Business Partners Privacy Notice
We take your personal data protection seriously and understand that your privacy is important to you. We want you to feel secure when visiting our website and are committed to maintaining your privacy when doing so.
This Privacy Notice explains how your personal data is being collected and processed by ASML Holding N.V., based at De Run 6501, 5504 DR, Veldhoven, The Netherlands and its group companies, hereafter referred to as ASML, we or us.
This Privacy Notice may change over time. You will find the most up-to-date version here. You can store or print this Privacy Notice by using the buttons at the top of this page.
Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
2. When does this privacy notice apply?
This Privacy Notice is applicable to the processing by ASML of all personal data of customers, suppliers, visitors and other individuals. It does not apply to our (former) employees or prospective employees.
Affiliates may have their own local Privacy Notice to meet local legislation or standards. In case of a conflict between this Privacy Notice and local Privacy Notices, local Privacy Notices will prevail.
3. Who is responsible for your personal data?
ASML is the controller for the processing of your personal data. This Privacy Notice indicates what personal data are processed by ASML and for what purpose(s), and to which persons or entities the data will or may be provided.
4. What personal data do we process?
4.1 When you interact with ASML (online or offline)
For answering your questions we will process your name, contact details, correspondence with ASML about your question(s) and all other personal data which are necessary to answer your question(s).
For the development and improvement of our products and/or services, we process your contact details such as your address and email address, personal details such as your name and date of birth, and correspondence with us. In addition, we process the personal data you entered into our website or that were generated by the functionalities you used in our website and the technical data from your device such as its IP-address, the pages you visited, your click- and surf behaviour and the length of your session. We also process the personal data you provide to us by participating in any of our surveys.
To protect health, safety, security and to ensure integrity, we can process your contact details such as your address and email address, personal details such as your name and date of birth, your license plate number, your use of the badge you received at the reception, your activities on our website and your visiting history to our premises.
To be able to comply with the law, we process your contact details such as your address and email address, personal details such as your name and date of birth, payment information, payment and order history, and your chamber of commerce and VAT details and tax details.
To protect your vital interests, we process your contact details, location details and the relevant insurance and health data that you provided to us.
4.2 When you use our website
To deliver you our website’s functionalities and for its technical and functional management, we process the personal data you enter into our website or that is generated by the website’s functionalities you use as well as the technical data from your device such as its IP address, the internet browser you use, the pages you have visited on our website, your click- and surf behaviour and the length of your session.
To allow you to connect with us (e.g. via social media), we process the communication channel you have chosen to use to connect with us and the personal data you supply to us through this channel. This can include your (user) name, address, email address, gender and any personal data you include in your message. In addition, when you click one of the buttons displayed, the relevant third party might place cookies on your device. To read more about cookies, click here.
4.3 When you do business with us
For the assessment and acceptance of a supplier, customer or other business partner, conclusion and execution of agreements with a supplier, customer or other business partner, we process your contact details such as your address and email address, personal details such as your name and date of birth, payment and credit information, and details of your correspondence with us.
For relationship management and marketing we process your contact details such as your address and email address, personal details such as your name and date of birth, contact preferences, payment information, order history and correspondence with us.
For business process execution, internal management and management reporting we process your contact details such as your address and email address, personal details such as your name and date of birth, payment and credit information, payment and order history, correspondence with ASML and data generated during the performance of our contract with you.
5. On what legal basis do we process your personal data?
In order to be able to process your personal data, we may rely on different legal bases, including:
Your consent (only when legally required or permitted). If we rely on your consent as a legal basis for processing your personal data, you may withdraw your consent at any time;
The necessity to establish a contractual relationship with you and to perform our obligations under a contract;
The necessity for us to comply with legal obligations and to establish, exercise, or defend our self from legal claims;
The necessity to pursue our legitimate interests, including:
To promote and improve our products and services and to communicate with you;
To ensure that our networks, information and intellectual property are secure;
To administer and generally conduct business within our company;
To detect fraud and prevent or investigate suspected or actual violations of law, breaches of a business customer contract, or non-compliance with our Business Principles or other ASML policies;
The necessity to respond to your requests;
The necessity to protect the vital interests of any person;
Any other legal basis otherwise permitted by local laws.
6. For which purposes do we process your personal data?
To reply to and answer your question(s).
If you get in touch with us on our website or social media, we will use your personal data to interact with you (online or offline).
To develop and improve our products and/or services.
We regularly conduct research on the level of your satisfaction through the use of surveys. We use your responses to such surveys for quality assessments and to improve your user experience. Based on the information above, we can make adjustments to our offering or our website. We may also perform research into market trends through statistical analysis to evaluate and adapt our products and marketing to new developments, but research results are only reported on an aggregated basis.
To protect health, safety, security and to ensure integrity.
We authenticate your status rights and access rights to our premises and may screen your personal data against publicly available government and/or law enforcement agency sanctions lists.
To comply with laws and regulations.
This is the case where tax or business conduct related obligations apply. We may need to disclose your personal data to government institutions or supervisory authorities.
To protect your vital interests and that of others.
This could be the case where there is a (medical) emergency.
To offer you our website’s functionalities and to allow our website’s administrators to manage and improve our website’s performance.
In addition, when you visit a 'Connect with us ' screen on our website, you can contact us through a variety of communication channels. We provide you with our email address, for you to send us your feedback and suggested improvements, as well as our website and social media channels. When you click one of the corresponding icons we will refer you to the website of the applicable third party, whether this is your email provider or a social media platform.
To do business with you.
For assessment and acceptance, for example in order to confirm and verify your identity and that of other individuals.
For other administrative purposes such as due diligence and screening against publicly available government and/or law enforcement agency sanctions lists.
We will also process your personal data for the execution of agreements, including the delivery of customer services and obtaining visas, permits and technology export licenses, and to record and financially settle delivered services, products and materials to and from ASML.
ASML uses the information stored in our relevant databases to maintain and promote contact with you, as well as to provide services, perform account and relation management and communicate recalls. We also use your personal data for the development, execution and analysis of market surveys and marketing strategies.
We process your personal data in the performance and organisation of our business. This includes general management and management of ASML assets. ASML also processes your personal data for its internal management. We provide central processing facilities in order to work more efficiently managing mergers, acquisitions and divestitures. We conduct audits and (internal) investigations, implement business controls, and manage and use customer, supplier and business partner directories. Also, we process your personal data for finance and accounting, management reporting and analysis, archiving and insurance purposes, legal and business consulting and in the context of dispute resolution.
7. How long do we keep your personal data?
Your personal data will be kept for the period required to serve the purposes mentioned in chapter 4 and to comply with legal requirements. After this period, your personal data will be deleted from our systems. Please keep in mind that in certain cases a longer retention period may be required by law.
To read more about cookies, click here.
9. Who has access to your personal data?
9.1 Access to your personal data within ASML
As a global organisation, the data we collect may be transferred internationally throughout our organisation worldwide. We exchange your data for administrative purposes and so that we can have a complete overview of your contacts and contracts and offer you a complete package of services and products.
Our employees are authorized to access personal data only to the extent necessary to serve the applicable purpose and in so far as they need access to perform their tasks.
9.2 Access to your personal data by third parties
We work with a limited number of trusted business partners that, on our behalf, process your personal data, such as IT service providers. We may share your personal data with these business partners, who will process it exclusively for the purposes described in chapter 6.
When third parties are given access to your personal data, ASML will take the required contractual, technical and organizational measures to ensure that your personal data are only processed to the extent that such processing is necessary.
When a third party processes your personal data solely following our instructions, it acts as a data processor. We enter into an agreement with such a data processor concerning the processing of personal data. In this agreement we include, at a minimum, obligations to safeguard that your personal data are processed by the data processor solely to provide services to us.
If your personal data are transferred to a processor in a country that does not provide an adequate level of protection of personal data, we will take measures to ensure that your personal data are adequately protected, such as entering into EU Standard Contractual Clauses with these parties.
In other cases, your personal data will not be supplied to third parties, except where required by law.
10. How are your personal data secured?
We have taken adequate measures to safeguard the confidentiality and security of your personal data. We have implemented appropriate technical, physical and organisational measures to protect your personal data against accidental or unlawful destruction or accidental loss, damage, alteration, unauthorized disclosure or access, and against all other forms of unlawful processing (including, but not limited to unnecessary collection) or further processing. We limit access to your personal data to those who have a genuine business need to know.
We also have procedures in place to deal with any suspected data breach. You and the applicable data protection authorities will be notified of a data breach where we are legally required to do so.
11. What about your rights?
You have the right to request access to the personal data we have collected about you for the purpose of reviewing, modifying or requesting deletion of these data, as well as the right to restrict or object to certain data processing activities and to obtain your personal data and to reuse it for your own purpose (data portability). These rights are dependent upon the circumstances, conditions and the applicable law.
If you feel that we do not comply with the applicable privacy regulations you have the right to lodge a complaint with a data protection authority.
If you would like to exercise any of your rights or if you have questions relating to any aspect of this Privacy Notice, please contact the Privacy Office at [email protected].