隐私声明

此隐私声明由牛津仪器股份公司及其子公司（“我们”）发布。

我们尊重您的隐私，并致力于保护您的个人数据。

此隐私声明旨在说明我们如何保管您的个人数据、确认您的隐私权并概述法律给予您的保护。本声明适用于我们使用、收集和处理您的个人数据时的所有情形，无论您是因为访问我们的网站（无论您从哪里访问）、社交媒体平台、系统和应用，或是采购我们的商品或服务、参与我们的尽职调查，还是因为成为我们的合作伙伴或供应商而与我们互动。

请花时间阅读此隐私声明，包括下面的特定国家和活动部分，仔细了解我们将如何使用您的个人数据。

下文中使用的某些术语的含义请参见附表。

我们作为雇主，在与我们的员工和工作人员互动时，适用另外的隐私声明。员工和工作人员可通过我们的内部网站访问该隐私声明，也可直接向公司人力资源部索取。

全球数据隐私标准

我们致力于在涉及使用您的个人数据的所有活动中遵循以下良好实践原则：

我们按照适用的数据保护法规使用个人数据。
我们基于合法依据获取和使用个人数据。
我们向个人公开如何处理其个人数据。
我们慎重地处理个人数据。
我们以确保适当安全性的方式处理个人数据。
我们仅在需要的时间期限内保留个人数据。
我们尊重个人对其个人数据的权利。

此隐私声明的目的

此隐私声明旨在提供有关我们如何收集和处理您的个人数据的信息，包括您在注册我们的时事通讯、购买产品或服务、参加活动或竞赛、填写联系支持表、填写尽职调查表、提供身份证明文件、请求定价或报价，或从我们的网站下载文档时可能提供的任何数据。

请注意，本隐私声明必须与我们在收集或处理您的个人数据时的特定场合可能提供的任何其他隐私通知、政策或公平处理通知一并阅读，以便您充分了解我们如何以及为什么使用您的数据。

此隐私声明是对其他通知的补充，并不替代其他通知。

由谁控制和/或处理您的数据

牛津仪器股份公司由不同的法人实体组成，详细信息可在此查看。作为一家全球性公司集团，我们拥有许多跨境业务流程、规程、应用程序、系统和管理制度。

此隐私声明是代表牛津仪器集团发布的，因此当其中提到“牛津仪器”、“我们”或“我们的”时，指的是负责处理您数据的牛津仪器集团中的相关公司。

牛津仪器股份公司是我们主网站（oxinst.com）的数据控制者。牛津仪器法律实体是数据控制者并负责收集和使用您的个人数据，将决定收集哪些数据、如何使用数据、数据存储多长时间以及与谁共享数据，具体取决于您与我们的关系。例如，如果您是我们的客户、供应商、代理商、经销商或业务合作伙伴，或为其工作，则数据控制者是您与之开展业务的牛津仪器法律实体。此信息可在您收到的报价、订单确认书、发票、采购订单或您与我们签订的协议中查看，也可向您的牛津仪器股份公司联系人索取。

我们已任命一名数据隐私经理，负责监管与此隐私声明相关的问题。如果您对此隐私声明有任何疑问，包括对行使您可能享有的任何合法权利的任何请求，请使用下文的详细信息与我们联系。此外，下文中的国别部分也包含我们的联系详情，以便您就所在国的数据隐私问题联系我们的当地团队。

我们可以收集的与您相关的个人数据

个人数据（也称为个人信息）是指关于个人的、可藉以识别此人的任何信息。但不包括匿名化处理后的数据（匿名数据）。

我们可以收集、使用、存储和传输您的各种个人数据，包括以下几类：

身份数据，包括姓名、婚前姓、用户名或类似标识符、婚姻状况、头衔、出生日期和性别。
联系方式数据，包括账单地址、收货地址、电子邮箱和电话号码。
财务数据，包括交易点收到的信用评级机构、银行账户和支付卡的详细信息。
交易数据，包括您从牛津仪器购买的产品和服务的详细信息，以及支付给您或由您支付的款项的其他详细信息。
技术数据，包括互联网协议（IP）地址、您的登录数据、浏览器类型和版本、时区设置和位置、操作系统和平台。
个人资料数据，包括您的用户名和密码、您的采购或订单、反馈和调查回复、您所提供的兴趣和偏好。
使用数据，包括有关您如何使用我们的网站、应用程序、系统、产品和服务的信息。
营销和通信数据，包括您从我们和我们的第三方获得营销的偏好以及您的通信偏好。

此外，我们还收集、使用和共享汇总数据，例如用于任何目的的统计或人口统计数据。汇总数据可能来自您的个人数据，但不会直接或间接地显示您的身份。例如，我们可能会汇总您的使用数据，以计算访问特定网站功能的用户百分比。

但是，如果我们将汇总数据与您的个人数据合并或关联而使其可以直接或间接对您作出识别，我们会将合并后的数据视为个人数据，并仅根据此隐私声明使用该等数据。

我们不会故意收集任何有关您的特殊类别个人数据（包括有关种族或族裔、宗教或哲学信仰、性生活、性取向、政治观点、工会会员、健康信息以及遗传和生物特征数据的详细信息）。我们也不会收集任何有关刑事定罪和违法行为的信息，除非我们的第三方尽职调查流程中有特殊要求（且法律允许）。

我们如何收集您的个人数据

我们使用不同的方法收集来自您的以及与您相关的数据，包括：

直接交互。您可能会通过填写表格或通过邮寄、电话、电子邮件或其他方式与我们联系，向我们提供您的身份信息、联系方式和财务数据。这包括您在以下情况下提供的个人数据：

购买或查询我们的产品或服务；
在我们的网站上创建账户；
订阅我们的服务或出版物；
请求向您发送营销内容；
参加比赛、促销或调查；或
向我们提供反馈。

自动化技术或交互。当您与我们的网站互动时，我们可能会自动收集有关您的设备、浏览操作和模式的技术数据。我们使用Cookies、服务器日志和其他类似技术收集此类个人数据。如果您访问采用我们Cookies的其他网站，我们可能也会收到有关您的技术数据。有关更多详情，请参阅我们的Cookie政策。
第三方或公开来源。我们可能会从以下不同的第三方和公共来源收到个人数据：

来自以下各方的技术数据：

分析提供商；
广告网络；
行业领先的生成器；
科学出版商和社交网络提供商；
客户关系管理提供商；
学术团体；
网络研讨会提供商；
搜索信息提供商；
调查引擎；
活动票务和管理提供商；
网络和电子邮件营销提供商；
产品比较网站；
销售和营销自动化平台；以及
合规筛查提供商。

来自技术、支付和交付服务提供商的联系方式、财务和交易数据。

来自数据经纪人或信息汇总公司的身份和联系方式数据。

来自Companies House（英国公司注册处）、第三方网站、合规筛查提供商和选民登记册等欧盟境内公共来源的身份和联系数据。

我们如何使用您的个人数据

我们只在法律允许的情况下才会使用您的个人数据。通常情况下，我们将在以下情况下使用您的个人数据：

我们需要履行将与您签订或已与您签订的合同；
为了我们的合法利益（或第三方的合法利益）所必需而且您的利益和基本权利并不凌驾于这些利益之上；以及
我们需要遵守法律或监管义务。

一般来说，我们不依赖您的同意作为处理您的个人数据的法律依据，但我们自己和/或第三方向您进行某些直接营销通信的情况除外——详情请参阅下方的“直接营销与选择退订”选项卡。您有权随时联系我们撤销对该营销形式的同意。

我们在下文表格中描述了我们可以使用您的个人数据的所有方式，以及允许我们如此行事的法律依据。我们也确定了我们有哪些合法利益属于适当情况，以及我们依法获得允许使用此法定依据的情况。

请注意，根据我们使用您的个人数据的具体目的，我们可以依据多个法定事由处理您的个人数据。对于下表中列出多项事由的情况，如果您需要了解我们处理您的个人数据所依据的具体法定事由的详细信息，请与我们联系。

目的/活动	数据类型	处理个人数据的法定依据，包括合法利益的依据
将您注册为新客户或老客户，或准备与您签订合同	(a) 身份 (b) 联系方式	履行与您之间的合同
处理和交付您的订单，包括：（a）管理付款、费用和收费（b）收取和收回欠我们的款项（c）提供客户服务（d）进行维修处理我们给您的订单，包括：（a）付款、支付费用和手续费（b）请求客户服务（c）请求维修	(a) 身份 (b) 联系方式 (c) 财务 (d) 交易 (e) 营销和通信	(a) 履行与您之间的合同 (b) 为了我们的合法利益（收回欠我们的债务）所必需的
管理我们与您的关系，包括：（a）通知您有关我们条款或隐私政策的变更（b）邀请您留下评论或接受调查	(a) 身份 (b) 联系方式 (c) 个人资料 (d) 营销和通信	(a) 履行与您之间的合同 (b) 履行法定义务所必需的 (c) 为了我们的合法利益（保持我们的记录更新和研究客户如何使用我们的产品/服务）所必需的
使您能够参加抽奖、比赛或完成调查	(a) 身份 (b) 联系方式 (c) 个人资料 (d) 使用情况 (e) 营销和通信	(a) 履行与您之间的合同 (b) 为了我们的合法利益（研究客户如何使用我们的产品/服务，开发产品/服务，以及发展我们的业务）所必需的
管理和保护我们的业务和本网站（包括故障排除、数据分析、测试、系统维护、支持、报告和数据托管）	(a) 身份 (b) 联系方式 (c) 技术	(a) 为了我们的合法利益（为经营我们的业务、提供行政和IT服务、网络安全、防止欺诈，以及在业务重组或集团重组操作方面）所必需的 (b) 履行法定义务所必需的
向您提供相关的网站内容和广告，并衡量或了解我们为您提供的广告的有效性	(a) 身份 (b) 联系方式 (c) 个人资料 (d) 使用情况 (e) 营销和通信 (f) 技术	为了我们的合法利益（研究客户如何使用我们的产品/服务，开发产品/服务，发展我们的业务，以及告知我们的营销战略）所必需的
使用数据分析来改进我们的网站、产品/服务、营销、客户关系和体验，并预测库存管理情况	(a) 技术 (b) 使用	为了我们的合法利益（定义使用我们产品和服务的客户的类型、保持网站更新和相关性、发展我们的业务，以及告知我们的营销战略）所必需的
向您建议或推荐您可能感兴趣的商品或服务	(a) 身份 (b) 联系方式 (c) 技术 (d) 使用情况 (e) 个人资料	为了我们的合法利益（开发我们的产品/服务、发展我们的业务）所必需的
授权您作为我们的供应商、合作伙伴、经销商或代理商，代表我们行事或准备与我们签订合同。	(a) 身份 (b) 联系方式 (c) 财务 (d) 交易 (e) 个人资料 (f) 营销和通信	(a) 履行与您之间的合同 (b) 履行法定义务所必需的 (c) 为了我们的合法利益所必需的

我们只会将您的个人数据用于我们收集这些数据的目的，除非我们合理地认为需要基于其他原因使用这些数据，并且该原因与初始目的是相符的。如果您希望获得关于新目的与原始目的如何兼容的处理说明，请联系我们。

如果我们需要将您的个人数据用于不相关的目的，我们会通知您，并解释允许我们这样做的法律依据。请注意，在法律要求或允许的情况下，我们可以在您不知情或未经您同意的情况下，根据上述规则处理您的个人数据。

如果我们需要依照法律或根据与您签订的合同条款收集个人数据，并且如果您未应请求提供该数据，我们可能会无法履行我们已经或正在尝试与您签订的合同（例如，为您提供商品或服务）。在这种情况下，我们可能必须取消您与我们签订的产品或服务订单，但如果当时发生该情况的话，我们将会通知您。

披露您的个人数据

为了上表中所述目的，我们可能需要与下述各方共享您的个人数据。

附表中规定的内部第三方；
附表中规定的外部第三方；
我们可能选择向其出售、转让或合并部分业务或资产的第三方。或者，我们可能会寻求收购其他业务或与其合并。如果我们的业务发生变更，则新的所有者可能会按照本隐私声明中规定的方式使用您的个人数据；以及

与帮助防范非法活动的任何调查有关的执法机构。

我们要求所有第三方尊重您的个人数据的安全性，并依法处理个人数据。我们不允许我们的第三方服务提供商将您的个人数据用于其自身目的，并且仅允许他们根据我们的指示处理您的个人数据以达到指定目的。

我们是一家全球性的公司集团，我们使用跨境内部第三方和外部第三方来帮助我们经营业务。我们的一些内部和外部第三方位于收集您的个人数据所在国家的境外，因此您的个人数据可能会由内部和外部第三方在海外处理。我们遵循适用的法律要求，以便在个人数据被传输到海外时保护其安全。

确保您的数据安全

我们已落实适当的安全措施，防止您的个人数据发生意外丢失、使用或被擅自访问、更改或披露。

此外，我们还限制那些出于业务需要而了解您的个人数据的员工、代理人、承包商和其他第三方访问该等数据。他们只能根据我们的指示处理您的个人数据，并且须承担保密义务。

我们已落实各项规程，以处理任何涉嫌的个人数据违规行为，并将按法律要求将违规行为通知您和任何适用的监管机构。

我们将使用技术和组织措施来保护您的个人数据。

特别是以下措施：

使用防火墙；
在我们的某些在线销售产品和服务的网站上使用SSL技术加密付款详细信息；
将个人信息的访问权仅提供给那些需要知道该等信息以便为我们处理该等信息并负有合同保密义务的人员；
对员工进行数据处理良好实践培训；
要求员工遵守我们的数据保护政策和IT政策；以及
将您的个人数据存储在安全服务器上。

虽然我们将尽商业上合理的努力来保护您的个人数据，但您需承认，互联网的使用并不完全安全，因此我们无法保证通过互联网自您或向您传输的任何个人数据的安全性或完整性。

数据保留

我们保留个人数据的时间取决于我们实现收集这些数据的目的所需的时间，包括满足任何法律、会计或报告要求等目的。

当地法律可能要求我们必须在一段特定时间内保留有关您的基本信息。例如，如果您是我们的客户或为其工作，则我们必须在您购买日期后将您的个人数据（包括联系方式、身份信息、财务和交易数据）保留一定年限。例如，在英国须保留六年。

为了确定个人数据的适当保留期，我们会考虑个人数据的数量、性质和敏感性、擅自使用或披露您的个人数据可能造成的损害风险、我们对您的个人数据进行处理的目的、我们能否通过其他方式实现这些目的，以及适用的法律要求。

在某些情况下：

您可以要求我们删除您的数据：请参阅下文以获取更多信息；以及
我们可以将您的个人数据匿名化（以便它不再与您关联），用于研究或统计目的，在这种情况下，我们可以无限期地使用此信息，而无需另行通知您。

监控

我们可能会出于质量保证、培训、欺诈预防和合规的目的监控并记录与您的通信（如电子邮件）。

信用核查

为了使我们和集团其他子公司能够对您和您所在的组织做出信用决策，并且出于预防欺诈和反洗钱目的，我们可能会搜索信用评级和欺诈预防机构的文件（他们将记录该搜索）。

我们可能会向此类机构披露您的账户操作信息。其他授信方可能会将这些信息用于对您和与您有财务联系的组织作出信用决策、防止欺诈、债务人追踪以及反洗钱等目的。如果您提供不实或不准确的信息，并且我们怀疑存在欺诈行为，我们将对此进行记录。

关于其他个人的信息

如果您代表他人向我们提供信息，您应确认对方已指定您代表其行事，并同意您可以：

代表其同意处理其个人数据；
代表其接收任何数据保护通知；以及
同意对其个人数据进行处理和传输到国外。

您的权利

当地法律为您提供了有关您个人数据的某些其他权利。有关您根据当地（如欧洲经济区、瑞士、英国、巴西、日本、澳大利亚、美国或中国）法律可能享有的具体权利以及如何行使该等权利的更多信息，请参阅下方的国别隐私声明。

我们将根据适用的当地法律，做出合理努力，以便及时响应您的请求。当您联系我们时，我们可能会要求您向我们提供信息以验证您的身份，从而协助处理您的请求。如果您无法向我们提供此信息，我们可能无法处理您的请求和/或我们的响应可能会延迟。

我们的联系方式

我们欢迎您的反馈和问题。

如需联系我们，请发送电子邮件至privacy@oxinst.com，或将书信寄至以下地址：Group Data Privacy Manager, Tubney Woods, Abingdon, Oxon OX13 5QX, UK。

我们的某些国别隐私声明中也包含了具体联系信息，以便您就所在国的隐私问题联系我们的当地团队。以下是部分国家关于隐私问题的特定电子邮件地址，供您使用：

中国 - PrivacyCN@oxinst.com。

日本 - PrivacyJP@oxinst.com。

美国 - PrivacyUS@oxinst.com。

澳大利亚 - PrivacyAU@oxinst.com。

您有权随时向相关监管机构投诉。详细信息请参阅下方的国别隐私声明。

然而，在您联系相关监管机构之前，我们非常希望有机会处理您的关注问题，因此请首先与我们联系。

本声明的变更以及您告知我们最新情况的责任

我们可能会不时更改本隐私声明。您应不时查看本隐私声明，以确保您知悉最新版本。这适用于您对我们的网站、属于或由我们使用的社交媒体平台、系统和应用程序的每一次访问。如需历史版本，请联系我们索取。

请注意，我们必须确保所掌握的关于你的个人数据是准确和最新的。如果在您与我们的关系存续期间，您的个人数据发生变化，请随时通知我们。

附加隐私声明：特定活动

请展开各个选项卡，查看各项活动的相关隐私声明。这些特定活动隐私声明是对其他通知的补充，并不替代其他通知。

▽直接营销与选择退订

本节适用于我们根据在英国保留执行的欧盟法律版本《通用数据保护条例（EU）2016/679》和2018年《数据保护法案》（“英国版GDPR”）、《通用数据保护条例（EU） 2016/679》（“欧盟GDPR”)、《瑞士联邦数据保护法案》（“FDPA”），以及这些国家境内的其他适用的地方法律，处理欧洲经济区、英国和瑞士居民的个人数据，并构成对上述通用隐私声明的补充。

我们的一些内部和外部第三方的总部位于欧洲经济区、瑞士和/或英国境外，因此他们处理您的个人数据将涉及在这些国家境外传输数据。我们遵循适用的法律要求，以保障在这些国家境外传输的您的个人数据的安全性。

如果您位于欧洲经济区、瑞士或英国境内，在某些情况下，您可能根据适用的数据保护法享有与您的个人数据相关的一些权利，例如：

请求访问（和/或复制）您的个人数据（通常称为“数据主体访问请求”），以核查对其处理的合法性；
请求更正个人数据，以更正我们持有的关于您的任何不完整或不准确的个人数据；
请求擦除您的个人数据，适用于我们没有合理理由继续处理您的个人数据的情况。此外，在您已成功行使拒绝数据处理的权利（见下文）、我们可能非法处理了您的信息，或者我们按当地法律要求应擦除您的个人数据等情况下，您有权要求我们删除或移除您的个人数据；
拒绝处理您的个人数据，适用于我们享有合法利益（或第三方利益）但您所处的特殊情况使您想要拒绝处理数据的情况。此外，在我们出于直销目的处理您的个人数据的情况下，您也有权拒绝；
请求限制处理您的个人数据，例如：（a）如果您希望我们确定数据的准确性；（b）我们使用数据是非法的（但您不希望我们擦除这些数据）；（c）即使我们不再要求，您还是需要我们保存数据，因为您需要这些数据来确定、行使合法诉求或为合法诉求辩护；或（d）您拒绝我们使用您的数据，但我们需要验证我们是否有高于一切的合法理由使用这些数据；
请求以结构化、常用的机器可读格式将您的个人数据传输给您或第三方；
随时撤回对我们处理您的个人数据给予的同意。请注意，这不会影响在您撤回同意之前进行的任何处理的合法性，而且如果您撤回您的同意，我们可能无法向您提供某些产品或服务。如果在您撤回同意之时将发生此类情况，我们会通知您。

如果您想行使上述任何权利，请与我们联系。

您不必为访问您的个人数据（或行使任何其他权利）支付费用。但是，如果您的请求明显缺乏根据、重复或过多，我们可能会收取合理的费用。或者，在这种情况下，我们可能会拒绝满足您的请求。

我们会尽力在一个月内响应所有合法请求。有时，如果您的请求特别复杂，或者您提出了多个请求，则可能需要更长时间。在这种情况下，我们将通知您并随时让您了解最新状态。

我们可能需要向您请求特定信息，以帮助我们确认您的身份，并确保您有权访问您的个人数据（或行使您的任何其他权利）。这是一项安全措施，旨在确保不会把个人数据泄露给任何无权接收个人数据的人。

我们还可能会联系您，向您询问有关您的请求的更多信息，以便加快我们的响应速度。

如果您想行使上述任何权利，您应：

以书面形式向我们提出请求，发送至privacy@oxinst.com；
附上您的身份和地址证明（例如，您的驾驶执照或护照的复印件，以及最近的公共服务账单或信用卡账单）；以及
明确您的请求的性质，包括任何账户或参考号码（如适用用）。

如果您希望我们停止出于直销目的处理您的个人数据，您应：

向我们发送电子邮件至privacy@oxinst.com，抬头写明“取消订阅”，或者单击您收到的我们电子邮件中的相应链接；
给我们提供足够的信息来识别您的身份；以及

如果您要拒收的不是一般直销，而是通过特定渠道（例如电子邮件、邮件或电话）或来自牛津仪器特定业务单位的直销，请明确您要拒收的渠道或业务单位。

如果您收到来自牛津仪器不同业务单位销售的不同产品线的电子邮件，请使用每封电子邮件中的选择退订功能，以确保您取消订阅所有产品线。

根据英国版《通用数据保护条例》，适用于个人数据处理的监管机构是信息专员办公室（ICO）（www.ico.org.uk）。

根据欧盟《通用数据保护条例》处理个人数据的相关监管机构的详细信息可在此查阅。

根据《联邦数据保护法》处理个人数据的相关监管机构是瑞士联邦数据保护和信息专员（DPIC）（www.edoeb.admin.ch）。

代表

我们有许多位于英国境外的法人实体，负责为英国境内的数据主体提供商品和服务。《通用数据保护条例》他们各自根据英国版指定了一家英国代表。我们有许多位于欧盟以外的法律实体，负责为欧盟境内的数据主体提供商品和服务。他们各自根据欧盟《通用数据保护条例》指定了一家欧盟代表。

Oxford Instruments GmbH（牛津仪器有限责任公司）是以下公司指定的欧盟代表：Oxford Instruments plc（牛津仪器股份公司）、Oxford Instruments Industrial Products Limited（牛津仪器工业产品有限公司）、Oxford Instruments Nanotechnology Tools Limited（牛津仪器纳米技术工具有限公司）、安道尔科技有限公司、Oxford Instruments Overseas Marketing Limited（牛津仪器海外营销有限公司）、Oxford Instruments Asylum Research, Inc.（牛津仪器Asylum Research公司）、Oxford Instruments X-Ray Technology, Inc.（牛津仪器X射线技术公司）、Bitplane股份公司。

Oxford Instruments plc（牛津仪器股份公司）是以下公司指定的英国代表：Oxford Instruments Asylum Research, Inc.（牛津仪器Asylum Research公司）、Oxford Instruments X-Ray Technology, Inc.（牛津仪器X射线技术公司）、Bitplane股份公司、WITec Wissenschaftliche Instrumente und Technologie GmbH。

▽网站使用与Cookies

本涵盖我们收集、持有、使用和披露您的个人信息的方式，这些个人信息与您使用我们的网站和属于我们或由我们使用的其他社交媒体平台、系统以及应用程序有关。

我们的网站、平台、系统和应用程序不是针对儿童的，我们不会故意收集与儿童相关的数据。

我们的网站可能包括指向第三方网站、插件和应用程序的链接。单击或启用这些链接可能会允许第三方收集或共享有关您的数据。我们不控制这些第三方网站，也不对其隐私声明负责。当您离开我们的网站时，我们建议您阅读您访问的每个网站的隐私通知。

Cookies - 我们可能会使用Cookies和类似跟踪技术来监控您对网站的使用。例如，我们可能会监控您的访问次数、访问页面、流量数据、位置数据以及用户互联网服务提供商的原始域名。这些信息有助于我们建立用户档案，并为用户提供更多相关信息。其中一些数据将成为汇总或统计数据，这意味着我们将无法识别您的个人身份。

您可以将浏览器设置为拒绝全部或部分浏览器Cookies，或在网站设置或访问Cookies时提醒您。请注意，如果您禁用或拒绝Cookies，我们网站的某些功能可能会无法访问或无法正常运行，但您仍然可以购买产品和/或服务。

我们和谷歌等第三方使用Cookies或其他第三方标识符来编译我们的广告数据。我们还可能使用再营销在其他网站上投放广告。例如，Google将根据您对我们网站的历史访问记录，在您访问的其他网站上显示我们的广告，以确保您收到与您相关的广告。

关于我们使用cookies的更多信息，请参阅我们的Cookie政策。

▽信用核查与尽职调查信用核查

本节涵盖我们收集、持有、使用和披露您的个人信息的方式，这些个人信息与您使用我们的网站和属于我们或由我们使用的其他社交媒体平台、系统以及应用程序有关。

我们的网站、平台、系统和应用程序不是针对儿童的，我们不会故意收集与儿童相关的数据。

我们的网站可能包括指向第三方网站、插件和应用程序的链接。单击或启用这些链接可能会允许第三方收集或共享有关您的数据。我们不控制这些第三方网站，也不对其隐私声明负责。当您离开我们的网站时，我们建议您阅读您访问的每个网站的隐私通知。

Cookies - 我们可能会使用Cookies和类似跟踪技术来监控您对网站的使用。例如，我们可能会监控您的访问次数、访问页面、流量数据、位置数据以及用户互联网服务提供商的原始域名。这些信息有助于我们建立用户档案，并为用户提供更多相关信息。其中一些数据将成为汇总或统计数据，这意味着我们将无法识别您的个人身份。

您可以将浏览器设置为拒绝全部或部分浏览器Cookies，或在网站设置或访问Cookies时提醒您。请注意，如果您禁用或拒绝Cookies，我们网站的某些功能可能会无法访问或无法正常运行，但您仍然可以购买产品和/或服务。

我们和谷歌等第三方使用Cookies或其他第三方标识符来编译我们的广告数据。我们还可能使用再营销在其他网站上投放广告。例如，Google将根据您对我们网站的历史访问记录，在您访问的其他网站上显示我们的广告，以确保您收到与您相关的广告。

关于我们使用cookies的更多信息，请参阅我们的Cookie政策。

▽尽职调查

本节涵盖我们对与我们第三方尽职调查流程相关的个人信息进行收集、持有、使用和披露的方式。

为了帮助我们决策是否与个人或公司开展业务，我们会使用筛查工具来执行尽职调查流程。这包括使用公开信息和向我们提供的个人信息，以识别与任何第三方开展业务的潜在风险。

我们在尽职调查过程中会处理个人数据，以确保我们只与值得信赖的第三方开展业务。此外，我们的目的还包括确保遵循适用的法律、法规以及我们的商业行为与道德规范准则。

处理哪些个人数据？

在尽职调查过程中，我们可能会处理的关于您或您所在公司的个人数据的类型包括：

1.您的详细联系方式：例如，您的姓名及电子邮件地址（以便向您发送我们的尽职调查问卷，并与您沟通尽职调查问卷填写事宜）。

2.在尽职调查问卷中，我们可能会询问：

a）贵司知名人士的姓名：（即贵司的所有者、董事会成员、首席执行官、首席财务官和首席运营官）。

b）存续和注册证明：（公司注册文件可能包括姓名、家庭住址和出生日期等个人数据）。

c）与我们开展业务所需的相关执照或许可证的详细信息和副本，可能包括照片、姓名和出生日期。我们建议删除或划掉与我们核实您的执照或许可证无关的任何个人信息。

d）身份证明文件，例如：护照、驾驶执照或身份证。

e）针对贵司、贵司所有者、董事会成员、首席执行官、首席财务官和首席运营官的任何刑事定罪、处罚或制裁的相关证明。

3.我们可能会使用第三方筛查工具来筛查我们考虑与之开展业务的公司或个人。这包括对照公开信息（例如，公共登记册、制裁名单、监管来源、媒体和其他法律来源（如公开的法院案例）中包含的信息）核对您向我们提供的信息。

我们可能会使用您的姓名以及我们能够获得的其他个人数据，例如：中间名、别名、电子邮箱、出生日期、性别、职务、雇主、详细地址、国籍，特殊情况下还会使用您的社会保障号码或税号（仅在适用法律允许的范围内使用后者）。

筛查工具可显示被搜索公司的记录，以及与该公司有关联的个人，例如其首席执行官或首席财务官（如果这些信息是公开的）。

谁有权访问我的个人数据？

牛津仪器内部访问您的个人数据

您的个人数据可供与您有业务往来的牛津仪器法人实体及其母公司Oxford Instruments plc（牛津仪器股份公司）的合规部门使用。我们会限制这些公司对您的个人数据的访问：您的个人数据将仅供有业务需要的人访问，并且仅限于满足上述指定目的。牛津仪器内部有权访问您的个人数据的人员都接受过数据保护和数据处理方面的培训，并受合同保密义务的约束。

我们还会使用防火墙、加密技术和安全服务器等技术措施来保护您的个人数据。

第三方访问您的个人数据

我们收集的个人信息将用于内部业务流程，以决定是否与您或您所在的公司建立业务关系。但我们也使用第三方筛查工具。

为了上表中所述目的，我们可能需要与第三方（参阅上文的“披露您的个人数据”部分）共享您的个人数据。如果第三方有权访问个人数据，我们将采取适当的安全措施来保护这些信息。例如，如果您的个人数据被传输到欧洲经济区之外的国家/地区，而该国家/地区没有提供足够的个人数据保护措施，那么我们将提供适当保障（例如，签订含有欧盟委员会采用的标准数据保护条款的合同）。

我们可能偶尔需要通过外包给专业的第三方公司进行额外筛查。必要时，我们可能会与我们的专业顾问共享个人数据，例如在发生争议或法律问题时。此外，我们还可能需要根据适用法律向政府和监管机构以及其他第三方披露信息（例如，遵循法院命令或监管机构的要求）。

如需了解我们为保护个人数据传输而采取的适当安全措施，请发送电子邮件至privacy@oxinst.com。

个人数据将被保留多长时间？

我们保留个人数据的时间取决于我们实现收集这些数据的目的所需的时间，包括满足任何法律、会计或报告要求等目的。

当地法律可能要求我们在一段特定时间内保留您的个人信息。例如，在英国，我们需要将您的个人数据（包括联系方式、身份、财务和交易数据）保留六年。个人数据也可能会保留更长时间，例如在法律法规要求保留更长时间或在发生（潜在）法律纠纷需要保留更长时间的情况下。

您的权利

您根据适用数据保护法享有的具体权利取决于哪些法律适用于您个人。如需更多关于您的权利的信息，请点击下方特定国家的选项卡，或通过privacy@oxinst.com联系我们。

附加隐私声明：特定国家

请展开各个选项卡，查看各个国家的相关隐私声明。

▽ EEA, Switzerland and the UK

This section applies to our processing of personal data of individuals in the EEA, UK and Switzerland pursuant to the retained EU law version of the General Data Protection Regulation (EU) 2016/679 in the UK and the Data Protection Act 2018 (“UK GDPR”), the General Data Protection Regulations (EU) 2016/679 (“EU GDPR”), the Swiss Federal Data Protection Act (“FDPA”), and other applicable local legislation in these territories, and supplements our general privacy statement above.

Some of our Internal Third Parties and External Third Parties are based outside the European Economic Area (EEA), Switzerland and/or the UK so their processing of your personal data will involve a transfer of data outside these territories. We comply with applicable legal requirements to safeguard your personal data transferred outside of the these territories.

If you are located in the EEA, Switzerland or the UK, under certain circumstances, you may have rights under the applicable data protection laws in relation to your personal data, such as:

Request access to (and/or a copy of) your personal data (commonly known as a "data subject access request”) to check its lawful processing;
Request correction of the personal data that we hold about you to correct any incomplete or inaccurate data;
Request erasure of your personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law;
Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing. You also have the right to object where we are processing your personal data for direct marketing purposes;
Request restriction of processing of your personal data for example: (a) if you want us to establish the data's accuracy; (b) where our use of the data is unlawful (but you do not want us to erase it); (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it;
Request the transfer of your personal data to you or to a third party in a structured, commonly used, machine-readable format;
Withdraw consent at any time to our processing your personal data, noting this will not affect the lawfulness of any processing carried out before you withdraw your consent and if you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.

If you wish to exercise any of the rights set out above, please contact us.

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.

We may also contact you to ask you for further information in relation to your request to speed up our response.

If you wish to exercise any of these rights, you should therefore:

put your request in writing to us at privacy@oxinst.com;
include proof of your identity and address (for example, a copy of your driving licence or passport, and a recent utility or credit card bill); and
specify the nature of your request, including any account or reference numbers where applicable.

If you wish us to stop processing your personal data for direct marketing purposes, you should:

email us at privacy@oxinst.com with a header that says 'Unsubscribe' or click the appropriate link in an email you have received from us;
provide us with enough information to identify you; and

if your objection is not to direct marketing in general, but to direct marketing by a particular channel (for example, email, mail or telephone) or from a particular Oxford Instruments business unit, please specify the channel or business unit you are objecting to.

If you receive emails from different product lines sold by different Oxford Instruments’ business units, please use the opt-out functionality in each email to be sure you are unsubscribed from all.

The supervisory authority applicable for personal data processing pursuant to the UK GDPR is the Information Commissioner's Office (ICO) (www.ico.org.uk).

The details of the relevant supervisory authorities for personal data processing pursuant to the EU GDPR is available here.

The relevant supervisory authority for personal data processing pursuant to the FDPA is the Swiss Federal Data Protection and Information Commissioner (DPIC) (www.edoeb.admin.ch)

Representatives

Our legal entities located outside the UK who offer goods and services to data subjects within the UK have each appointed a UK representative for the purposes of the UK GDPR. Our legal entities located outside the EU who offer goods and services to data subjects within the EU have each appointed an EU representative for the purposes of the EU GDPR.

Oxford Instruments GmbH is the appointed EU representative for: Oxford Instruments plc, Oxford Instruments Industrial Products Limited, Oxford Instruments Nanotechnology Tools Limited, Andor Technology Limited, Oxford Instruments Overseas Marketing Limited, Oxford Instruments Asylum Research, Inc., Oxford Instruments X-Ray Technology, Inc., Bitplane AG

Oxford Instruments plc is the appointed UK representative for: Oxford Instruments Asylum Research, Inc., Oxford Instruments X-Ray Technology Inc., Bitplane AG, WITec Wissenschaftliche Instrumente und Technologie GmbH

▽中国

本节适用于我们根据《中华人民共和国个人信息保护法》（以下简称《个人信息保护法》）处理中国居民的个人数据（“中国数据”），并构成对上述通用隐私声明的补充。

我们并不将合法利益作为处理您在中国的个人数据的法定依据——上表中就我们如何处理您的个人数据列出的其他合法依据适用于我们在中国处理您的个人数据。

如据《个人信息保护法》，您的财务数据可能被视为敏感的个人数据。我们严格按照适用的中国法律并且仅出于以下目的处理此类数据：

管理付款、费用和收费；
收取和收回欠我们的款项；
提供客户服务；或
进行维修

如果因合并、分立、解散、宣告破产或其他原因有必要传输个人数据，我们将通知您接收人的姓名和联系方式。接收人在处理个人数据时应遵循本隐私声。

我们是一家全球性的公司集团，我们使用跨境内部第三方和外部第三方来帮助我们经营业务。出于本隐私声明中上文所述的目的，我们与中国境外的内部和外部第三方签订个人信息出境标准合同后，我们可能会将您的个人数据传输至中国境外的内部和外部第三方。您作为个人信息出境标准合同的第三方受益人，有权要求向您提供个人信息出境标准合同的副本以及行使其他权利。

我们将利用合法的跨境传输机制将您的个人数据传输到海外，并采取必要措施，确保海外接收者能够按照中国适用法律的要求提供同等程度的保护。

如发生安全事件，我们会立即采取补救措施，并按适用法例规定，通知有关政府部门及受影响的员工。

如果您位于中国境内，在某些情况下，您可能根据适用的数据保护法享有与您的个人数据相关的一些权利，例如：

请求访问（和/或复制）您的个人数据（通常称为“数据主体访问请求”），以核查对其处理的合法性；

请求更正个人数据，以更正我们持有的关于您的任何不完整或不准确的个人数据；

请求擦除您的个人数据，适用于我们没有任何合理理由（例如，处理目的已实现、不可能实现或不再需要实现时）继续处理您的个人数据的情况。此外，在您已成功行使拒绝数据处理的权利（见下文）、我们可能非法或违反适用的当地法律处理了您的信息、您已撤回您的同意（前提是我们得到您的同意才能处理您的个人数据）或者在我们按当地法律要求应擦除您的个人数据等情况下，您有权要求我们删除或移除您的个人数据；

拒绝处理您的个人数据，适用于您想拒绝我们处理您的个人数据的情况。此外，在我们出于直销目的处理您的个人数据的情况下，您也有权拒绝；

请求限制处理您的个人数据，例如：（a）如果您希望我们确定数据的准确性；（b）我们使用数据是非法的（但您不希望我们擦除这些数据）；（c）即使我们不再要求，您还是需要我们保存数据，因为您需要这些数据来确定、行使合法诉求或为合法诉求辩护；或（d）您拒绝我们使用您的数据，但我们需要验证我们是否有高于一切的合法理由使用这些数据；

要求我们解释结据处理规则；

随时撤回对我们处理您的个人数据给予的同意。请注意，这不会影响在您撤回同意之前进行的任何处理的合法性，而且如果您撤回您的同意，我们可能无法向您提供某些产品或服务。如果在您撤回同意之时将发生此类情况，我们会通知您。

如果您想行使上述任何权利，请与我们联联。

我们会尽力及时回复合法请求。有时，如果您的请求特别复杂，或者您提出了多个请求，则可能需要更长时间。在这种情况下，我们将通知您并随时让您了解最新状态。

我们可能需要向您请求特定信息，以帮助我们确认您的身份，并确保您有权访问您的个人数据（或行使您的任何其他权利）。这是一项安全措施，旨在确保不会把个人数据泄露给任何无权接收个人数据的人。

我们还可能会联系您，向您询问有关您的请求的更多信息，以便加快我们的响应速度。

如果您想行使上述任何权利，您应：

以书面形式向我们提出请求，发送至PrivacyCN@oxinst.com；

附上您的身份和地址证明（例如，您的驾驶执照或护照的复印件，以及最近的公共服务账单或信用卡账单）；以及

明确您的请求的性质，包括任何账户或参考号码（如适用）。

如果您希望我们停止出于直销目的处理您的个人数据，您应

向我们发送电子邮件至 PrivacyCN@oxinst.com，抬头写明“取消订阅”，或者单击您收到的我们电子邮件中的相应链接；

给我们提供足够的信息来识别您的身份；以及

如果您要拒收的不是一般直销，而是通过特定渠道（例如电子邮件、邮件或电话）或来自牛津仪器特定业务单位的直销，请明确您要拒收的渠道或业务单位。

如果您收到来自牛津仪器不同业务单位销售的不同产品线的电子邮件，请使用每封电子邮件中的选择退订功能，以确保您取消订阅所有产品线。

如吐需就中国的数据隐私问题联系我们，您可以发送电子邮件至PrivacyCN@oxinst.com。

对于于中国数据，中国的数据保护机构是中央网络安全和信息化委员会办公室员（www.cac.gov.cn）。

▽ Brazil

This section applies to our processing of personal data of individuals in Brazil pursuant to Brazilian data protection law, Federal Law No. 13,709/2018 Lei Geral de Proteção de Dados Pessoais (the “LGPD”), and supplements our general privacy statement above (“Brazilian Data”).

Our privacy notice explains what personal data (which includes Brazilian Data) we collect, and how and why we use it. We only process Brazilian Data when we have a legal basis for the processing, such as in order to fulfil a contract with you, where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests, or where we need to comply with a legal or regulatory obligation. Generally, we do not rely on your consent as a legal basis for processing your personal data other than in relation to some direct marketing communications to you from ourselves and/or third parties. You have the right to withdraw consent to that form of marketing at any time by contacting us.

As noted in our privacy notice, we may share Brazilian Data for the purposes set out above with Internal Third Parties and External Third Parties as set out in the Schedule. As permitted by the LGPD, we may also share Brazilian Data in connection with the sale of business assets or as required by law.

Brazilian Data may be processed outside of Brazil in countries which may not have equivalent privacy or data protection laws but will be processed with appropriate safeguards in place in compliance with the LGPD.

We retain Brazilian Data for as long as the information is needed for the purposes set forth above and for any additional period that may be required or permitted by law.

We respect the rights of Brazilian residents to access, correct and request erasure or restriction of their personal data as required by LGPD. Subject to some limitations as provided by LGPD, this means:

you have a right to know if we hold personal data about you and the right to access that personal data;
you have the right to ask us to correct or update incomplete, inaccurate or outdated information;
you have the right to ask us to anonymise, block or eliminate any unnecessary or excessive personal data, or any personal data processed in non-compliance with LGPD;
you have the right to data portability, in accordance with national authority regulations;
you have the right to receive information about who we share your personal data with; and
if we are processing your personal data on the basis of your consent, you also have the right withdraw your consent and be informed of your right to do so and its consequences, and request that we delete your personal data, subject to our rights to retain personal data as provided by LGPD.

If you wish to exercise your rights, please send an email to privacy@oxinst.com or you can write to us at Attention: Group Data Privacy Manager, Tubney Woods, Abingdon, Oxon OX13 5QX, UK.

The data protection authority in Brazil for Brazilian Data is the Autoridade Nacional de Proteção de Dados or the “ANPD”.

▽ USA

This section applies to residents within certain states of the USA and supplements our general privacy statement above.

Effective Date: 1^st January 2023

Last Updated: 1^st January 2022

If you are located in the states of Colorado, Connecticut, Virginia and Utah you have specific rights.

You have the right to:

Confirm whether we process your personal information.

Access and delete certain personal information.

Data portability.

Opt-out of personal data processing for targeted advertising and sales.

Correct inaccuracies in your personal information, taking into account the information's nature processing purpose.

Opt-out of profiling in furtherance of decisions that produce legal or similarly significant effects.

To exercise any of these rights please send an email to privacyUS@oxinst.com, FAO: Legal Counsel or call the following toll-free number: 800-447-4717. To appeal a decision regarding a consumer rights request send an email addressed to the Oxford Instruments Group Data Privacy Manager at privacy@oxinst.com within 7 days of the date of the decision.

Nevada provides its residents with a limited right to opt-out of certain personal information sales. Residents who wish to exercise this sale opt-out rights may submit a request to this designated address: privacyUS@oxinst.com, FAO: Legal Counsel or call the following toll-free number: 800-447-4717. However, please know we do not currently sell data triggering that statute's opt-out requirements.

If you are located within the state of California, the following is applicable to you and is in compliance with the California Privacy Act of 2018 (CCPA) and the California Privacy Rights Act (CPRA) 2022.

Our website collects information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, household, or device ("personal information"). Personal information does not include:

Publicly available information from government records.

Deidentified or aggregated consumer information.

Information excluded from the CCPA's scope, like:

health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA), clinical trial data, or other qualifying research data;

personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FCRA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver's Privacy Protection Act of 1994.

In particular, our website has collected the following categories of personal information from consumers within the last twelve (12) months:

Category	Examples	Collected
A. Identifiers.	A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver's license number, passport number, or other similar identifiers.	YES
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).	A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories.	YES
C. Protected classification characteristics under California or federal law.	Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).	NO
D. Commercial information.	Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.	YES
E. Biometric information.	Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.	NO
F. Internet or other similar network activity.	Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement.	YES
G. Geolocation data.	Physical location or movements.	YES
H. Sensory data.	Audio, electronic, visual, thermal, olfactory, or similar information.	YES
I. Professional or employment-related information.	Current or past job history or performance evaluations.	YES
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).	Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.	NO
K. Inferences drawn from other personal information.	Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.	YES

Our website obtains the categories of personal information listed above from the following categories of sources:

Directly from you. For example, from forms you complete or products and services you purchase.
Indirectly from you. For example, from observing your actions on our website or where you have published a paper.
From our third-party service providers that help us provide products and services.
From third parties who interact with us in connection with the services we perform.

Use of Personal Information

We may use or disclose the personal information we collect for one or more of the following purposes:

To fulfil or meet the reason you provided the information. For example, if you share your name and contact information to request a price quote or ask a question about our products or services, we will use that personal information to respond to your inquiry. If you provide your personal information to purchase a product or service, we will use that information to process your payment and facilitate delivery. We may also save your information to facilitate new product orders or process returns.

To provide, support, personalize, and develop our website, products, and services.

To create, maintain, customize, and secure your account with us.

To process your requests, purchases, transactions, and payments and prevent transactional fraud.

To provide you with support and to respond to your inquiries, including to investigate and address your concerns and monitor and improve our responses.

To personalize your website experience and to deliver content and product and service offerings relevant to your interests, including targeted offers and ads through our website, third-party sites, and via email or text message (with your consent, where required by law).

To help maintain the safety, security, and integrity of our website, products and services, databases and other technology assets, and business.

For testing, research, analysis, and product development, including to develop and improve our website, products, and services.

To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.

As described to you when collecting your personal information or as otherwise set forth in the CCPA or the CPRA.

To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us about our website users/consumers is among the assets transferred.

We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.

Sharing Personal Information

We may share your personal information by disclosing it to a third party for a business purpose. We only make these business purpose disclosures under written contracts that describe the purposes, require the recipient to keep the personal information confidential, and prohibit using the disclosed information for any purpose except performing the contract. In the preceding twelve (12) months, we have disclosed personal information for a business purpose to the categories of third parties indicated in the chart below.

Personal Information Category	Category of Third-Party Recipients
	Business Purpose Disclosures	Sales
A: Identifiers.	Operating system and platforms; Social networks; Service providers; Affiliates; Parent or Subsidiary Organizations; Sales Representatives	NONE
B: California Customer Records personal information categories.	Operating system and platforms; Social networks; Service providers; Affiliates; Parent or Subsidiary Organizations; Sales Representatives	NONE
C: Protected classification characteristics under California or federal law.	NONE	NONE
D: Commercial information.	Affiliates; Operating system and platforms; Advertising networks; Government entities; Social networks; Service providers; Parent or Subsidiary Organizations; Sales Representatives	NONE
E: Biometric information.	NONE	NONE
F: Internet or other similar network activity.	Advertising networks; Internet service providers; Data analytic providers; Internet cookies data recipients; Service providers; Parent or Subsidiary Organizations	NONE
G: Geolocation data.	Data analytic providers; Internet cookies data recipients; Service providers; Parent or Subsidiary Organizations	NONE
H: Sensory data.	Parent or Subsidiary Organizations; Operating system and platforms	NONE
I: Professional or employment-related information.	Affiliates; Operating system and platforms; Service providers; Parent or Subsidiary Organizations	NONE
J: Non-public education information.	NONE	NONE
K: Inferences drawn from other personal information.	Affiliates; Operating system and platforms; Service providers; Parent or Subsidiary Organizations	NONE

Your Rights and Choices

The CCPA and the CPRA provides consumers (California residents) with specific rights regarding their personal information. This section describes your CCPA and CPRA rights and explains how to exercise those rights.

Right to Know and Data Portability

You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months (the "right to know"). Once we receive your request and confirm your identity we will disclose to you:

The categories of personal information we collected about you.

The categories of sources for the personal information we collected about you.

Our business or commercial purpose for collecting that personal information.

The categories of third parties with whom we share that personal information.

If we disclosed your personal information for a business purpose a list identifying the personal information categories that each category of recipient obtained.

The specific pieces of personal information we collected about you (also called a data portability request).

Right to Delete or Correct

You have the right to request that we delete or correct any inaccuracies in your personal information that we collected from you and retained, subject to certain exceptions. Once we receive your request and confirm your identity, we will review your request to see if an exception allowing us to retain the information applies. We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:

Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, or otherwise perform our contract with you.

Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.

Debug products to identify and repair errors that impair existing intended functionality.

Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.

Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 <em>et. seq.</em>).

Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information's deletion may likely render impossible or seriously impair the research's achievement, if you previously provided informed consent.

Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.

Comply with a legal obligation.

Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

We will delete or deidentify personal information not subject to one of these exceptions from our records and will direct our service providers to take similar action.

We may deny your correction request if responding to the request proves impossible or involves disproportionate effort, or you improperly seek to correct accurate information.

Exercising Your Rights to Know, Delete or Correct

To exercise your rights to know, delete or correct described above, please submit a request by either:

Calling us at 800-447-4717

Emailing us at privacyUS@oxinst.com, FAO: Legal Counsel

Only you, or someone legally authorized to act on your behalf, may make a request to know or delete related to your personal information.

You may only submit a request to know twice within a 12-month period. Your request to know or delete must:

Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative, which should include three pieces of identification such as passport, driver’s licence and social security number. If you are not able to provide all of these documents we will discuss with you alternate methods of identification.

Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.

You do not need to create an account with us to submit a request to know, delete or correct. However, we do consider requests made through your password protected account sufficiently verified when the request relates to personal information associated with that specific account.

We will only use personal information provided in the request to verify the requestor's identity or authority to make it and we will delete it immediately following verification of your identification.

Response Timing and Format

We will confirm receipt of your request within ten (10) business days. If you do not receive confirmation within the 10-day timeframe, please contact the Group Data Privacy Manager by email at privacy@oxinst.com or by mail to Tubney Woods, Abingdon, Oxon OX13 5QX, UK.

We endeavor to substantively respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to another 45 days), we will inform you of the reason and extension period in writing.

If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.

Any disclosures we provide will only cover the 12-month period preceding our receipt of your request. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

Marketing Opt-Out

If you receive direct marketing from any Oxford Instruments company and you wish to opt out of receiving further communications, please submit a request to us by visiting the following internet web page link:

https://oxinst.com/opt-out

Non-Discrimination

We will not discriminate against you for exercising any of your CCPA or CPRA rights. Unless permitted by the CCPA or the CPRA, we will not:

Deny you goods or services.

Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.

Provide you a different level or quality of goods or services.

Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

However, we may offer you certain financial incentives permitted by the CCPA or the CPRA that can result in different prices, rates, or quality levels. Any CCPA/CPRA-permitted financial incentive we offer will reasonably relate to your personal information's value and contain written terms that describe the program's material aspects. Participation in a financial incentive program requires your prior opt-in consent, which you may revoke at any time.

Other California Privacy Rights

California's "Shine the Light" law (Civil Code Section § 1798.83) permits users of our website that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to privacyUS@oxinst.com, FAO: Legal Counsel or write to us at: Oxford Instruments America Inc, 300 Baker Street, Suite 150, Concord, MA 01742, FAO: Legal Counsel.

Changes to Our Privacy Policy

We reserve the right to amend this privacy policy at our discretion and at any time. When we make changes to this privacy policy, we will post the updated notice on the website and update the notice's effective date. Your continued use of our website following the posting of changes constitutes your acceptance of such changes.

Contact Information

If you have any questions or comments about this notice, the ways in which we collect and use your information described here, your choices and rights regarding such use, or wish to exercise your rights under law, please do not hesitate to contact us at:

Toll-Free Phone: 800-447-4717

Email: privacyUS@oxinst.com

Postal Address:

Oxford Instruments America Inc

Attn: Legal Counsel

300 Baker Street

Suite 150

Concord

MA 01742

If you need to access this policy in an alternative format due to having a disability, please email privacyUS@oxinst.com, FAO: Legal Counsel or call the toll-free number 800-447-4717.

▽ Japan

Effective Date : January 2023

This section applies to our processing of personal data of individuals in Japan (“Japanese Data”) pursuant to the Japanese Act on the Protection of Personal Information (the “APPI”) and supplements our general privacy statement above.

Our privacy notice explains what personal data (which includes Japanese Data) we collect, and how and why we use it. We only process Japanese Data for the purposes specified in the table in “How we use your personal data” section of our privacy notice.

Some of our Internal Third Parties and External Third Parties are based outside Japan, the European Economic Area (EEA) and/or the UK. We will transfer personal data for Internal Third Parties and External Third Parties located outside Japan, the European Economic Area (EEA) and/or the UK by ensuring that the transferee has established an adequate personal information protection system as required by the APPI.

We do not collect any Sensitive Personal Information (Yo-hairyo-kojin-joho) about you (this includes details about race, creed, social status, medical history, and criminal record).

If you are located in Japan, under certain circumstances, you may have certain rights under the APPI in relation to your personal data, such as the right to:

Request access to (and/or a copy of) your personal data;
Request notification of the purpose of use of your personal data;
Request correction, addition and/or deletion of your personal data held by us to correct any incorrect data;
Request suspension of the processing of your personal data or erasure of your personal information when (a) your personal data is used beyond the purpose of use, (b) your personal data is used in a way that may encourage or lead to illegal or unjust activities, (c) it is not necessary to use your personal data, or (d) processing of your personal data may harm your rights or legitimate interests; and
Request cessation of the transfer of your personal data when (a) your personal data is transferred inside/outside Japan without complying with the Act on the Protection of Personal Information of Japan, (c) it is not necessary to use your personal data, or (d) processing of your personal data may harm your rights or legitimate interests.

If you wish to exercise your rights, please send an email to privacy@oxinst.com or you can write to us at Attention: Group Data Privacy Manager, Tubney Woods, Abingdon, Oxon, OX13 5QX, UK

The data protection authority in Japan for Japanese Data is the Personal Information Protection Commission or the “PPC” (https://www.ppc.go.jp/en/index.html).

▽ Australia

This section applies to the collection, holding, use and disclosure of personal information for our Australian activities (Australian Data) in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs) and supplements our general privacy statement above.

Our privacy statement explains the kind of personal information (which includes Australian Data) we collect, and how and why we collect and hold it. We only use and disclose Australian Data for the purposes specified in the table in “How we use your personal data” and disclose your personal information in accordance with the "Disclosure of your Personal Data" section of our privacy statement.

When the law authorises or requires us to collect information

We may collect your personal information:

because we are required or authorised by an Australian law or court or tribunal order to collect that information; and

we will tell you if collection is required or authorised by law, and if so, provide you with details of the law, court, or tribunal order.

What happens if you do not give us your personal information?

You have the option of engaging with us anonymously or under a pseudonym. However, if you chose to interact with us under anonymity or under a pseudonym, this may affect our ability to deliver our products or services to you. Please let us know at the earliest time practicable whether you want to interact with us under these conditions.

Sharing outside of Australia

In order to run our business, we may need to share some of your personal information with organisations (for example, our related entities and service providers) that are located outside Australia. Some of these organisations are located in Brazil, China, the European Economic Area, Switzerland, United Kingdom, Japan, USA.

We currently use cloud service providers, for example, Microsoft 365 and SAP CRM, and other electronic or networked systems, to store your personal information. As such systems can be accessed from various countries through an internet connection, it is not practicable to know in which country your personal information may be held. We may also need to share your personal information overseas if we sell, transfer or disclose our database of personal information to an actual or potential successor or purchaser located outside of Australia.

You consent to the disclosure of your information outside of Australia

Before we disclose your personal information to an organisation that is located outside of Australia, we are required to take reasonable steps to ensure that such an organisation does not breach the Privacy Act (in particular, Australian Privacy Principle 8.1). Whilst we will take steps to ensure that the organisation does not breach the Privacy Act in respect of your personal information disclosed to it, it is not always possible to ensure that the organisation will comply. We do not take any responsibility for the actions of such overseas third party recipients of your personal information. By agreeing to this Policy, you are agreeing that your personal information may be disclosed overseas and that Australian Privacy Principle 8.1 will not apply to that disclosure. This means that you will not have recourse against us under the Privacy Act in the event that an overseas recipient of your personal information breaches the Privacy Act.

Your rights to the personal information we collect and hold about you

You have the right to ask us:

to give you the personal information we hold about you;

to correct the personal information we hold if it is incorrect;

to give you a copy of this Policy, in a form that suits you (for example, hardcopy or email); and

not to use your personal information for direct marketing assessment purposes, including pre-screening.

Access to your personal information

If you want access to the personal information we hold about you, please send us an email to privacyAU@oxinst.com.

In some cases, a nominal administration fee may be charged to cover the cost of providing the personal information.

Correcting your personal information

If at any time you wish to change personal information we hold about you that is inaccurate or out of date, please send us an email to privacyAU@oxinst.com and we will amend this record.

In some situations, we may not agree to a request to correct personal information we hold about you, however if this occurs, we will inform you of our reason for not agreeing to the request.

If at any time, you believe on reasonable grounds that you have been a victim of fraud, you may request us not to use or disclose your personal information.

What happens when we no longer need your personal information?

We’ll only keep your information for as long as we require it for our business functions or activities as set out in this Policy. We are also required to keep some of your personal information for certain periods of time under law.

When we no longer require your personal information, we’ll ensure that it is destroyed or de-identified.

We may need to retain your personal information after our relationship has ended, however, we will not retain identifiable personal information longer than reasonably necessary and permitted by law.

Complaints

If we become aware of any concerns or problems concerning our privacy practices, we will take such issues seriously and work to address these concerns.

If you have any queries about this Policy, or have a problem or complaint, please send us an email to privacyAU@oxinst.com.

If your complaint remains unresolved, you may refer the matter to the Office of the Australian Information Commissioner. Its contact details are:

The Office of the Australian Information Commissioner GPO Box 2999

Canberra ACT 2601

Phone: 1300 363 992

Website: www.oaic.gov.au

附表

第三方

内部第三方

牛津仪器集团旗下各公司（作为联合控制者或处理者）相互提供各种服务，包括销售和支持服务、IT和系统管理服务以及业务分析报告。

外部第三方

服务提供商，作为处理者和/或控制者。
专业顾问，作为处理者或联合控制者，包括提供咨询、银行、法律、保险和会计服务的律师、银行家、审计师和保险公司。
英国税务海关总署、监管机构、法院或政府机构以及其他机关，作为处理者或联合控制者。在某些情况下，这些机构要求报告数据处理活动。
信用评级机构、业务合作伙伴、代理商、经销商、代表、经销商、合作伙伴、供应商、服务提供商和营销自动化提供商。

法定依据

合法利益是指我们在开展和管理业务时的利益，以使我们能够为您提供最好的服务/产品以及最好、最安全的体验。在基于我们的合法利益而处理您的个人数据之前，我们会确保考虑并平衡对您和您的权利的任何潜在影响（包括正面和负面影响）。我们不会将您的个人数据用于那些对您的影响高于我们的利益的活动（除非我们征得您的同意或法律另有要求或允许）。如需更多关于我们如何根据特定活动可能对您产生的影响来评估我们的合法利益的信息，请联系我们。

履行合同是指在履行以您作为缔约方的合同时或在签订此类合同之前应您的要求采取措施而必须处理您的数据。

遵守法律或监管义务是指在遵守我们应承担的法定或监管义务时必须处理您的个人数据。

代表

Oxford Instruments GmbH是以下公司指定的欧盟代表：Oxford Instruments plc、Oxford Instruments Industrial Products Limited、Oxford Instruments Nanotechnology Tools Limited、Andor Technology Limited、Oxford Instruments Overseas Marketing Limited、Oxford Instruments Asylum Research, Inc.、Oxford Instruments X-Ray Technology, Inc.、Bitplane AG、WITec Wissenschaftliche Instrumente und Technologie GmbH。

Oxford Instruments plc是以下公司指定的英国代表：Oxford Instruments Asylum Research, Inc.、Oxford Instruments X-Ray Technology, Inc.、Bitplane AG。

最后更新日期：2023年9月1日

公司内容

Corporate Social Responsibility Customer Focus and Service Code of Business Conduct and Ethics Diversity and Inclusion Employees Health and Safety Human Rights Policy Regulatory Information Supplier and Partner Engagement Sustainability 版权声明 Modern Slavery Gender Pay Report 免责声明电子邮件声明网站使用条款隐私声明 Cookie政策可接受使用政策

Website by Miramar Communications Ltd