Wind River Terms and Conditions:
Privacy and Security
Wind River Privacy Statement
1. Information on Who We Are
Wind River® Systems, Inc., and its Affiliates (“Wind River”) as a data controller and business is committed to protecting the privacy and security of your Personal Data. “Personal Data” means any information about an individual from which that person can be identified. “Affiliates” includes all entities controlled by Wind River Systems, Inc., where control means direct or indirect control or ownership of more than 50% of the voting stock or equity of such entity. Wind River Systems, Inc. is a US company with its principal office at 500 Wind River Way, Alameda 94501, California, USA.
2. Scope of This Privacy Statement
At Wind River, we care about the protection and privacy of your Personal Data (also referred to as Personal Information).
The www.windriver.com website is one of our primary channels of communication providing information on our company, products, programs, and services. This Privacy Statement applies when you visit our windriver.com website, including if you have been directed to this site, or when you contact us with a comment, inquiry, or customer support request through this site. By using or accessing this site, or contacting us, you agree that we may process your Personal Data in the manner described in this statement. It is important that you read this statement so that you are aware of how and why we are using your information. If you have any questions about this statement or how we handle your Personal Data, or if you are contacting us to fulfil a Data Subject or Consumer Access request, contact us at email@example.com or you can write to us at:
Wind River Systems, Inc.
ATTN: Privacy Office
500 Wind River Way
Alameda, CA 94501
Personal Data collected about you in connection with other Wind River websites, products, services, or mobile applications (including those made available to you by our group companies) may be covered by different Privacy Statements. It is important that you read this Privacy Statement together with any other Privacy Statements or other notices we may provide to you.
3. The Kind of Personal Data We Process
When you avail of our services, or purchase Wind River products, we may collect, store, and use the following categories of Personal Data about you:
- Identification and contact information – such as first name, last name, username or similar identifier, title, company/organization name, job title, date of birth, postal address, unique personal identifier, online identifier/IP address, account name, signature, password, characteristics or description, address, telephone number.
- Payment information – name, bank account number, payment card number, card issuer and card type, card expiry date, CVV code, any other financial information, and billing address.
- Characteristics of protected classifications/Special categories of Sensitive Personal Data – such as information about your health, including any medical condition, where you disclose those details to us so that we can accommodate any special requirements you may have when you avail of our services including to comply with our obligations under the equality legislation; genetic data; ethnicity/race; political opinions; religious/philosophical beliefs; sex life/orientation; trade union membership; migration information; biometrics; criminal data; children’s data; and precise geolocation.
- Commercial purchase and order information – such as details about payments to and from you, products or services bought, obtained, or considered, or other purchasing or consuming histories or tendencies.
- Preference information – such as your account settings and your interests and preferences in receiving marketing and communication messages from us and our third parties.
- Internet or other electronic network activity - such as internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
- Geolocation data – such as including general location information while using our products or services.
- Audio, electronic, visual, thermal, olfactory, or similar information - Personal Data footage recorded for security, health and safety, events or product development purposes.
- Interaction and Usage Data – when you interact with us, we will record details of those interactions (for example, phone calls, e-mail correspondence and hard copy correspondence as well as information on how you use our website, products, and services). If you make a complaint, we will process details concerning that complaint.
- Mandatory Data – data that is mandatory for us to collect to comply with certain legal and regulatory obligations that apply to our business.
4. How We Obtain Your Personal Data
We only collect, process, retain or share the minimum amount of Personal Data required to fulfil a specified and legitimate purpose. The Personal Data we obtain from you is dependent on your interactions with us. We may obtain your data either directly or indirectly.
Directly, when you:
- Create an account on our website,
- Subscribe to, or apply for, our products, services, or publications,
- Purchase or use our products and services,
- Contact us to register your company’s interest to supply us with goods, products, or services,
- Complete our administrative forms on our website or contact us in any other different ways,
- Are captured during our product and service development (which might include street-view data or video data collected in public spaces),
- Request further correspondence from us or correspond with us by post, telephone, email or otherwise,
- Interact with us during your business relationship with us,
- Request samples of our products,
- Supply us with goods, products, or services,
- Request relevant marketing messages to be sent to you,
- Enter a competition, promotion, or survey,
- Give us feedback,
- Participate in research and development of our product and services.
- Cookies, server logs and other similar technologies on our website
- Our website technology’s interaction with your browser or devices,
- Technical data provided by third parties such as marketing companies, data set and information vendors, public database providers, social media platforms, hosts or vendors at events or trade shows and research partners.
5. Purposes for Collecting Your Personal Data
The purposes for which we might collect Personal Data about you include the following:
- To identify you personally or to verify your identity,
- To process your orders for goods or services from us,
- To deliver our products and services to you,
- To register and process your warrants for our products and services,
- To facilitate payments for our products and services,
- To carry out transactions you have requested,
- To answer your queries in relation to our products and services,
- To facilitate and register you for certain products, events or services which require registration,
- To register you as a supplier,
- To administer and protect our business and sites – including site troubleshooting, system maintenance, support, reporting, and data hosting,
- To perform business analyses, or for other purposes that help us to develop and improve the quality of our business, sites, products, and services (including new products and services, and future innovation), for example, by customizing our sites to your preferences or interests,
- To market our relevant products and services which might be of interest to you in accordance with applicable laws and regulations. You can opt-out from marketing communications sent via e-mail at any time, free of charge by using the “unsubscribe” link in any e-mail marketing materials you receive from us, or by contacting us at firstname.lastname@example.org.
- To conduct research and analysis of your product and service preferences so we can identify products and services that best meet your requirements and tailor our marketing and advertising messages accordingly,
- To detect, prevent and respond to fraud, intellectual property infringement, violations of our terms and conditions, violations of law or other misuse of our assets,
- To comply with regulatory, legislative, or statutory obligations, which vary in regions (for example, tax, law enforcement directives, court orders, subpoenas, etc),
- To fulfil any of the purposes associated with or related to the above purposes,
- To serve other purposes for which we provide specific notice at the time of collection, or as otherwise authorized or required by law.
Where permitted by law, we may combine the information that we collect via our sites with other information we hold about you (such as information about your use of our products and services) to offer you an improved and consistent customer experience when interacting with us or for other purposes set forth in this statement.
6. Our Lawful Bases for Processing Your Personal Data
According to applicable law, each process that involves Personal Data must have a lawful basis. Identifying the correct lawful basis helps to ensure that Personal Data is used in line with applicable law.
Our lawful bases for processing your Personal Data will be appropriate for the purpose of processing, and the type of data involved. We process your Personal Data when it is necessary for:
- The performance of a contract, or prior to entering a contract, to which you are party,
- Conducting our organization’s legal and compliance obligations, including the establishment, exercise or defense of legal claims,
- The performance of tasks to which you have given us your consent,
- Conducting tasks that are in our legitimate interests or that of a Third Party,
- Protecting your vital interest or that of another person,
- The performance of a task conducted in the public interest.
7. How We Use Particularly Sensitive Personal Data and Our Lawful Bases for Processing
Depending on your jurisdiction, the use of some Special categories of Sensitive Personal Data (as outlined above) is further protected by law and can only be processed insofar as necessary and legally permitted, or in exceptional circumstances. This includes Personal Data relating to health, genetics, ethnicity/race, political opinions, religious or philosophical beliefs, sex life or orientation, trade union membership, migration information, biometrics, criminal data, children’s data) require higher levels of protection. In some jurisdictions, such Sensitive Personal Data may also include: Criminal information; Children’s data; National or Government Identification (e.g. Social Security Number, Driver’s license, State Identification card, or Passport number); account log-in, financial account, debit card or credit card number in combination with any required security or access code, password, or credentials allowing access to an account; precise geolocation.
We may process Sensitive Personal Data in limited circumstances. The lawful basis of processing this data will vary depending on jurisdiction, and the purpose of processing: it may be based on your explicit consent, or where we need to carry out our legal obligations or in relation to legal claims, or where it is needed in the public interest. Less commonly, we may process this type of data where it is needed to protect your interests (or someone else's interests) and you are not capable of giving your consent, or where you have already made the information public.
We may use information about your physical or mental health or status, to ensure your health and safety when you are availing of our services and to ensure that we comply with relevant applicable legislation. Your Sensitive Personal Data will not be used for any additional purposes that are incompatible with the purposes listed in this Privacy Statement unless we provide you with notice of those additional purposes.
If you are a California resident and we receive your Personal Information in the form of contact details from business events, for example as part of a business appointment (e.g. by exchanging business cards) or as part of any other form of collaboration, we may use your contact and business details to maintain our business contacts. For this purpose, we may transfer your contact details to our internal database. Per the California Consumer Privacy Act, as amended by the California Privacy Rights Act (collectively, “CCPA”), you have privacy rights with respect to your business contact Personal Information.
This data processing is based on our legitimate business interests. We have a legitimate economic interest in keeping contacts beyond the first context and in using them to establish and develop a business relationship and to remain in contact with the parties concerned.
Wind River does not sell your Personal Data and has not sold your Personal Data in the previous twelve (12) months.
9. Automated Decision-Making
Automated decision-making takes place when an electronic system uses Personal Data to decide without human intervention. You will not be subject to decisions that will have a significant impact on you based solely on automated decision-making unless we have a lawful basis for doing so and we have notified you.
We may contact you by mail, email, telephone or social media about our products and services and other events which might be of interest to you. You have the right to ask us to stop processing your Personal Data for direct marketing purposes. If you wish to exercise this right, you can click unsubscribe from the bottom of the email received or please submit a request to email@example.com.
11. Data Sharing
We will disclose or share your Personal Data with third parties where it is necessary to perform our contract with you, where we have another legitimate interest in doing so or where it is required by law.
We will disclose your data with trusted third party service providers. We may also disclose your Personal Data with other third parties, for example, in the context of a transfer of our statutory functions or with a regulator or to otherwise comply with the law.
All our third party service providers are required to take appropriate security measures to protect your Personal Data based on the associate risks including proper access controls. They will only process your Personal Data on our instructions and are subject to a duty of confidentiality. We require third Parties to respect the security of your data and to treat it in accordance with the law.
12. Cross Border Transfers of Data
Wind River is a global company with its headquarters in the United States and we may be required to transfer your Personal Data across international borders, in line with applicable law. To ensure that international transfers of Personal Data are adequately protected, we have put in place appropriate safeguards with our group companies, service providers, contractors, distributors, business partners and agents. We take appropriate contractual, technical, organisational measures, and we conduct Transfer Impact Risk Assessments, as required, to protect your Personal Data and your rights. For international data transfers, we comply with the requirements of applicable law, including safeguards such as Standard Contractual Clauses (SCCs) where required. For more information on the appropriate safeguards in place to protect your Personal Data, you may contact us via firstname.lastname@example.org.
13. Retention of Personal Data
We will retain your Personal Data only as long as necessary to fulfil the purpose(s) for which it was collected, or as required by law. We retain your Personal Data in accordance with applicable laws and our records retention policy. Otherwise, we aim to keep our files current and will make reasonable efforts to remove Personal Data that is no longer relevant for the purposes for which it was collected.
In some circumstances we may anonymize your Personal Data so that it can no longer be associated with you, in which case we may use such information without further notice to you.
14. Security and Protection of Personal Data
Wind River is committed to safeguarding the security and protection of your Personal Data, via a system of governance, policies, and processes, and have dedicated security teams to manage risk and implement controls. We have implemented appropriate security measures to protect your Personal Data from unauthorized access, use, copying, modification, disclosure, destruction, and alteration. We abide by the key principles of data protection and privacy in our Personal Data collection and handling, namely: accountability; lawfulness, fairness, and transparency; data minimisation; purpose limitation; storage limitation; managing the confidentiality, integrity, and accuracy of Personal Data.
15. Data Subjects’ Rights in Relation to the Processing of Your Personal Data
In accordance with applicable law, in certain circumstances, you have the following rights regarding the processing of your Personal Data:
- The right to request access to your Personal Data.
- The right to be informed about how your data is processed.
- The right to request correction/rectification of the Personal Data that we hold about you.
- The right to request erasure/deletion of your Personal Data.
- The right to object to processing of your Personal Data.
- The right to request the restriction of processing of your Personal Data.
- The right to request the transfer of your Personal Data to another party.
- The right to opt-out of sale of your Personal Data.
- The right to non-discrimination for exercising your rights.
- The right to request disclosure of categories of information collected, sources we collected it from, the commercial purpose for collecting it, categories of third parties whom we shared it with, categories of information disclosed for business purposes and categories of information sold about you.
- The right to withdraw your consent at any time, where you may have provided it for the collection, processing, or transfer of your Personal Data for a specific purpose.
16. Exercising Your Rights
You may exercise your rights via email@example.com. In some legal jurisdictions, you may also designate an authorized agent to make a request on your behalf. The response time for Data Subject Rights Requests varies depending on your jurisdiction and applicable law. If we require more time to respond to your request, we will inform you.
You will not have to pay a fee to access your Personal Data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is deemed to be unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
When you exercise these rights and send a request to us, we or our partners may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). We will verify your identity by asking you to authenticate your identity via standard authentication procedures. For example, where relevant we may ask for your email address, order numbers of earlier orders of our products and services, the last four digits of a credit or debit card or bank account number used to make a purchase, or the date of your last purchase from us. We also may use a third-party verification provider to verify your identity. These measures are another appropriate security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it.
When you exercise your rights, we will not discriminate against you in any way. For example, we will not deny you goods or services, charge you different prices or rates for goods or services, deny you discounts or other benefits or impose penalties on you, or provide you with or suggest that you will receive a different level or quality of goods or services.
California residents have the right to opt out of the selling and sharing of their Personal Data and to limit the use of their sensitive personal data. However, we do not sell or share Personal Data, and we do not use Sensitive Personal Data for any additional purposes that are incompatible with the purposes listed in this Privacy Statement, unless we provide you with notice of those additional purposes.
This website is not designed for children and is not intended to appeal to children. Wind River does not knowingly collect data from children. If you are under 16 years of age, please do not use this website.
Depending on your jurisdiction, you also have a right to make a complaint at any time to your local Data Protection Supervisory Authority.
19. Changes to This Privacy Statement
We reserve the right to update this statement at any time. We may also notify you in other ways from time to time about the processing of your Personal Data. If you have any questions, you can write to use at:
Wind River Systems, Inc.
ATTN: Privacy Office
500 Wind River Way
Alameda, CA 94501