1. THIS PRIVACY NOTICE
1.1 Our Privacy & Cookies Notice
Flex takes its obligations to protect privacy and personal information very seriously. Please read this Privacy & Cookies Notice (“the Notice“) carefully as it sets out important information relating to how we handle your personal information.
1.2 Flex companies issuing the Notice
In this Notice, references to “we”, “us”, “our” or “Flex” are references to Flex and all its group companies. This Notice sets out how we, as data controller, will collect and use personal information, and the choices and rights available to you in connection with our use of your personal information.
On occasion, the Flex group company who is the data controller in the European Economic Area (EEA) will be a joint controller with another Flex group company. Where the other Flex group company is based outside the EEA, then the data controller responsible for responding to requests to exercise data subject rights will be the relevant company in the EEA. In all cases, any complaints and requests to exercise data subject rights should be addressed to the Data Privacy Liaison Officer and the Data Privacy Liaison Officer will arrange for the responsible joint controller to handle the complaint or request.
1.3 To whose personal information does this Notice apply?
This Notice describes our practices when using:
This Notice will apply whether you have provided the information directly to us or we have obtained it from a different source, such as a third party.
2. BUSINESS CONTACTS
2.1 Sources of business contact information
We collect personal information from our business contacts directly or from the following sources:
2.2 What personal information we collect about business contacts
The categories of information we collect about business contacts includes:
2.3 How we use the personal information we collect about business contacts
We use this information for certain activities, including:
2.4 Why we use the personal information of business contacts
We use this information because:
A legitimate interest will only apply where we consider that it is not outweighed by a business contact’s interests or rights which require protection of their personal data.
If a business contact requires further information regarding our legitimate interests as applied to their personal information, they may contact the Global Data Privacy Officer.
In limited circumstances, such as in the case of marketing, a business contact’s consent as required under applicable law. Where we rely upon a business contact’s consent, they will have the right to withdraw their consent by contacting the Data Privacy Liaison Officer.
In certain circumstances, where a business contact does not provide personal information which is required, we will not be able to perform our obligations under the contract with them or may not be able to provide them with products and services. We will make it clear if and when this situation arises and what the consequences of not providing the information will be for the business contact.
2.5 Recipients of business contact information
We may disclose personal information of business contacts to third parties as follows:
2.6 Further Information
3. WEBSITE USERS AND WEB-RELATED PRIVACY ISSUES
3.1 What personal data do we collect about website users and visitors to Flex social media pages?
The categories of information we collect about users of our website and Flex webpages on social media sites such as Facebook, Instagram, LinkedIn and Twitter include:
We also collect personal information about the use of our website from users, including:
If a website user does submit their data via one of our forms and they have cookies installed on their browser, all behavioural and web log data will be associated back to them. The website user will be informed of this when completing our forms.
Flex also uses cookie technologies (e.g. VWO) which fully anonymise your personal information (such as IP address or keystrokes) therefore the information cannot be traced back to a website user.
3.2 How do we use the personal information of website users and visitors to Flex social media pages?
We use personal information of users of our website and Flex webpages on social media sites such as Facebook, Instagram, LinkedIn and Twitter for certain activities, including:
We use personal information about the use of our website for certain activities, including:
3.3 Why do we use the personal information of website users and visitors to Flex social media pages?
We use personal information of users of our website and Flex webpages on social media sites such as Facebook, Instagram, LinkedIn and Twitter because:
We use personal information about the use of our website because:
A legitimate interest will only apply where we consider that it is not outweighed by a website or social media user’s interests or rights which require protection of their personal data.
If a website user or individual accessing our web pages on social media sites requires further information regarding our legitimate interests as applied to their personal information, they may contact the Global Data Privacy Officer.
In certain circumstances, where a website user does not provide personal information which is required (for example, in relation to our online services), we will not be able to perform our obligations under the contract with them or may not be able to provide them with products and services. We will make it clear if and when this situation arises and what the consequences of not providing the information will be for the website user.
3.4 Who are recipients of personal information of website users and visitors to Flex social media pages?
We may disclose website and social media users’ personal information to third party recipients, as follows:
3.5 Further Information
Our websites and online services are for individuals who are at least 18 years of age. Our online services are not designed to be used by children under the age of 18.
Please see sections 4 to 8 below for further information concerning our use of personal data.
4. INTERNATIONAL TRANSFERS
Flex is a global company and, as such, we may transfer personal information to other Flex group companies or suppliers outside your home jurisdiction. Flex will take all reasonable steps to ensure that personal information is protected and any such transfers comply with applicable law.
Flex may transfer and maintain the personal information of individuals covered by this Notice on servers or databases outside the European Economic Area (EEA) and outside the UK. Some of these countries may not have the equivalent level of protection under their data protection laws as in the EEA and as in the UK.
The countries to which we transfer data outside of the EEA and outside the UK include: Brazil, Canada, China, Hong Kong, India, Indonesia, Israel, Japan, Malaysia, Mauritius, Mexico, Philippines, Russia, Switzerland, Singapore, South Korea, Taiwan, Turkey, Ukraine, and the USA. We also transfer data outside of the UK to the EEA.
If we need to transfer personal data outside the EEA or outside the UK, we will take steps to make sure your personal data is protected and safeguarded once it leaves the EEA/UK, in particular:
If you would like to obtain the details of such safeguards, you can request these from the Global Data Privacy Officer.
Our Data Privacy Standards (Binding Corporate Rules) including information on your third party beneficiary rights, are available here (Data Privacy Standards (EU Binding Corporate Rules)) and here (Data Privacy Standards (UK Binding Corporate Rules)).
5. RETENTION PERIODS
We will retain your personal information for as long as required to perform the purposes for which the data was collected, depending on the legal basis for which that data was obtained and/or whether additional legal/regulatory obligations mandate that we retain your personal information. We may also retain personal information for the period during which a claim may be made in relation to our dealings with you.
In general terms, this will mean that your personal data will be kept for the duration of our relationship with you and:
In certain circumstances, data may need to be retained for a longer period of time, for example, where we are in ongoing correspondence or there is a continuing claim or investigation.
If you wish to obtain further information about the retention periods as applied to your personal information, you may find this in the retention schedule maintained by Flex or can contact the Global Data Privacy Officer.
6. DATA SUBJECT RIGHTS
You have the following rights in connection with your personal information, if they are applicable to you under local law:
A summary of each right and how an individual can take steps to exercise it is set out below and in our Global Data Subject Rights Policy which is available on our website .
If you wish to exercise any of the above rights, please contact your Data Privacy Liaison Officer. Such requests should include appropriate identity verification information (such as your name, address, email address or other information reasonably required).
Where we receive a request to exercise one of these rights, we shall provide information on the action we take on the request without undue delay and in any event within one month of receipt of the request. This may be extended by a further two months in certain circumstances, for example where requests are complex or numerous.
The information will be provided free of charge, except where requests are manifestly unfounded or excessive, in particular because of their repetitive character. In these circumstances we may charge a reasonable fee or may refuse to act on the request. We will advise an individual of any fees prior to proceeding with a request.
We may ask for additional information to verify an individual’s identity before carrying out a request.
Where we do not carry out a request, we shall inform the individual without delay and within one month of receipt of the request, providing our reasons for not taking the action requested.
6.1 Right to access personal data
Individuals have the right to confirm the following with us:
Individuals also have a right to access the personal data and be provided with a copy.
6.2 Right to restrict processing of personal data
Individuals have the right to request that we restrict processing of their personal data where one of the following applies:
6.3 Right to object to processing of personal data
Where personal data is used to target marketing to an individual, they have the right to object to this at any stage.
An individual also has the right to object to processing of their personal data where the legal basis of the processing is our legitimate interests. We will have to stop processing until we are able to verify that we have compelling legitimate grounds for processing which override the individual’s interests, rights and freedoms, or alternatively that we need to continue processing for the establishment, exercise or defence of legal claims.
6.4 Right to rectification of personal data
If an individual believes that the personal data we hold on them is inaccurate, they may request that it be amended. They may also request that incomplete personal data be completed, including by providing a supplementary statement.
6.5 Right to request erasure of personal data (“right to be forgotten”)
An individual may also request the erasure of their personal data in certain circumstances, including the following (this is not an exhaustive list):
There are also certain exceptions where we may refuse a request for erasure, for example, where the personal data is required to comply with a legal obligation or for the establishment, exercise or defence of legal claims.
If an individual does request erasure of their personal data, this will potentially remove records which we hold for their benefit, such as their presence on a suppression list and they will have to contact us to provide personal information if they wish for us to hold this in future.
6.6 Right to Data Portability
Where we are relying upon the legal basis either of consent or that the processing is necessary for the performance of a contract to which an individual is a party, and that personal data is processed by automatic means (e.g. electronically), an individual has the right to receive all the personal data which they have provided to us in a structured, commonly used and machine-readable format and to transmit this to another controller directly, where this is technically feasible.
6.7 Supervisory Authority
An individual also has a right to lodge a complaint with a supervisory authority, in particular in the Member State in the European Union where they are habitually resident, where they work or where an alleged infringement of data protection laws has taken place.
We have put in place technical and organisational security measures to prevent the loss or unauthorised access of your personal information. We train our employees in the proper handling of personal information. However, whilst we have used our best efforts to ensure the security of your data, please be aware that we cannot guarantee the security of information transmitted over the Internet. If you have reasons to believe that your interaction with us is no longer secure, please immediately notify us of the problem by contacting us as set out below.
Our Website may contain links to other “non-Flex” websites. We do not control and assume no responsibility for the content, security, or the privacy policies and practices on those websites.
Flex encourages all users to read the privacy policies of those sites to determine how they protect and use personal information.
7.3 Changes to this Notice
From time to time, we may change and/or update this Notice. If this Notice changes in any way, we will post an updated version on this website. We recommend you regularly review this website to ensure that you are always aware of our information practices and any changes to such. Any changes to this Notice will go into effect on posting to this page.
A cookie is a small text file which includes a unique identifier that is sent by a web server to the browser on your computer, mobile phone or any other internet enabled device when you visit an on-line site. Cookies and similar technologies are widely used to make websites work efficiently and to collect information about your online preferences. For simplicity, we refer to all these technologies as “cookies”.
Some of our website pages may contain electronic images known as web beacons (also known as clear gifs, tags or pixels) that allow us to count users who have visited our pages. Web beacons collect only limited information, e.g. a cookie number, time and date of a page view, and a description of the page on which the web beacon resides. We may also carry web beacons placed by third party advertisers. These beacons do not carry any information that could directly identify you.
8.2 Cookies and types of cookies what we use
The table below describes the cookies and similar technologies that we use and their functionality.
Cookie name / provider / type
What these cookies do
These cookies enable the function of Google Analytics. This software allows us to measure and analyze visitor information such as browser usage, visitor numbers, and which pages are used. We use this information to help improve our Website (flex.com and investors.flex.com)
The analytics.js library uses a single cookie named _ga to store a unique client identifier (Client ID), which is a randomly generated number. This ID is used by Google Analytics servers to calculate visitor, session, and campaign data. We use this information to help improve our Website (flex.com).
The __smShown cookie is set when any of the List Builder, Welcome Mat, Scroll Box, or Smart Bars are shown on your website. If you have any of your Popups/Mats set to “Don’t Show to a visitor until X days have passed,” and Sumo detects this cookie in the visitors browser, it will not show that certain Popup/Mat.
This cookie is unique to the email apps and will display in your browser cookie list like this:
The __smSubscribed cookie is set when a visitor subscribes via any of the List Builder, Welcome Mat, Scroll Box, or Smart Bars they are shown on your website. If you have any of your Popups/Mats set to “Not Show To Users Who Already Subscribed”, and Sumo detects this cookie in the visitors browser, it will not show that certain Popup/Mat.
The __smUser cookie is set when you login to Sumo on your website and the cookie value is your User ID.
The __smToken is set once you login to Sumo and is checked to verify whether you are logged into Sumo or not.
The __smDashView cookie restores the same tab you were last in when you go back into the “Dashboard” app. For example, if you close the Dashboard app while in the “Subscriber Stats” tab, the next time you open the app, the cookie will allow the app to be opened in the exact tab you were last in.
EXPERIMENT_ID refers to the ID of the test, and GOAL_ID refers to the ID of the goal. The _uuid cookie generates a unique ID for every visitor and is used for the report segmentation feature in VWO. It also allows you to view data in a more refined manner. If you have a test running on multiple domains, you will notice test-specific UUID values. In the _combi cookie, the Control always has the value of 1, Variation #1 always has the value of 2, Variation #2 has the value of 3, and so on.
The GOAL_ID cookie is generated when a goal is created.
The test_cookie is a temporary session cookie generated to detect if the cookies are enabled on the user browser or not.
The _combi cookie is generated when users reach a particular combination. This cookie ensures that users see the same variation that they saw on their previous visit to the page.
The _exclude cookie is generated when a user is excluded from a test.
The _split cookie is generated during a Split URL test.
The _opt_s cookie detects if the user is new or returning to a particular test.
The _opt_out cookie indicates that the visitor is not part of the test. This cookie is valid for 10 years.
Other targeting cookies
We may use other cookies to target and re-target visitors to our websites with digital advertising that is most relevant to the user. These cookies are also used to limit the number of times you see an advert or particular content, as well as help measure the effectiveness of an advertising or marketing campaign. Using existing cookies from many sites already on your computer, we partner with 3rd party companies to deliver advertising to specific computers. For more information about digital advertising visit AdChoices at: www.youradchoices.com.
Social media cookies
These cookies allow users to share our websites on social media such as Facebook and Twitter. These cookies are not within our control. Please refer to the respective privacy policies of the social media provider for how their cookies work.
These cookies collect information on how users use our websites to help us improve areas such as navigation and fix technical issues or errors. For example, we use these cookies to help us understand how you arrive at our website, browse or use our website, and highlight areas where we can improve our website.
These cookies help us customize our website content based on a user’s preferences. They remember the user’s choices such as identifying the user as a particular investor type (Retail, Professional, or Institutional), their language, the country pages visited, and any changes the user makes to text size or other parts of our website pages. The information these cookies collect may be anonymized and they cannot track browsing activity on other websites.
These cookies are essential for parts of our website to operate. They enable users to move around our website and allow us to recognize a user within our website so that we can provide them with service they asked for such as remembering the user’s sign-in details.
8.3 How do I reject cookies?
If you do not want to be tracked by Google Analytics cookies, you can opt-out by installing a browser plug-in here: https://tools.google.com/dlpage/gaoptout/.
At any time, you can prevent cookies from being set on your browser. For instructions on how to block, delete, or disable any cookies, please consult your browser’s ‘Help’ or ‘Support’ section. Please note that by deleting our cookies or disabling future cookies, you may not be able to access certain areas or features of our website.
Please consult the following links for information on cookie management and blocking according to your browser:
You can also find more information and manage cookie storage at www.youronlinechoices.eu.
Our Global Data Privacy Officer is the Data Protection Officer for the purposes of the General Data Protection Regulation (GDPR).