, information regarding your interaction with Digital Platforms and marketing activities, etc.

Yes, from online users.

Yes, we “sold” to third-party advertising networks for purposes of cross-context behavioral advertising.

Yes, we “shared” to third-party advertising networks for purposes of cross-context behavioral advertising.

Maxeon group companies   
Maxeon affiliates and subsidiaries

Business partners   
independent distributors, installers, builders, and developers

Service Providers   
professional or technical support providers, external auditors and law firms, financial services companies, etc.

Geolocation Data

location of your mobile device or computer

Yes, from online users and workers.

Yes, we “sold” to third-party advertising networks for purposes of cross-context behavioral advertising.

Yes, we “shared” to third-party advertising networks for purposes of cross-context behavioral advertising.

Maxeon group companies   
Maxeon affiliates and subsidiaries

Service Providers   
professional or technical support providers, external auditors and law firms, financial services companies, etc.

Audio, electronic, visual or similar information

Yes, from business contacts, online users and workers.

No.

No.

Maxeon group companies   
Maxeon affiliates and subsidiaries

Service Providers   
professional or technical support providers, external auditors and law firms, financial services companies, etc.

Professional or employment-related information

Yes, from business contacts and workers.

No.

No.

Maxeon group companies   
Maxeon affiliates and subsidiaries

Service Providers   
professional or technical support providers, external auditors and law firms, financial services companies, etc.

Education information

Yes, from workers.

No.

No.

Maxeon group companies   
Maxeon affiliates and subsidiaries

Service Providers   
professional or technical support providers, external auditors and law firms, financial services companies, etc.

Inferences

inferences we draw from a profile about you reflecting your preferences, characteristics, or predispositions

Yes, from business contacts, online users and workers.

No.

No.

Not Applicable



 

Categories of Sensitive Personal Information under the CCPA.

Categories of Sensitive Personal Data 

Sensitive Personal Information under the CCPA

Did we collect? If so, from what source?

Did we sell? If so, to whom and for what purpose?

Did we share? If so, to whom and for what purpose?

Did we disclose apart from selling or sharing? If so, to whom and for what purpose?

A consumer’s social security, driver’s license, state identification card, or passport number.

Yes, from workers.

No.

No.

Maxeon group companies   
Maxeon affiliates and subsidiaries

Service Providers   
professional or technical support providers, external auditors and law firms, financial services companies, etc.

A consumer’s account log-in with any required security or access code, password, or credentials allowing access to an account.

Yes, from online users and workers.

No.

No.

Maxeon group companies   
Maxeon affiliates and subsidiaries

Service Providers   
professional or technical support providers, external auditors and law firms, financial services companies, etc.

A consumer’s racial or ethnic origin, religious or philosophical beliefs, or union membership.

Yes, from workers.

No.

No.

Maxeon group companies   
Maxeon affiliates and subsidiaries

Service Providers   
professional or technical support providers, external auditors and law firms, financial services companies, etc.

The contents of a consumer’s mail, email, and text messages unless the business is the intended recipient of the communication.

Yes, from workers.

No.

No. 

Maxeon group companies   
Maxeon affiliates and subsidiaries

Service Providers   
professional or technical support providers, external auditors and law firms, financial services companies, etc.

Personal information collected and analyzed concerning a consumer’s sex life or sexual orientation.

Yes, from workers.

No.

No. 

Maxeon group companies   
Maxeon affiliates and subsidiaries

Service Providers   
professional or technical support providers, external auditors and law firms, financial services companies, etc.

Personal information collected and analyzed concerning a consumer’s health.

Yes, from workers.

No.

No.

Maxeon group companies   
Maxeon affiliates and subsidiaries

Service Providers   
professional or technical support providers, external auditors and law firms, financial services companies, etc.



 

  1. Business or Commercial Purpose for Collecting Personal Information
  2. To perform the services or provide the goods reasonably expected by consumers in their role, including recruiting services, including those services and goods that are reasonably necessary for us to administer our business contact and worker relationships and for our workers to perform their duties.
  3. To prevent, detect, and investigate security incidents that compromise the availability, authenticity, integrity, or confidentiality of stored or transmitted personal information, including in or via our premises, computers, software, networks, communications devices, and other similar system.
  4. To resist malicious, deceptive, fraudulent or illegal actions directed at us and to prosecute those responsible for those actions.
  5. For short-term, transient use.
  6. To perform services on behalf of us.
  7. To verify or maintain the quality or safety of our services and products.
  8. To improve, upgrade, or enhance our services and products.
  9. To perform functions that are required under laws that apply to us.
  10. To market to consumers such as online users and business contacts.
  11. To collect or process it where such collection or processing is not for the purpose of inferring characteristics about a consumer such as to perform functions that are required under laws that apply to us and to support any claim or defense that we could face before any jurisdictional and/or administrative authority, arbitration, or mediation panel, and cooperating with – or informing – law enforcement or regulatory authorities to the extent required by law.
  12. To evaluate usage of our websites using automated devices and applications, such as Google Analytics. We also may use other analytic means to evaluate our website. We use these tools to help us improve our sites' performance and user experiences. Entities providing such devices and applications may use cookies and other tracking technologies, such as web beacons, to perform their services.

We do not have actual knowledge that we sell or share for cross-context behavioural advertising, the personal information of California residents under 16 years of age.

  1. CCPA Rights

Solely for California consumers, Personal Data has the meaning of “personal information” in the CCPA and does not include information exempted from the CCPA. If you are a California consumer, you may exercise the following rights by contacting us in writing at data-protection@maxeon.com, including your full name, contact details, and the details of your request. Maxeon reserves the right to request additional identity verification and in certain cases may decline your request if your request or identity cannot be verified, or as otherwise permitted by law.

If you designate a third party to act on your behalf, then that third party must be registered with the California Secretary of State and must have valid written evidence of authority from you to act on your behalf, such as a validly executed Power of Attorney or some other written, notarized documentation that must be provided to Maxeon. Maxeon may deny third party requests that don’t include such documentation.

Once we receive, verify and confirm a request, we will respond to the request and provide records covering the 12-month period preceding the date of the request.

Right to Request Disclosure. You have the right to request disclosure about what categories of Personal Data that Maxeon has collected, sold, or disclosed for a business purpose about you and the categories of third parties to whom the Personal Data was sold or disclosed. Additionally, you have the right to request disclosure of specific pieces of information. Below is a full list of the information that you can include in your request.

  1. Categories of Personal Data that Maxeon has collected about you.
  2. Categories of sources from which Maxeon has collected the Personal Data.
  3. The business or commercial purpose for collecting, selling, or sharing the Personal Data.
  4. The categories of third parties with whom Maxeon shares Personal Data.
  5. The specific pieces of Personal Data that Maxeon has collected about you. You have the right to receive this information in a portable and readily useable format.

Right to Opt-Out of Sale. You have the right to opt-out of the sale of your Personal Data to third parties. We disclose California residents' Personal Data to advertising business partners for the purposes of supporting our advertising efforts and, as such, we "sell" and "share" Personal Data as these terms are defined under the CCPA. Please note that we do not monetize Personal Data in the sense of disclosing your Personal Data in exchange for money. Please also note that, if you exercise your right to opt-out of the “sale” and "sharing" of your Personal Data, we may still disclose your Personal Data to third parties for purposes other than cross-contextual behavioral advertising, as described in our privacy disclosures.

Right to Delete. You have the right to request deletion of any of your Personal Data that we have collected from you and retained, subject to certain exceptions, such as when the deletion would create problems with the completion of a transaction or compliance with a legal obligation.

Right to Correct. You have the right to request correction of any inaccurate Personal Data that we maintain about you.

Right to Limit Use of Sensitive Personal Data. You have the right to limit our use and disclosure of sensitive Personal Data to purposes specified in Cal. Civil Code 1798.121(a). We do not use or disclose sensitive Personal Data for purposes other than those specified in Cal. Civil Code 1798.121(a).

Right to Non-Discrimination. Maxeon will not discriminate against you (e.g., by denying you goods or services or providing goods or services at a different level, quality or price) for exercising your rights under the CCPA.

  1. Contact Us

If you have any questions or comments about these disclosures or our practices, please contact us by writing to Maxeon Singapore DPO, 8 Marina Boulevard #05-02, Marina Bay Financial Centre, Singapore 018981, or by email at data-protection@maxeon.com.

15.  Information for residents of Australia 

In Australia, you may access and seek the correction of the personal information we hold about you by contacting data-protection@maxeon.com. We may decline a request to access or correct your personal information in certain circumstances in accordance with the law. If we refuse a request, we will provide you a reason for our decision to the extent permitted by law.

Certain actual or potential breaches of this Policy will require us to make formal notifications to government regulators in Australia. For example, unauthorized access or disclosure of Personal Data could constitute a Notifiable Data Breach under Australian legislation. If we know about any breaches that may cause serious harm, we will let you know. If you become aware of any breaches of this Policy that could constitute a Notifiable Data Breach, please contact us by email at data-protection@maxeon.com to ensure we’re fulfilling our compliance obligations.

If you have contacted us with a complaint about how we have handled your personal data, we will investigate and respond as soon as reasonably practicable, noting that more complex matters may take a longer amount of time. If you are not satisfied with our response to a complaint, you may contact the Office of the Australian Information Commissioner by using the contact details located at www.oaic.gov.au.

16.  Contact Us

Singapore and General Inquiries. You may contact our Singapore Data Protection Officer (“DPO”) if you have any inquiries or feedback on our personal data protection policies and procedures by writing to Maxeon Singapore DPO, 8 Marina Boulevard #05-02, Marina Bay Financial Centre, Singapore 018981, or by email at data-protection@maxeon.com.

SunPower GmbH Inquiries. You may contact us at Schumannstraße 27, 60 325 Frankfurt am Main, Germany, at data-protection@maxeon.com, and by phone at 0 800 000 798 0. Our DPO for SunPower GmbH can be contacted at GermanDPO.maxeon@twobirds.com and at Bird & Bird DPO Services SRL, Avenue Louise 235 Box 1, 1050 Brussels, Belgium.

You can also reach out to Maxeon by contacting us.