PRIVACY POLICY
For the Acer DaaS services

 

1 – Who are we?

We are Acer Europe S.A. (“Acer”, “we”, “us”, “our”). We have our registered office at Via della Posta 28, 6934 Bioggio, Switzerland, with the following contact details.

Telephone number: +41-(0)91-261-0111

E-mail address: privacy.officer.daas@acer.com

In the context of our Device as a Service (DaaS) activities, we collect, hold, disclose and/or otherwise process personal data. Pursuant to applicable data protection and privacy legislation, we qualify as the data controller with respect to the personal data that we process jointly with our local EU entities. This Privacy Policy relates to Acer’s DaaS business-to-business (B2B) activities only. For all matters relating to the processing of your personal data, you may reach out to us, or to the local Acer entity in your country as indicated under ‘contact’ below. An overview of local Acer entities is available here at www.acer-group.com/ag/en/TW/content/office-list.

Where you provide personal data to us, which personal data relate to an individual than your Company (for example of the legal representative of the company you are representing), please provide the concerned individual with (a copy of) this Privacy Policy before providing us with his/her personal data.

 

2 – Whose personal data do we collect?

In the context of our services, we may collect personal data relating to:

  • Our B2B customers, other contracting parties and prospects, to the extent that these operate as a sole proprietorship or general partnership (in which case data directly or indirectly relating to these parties may qualify as personal data under the GDPR);
  • Contact persons, representatives, signatories, directors, UBOs and employees of our B2B customers, other contracting parties and prospects;
  • Visitors of our website.

 

3 – How do we collect personal data?

We may collect personal data in various ways:

  •  Directly from you: when you express your interest to our DaaS products or services, when you enter into a DaaS subscription or when you purchase or rent one of our optional DaaS products or services via the Acer web-store, when you contact us or when you visit our website;
  • From third parties: via the company you work for or that you represent, from our leasing solution partners (for credit check purposes) and/or any of our service providers (for the purposes of your subscription);
  • From public registers, for example from the information as publicly available in the trade register, public directories, the chamber of commerce or on public websites.
  • From third parties, for example tax authorities, credit agencies, governmental and competent regulatory authorities.

 

4 – What legal grounds do we use for processing personal data and for which purposes?

The legal grounds used for our processing activities are:

  1. the processing is necessary for the performance and execution of a contract;
    1. For the provision of the DaaS subscription and the entering into and performance of related agreements for DaaS products and services, including the hardware rental contract, the repair and maintenance contract, the license agreement for third-party software;
    2. For instructing and communicating with third parties in the context of the delivery of the DaaS products and services, including forwarders, third-party software providers, payment processing services providers and leasing solution affiliates as well as for the transfer of your hardware rental agreement to our leasing solution partners;
    3. For customer administration purposes, to register and manage your account(s), returns, status of returned products and to wipe returned products.
  2. the processing is necessary for compliance with legal obligations (including our obligations under applicable tax laws, our legal administration obligations and obligations to cooperate with supervisory authorities);
    1. For financial and customer administration purposes (payment, billing, monitoring and collecting; outstanding rental terms/payments, charges for damages and missing equipment);
    2. To comply with legal (administration, KYC and tax) obligations.
  3. the processing is necessary for our legitimate (business) interests:
    1. To provide you with assistance and to communicate with you about the subscription, services, products, product warranties or other DaaS related aspects;
    2. For marketing purposes, to inform you of new or similar products or services and to run and coordinate promotional events;
    3. To conduct research and analysis and to improve our services, products, webstore and the quality thereof;
    4. To handle complaints, disputes and (legal) proceedings in relation to our DaaS products and services and to ensure our legal position herein;
    5. To prevent or detect fraud, or abuses and to protect our assets, business and personnel;
    6. In the context of a possible business transaction.

If applicable laws require so, we will process your personal data upon your explicit consent. If you have provided your consent, we note that you have the right to withdraw that consent at any time. You may do so by contacting Acer, as indicated below.

The personal data we request you to provide is necessary for (entering into and/or the performance of) our agreement with you. If you do not provide the requested data, we may be unable to provide the requested products or services.

 

5 – What personal data do we collect?

We collect the following information about you for the purposes indicated above:

  • Your (business) contact information (name, address, telephone number, VAT number and any other identification numbers, email address and other contact details you choose to provide);
  • Log-in details for your account on the webstore (name, email address, password);
  • (Business) payment information, including bank account details;
  • (Business) delivery address;
  • Details about your subscription and additional products or services that you add to your subscription;
  • E-signature;
  • KYC documentation (including passport or driver’s license);
  • Excerpts of registers (trade register, chamber of commerce);
  • Information relating to the credit decision about your Company (refusal or approval);
  • Evidence of your approval for the transfer of your hardware rental agreement;
  • Status of returned products and related damages;
  • Outstanding rental terms/payments;
  • Personal data that you provide while communicating with us;
  • IP address and surfing behavior;
  • All other personal data relevant to handle the complaint you have, or for the dispute or legal proceedings.

 

6 – With whom do we share personal data?

In the context of the purposes as listed above, we may share your personal data with third parties, such as service providers that we use for the performance of the DaaS subscriptions and/or agreements we have with you or your company. This includes IT service providers, IT developers, service providers that we engage for purposes of order processing and billing, for the delivery of our products, for maintenance and repair services, for payment processing services and to collect and remit rentals to our leasing solution partner(s) for purposes of assignment of the hardware rental contract and to handle the e-signature process for hardware rental contract.

Our current leasing solution partner is BNP Paribas Lease Group S.A. (BPLG), located in France. For the purposes of the assignment of the rental agreement to BPLG affiliates, we will provide BPLG affiliates with certain necessary personal data (i.e. your name, (business) contact details, information about the rental agreement). BPLG affiliates will also process your personal data for the purposes of credit checks in the context of the rental agreement. For further information about the way BPLG affiliates handles your personal data as an independent data controller, please refer to their privacy notice indicated below.

In addition, we may provide your personal data to our professional advisors (tax and legal advisors, lawyers, accountants and auditors), banks, partners, insurers, affiliates, legal successors and marketing agencies, IT service providers,  to the extent necessary and only as far as allowed under applicable laws. The following companies shall receive data from Acer in the capacity as an independent data controller. For further information about these companies and how they handle your personal data, please refer to the companies and their respective privacy notices below:

We will also provide your contact details to Google, for purposes related to provisioning services and support. For further information about the way Google handles your personal data, please refer to their privacy notice https://privacy.google.com/businesses/compliance/

Further, we will share your personal data with competent governmental bodies in case we are obligated to do so, for example in case the tax authorities request us to provide certain documents that include your personal data.

We will ensure that, where relevant, contractual safeguards are implemented to ensure the protection of your personal data when disclosing your personal data to a third party.

As Acer is a global company, your personal data may be transferred outside of the country from which they were collected and may be shared both intra-group as well as with third parties located in other jurisdictions, including those outside the territory of the European Economic Area.

In such case, we shall take adequate safeguards to ensure that your personal data is adequately protected, in accordance with applicable data protection legislation. You may at all times request a copy of the safeguards that apply to the transfers of your personal data by using our contact details below.

 

7 – How long do we store personal data?

Your personal data will not be stored for longer than is necessary in relation to the purposes for which we process them (we refer to the purposes as listed above). Only where we are legally obliged to, or where this is necessary for defending our interests in the context of judicial proceedings (e.g. in case of a dispute), we will store the personal data for longer periods.

Personal data obtained in the context of the DaaS subscription, will be kept throughout the life cycle of the subscription and related agreements we conclude with you and, after the termination thereof, in accordance with the statutory limitation periods.

Personal data that is present on a returned device or other product shall be wiped upon return.

We shall only retain your personal data for longer periods where we are legally obliged thereto (for example due to legal administration, – retention or tax obligations), or where this is necessary for defending our interests in the context of judicial proceedings.

For more information about the specific retention periods that apply to your personal data, please contact us by using the contact details below.

 

8 – How do we protect personal data?

We will implement the necessary administrative, technical and organisational measures for ensuring a level of security appropriate to the specific risks that we have identified. We protect your personal data against destruction, loss, alteration, unauthorised disclosure of or access to personal data transmitted, stored or otherwise processed.

Further, we seek to ensure that we keep your personal data accurate and up to date. In view thereof, we kindly request you to inform us of any changes to your personal data (such as a change in your contact details).

 

9 – What are your rights and how you can exercise them?

You have the right to:

  • (further) information about your personal data;
  • access your personal data;
  • rectify your personal data;
  • withdraw your consent at any time (if applicable);
  • erasure of your personal data (‘right to be forgotten’);
  • restriction of processing of your personal data;
  • object to the processing of your personal data;
  • receive your personal data in a structured, commonly used and machine-readable format and to (have) transmit(ted) your personal data to another organization.

Finally, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement in relation to the processing of your personal data by us.

 

10 – Contact

For any questions or comments regarding this Privacy Policy or our website, please contact us at: privacy.officer.daas@acer.com. Alternatively, for specific application and/or local data handling queries, please contact the Acer entity to which you submitted your information. Contact addresses for each Acer entity can be found at www.acer-group.com/ag/en/TW/content/office-list. In order to allow us to provide you with faster service, please submit inquiries in English if possible and advise us of the country you are contacting us from, along with a description of the make and model of your products (if applicable).