Privacy Policy

Effective Date: August 2025

Vishay Intertechnology, Inc. (hereinafter also referred to as “Vishay”, “we”, “us”) is committed to protecting your privacy. We would like to provide you with the following information to give you an overview of what personal data (hereinafter also referred to as “personal information” depending on applicable laws) we collect about you in the context of our contractual relationships, customer relationships, or when you visit our website, and how we process this personal data. The information is provided depending on the specific role in which you are contacting us, e.g., whether you are contacting us as a visitor to our website, as a supplier or potential customer and business partner, or as a subscriber to our blogs or user groups.

This Privacy Policy applies to all online services and offers provided on the https://www.vishay.com/ website. Where our website contains links to other websites within the Vishay group of companies or to websites of third parties, this Privacy Policy does not apply. Please check the privacy policies of those other websites or applications.

This policy is designed along privacy requirements resulting from the General Data Protection Regulation (GDPR) and other applicable national data protection regulations and compulsory standards applicable in countries from which this website may be accessed, such as the PRC Personal Information Protection Law (2021) (hereinafter "PIPL") applicable for users located in the People’s Republic of China (hereinafter “China” or “PRC”, collectively “PRC Data Compliance Laws”; excluding Hong Kong, Macau and Taiwan for the purpose of this policy only) or the California Consumer Privacy Act, as amended by the California Privacy Rights Act (“CCPA”) applicable to California residents. In the event of any conflict between the principles of this Privacy Notice and the PRC Data Compliance Laws or the CCPA, the principles of each the PRC Data Compliance Laws or the CCPA shall prevail and govern. “Data Controller” or “Controller” shall mean “Data Handler” acc. to Art. 73.1 PIPL and “Business” under the CCPA.

DATA CONTROLLER

The Controller responsible for data processing, including according to Art. 4 No. 7 GDPR, is

Vishay Intertechnology, Inc.
63 Lancaster Avenue
Malvern, Pennsylvania, 19355
United States
Contact: Michael Krouse
Telephone: 8569797252
e-mail: Michael.krouse@vishay.com

DATA PROTECTION OFFICER

If you have any questions regarding the processing of your personal data or wish to exercise your right as a data subject, please contact the Data Protection Officer. The responsible Data Protection Officer for you is

Contact: Franziska Eberius
e-mail: privacy@vishay.com

PROCESSING PURPOSES, LEGAL PERMISSION AND SCOPE OF DATA COLLECTION

Visiting our website

Data is processed when you first visit our website.

Every access to our web server is automatically stored in so-called log files (e.g. name of the requested file, IP address, access status of the web server, date and time of the request, browser used, etc.). These log files are evaluated for statistical purposes only.

The following personal data may be processed:

Customer domain: We record the domain for which log data is stored.
Anonymized client IP: We collect IP addresses to identify where our servers may be attacked from. These are stored for a maximum of seven days, in line with industry practice. They are then anonymized. However, for privacy reasons, the IP addresses in the log file can only be viewed in anonymized form from the outset of an attack. We may further ascertain your approximate geolocation based upon your IP address.
Timestamp: This indicates the date and time the site was accessed.
Size of response content delivered through web browser: When a website is visited, temporary data is downloaded. This includes, for example, the images and text displayed by the browser. The log file shows the size of this data.
Referrer sent by the client: This field shows which website the browser has previously visited.
User Agent sent by the client: This includes information such as the type and version of browser and operating system.
The sub-pages of the Vishay website that were accessed.
The Internet Service Provider and comparable data.

In particular, the information collected is processed for the following purposes:

Provide the website,
Facilitate a smooth connection to and use of the website,
Assess the security and stability of the system,
Optimize and improve our website,
For technical troubleshooting,
Provide general statistics regarding use of the website,
Defend against attacks.

The recipients of the personal data include technical service providers who act as processors for the operation and maintenance of our website.

The personal data is deleted as soon as it is no longer required for the purpose for which it was collected. This is generally the case for personal data used to provide the website at the end of each session.

Data processing in restricted area

Vishay's My Vishay portal is accessible only to users who have previously registered for the portal. The registration process requires the user to provide certain personal data, such as first name, last name, title, email address, company information, etc. Vishay uses this information solely to establish and maintain the user's account, to identify authorized users, and to provide the user with the requested functionality. The processing of the personal data described above is necessary for the conclusion and /or performance of a contract to which you are a party or other legal basis as provided for under applicable laws or regulations.

If the user provides consent, it is possible for us to contact them specifically on the basis of their user behavior in order to be able to guarantee a user-oriented service. For this purpose, the user's behavior is processed with regard to the videos, images and links clicked and/or saved.

If the user orders products via our website, we also require personal data, such as name, e-mail address, business address and payment details, in order to process the order and fulfil our contractual obligations.

Data processing in connection with product orders

When you send us an order enquiry, we process the personal data you provide (e.g., name, business address, email address, telephone number, other booking data/requests, payment data, etc.). Mandatory fields are marked as such because in these cases we need the data to process the contract or to process your contact and you cannot complete the order enquiry without providing it. The relevant processing is conducted only if proper legal bases have been secured.

Other data processing purposes

We may use the information we collect about you for our other business purposes, such as data analytics, audits, developing new products/services, enhancing our website, improving our products and services, identifying website usage trends, and determining the effectiveness of our promotional campaigns. We further may use the information we collect about you as we believe to be necessary or appropriate: (i) under applicable law; (ii) to comply with legal process; (iii) to respond to requests from public and government authorities; (iv) to enforce this Privacy Policy and our Terms of Use; (v) to protect our operations; (vi) to protect our rights, privacy, safety or property, and/or that of you or others; and (vii) to allow us to pursue available remedies or limit the damages that we may sustain.

USE OF COOKIES AND OTHER TRACKING TECHNOLOGIES

Cookies

When you visit our website, information is stored on your computer in the form of a cookie in your browser software. This stores information about your use of the website and is used by us and our service providers.

Cookies are small text files or other storage information that can be used to store and read information on end devices. Cookies can also be used for a variety of purposes, such as ensuring the functionality, security and convenience of online services and analyzing traffic patterns. A cookie typically contains the name of the domain from which the cookie data was sent, as well as information about the age of the cookie and an alphanumeric identifier. We use both first-party cookies and third-party cookies that come from a domain other than the domain of the website you are visiting. For example, we use Google Analytics to help analyze how visitors use our website. You can visit https://www.google.com/settings/ads to learn more about Google Analytics’ use of cookies. If you would like to opt-out from the use of your information by Google Analytics, you may use Google Analytics’ opt-out browser add-on designed for this purpose.

On the one hand, we use cookies to make your use of our website more pleasant. For this purpose, we use so-called session cookies to recognize that you have already visited individual pages of our website. These are automatically deleted when you leave our site. Within the password-protected area of the Vishay website, session cookies are used for the duration of your visit. These allow Vishay to use a single sign-on approach for ease of authentication and to control access to the various password-protected areas of the Vishay website. This allows users to move throughout the password-protected areas of the website without having to log in again for each area.

In addition, cookies are used to collect information about how users use the Vishay website, how they navigate through the website, and what areas of the website and products they are interested in. This allows Vishay to improve the site and the user's online experience. The information stored in the cookies is not used by Vishay to identify the user and is not combined with other personal information held about the user.

We also use temporary cookies to improve the user experience, which are stored on your device for a limited period of time. If you visit our website again, it will automatically recognize that you have visited us before and which entries and settings you have made, so that you do not have to enter them again.

We also use cookies to statistically record the use of our website and to evaluate this for the purpose of optimizing our offer to you.

The use of cookies is necessary to complete an order. However, a limited use of our services is also possible without the use of cookies.

Depending on the purpose for which cookies are used, the processing is carried out on the basis of a different legal basis under data protection law. In this respect, a distinction is made as follows:

Strictly Necessary Cookies (Essential Cookies)

Strictly necessary cookies are essential to the functionality of the site and cannot be turned off in our systems. They are generally only used in response to your activity, such as service requests, setting your privacy preferences, logging in, accessing secure areas, etc. Strictly necessary cookies do not collect any personally identifiable information that can be used for marketing purposes or track your web browsing activity.

Performance/Functional Cookies

Performance/functional cookies allow us to count visits and traffic sources so that we can measure and improve the performance of our website. They help us to identify which of our pages are the most and least popular, how users move around our website, whether they receive error messages, etc. This information is mainly used to improve our website. For clarification, web analytics are included in this cookie category. Performance/functional cookies are based on a unique identification of your browser and Internet device (including other technical data such as your IP address, operating system, Internet provider, website from which you are visiting us, etc.). The legal basis for the processing of personal data using performance/functional cookies (see below) is your declaration of consent. Consent to data processing can be withdrawn at any time without affecting the lawfulness of the processing based on the consent before its withdrawal.

If you do not accept performance/functional cookies, we will not be able to analyze when users have visited our website.

Targeting Cookies

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal data but are based on uniquely identifying your browser and internet device. If you do not allow targeting cookies, you will experience less targeted advertising.

Most browsers are set to accept cookies automatically. However, you can deactivate the storage of cookies or set your browser to notify you when cookies are sent. You can also delete cookies from your hard drive at any time. You can change your cookie settings and revoke your consent at any time. To change cookie settings, click the “Do Not Sell or Share My Personal Information” link at the footer of our website or visit our Privacy Center and click “Preference Center”. This opens the OneTrust window where you can view and change your cookie settings. If you disable cookies for the Vishay website, you may not be able to take full advantage of all the features of the website.

Web Beacons and Pixels

A pixel is an HTML code snippet embedded in a website or email that collects information about user behaviors and interactions with the website or email.

We may utilize pixels both on certain aspects of our website and in HTML-formatted email messages to you. Pixels may be used for the purpose of, among other things, measuring the success of our marketing campaigns, compiling statistics about Site usage and tracking the activities of users of the Site and email recipients. For instance, we may use pixels from Meta on our website to enable us to create targeted advertisements and measure the effectiveness of our advertisements. For additional information on interest-based advertising, please see below.

interEST BASED ADVERTISING

We may collect information about your online activities on our website to provide you with advertising about products tailored to your individual interests. We also may obtain information for this purpose from third-party websites on which our advertisements are served.

You may see certain advertisements on other websites because we work with advertising partners (including advertising networks) to engage in remarketing and retargeting activities. Our advertising partners allow us to target our messaging to users through demographic, interest-based and contextual means. These partners track your online activities over time and across websites, including our website, by collecting information through automated means, including through the use of third-party cookies, web server logs and web beacons. They use this information to show you advertisements that may be tailored to your individual interests. The information our advertising partners may collect includes data about your visits to websites that participate in the relevant advertising networks, such as the pages or advertisements you view and the actions you take on the websites. This data collection takes place both on our website and on third-party websites that participate in the ad networks. This process also helps us track the effectiveness of our marketing efforts. For example, we utilize certain of our advertising partners’ targeted advertising services to show you our advertisements on other websites based on your prior visits to our website and other online activity.

Provided that a company participates in industry-developed programs designed to provide consumers choices about whether to receive targeted advertising, you may opt out of interest-based advertising generally through the Network Advertising Initiative website or by visiting http://www.aboutads.info/choices/ (web-based advertising) or http://www.aboutads.info/appchoices (for mobile advertising). To learn more, please visit the websites operated by the Network Advertising Initiative and Digital Advertising Alliance at www.networkadvertising.org/choices. You may also opt-out by turning off targeting cookies or opting out of the sale or sharing of your data by either clicking the “Do Not Sell or Share My Personal Information” link at the footer of our website or by visiting our Privacy Center and clicking “Preference Center”. Opting-out does not mean that you will stop receiving advertisements from us. It means that you will stop receiving advertisements from us that have been targeted to you based on your visits and browsing activity across websites over time.

SOCIAL MEDIA APPEARANCES

Our appearances in Social Media Platforms

Our website does not use any social media plugins. The links on our website are static links to our subpages on various social networks (such as LinkedIn, YouTube and Facebook). These links do not transmit any data to the social network operators simply by visiting our website. Only if you follow one of these links by clicking on it will you be taken to the pages of that social network. In this case, the social network provider may collect personal data from you in accordance with their privacy policy and terms of use, over which we have no control. In this respect, we may be jointly responsible with the provider under data protection law.

If you click on the link, data is usually also collected for Vishay's own business purposes, such as customer messages or comments. We are active on various social media platforms including LinkedIn, Facebook, YouTube, WeChat and Weibo, and Instagram (each if and to the extent available in the respective region or country). We might analyze information provided to us by the platform operators. This might include information such as names, geolocations, companies, emails, and phone numbers. Please note that not all platforms provide all of this information and we do not usually download this information but only analyze it on the platforms themselves if indeed provided to us. If we do receive emails and phone numbers, it is only through lead generation activities on platforms such as LinkedIn where the platform operator agrees to provide the information (if available).

As stated above, your personal data may be processed for analysis and advertising purposes. This is done, for example, by creating user profiles based on your user behavior and the resulting interests. Cookies and other tracking technologies like pixels are generally used to create user profiles, which enable your user behavior and interests to be analyzed. The user profiles are generally used to show you advertisements on the respective provider or elsewhere on the Internet that match your interests. In addition to the user profiles, other personal data may be stored, in particular if you are a registered user of the respective provider's platform and are logged in to the platform. For a detailed description of the processing by the respective provider and the possibilities to object (opt-out), please refer to the provider information linked below. Please note that some of the information below might not be available in a region or country. We recommend reviewing your local laws and regulations to ensure compliant access to such platforms.

YouTube Videos

On our website you can watch videos that are integrated by YouTube.

Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Legal basis: Consent, Art. 6 para. 1 sentence 1 lit. a GDPR
Website: https://www.youtube.com/
Privacy policy: https://policies.google.com/privacy?hl=de
Order processing contract: https://policies.google.com/privacy/google-partners?hl=de
Basis third country transfer: EU-US Data Privacy Framework (DPF), standard contractual clauses (https://policies.google.com/privacy/frameworks?hl=de).
Further information: We have used the extended data protection application from YouTube so that YouTube only collects data from you if you click on the respective video. By clicking on the video, you consent to the processing of the personal data collected about you by YouTube.

Facebook (Use of Meta Pixel)

With the help of the Meta Pixel (or comparable functions, for the transmission of event data or contact information by means of interfaces in apps), Meta is able to determine the visitors of our online offer as a target group for the display of advertisements (so-called “Meta ads”). Accordingly, we use the Meta Pixel to display the Meta ads placed by us only to those users on Meta platforms and within the services of Meta's cooperating partners (so-called “audience network“ https://www.facebook.com/audiencenetwork/) who have also shown an interest in our online offering or who have certain characteristics (e.g. interest in certain topics or products that can be seen from the websites visited) that we transmit to Meta (so-called “custom audiences”). With the help of the Meta Pixel, we also want to take measures so that our Meta ads correspond to the potential interest of users and are not annoying. With the help of the Meta Pixel, we can also track the effectiveness of the Meta ads for statistical and market research purposes by seeing whether users were redirected to our website after clicking on a Meta ad (so-called “conversion measurement”).

Service provider: Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland

Legal basis: Consent, Art. 6 para. 1 sentence 1 lit. a GDPR
Website: https://www.facebook.com
Privacy policy: https://www.facebook.com/about/privacy
Order processing contract: https://www.facebook.com/legal/terms/dataprocessing
Basis for third country transfers: EU-US Data Privacy Framework (DPF), standard contractual clauses (https://www.facebook.com/legal/EU_data_transfer_addendum)
Further information: Users' event data, i.e. behavioral and interest data, is processed for the purposes of targeted advertising and targeting on the basis of the Joint Controller Agreement (“Controller Addendum”, https://www.facebook.com/legal/controller_addendum). Joint controllership is limited to the collection by and transfer of data to Meta Platforms Ireland Limited, a company based in the EU. The further processing of the data is the sole responsibility of Meta Platforms Ireland Limited, which in particular concerns the transfer of the data to the parent company Meta Platforms, Inc. in the USA (on the basis of the standard contractual clauses concluded between Meta Platforms Ireland Limited and Meta Platforms, Inc.)

LinkedIn
Within our online offering, we collect data from visitors to create “page insights” (statistics) about our LinkedIn profiles. This data includes information about the types of content that users view or interact with, or the actions they take, as well as information about the devices used by users (e.g. IP addresses, operating system, browser type, language settings, cookie data) and information from the user's profile, such as job function, country, industry, hierarchy level, company size and employment status.

We have concluded a special agreement with LinkedIn Ireland (“Page Insights Joint Controller Addendum (the “Addendum”)”, https://legal.linkedin.com/pages-joint-controller-addendum), which regulates in particular which security measures LinkedIn must observe and in which LinkedIn has agreed to fulfil the rights of data subjects (i.e. users can, for example, send information or deletion requests directly to LinkedIn). The rights of users (in particular to information, deletion, objection and complaint to the competent supervisory authority) are not restricted by the agreements with LinkedIn. The joint responsibility is limited to the collection of data by and transfer to Ireland Unlimited Company, a company based in the EU. Further processing of the data is the sole responsibility of Ireland Unlimited Company, which relates in particular to the transfer of data to the parent company LinkedIn Corporation in the USA.

Service provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland

Legal basis: Consent, Art. 6 para. 1 sentence 1 lit. a GDPR
Website: https://www.linkedin.com
Privacy policy: https://www.linkedin.com/legal/privacy-policy
Order processing contract: https://legal.linkedin.com/pages-joint-controller-addendum
Basis for third country transfers: EU-US Data Privacy Framework (DPF), standard contractual clauses (https://legal.linkedin.com/dpa)
Option to object (opt-out): https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out

Instagram
Within our online services, we carry out interest and behavior-based measurements and analyses of user interactions with our online services (in particular page visits, search entries, transactions, video and page views as well as time and period) for the purpose of creating target groups for the display of content and advertising content within the Instagram platform and the partners involved in its advertising network.

Service provider: Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland

Legal basis: Consent, Art. 6 para. 1 sentence 1 lit. a GDPR
Website: https://about.instagram.com/de-de
Privacy policy: https://privacycenter.instagram.com/policy/?entry_point=ig_help_center_data_policy_redirect
Basis for third country transfers: standard contractual clauses
Option to object (opt-out): https://privacycenter.instagram.com/policy/?subpage=7.subpage.11-ObjectYouHaveThe
Further information: https://privacycenter.instagram.com/policy/

WeChat
Our WeChat account is intended for product display and information sharing, and we do not aim to collect your personal information through it. Any collection and processing of your personal information by Tencent shall be governed by the WeChat privacy policy below, and we are not responsible for such activities.

Service provider: Tencent

Website: https://www.wechat.com/
Privacy policy: https://www.wechat.com/de/privacy_policy.html

Weibo
Our Weibo account is intended for product display and information sharing, and we do not aim to collect your personal information through it. Any collection and processing of your personal information by Sino shall be governed by the Weibo privacy policy below, and we are not responsible for such activities.

Service provider: Sino

Website: https://weibo.com/
Privacy policy: https://weibo.com/signup/v5/privacy

NEWSLETTER SENDING

With the following information we would like to inform you about the content of our newsletter as well as the procedure for registration, dispatch and statistical evaluation and your rights of objection.

We only send newsletters and e-mails containing advertising information (hereinafter referred to as “newsletter”) if you have consented to this. Subscribing to our newsletter is a double opt-in process. This means that after registering for the newsletter with your email address, you will receive an email asking you to confirm your registration for the newsletter. This confirmation is essential to ensure that you wish to subscribe to the newsletter and that no third party is misusing your email address for this purpose.

By subscribing to our newsletter after completing the double opt-in process, you agree to receive the newsletter and to the procedures described.

Subscriptions to the newsletter are logged in order to provide evidence of the registration process as required by law. This includes recording the time of registration and confirmation and the IP address. Changes to your data stored by the newsletter delivery service are also logged.

The newsletter is sent by the newsletter service provider: Hubspot

You can view the service provider’s privacy policy here: https://legal.hubspot.com/privacy-policy

In addition, according to its own information, the mailing service provider may use this data in pseudonymous form, i.e. without assignment to a user, to optimize or improve its own services, e.g. to technically optimize the dispatch and presentation of the newsletter or for statistical purposes to determine the countries from which the recipients come. However, the mailing service provider will not use the data of our newsletter recipients to write to them or pass it on to third parties.

As noted above, the newsletters contain so-called tracking pixels. Vishay may use the embedded tracking pixel to determine if and when the newsletter was opened by the recipient and which links contained in the newsletter were clicked by the recipient. The data collected via the tracking pixel will be stored and processed anonymously for statistical purposes, in order to optimize the dispatch of the newsletter and to adapt the content of future newsletters even better to the interests of the recipients.

We will secure proper legal bases for the use of the mailing service provider, the performance of statistical surveys and analyses and the logging of the registration process. We are interested in using a user-friendly and secure newsletter system that serves both our business interests and the expectations of our users.

You can unsubscribe from our newsletter at any time, i.e., revoke your consent to receive the newsletter at any time, either by contacting us informally or by clicking on a link to unsubscribe from the newsletter. You will find such an unsubscribe link at the end of each newsletter.

Your data processed for the purpose of sending the newsletter will then be deleted.

PERSONAL DATA TRANSFERS AND TRANSFERS OUTSIDE THE EU

Vishay
When you place an order with us, we will share your data with our affiliate Vishay Intertechnology, Inc., which acts as our fulfilment center and order processor. The data necessary for picking, packing and delivery will be transferred to Vishay. Without the transfer of data to Vishay, delivery of your order is not possible. The subsequent processing by Vishay is conducted only if proper legal bases have been secured.

The Fulfilment Centre ships the order on behalf of Vishay via an external shipping service provider.

Service Providers

We share your personal data with our service providers to perform the functions for which we engage them. For example, when you place an order with us, we share your data with a third-party shipping service provider. We also may use service providers to host our website or assist us in providing functionality on our website, send out our newsletters or other communications about our website and products and services, and process payments.

Depending on which payment service provider you select during the ordering process, we will pass on the payment data collected for this purpose to the bank or payment service provider selected to process the payment. In some cases, the selected payment service providers may collect this data themselves if you have an account with them. In this case, you must log in to the payment service provider with your access data during the ordering process. The privacy policy of the relevant payment service provider will apply.

We use the manually stored payment data (bank details) to process payments or take over the data if it is already been stored with us. If you wish to make any changes, please contact us at https://www.vishay.com/en/company/contacts.

Our service providers are carefully selected and are required by law and contract to adequately protect the data it processes on our behalf.

Analytics and Advertising Vendors
We may share information collected through cookies and other tracking technologies set on our website with our website analytics and digital advertising vendors such as Google Analytics and Meta Pixels.

Parent, Subsidiaries, Affiliates or Other Related Companies.
We may share your information with our parent company, subsidiaries, affiliates or other related companies for our internal business purposes. This process is based on our legitimate interests.

Legal and Safety Reasons
Vishay may be required to disclose personal data to the authorities, law enforcement agencies, government agencies, or legal entities. We may disclose personal data by law, litigation, or as a matter of national security to comply with valid legal process including subpoenas, court orders or search warrants, and as otherwise authorized by law. This process is based on the fact that it is necessary to comply with legal obligations to which Vishay is subject. We may also need to disclose personal data to enforce our rights, protect our property or protect the rights, property or safety of others, as needed to support external auditing, compliance and corporate governance functions or in the event of an emergency that threatens an individual's life, health, or security. We may also share personal data as required to pursue available remedies or limit damages we may sustain. This process is based on our legitimate interests.

Changes of Control
We reserve the right to transfer or assign the information that we have collected from users in connection with a corporate transaction, such as a divestiture, merger, consolidation, or asset sale, or in the unlikely event of bankruptcy.

Except as otherwise provided in this Privacy Policy, we will not share your personal data with third parties unless we are required to do so by law, or you have expressly consented. In such cases, we will comply with legal requirements and, in particular, conclude appropriate agreements to protect your data.

Transfer outside EU/EEA or another region where the website is available
Where personal data originates from the EU/EEA and is transferred to entities in third countries outside the EU/EEA, this is done in accordance with the provisions of the GDPR. The transfer is to a country for which there is an adequacy decision (see Article 45 GDPR). Alternatively, the recipients have submitted to so-called Binding Corporate Rules (see Art. 47 GDPR) or the EU Standard Contractual Clauses of the EU Commission are used (see Art. 46 GDPR). If the transfer of data to entities outside the EU is necessary to fulfil contractual obligations, the transfer is based on Art. 49 GDPR. If the EU Standard Contractual Clauses are used, we will provide you with any further information upon request at privacy@vishay.com. You can also find the EU standard contractual clauses on the website of the EU Commission at https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de. Any personal data collected from EU data subjects through our websites will be processed in the United States by Vishay or by a third party acting on our behalf. Our websites are hosted in the United States.

Where personal data originates from China and is managed and / or transferred outside China, we will take reasonable steps to ensure that the requirements under PRC Data Laws applicable to Vishay have been properly fulfilled.

Where personal data originates from other regions (such as the US) and is managed and / or transferred outside of these regions, we will also take reasonable steps to ensure that the data privacy requirements applicable to Vishay have been properly fulfilled.

STORAGE PERIOD OF THE PERSONAL DATA

Unless otherwise described in this Privacy Policy, personal data will be deleted by Vishay when it is no longer required for the purposes for which it was processed and when legal retention periods have expired. As a general rule, contract-related data will be deleted 24 months after termination of the relevant contract with Vishay.

Personal data of visitors to our website will be deleted when it is no longer needed for the purposes described above, unless a longer retention period is required by law. Usage data is regularly stored for a period of 26 months insofar as no further storage is required, e.g. due to tax and duty regulations. Depending on the data category and country of origin, such storage can last up to 6 years (e.g. for commercial and business letters), 10 years (e.g. for tax-relevant information) or even longer if, for example, an authority has issued a more extensive order to store data.

WEBSITE ENCRYPTION AND SECURITY

When data is transmitted over open networks, such as the Internet, the current state of technology does not allow for the complete protection of the data transmitted. Therefore, please do not send us any confidential data via the Internet (e.g. by e-mail) without adequate protection.

All forms on our website that collect personal data are encrypted using the latest version of the TLS security protocol.

In addition, our systems are protected against unauthorized internal and external access using state-of-the-art technical and organizational measures to ensure a level of protection appropriate to the risk.

These measures include, in particular, taking measures to ensure the confidentiality, integrity and availability of data by controlling physical and electronic access to data, as well as access, input, disclosure, availability and segregation. We also have procedures in place for the exercise of data subject rights, deletion of data and response to data threats. We also consider the protection of personal data in the design and selection of hardware, software and processes, through technology design and privacy-friendly default settings.

In addition, all our employees are made aware of data protection laws and are required to maintain confidentiality.

However, please note that no data transmission over the Internet or data storage system can be guaranteed to be 100% secure. It is your responsibility to protect the security of your login information.

CONTACT FORM

If you contact us via our contact form on the website or by e-mail, we will process your data to the extent necessary to respond your enquiry. If it is necessary to transfer personal data to third parties, e.g. to other Vishay companies, in order to process your enquiry, we will limit the transfer to the data necessary for the purposes of processing in accordance with the principle of data minimisation.

Such processing will be carried out either based on the necessity for the conclusion or performance of a contract to which you are a party, to safeguard our legitimate interests associated with the processing of the respective enquiry or the legitimate interests of a third party (where applicable law provides for such a legal basis or permission), or ) based on the consent, which you provide either explicitly or implicitly by sending your enquiry.

TAKING AND PUBLISHING PHOTOS AND VIDEOS OF EVENTS

We take photos and videos at events for the purpose of documenting the event and for public relations. These may also be published on our website and our social media channels as part of our coverage of the event.

If photographs or videos will be taken at an event, you will be informed of this at the entrance and, if applicable, as part of the invitation. You will be given a form to fill in and sign. The recordings will generally be of the event as a whole and not of individual people. The legal basis for the processing is generally the consent of the data subject, or to safeguard our legitimate interests associated with the processing (where applicable law provides for such a legal basis or permission).

For reporting purposes, we may also share these recordings with the press and possibly other Vishay companies or distribution partners and publish them on our own websites and social media channels. The legal basis for processing within the scope of our public relations activities is the consent of the data subject.

Your data will be deleted as soon as the purpose of the processing no longer applies. However, please note that records published on the Internet may be available for a longer period of time.

Children

We do not knowingly collect or maintain personal data from any person under the age of 18. No parts of our website are directed to or designed to attract anyone under the age of 18.

CALIFORNIA CONSUMER DISCLOSURES

This section is provided pursuant to the CCPA and applies to personal information we collect about California residents.

Unless otherwise noted, the disclosures in this California Consumer Disclosures section apply to our current practices, as well as our activities in the 12 months preceding the date of this Privacy Policy.

Personal Information Collection, Use and Disclosure
We process the following categories of personal information, as described in the “Processing Purposes, Legal Permission and Scope of Data Collection”, “Use of Cookies and Other Tracking Technologies”, “Interest Based Advertising”, “Newsletter Sending”, “Contact Form” and “Taking and Publishing Photos and Videos of Events” sections above:

Identifiers including name, postal address, unique personal identifier, online identifier, IP address, email address, account name, or other similar identifiers.
Personal records (as described in Cal. Civ. Code § 1798.80(e)), including payment data.
Commercial information, including records of products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
Internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding a consumer’s interaction with an internet website, application, or advertisement.
Geolocation data.
Audio, electronic, visual or similar information, including photos and videos taken at events.
Professional or employment-related information, including title and company information.
Inferences drawn from any of the information identified in this subdivision to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

We disclose the above categories of personal information as described in the “Personal Data Transfers and Transfers Outside the EU” section above.

The following categories of personal information were sold or shared in the twelve (12) months prior to the effective date of this Privacy Policy:

Identifiers, such as unique personal identifier, online identifier, Internet Protocol address, or other similar identifiers.
Internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding a consumer’s interaction with an internet web site, application, or advertisement.
Geolocation data.

Such information is sold to or shared with our third-party website analytics and digital advertising service providers.

We share or sell such information to:

Provide our website to you;
Operate and personalize the products we offer, and to give each user a more consistent and personalized experience when interacting with us;

Personalize our marketing communications, and to deliver advertisements about our products and service that we think may interest you;
For security, to detect fraud or illegal activities, and for archival and backup purposes in connection with the provision of our website;
For our business purposes, such as data analytics, audits, enhancing our website, improving our products and services, identifying website usage trends, and determining the effectiveness of our promotional campaigns;
As we believe to be necessary or appropriate: (i) under applicable law; (ii) to comply with legal process; (iii) to respond to requests from public and government authorities; (iv) to enforce this Privacy Policy and our Terms of Use; (v) to protect our operations or those of any of our affiliates; (vi) to protect our rights, privacy, safety or property, and/or that of our affiliates, you, or others; and (vii) to allow us to pursue available remedies or limit the damages that we may sustain.

We do not have actual knowledge that we sell or share personal information about minors under the age of 18.

We do not collect sensitive personal information from California residents. However, if we take photographs or videos of you at our events, it may be possible to infer your racial or ethnic origin. We will only use and disclose such information as necessary to fulfill the purposes of collection or as permitted under the CCPA.

We collect your personal information from or through the following categories of sources:

You, directly and indirectly, including when you access our website or when you purchase our products, register an account with us, subscribe to our newsletter or otherwise contact us or interact with us; and
Service providers, including those that provide website analytics and digital advertising services to help us understand the activities taken on our website.

As noted above, we will retain your personal information for as long as necessary to fulfill the purpose for which it was collect or as required by applicable laws or regulations.

Do Not Track Signals

Your web browser may have settings that allow you to transmit a “Do Not Track” signal when you visit various websites or use online services. Our website does not respond to “Do Not Track” signals received from browsers.

YOUR RIGHTS AS A DATA SUBJECT UNDER CALIFORNIA PRIVACY LAWS

California residents may have certain rights under the CCPA and the California Shine the Light law.

CCPA
If the CCPA will be applicable to the respective processing activity, you have the right to:

Know what personal information we have collected about you, including the specific pieces of personal information that we have collected about you; categories of personal information that we have collected about you; categories of sources from which the personal information is collected; categories of personal information that we sold or shared about you and the categories of third parties to whom the personal information was sold or shared, by category or categories of personal information for each third party to whom the personal information was sold or shared; the categories of personal information that we disclosed about you for a business purpose and the categories of persons to whom it was disclosed for a business purpose; categories of third parties to whom the personal information was disclosed for a business purpose; and the business or commercial purpose for collecting, sharing or selling personal information.
Request that we delete personal information that we collected from you, subject to certain exceptions.
Request that we correct personal information we maintain about you that you believe is inaccurate.
Opt out of the sale of your personal information and request that we do not share your personal information for cross-context behavioral advertising. To opt out of the sale and sharing of your personal information, please click the “Do Not Sell or Share My Personal Information” link at the footer of our website.
Limit the use and disclosure of your sensitive personal information if it is used or disclosed in certain ways.

We do not use or disclose sensitive personal information for purposes that would trigger the right to limit the use and disclosure of your sensitive personal information under the CCPA.

To exercise your rights under the CCPA, please visit here, send an e-mail to privacy@vishay.com or call 1-888-354-1131.

When you submit a request, we may ask you to provide information so we can verify your identity before taking action. You may designate an authorized agent to make the request on your behalf. If an authorized agent submits a request for you, we may require you to either verify your own identity directly with us or directly confirm with us that you provided the authorized agent permission to submit the request.

If we deny your request, in whole or in part, as permitted under the CCPA, we will explain why.

We will not discriminate against you for choosing to exercise any of your California privacy rights.

California’s Shine the Light Law

California Civil Code Section 1798.83 permits California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes.
To make such a request, please send an e-mail to privacy@vishay.com.

YOUR RIGHTS AS A DATA SUBJECT UNDER GDPR or PIPL

If GDPR or PIPL will be applicable to the respective processing activity, you have the right to:

Information (Art. 44 of the PIPL, Art. 15 GDPR)
Rectification (Art. 46 of the PIPL, Art. 16 GDPR)
Erasure (Art. 47 of the PIPL, Art. 17 GDPR)
Restriction of processing (Art. 44 of the PIPL, Art. 18 GDPR)
Data portability (Art. 45 of the PIPL, Art. 20 GDPR)
Objection (Art. 44 of the PIPL, Art. 21 GDPR)
Right to lodge a complaint (Art. 50 of the PIPL, Art. 77 GDPR)
Withdraw a consent (Art. 15 of the PIPL, Art. 7 GDPR)

Right to information
You have the right to information about the personal data concerning you. You can contact the Data Protection Officer for information at any time:

Contact: Franziska Eberius
e-mail: privacy@vishay.com

In the event of a request for information that is not made in writing, please understand that we may ask you to provide proof that you are the person you claim to be. For this purpose, we will ask you to provide us with your name and address so that we can verify your identity before disclosing the requested information or carrying out the processing you have requested.

Correction and Deletion
You also have the right to rectify, erase or restrict the processing of your personal data where you are legally entitled to do so. You can contact us at any time:

Contact: Franziska Eberius
e-mail: privacy@vishay.com

Data portability
A right to data portability also exists under the Data Protection Regulations and can be requested at:

Contact: Franziska Eberius
e-mail: privacy@vishay.com

Vishay will endeavour to process your request within one month and to provide you with the requested information free of charge in a structured and commonly used electronic format.

Right to object

Finally, you have the right to object at any time to the processing and use of your data previously stored data for the purpose of future data processing within the framework of the legal requirements. As a general rule, in this case personal data shall no longer be processed unless the controller / data handler demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims, or have secured other legal basis as provided for under applicable laws or regulations. Where the data subject objects to processing for direct marketing purposes, the personal data shall no longer be processed for such purposes.

We will then deactivate your data for further use after the last contract has been fully processed and delete it after the tax and commercial law retention periods have expired, unless there is another purpose and another legal basis is secured.

The objection can be made informally with the subject line “Objection”, stating your name and address, and should be sent to the following address:

Contact: Franziska Eberius
E-mail: privacy@vishay.com

Right to withdraw a consent

You can withdraw a consent at any time by contacting us through the contact details provided or (if available) through the relevant mechanism (e.g. through the privacy cockpit on our website). This does not affect the lawfulness of the processing carried out on the basis of a consent until it is withdrawn.

Right to complain to a supervisory authority

You have the right to lodge a complaint about the processing of personal data by us with the competent data protection supervisory authority.

AMENDING AND UPDATING THIS PRIVACY POLICY

If changes to our data processing practices make it necessary, we will revise this Privacy Policy. We therefore encourage you to review our Privacy Policy on a regular basis. As soon as the changes require an act of cooperation on your part (e.g. consent) or other individual notification, we will inform you of the adapted changes.

Where we provide addresses and contact information for companies and organizations in this Privacy Policy, please note that the addresses may change over time. Therefore, if you wish to contact these companies and organizations, please check the specific contact details.

Keyword/Part #	Stock Check/Buy Now	Cross Ref Part #