Your privacy and trust are important to us. This Privacy Statement for Customers, Business Partners and Visitors (hereinafter referred to as “Privacy Statement”) explains who we are and describes the ways we collect, process, handle, use, store and protect your personal data.
This Privacy Statement applies to all personal information of individuals, such as customers, suppliers, and visitors of NXP premises and websites that we collect and process. For instance, when you:
On occasion, we may refer to additional privacy statements or policies to convey specific privacy information of which you need to be aware. An example is when you share your personal data with us as a job applicant, or when you’re an NXP employee. If you’re a job applicant and would like more information on how NXP handles your personal data, please see the Applicant Privacy Statement.
Due to its global presence, NXP is bound by several privacy and data protection laws and regulations around the world. In order to comply with specific local legal requirements we might publish a local modified version of our privacy statement in such countries. In case of a conflict between this Privacy Statement and a local version or local legislation and/or standards, the latter will prevail.
NXP designs purpose-built, rigorously tested technologies that enable devices to sense, think, connect and act intelligently to improve people's daily lives. As the world leader in secure connectivity solutions for embedded applications, NXP is pushing boundaries in the automotive, industrial & IoT, mobile, and communication infrastructure markets making the connected world better, safer and more secure. When this Privacy Statement refers to “we”, “us” or “our”, it refers to NXP B.V. and affiliates or subsidiaries which under this Privacy Statement may act as a controller of your personal information: namely, those entities who may be deciding how and why your personal information is being processed.
It is important for you to know that “personal information” or: “data”, “personal information” or “personal data”), means: any information relating to an identified or identifiable individual (or “data subject”). An identifiable individual is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or by reference to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. Different pieces of information, when collected can lead to the identification of a person, also constitute personal information.
We may process various types of personal information we receive from you depending on the ways you interact with us (e.g. through our website portal, NXP customer support, etc.). They include the following:
Your bank account information and location information may be considered as sensitive personal information in certain jurisdictions. We will only process such sensitive personal information for the following necessary purposes:
Sensitive data will only be processed by implementing strict security measures, separate consents and specific notices if required by applicable data protection regulations.
NXP will not offer products or services to minors under 18 years old. If you are the parent or guardian of a minor and have any question about matters related to personal information of the minor under your guardianship, you may contact us by means provided below in section XVI of this Privacy Statement.
Depending on the relationship we have with you, the way you interact with us, the websites or sites you visit, or the product or service you use, we may collect personal information for different purposes, such as:
NXP will process Personal Data on a lawful basis (justified reasons) according to the applicable laws and regulations. These legal bases could be:
For the purposes as described under Section VI “Why do we collect your personal information?”, we only share your personal information with categories of third parties listed below:
To the extent required by applicable laws, all third parties receiving your personal information will implement appropriate measures to protect your personal information. When using external service providers, we will require them to process your personal information only for purposes set out in this Privacy Statement. If separate consent is required for the above sharing under applicable laws and regulations, we will notify you and obtain your consent. We do not sell or license your personal information to third parties.
If NXP needs to transfer personal information due to a merger, division, dissolution, declaration of bankruptcy, or other reasons, where required under applicable laws and regulations, NXP will notify you of the name and contact information of the recipient and such a recipient shall continue performing the obligations as described in this Privacy Statement. Otherwise, to the extent required by applicable laws, the recipient shall obtain your consent for their processing of your personal information for other purposes.
We recognize our responsibility to protect the personal information we collect. We make sure that our measures are in compliance with applicable data protection and data security laws. We have implemented appropriate technical and organizational measures to prevent risks, such as accidental or unlawful destruction, loss, alteration, unauthorized disclosure of or access to information. Additionally, we make sure that these measures are in compliance with applicable data protection and data security laws. For instance, we put in place the following measures in order to protect your information:
If unauthorized access, leakage, distortion or loss of personal information occurs or might have occurred, we will adopt remedial measures immediately and if required by applicable laws and regulations, inform government authorities and individuals in a timely manner.
We retain your personal information as long as it is necessary to fulfill the specific purposes, as explained under the section "Why we collect your personal information". In certain cases a longer retention of your personal information might be required according to legal obligations. In all other cases, we delete your personal information once the purpose of processing your information is fulfilled.
According to applicable laws and regulations, you may have certain rights with respect to your personal information, including but not limited to:
You can get in touch with us via the contact details provided below (XVI). Upon receiving your request or questions, we will ask you to verify your identity and specify which kind of information you require. We will make sure that your request will be addressed in time and free of charge unless a disproportionate effort is required. Applicable laws and regulations of certain jurisdictions may impose certain restrictions on exercising your personal information rights. In such a case, NXP will comply with the requirements under applicable laws and regulations.
NXP is a global organization, which owns entities in multiple countries and regions. Please see Global Sites for more information about our global entities. In order to provide you with products and services, fulfill legal obligations or achieve other purposes provided in this Privacy Statement, the personal information we process may be transferred internationally throughout our organization and to third parties worldwide. The countries/regions in which recipients are likely to be located are the countries/regions where NXP is conducting business.
To protect your rights we only store and transfer your personal data in compliance with applicable legal requirements to a region or country where:
If applicable laws and regulations of certain jurisdictions require us to provide you with further notices and obtain your separate consent for the cross-border data transfer, we will further provide such notices and obtain your separate consent.
Our websites sometimes link to services run by other companies. Those companies have their own privacy and cookie notices, so remember that the information you give them will follow their rules. Those companies are not within the control of NXP and NXP is not responsible for the content or personal information protection practices of such services provided by those companies.
Automated decision making is depending on some regulations restricted, if such regulation applies in your situation, please read through the section below.
If we use automated means to send you targeted push or marketing messages, we will provide you with a method to refuse such targeted messages. If we use automated means to make any decisions that may have major impact on your rights and interests, you may have the right to request us to provide you with an explanation if we are required to do so under applicable laws and regulations. We may also provide you with an opt-out method, where required under applicable laws and regulations, if the decision is made solely based on automated means and such a decision may have major impact on your rights and interests.
In order to stay compliant with applicable legal requirements, reflect received feedback or changes in our products, services or operations we might change this Privacy Statement from time to time. The current version of this Privacy Statement is always available at: www.nxp.com
If you are concerned about the way we process your personal information, please contact our Data Protection Officer (DPO) who will investigate your concern. Please understand that the DPO can only handle your request if you authenticate yourself. You will receive a response within a reasonable period. You also have the right to make a formal complaint to the relevant regulator in your jurisdiction.
In case you have a concern or complaint in relation to this Privacy Statement please reach out to our Data Protection Office at:
NXP Semiconductors N.V.
Attn. Data Protection Office
High Tech Campus 60
The Data Protection Office
Please be informed to only use the mail address dataprotection@NXP.com if you have a question with regard to Personal Data (Privacy) matters.
If you believe that you have discovered a potential security vulnerability in an NXP product, please contact PSIRT at firstname.lastname@example.org.