Advanced Technology Services, Inc.

Privacy Policy

Table of Contents

1.              Personal information we collect and process

2.              How we use your personal information (our purposes) and our legal basis for processing it

3.              How we share your personal information

4.              Cookies and similar tracking technology

5.              How we keep your personal information secure

6.              International data transfers

7.              How long we retain your personal information

8.              Your data protection rights

9.              Children’s Privacy

10.            Updates to this Privacy Notice

11.            Who do I contact for more information?

Advanced Technology Services, Inc (“ATS“) and its affiliates, subsidiaries, and operating divisions are committed to protecting the privacy and security of your personal information when you engage with us.

This Privacy Notice explains who we are, how we collect, share and use personal information about you, and how you can exercise your privacy rights. This Privacy Notice applies to personal information that we collect as part of your engagement with us, including through our website at https://www.advancedtech.com/ (“Website“).

The data controller of your personal information is the ATS entity with whom you engage or interact.

For residents of California only: We are committed to complying with the California Consumer Privacy Act of 2018 (CCPA) as amended by the California Privacy Rights Act of 2020 (CPRA) and all applicable data privacy laws in the jurisdictions in which we have employees or customers.

If you have any questions or concerns about our use of your personal information, then please contact us at privacy@advancedtech.com.

1. Personal information we collect and process

The personal information we collect from you, either directly or indirectly, will depend on how you interact with us and with our Website. We collect personal information about you from the following different sources:

Information that you provide directly

We collect personal information directly from you when you choose to provide us with this information online and through your other interactions with us (such as data collected via our Website contact form, online booking chat, chatbot, or where you are an ATS customer or vendor, any inquiries and communications you have with us as part of our engagement).

Information that we collect indirectly

We collect personal information about you indirectly, including through automated means from your device when you use our Website or visit our physical sites (via video cameras). Some of the information we collect indirectly is captured using cookies and other tracking technologies, as explained further in the Cookies and similar tracking technology section below.

Information from third parties

We also collect information about you from third party sources, such as service providers that provide operational assistance to us in providing our website, as well as service providers that we engage to assist us in providing our services to you as a customer. We also obtain contact information from third party marketing list providers, such as Zoom info, LeadForensics, HotJar, Qualified, Google Analytics, Demandbase, Zero Bounce, Validity, OwnBackup, Sales Navigator, Dun&Bradstreet, and Industrial Info Resources to reach out to prospective customers. Where you are employed by an ATS customer we may also obtain your details from your employer for the purposes of providing service updates or to manage our account with you, for example if you have been provided as your company contact.

Information received from third parties will be checked to ensure that the third party either has your consent or is otherwise legally permitted or required to disclose your personal information to us.

For residents of California only: We collect information that identifies you, your household or your device or is reasonably capable of being connected with or linked to you, your household, or your device (“Personal Information“). Personal information does not include public information available from government records, de-identified or aggregated information or information that is protected by certain laws such as HIPAA for health related information and the Gramm-Leach Bliley Act (GLBA) for certain financial information.

The table below describes the categories of personal information we collect from and about you through our Website and your interactions and engagement with us.

Personal Data DescriptionSource
Identity and Contact Data such as your name, email address, phone number, and business address.Directly from you
Third parties
Automatic collection
Business Data such as information collected in the course of maintaining our business relationship, and the receipt or provisions of services. This includes where you are identified by your employer as the ATS contact for service updates or alerts.Directly from you
Third parties
Communications Data such as your communications with us, including any queries you raise, chat, email or call history. This will include information as to how you contact customer services and the channel of communication that you use or any information that you send to us (for example, if you complain about an issue and send us screenshots).Directly from you
Third parties
Advertising and Marketing Data such as your preferences in relation to receiving marketing materials from us, communication preferences, your preferences for services or newsletters.Directly from you
Third parties
Automatic collection
Video Data collected in visiting our premises to prevent theft and fraud and more generally to protect our property and assets, employees, customers, vendors, and visitors.Automatic collection
Device Data and Website Usage Data collected using tags and pixels, including your IP address, browser type, browser version, the pages of our Website that you visit, the date and time of your visit, the duration of time spent on those pages, unique device identifiers and other diagnostic data.Automatic collection

We do not collect any sensitive personal information about you, such as health related information or information about your race, ethnicity, or sexual orientation.

2. How we use your personal information (our purposes) and our legal basis for processing it

We use the personal information that we collect from and about you only for the purposes described in this Privacy Notice or for purposes that we explain to you at the time we collect your information. Depending on our purpose for collecting your information, we rely on one of the following legal bases:

Contract – we require certain personal information in order to provide our Website and for the provision or receipt of services for which we engage;

Consent in certain circumstances, we may ask for your consent (separately from any contract between us) before we collect, use, or disclose your personal information, in which case you can voluntarily choose to give or deny your consent without any negative consequences to you;

Legitimate interests – we may use or disclose your personal information for the legitimate business interests of either ATS or a third party, but only when we are confident that your privacy rights will remain appropriately protected. If we rely on our (or a third party’s) legitimate interests, these interests will normally be to: operate, provide, and improve our business, including our Website; communicate with you and respond to your questions;  to contact you with newsletters, marketing, or promotional materials and other information that may be of interest to you; improve our Website or use the insights to improve or develop marketing activities and promote our products and services; detect or prevent illegal activities (for example, fraud); and/or to manage the security of our IT infrastructure, and the safety and security of our premises, employees, customers, vendors, and visitors to our Website and premises; or

Legal obligation – there may be instances where we must process and retain your personal information to comply with laws or to fulfil certain legal obligations including in response to lawful requests by public authorities (such as for tax, health and safety, national security, or law enforcement purposes); or to establish, exercise or defend against potential, threatened or actual legal claims.

The following table provides more details on our purposes for processing your personal information and the related legal bases. The legal basis under which your personal information is processed will depend on the data concerned and the specific context in which we collect it.

Where we require your data to pursue our legitimate interests, it will be in a way which is reasonable for you to expect as part of the running of our organization and which does not materially affect your rights and freedoms. We have identified below what our legitimate interests are.

Purpose/ActivityType of dataLawful basis for processing including basis of legitimate interest
Customers / Vendors (prospective, existing and former)
To engage you to provide services to you or your employer or receive services from you or your employer.Identity and Contact Data
Business Data
Performance of a contract with you.

Our legitimate interests to operate and provide our business and to communicate with you or your employer – where our communications are not necessary to perform or enter into a contract with you.
Provision of services to you or receipt of services from you or your employer.Identity and Contact Data
Business Data
Communications Data
Device and Website Usage Data
Performance of a contract with you.

Our legitimate interests to operate and provide our business and to communicate with you or your employer -where our communications are not necessary to perform or enter into a contract with you.
To communicate with you as part of our or your employer’s business engagement, including service updates, confirmations, invoices, and support and administrative messages, communicating with you in respect to your inquiries, requests, or complaints.Identity and Contact Data
Business Data
Communications Data
Performance of a contract with you.

Our legitimate interests to operate and provide our business and to communicate with you or your employer where our communications are not necessary to perform or enter into a contract with you.
Visitors
Keep our premises secure through use of video security.Video DataOur legitimate interests to detect or prevent illegal activities and ensure the safety and security of our staff, customers, vendors, and visitors.
Register you as a visitor at our premises including in relation to an attendance at an event we hold at our premises or online.Identity and Contact DataOur legitimate interests to ensure the safety and security of all individuals visiting us on-site and to provide you with registration information to fulfil your request to attend an event.
Website visitors
Manage our use of tracking technologies such as cookies (including enabling you to manage your cookie preferences) and analyze collected data to learn about our Website to improve our Website. This includes detecting, preventing and addressing technical issues, website analytics, identifying browsing patterns, and evaluating this information on an aggregated group basis.Device and Website Usage DataConsent (where required under applicable law).

Otherwise (for strictly necessary cookies) our legitimate interests to operate, provide and improve our business including our Website or use the insights to improve or develop marketing activities and promotions.
Contact you about our services or in response to your queries when you reach out through our Website or chat.Identity and Contact Data
Marketing and Advertising Data
Communications Data
Consent (where required under applicable law).

Otherwise our legitimate interests to operate and provide our responses and to communicate with you.
Personalize and customize your experience on our Website.Device and Website Usage Data
Marketing and Advertising Data
Consent (where required under applicable law).

Otherwise our legitimate interests to operate, provide and improve our Website and to use the insights to improve or develop marketing activities and promote our business.
All
Comply with legal and regulatory obligations to which we are subject, including our obligations to respond to your requests under data protection law.Identity and Contact Data
Business Data
Legal obligation.
Protect our legal rights (including where necessary, to share information with law enforcement and others), for example to defend claims against us and to conduct litigation to defend our interests. This includes to protect or investigate possible wrongdoing in connection with the Website and Services, and protect against legal liability.Identity and Contact Data
Business Data
CCTV Data
Communications Data
Our legitimate interests to protect our business interests.
To carry out any marketing, including to provide you with news, special offers and information about other goods, services, and events that we offer.Marketing and Advertising DataOur legitimate interests to improve our services and promote ATS.
To keep our business, including our Website, premises, employees, customers, vendors and visitors secure offline and online and address threats to safety or safety of others, as well as to detect and prevent fraudulent or illegal activities.Identity and Contact Data
Business Data
Communications Data
CCTV Data
Device and Website Usage Data
Our legitimate interests or those of a third party to operate and provide our business, including our Website. To detect or prevent illegal activities and/or to manage the security of our IT infrastructure, and the safety and security of the data subjects we engage with.

3. How we share your personal information

We share your personal information with the following categories of recipients:

Our group companies (Advanced Technology Services, Inc., ATS Services, LLC, Harvard Distribution LLC, ATS Global, Inc, Advanced Technology Services UK, Ltd, ATS Advanced Technology Services Canada, Inc, Advanced Technology Services Mexico, SDE RL DE CV. Servicios  Administratives Y De Personal ATS S De RL DE CV and ATS Mexico, LLC) who provide data processing services necessary to provide our goods and services, or who otherwise process personal information for purposes described in this Privacy Notice. Our group companies, to which we transfer your personal information, operate in the manufacturing industry;

Third party service providers and partners who provide data processing services to us as necessary to provide our goods and/or services (to support the delivery of, provide functionality on, or help to enhance the security of our Website or services), or who otherwise process personal information for purposes that are described in this Privacy Notice. For example, these may include providers of data storage, IT developers and support providers and providers of hosting services and other third parties who provide analytics on our Website.

Third party services when you use third party services linked through our Website, your personal information will be collected by the provider of such services. Please note that when you use third party services, their own terms and privacy policies will govern your use of their services;

Any competent law enforcement body, regulatory, government agency, court, or other third party (our professional advisers) where we believe disclosure is necessary (i) as a matter of applicable law or regulation, (ii) to exercise, establish or defend our legal rights, or (iii) to protect your vital interests or those of any other person, or (iv) to prevent or investigate possible wrongdoing in connection with our services.

For resident of California only: This includes the sharing of information in connection with a law enforcement request that is compliant with the California Electronic Communications Privacy Act. ;

A buyer (and its agents and advisers) in connection with any actual or proposed purchase, merger or acquisition of any part of our business, provided that we inform the buyer it must use your personal information only for the purposes disclosed in this Privacy Notice; or

Any other person with your consent to the disclosure (obtained separately from any contract between us).

4. Cookies and similar tracking technology

We use cookies and similar tracking technology (collectively, “Cookies“) to collect and use personal information about you. For further information about these types of Cookies we use, why, and how you can control Cookies, please see our Cookie Preference Tool linked on our Website.

5. How we keep your personal information secure

We use appropriate technical and organizational measures to protect the personal information that we collect and process about you. The measures are designed to provide a level of security appropriate to the risk of processing your personal information. Specific measures we use include everything your personal information in transit and at rest; an Information Security program leveraging and industry standard framework; employing advanced malware protections; implementation of other reasonable security defenses including vulnerability management, access management, and recovery/resilience measures.

6. International data transfers

In some cases, where your personal information is transferred to ATS group companies or third parties, it is processed in countries other than the country in which you are a resident. These countries may have data protection laws that are different to the laws of your country (and, in some cases, may not be as protective).

Specifically, our Website servers are located in North America and our group companies are in the US, Mexico, Canada and the United Kingdom. Our third party service providers and partners operate around the world. This means that when we collect your personal information we may process it in any of these countries.

For residents of UK, Switzerland and EEA only:

Where we transfer your personal information to countries and territories outside of the European Economic Area and the UK, which have been formally recognized as providing an adequate level of protection for personal information, we rely on the relevant “adequacy decisions” from the European Commission and “adequacy regulations” (data bridges) from the Secretary of State in the UK. We transfer personal information between the European Economic Area and the UK in reliance on the European Commission’s adequacy decision for the UK (decision_on_the_adequate_protection_of_personal_data_by_the_ united_kingdom_-_general_data_protection_regulation_en.pdf (europa.eu)) and the Secretary of State’s adequacy regulations for the EEA.

Where the transfer is not subject to an adequacy decision or regulations, we will take appropriate measures to ensure that your personal data remains protected in accordance with this Privacy Notice.

7. How long we retain your personal information

Personal information will be stored in accordance with applicable laws and kept as long as needed to carry out the purposes described in this Privacy Notice or as otherwise required by applicable law. Generally, this means your personal information will be retained until the end of your contractual engagement with us plus a reasonable period of time thereafter to respond to government agency requests/audits, or to deal with any legal matters, document the proper termination of your employment or work relationship, or to provide you with ongoing benefits.

The specific retention periods depend on the nature of the information and why it is collected and processed and the nature of the legal requirement. For example: We keep your information when we have a legal obligation to do so (for example if a court order is received, we would retain your data for longer than the usual retention period); to deal with and resolve requests and complaints (for example, if there is an ongoing complaint with respect to any contracted services), to protect individuals’ rights and property and for litigation or regulatory matters (for example, we would retain your information if there was an ongoing legal claim and the information was relevant to the claim). This information would be retained until the legal claim had been concluded. For internal analysis, Device Data and Website Usage Data will be retained for a shorter period of time, except when this data is used to strengthen the security or improve the functionality of the Website or services offered.


When we have no ongoing legitimate business need or legal reason to process your personal information, we will either delete or anonymize it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

8. Your data protection rights

For residents of California only:

The California Consumer Privacy Act (“CCPA“) grants State of California residents the following rights, to:

(1) Know what personal information is being collected about you;

(2) Know whether their personal information is sold or disclosed and to whom;

(3) Say no to the sale of your personal information;

(4) Access your personal information;

(5) Have your personal information deleted;

(6) Have your personal information corrected or updated; and

(7) Have the right to equal service and price, even if you exercise your privacy rights under this law.

In addition, you can object to processing of your personal information, ask us to restrict processing of your personal information, ask us to limit the processing of Sensitive personal information, or request portability of your personal information. You can exercise these rights by contacting us using the contact details provided at the end of this Privacy Notice.

If we have collected and process your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.

You may complain to a data protection authority about our collection and use of your personal information. For more information, please contact your local data protection authority.

We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.

For residents of the UK, Switzerland and EEA only:

You may exercise the rights available to you under applicable data protection laws as follows:

If you wish to access, correct, update or request deletion of your personal information, you can do so at any time by contacting us at privacy@advancedtech.com.

You can object to processing of your personal information, ask us to restrict processing of your personal information or request portability of your personal information. Again, you can exercise these rights by contacting us at privacy@advancedtech.com.

If we have collected and process your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.

You have the right to complain to a relevant data protection authority about our collection and use of your personal information. For more information, please contact your local data protection authority.

We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.

9. Children’s Privacy

Our Website and services do not address anyone under the age of 18. We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your child has provided us with personal data, please contact us. If we become aware that we have collected personal data from children without verification of parental consent, we take steps to remove that information from our servers.

10. Updates to this Privacy Notice

This Privacy Notice may be updated periodically to reflect any necessary changes in our privacy practices and in response to changing legal, regulatory, technical or business developments. In such cases, we will take appropriate measures to inform you, consistent with the significance of the changes we make. We will obtain your consent to any material Privacy Notice changes if, and where, required by applicable data protection laws.

You can see when this Privacy Notice was last updated by checking the “last updated” date displayed at the end of this Privacy Notice.

11. Who do I contact for more information?

If you have any questions or concerns regarding this Privacy Notice or the collection of your personal information, please contact: privacy@advancedtech.com

Last updated: 10/6/2023