Privacy Notice

• This privacy notice explains how and why CAES, including each of its operating entities, subsidiaries and wholly owned affiliates (also referred to as “CAES”, “we”, “our” and “us”) uses personal data about those individuals who purchase goods or services from us, supply goods or services to us, visit our websites (collectively the “Website”), or otherwise communicate or engage with us (referred to as “you”).
• You should read this notice, so that you know what we are doing with your personal data. Please also read any other privacy notices that we give you that might apply to our use of your personal data in specific circumstances in the future.

• “Personal data” is any information that relates to an identifiable natural person. Your name, address and contact details are all examples of your personal data, if they identify you.
• The term “process” means any activity relating to personal data, including, by way of example, collection, storage, use, consultation and transmission.
• CAES is a "controller" of your personal data. This means that we make decisions about how and why we process your personal data and, because of this, we are responsible for making sure it is used in accordance with the law.
• CAES DOES NOT SELL your personal data.

• We collect different types of personal data about you when you visit our Website, contract with us or otherwise communicate or engage with us. We also obtain some personal data from other sources and create some personal data ourselves.

• We process your personal data for particular purposes in connection with your use of our Website, the provision of services from us to you, your communication or other engagement with us and the management and administration of our business.
• We may also convert your personal data into statistical or aggregated form to better protect your privacy, or so that you are not identified or identifiable from it. Anonymized data cannot be linked back to you.  We may use it to conduct research and analysis, including to produce statistical research and reports.  For example, to help us understand and improve the use of our Website.  

Sometimes we need to disclose your personal data to other people.

Inside CAES:

• CAES operates across the United States and Mexico. We may need to share your personal data with various locations within CAES for our general business management purposes and, in some cases, to meet our business needs where providing services across various locations and/or for authorizations/approvals with relevant decision makers, reporting and where systems and services are provided on a shared basis.
• Access rights within CAES are limited and granted only on a need to know basis, depending on job functions and roles.
• Where any CAES entity process your personal data, we will make sure that they have appropriate security standards in place to safeguard your personal data.

Outside CAES:

• From time to time we may ask third parties to carry out certain business functions for us, such as the administration of our Website and IT support, processing payments or fulfilling contractual obligations. These third parties may process your personal data on our behalf. We will disclose your personal data to these parties only to the extent needed to perform those functions. Before we disclose your personal data to these third parties, we will seek to ensure that they have appropriate security standards in place to protect your personal data. Examples of these third party service providers include our outsourced IT systems software and maintenance, back up, and server hosting providers, partner banks and payment providers, etc.
• We have set out below a list of the categories of recipients with whom we are likely to share your personal data:
  • IT support, Website and data hosting providers and administrators;
  • payment processors;
  • companies who fulfill orders on our behalf;
  • consultants and professional advisors including legal advisors and accountants;
  • courts, court-appointed persons/entities, receivers and liquidators;
  • business partners and joint ventures;
  • insurers; and
  • governmental departments, statutory and regulatory bodies.

• We will take specific steps (as required by applicable data protection laws) to ensure we use appropriate security measures to protect your personal data from unlawful or unauthorized processing and accidental loss, destruction or damage.

• We will only retain your personal data for a limited period of time and for no longer than is necessary for the purposes for which we are processing it for. This will depend on a number of factors, including:
  • any laws or regulations that we are required to follow;
  • whether we are in a legal or other type of dispute with each other or any third party;
  • the type of information that we hold about you; and
  • whether we are asked by you or a regulatory authority to keep your personal data for a valid reason.

• We will use your personal data to communicate with you:
  • In relation to any contracts you have with us;
  • To provide services to you;
  • To respond to any questions or complaints that you may have; and
• For those individuals who have expressed an interest in our business, from time to time we will provide you with information about our products, services, and industry, which may be of interest to you. Such communications will be sent by email to the address you provided when expressed such interest.

• You can contact us to manage, change, limit or delete the personal data that we hold about you, in accordance with applicable law.

• We may change our privacy practices from time to time without prior notice. Any changes we may make to our privacy practices in the future will be posted on this page.

If you have any questions, comments or complaints about any aspect of this policy, or to exercise any of your rights in relation to your personal data, please contact:  privacy@caes.com.