Last Updated: 1 June 2019
We may change this Policy from time to time. If we make changes, we will notify you by revising the date at the top of the Policy and, in some cases, we may provide you with additional notice (such as adding a statement to our homepage or sending you a notification). We encourage you to review the Policy whenever you access the Sites and Services or otherwise interact with us to stay informed about our information practices and the choices available to you.
Information You Provide to Us
In the course of using our Sites, you may provide us with certain information about you, such as when you create an account, participate in any interactive features of the Sites, fill out a form, subscribe to an email list or newsletter, request customer support, place an order, post content to the Sites, or otherwise communicate with us. The types of information that we may collect include, but are not limited to, Contact Information such as your name, phone number, fax number, email address, home and business postal addresses; Payment Information such as your credit card number or other billing information (which is processed by a third party payment processor); and optional Demographic Information such as your age and gender. We may also collect information you supply to us concerning your preferences and interests expressed in the course of using our Sites and Services as well as any other information you choose to provide to us.
We collect information about your use of the Services, such as what features are most commonly used, how often certain product features are clicked, and how people generally use the software.
Automatically Collected Information
When you access or use our Sites and Services, we automatically collect information about you, including:
Log Information: We collect log information about your use of the Sites and Services, including the type of browser you use, access times, pages viewed, browser type, your IP address, and the page you visited before navigating to our Services.
Device Information: We collect information about the device you use to access our Services, including the hardware model, operating system and version, and unique device identifiers.
Transactional Information: When you make a purchase, we collect information about the transaction, such as product details, purchase price, and date of the transaction as well as information about the individual making the purchase on behalf of the customer.
Information We Collect from Other Sources
We may obtain information from other sources and combine that with information we collect through our Sites and Services. For example, we collect information about you from third parties, including but not limited to publicly available sources, LinkedIn, conferences, events, and third-party contact lists. When we collect information about you from a third-party source, we endeavor to send you a separate Indirect Privacy Notice by email providing you with additional information including the source of the information.
Use of Information
Information we collect about you is used to provide, maintain, and improve our Sites and Services, such as to administer your use of our Sites and Services, to process your orders, and to enable you to enjoy and easily navigate the Sites.
We also use the information we collect to:
Send you technical notices, updates, security alerts and support and administrative messages;
Respond to your comments, questions and customer service requests;
Communicate with you about products, services, offers, and events offered by us and others, and provide newsletters, marketing or promotional materials, whitepapers, webinars, and information we think will be of interest to you;
Monitor and analyze trends, usage and activities in connection with our Sites and Services;
Detect, investigate, and prevent fraudulent transactions and other illegal activities;
Protect the rights and property of Zemax and others;
Personalize and improve the Sites and Services and provide advertisements, content or features that match user interests; and
Carry out any other purpose described to you at the time the information was collected.
We share information about you as follows or as otherwise describes in this Policy:
With vendors, service providers, business partners, consultants and other service providers who need access to such information to carry out work on our behalf including, among other things, to facilitate operation, access and use of our Sites and Services, provide the Sites and Services on our behalf, perform Site-related services (including, but not limited to, data storage, maintenance services, database management, web analytics, CRM services, payment processing, and improvement of the Sites’ features) or assist us in analyzing how our Sites and Services are used.
In response to a request for information if we believe disclosure is in accordance with, or required by, any applicable law or legal process, including lawful requests by public authorities to meet national security or law enforcement requirements;
If we believe your actions are inconsistent with our user agreements or policies, or to protect the rights, property and safety of Zemax or others;
In connection with, or during negotiations of, any merger, sale of our assets, financing or acquisition of all or a portion of our business by another company;
Between and among Zemax and our current and future parents, affiliates, subsidiaries and other companies under common control and ownership; and
With your consent or at your direction.
We may also share aggregated or de-identified information, which cannot reasonably be used to identify you. For example, we may share a hashed version of your email address to facilitate customized ad campaigns on other platforms. We may also disclose aggregated information about the use of our Sites and Services to business partners, prospective investors, and others in order to demonstrate usage of the Sites and Services, spot industry trends, generate publicity for the Services and for other business purposes. Any aggregated information shared in these contexts cannot be traced back to you personally.
Advertising and Analytics Services Provided by Others
We store the information we collect about you for as long as is necessary for the purpose(s) for which we originally collected it. We may retain certain information for legitimate business purposes or as required by law.
By default, we will retain your data for 3 years since your data was obtained, or 3 years since your last interaction with us, whichever is the greater.
If you become a customer of Zemax or are already a customer of Zemax, we will retain your data for 7 years after your last purchase with us (in line with financial laws for record keeping), or for as long as you are an end user of our products.
We will endeavor to contact you before deletion in case such a deletion is against your wishes.
Users Around the Globe
Zemax is headquartered in the United States of America and also processes and stores information in the U.S. As such, we and our service providers may transfer your information to, or store or access it in, jurisdictions that may not provide equivalent levels of data protection as your home jurisdiction. We will take steps to ensure that your personal data receives an adequate level of protection in the jurisdictions in which we process it.
If you are in the European Economic Area, we provide adequate protection for the transfer of personal data to countries outside of the EEA, including through a series of intercompany agreements based on the Standard Contractual Clauses authorized under EU law. You are entitled to obtain a copy of these agreements by contacting us using the contact information below.
Residents of the European Economic Area
If you are a resident of the European Economic Area (“EEA”) or your data is processed within the EEA, you have certain rights and protections under the law regarding the processing of your personal data.
Legal Basis for Processing
If you are a resident of the EEA or your data is processed within the EEA, when we process your personal data we will only do so in the following situations:
We need to use your personal data to perform our responsibilities under our contract with you such as to process payments for and provide the Services you have requested.
We have a legitimate interest in processing your personal data. For example, we may process your personal data to communicate with you about changes to our Services, and to provide, secure, and improve our Sites and Services.
We have your consent to do so. For example, with your consent, we may place cookie and other electronic identifiers on your device to help us better understand how our Sites are used and to provide you more relevant advertising.
We need to process personal data about you in accordance with legal obligations we have including our need to retain certain transaction records as well as records of some of our communications.
Data Subject Requests
If you are a resident of the EEA or your data is processed within the EEA, you have the right to access personal data we hold about you and to ask that your personal data be corrected, erased, or transferred. You may also have the right to object to, or request that we restrict, certain processing, as well as the right to withdraw consent for the processing of your personal data if you previously provided it to us. If you would like to exercise any of these rights, please email us at DataProtection@Zemax.com with the nature of your request in the subject line (e.g., “Data Access Request” or “Data Deletion Request”).
Questions or Complaints
If you are a resident of the EEA and have a concern about our processing of personal data that we are not able to resolve, you have the right to lodge a complaint with the data privacy authority. For contact details of your local Data Protection Authority, please see: https://ec.europa.eu/newsroom/article29/news-overview.cfm.
You may review, update, correct or delete the information provided in your registration or that you otherwise provided to us contacting us at DataProtection@Zemax.com. Please note that we may retain certain information as required by law or for legitimate business purposes. We may also retain cached or archived copies of information about you for a certain period of time
You may opt-out of receiving promotional emails from us by following the instructions at the bottom of those emails or by contacting us with your request at DataProtection@Zemax.com. If you opt-out, we may still send you non-promotional emails, such as those about your account or our ongoing business relations.
If you have any questions about this Policy, please contact us at DataProtection@Zemax.com, call us at +1 (425) 305-2800, or mail us at:
10230 Points Drive NE, Ste. 540
Kirkland, WA 98033
For Residents of the EEA:
Zemax, LLC and Zemax Europe Ltd. are Joint Data Controllers with respect to your personal data and you can also reach out to our EU office with questions or concerns at:
Zemax Europe Ltd.
8 Riverside Business Park
Stoney Common Road
Stanstead, CM24 8PL, United Kingdom