Privacy Policy

Effective Date: January 2025

Vishay Intertechnology, Inc. (hereinafter also referred to as “Vishay”, “we”, “us”) is committed to protecting your privacy. We would like to provide you with the following information to give you an overview of what personal data (hereinafter also referred to as “personal information” depending on applicable laws) we collect from you in the context of our contractual relationships, customer relationships, or when you visit our website, and how we process this personal data. The information is provided depending on the specific role in which you are contacting us, e.g., whether you are contacting us as a visitor to our website, as a supplier or potential customer and business partner, or as a subscriber to our blogs or user groups.

This privacy policy applies to all online services and offers provided on the https://www.vishay.com/ website. Where our website contains links to other websites within the Vishay group of companies or to websites of third parties, this privacy policy does not apply. Please check the privacy policies of those other websites or applications.

This policy is designed along privacy requirements resulting from the General Data Protection Regulation (GDPR) and other applicable national data protection regulations and compulsory standards applicable in countries from which this website may be accessed, such as the PRC Personal Information Protection Law (2021) (hereinafter "PIPL") applicable for users located in the People’s Republic of China (hereinafter “China” or “PRC”, collectively “PRC Data Compliance Laws”; excluding Hong Kong, Macau and Taiwan for the purpose of this policy only) or the California Consumer Privacy Act (“CCPA”) applicable to California residents. In the event of any conflict between the principles of this Privacy Notice and the PRC Data Compliance Laws or the CCPA, the principles of each the PRC Data Compliance Laws or the CCPA shall prevail and govern. “Data Controller” or “Controller” shall mean “Data Handler” acc. to Art. 73.1 PIPL and “Business” under the CCPA.

DATA CONTROLLER

The Controller responsible for data processing, including according to Art. 4 No. 7 GDPR, is

Vishay Intertechnology, Inc.
63 Lancaster Avenue
Malvern, Pennsylvania, 19355
United States
Contact: Michael Krouse
Telephone: 8569797252
e-mail: Michael.krouse@vishay.com

DATA PROTECTION OFFICER

If you have any questions regarding the processing of your personal data or wish to exercise your right as a data subject, please contact the Data Protection Officer. The responsible Data Protection Officer for you is

Contact: Franziska Eberius
e-mail: privacy@vishay.com

PROCESSING PURPOSES, LEGAL PERMISSION AND SCOPE OF DATA COLLECTION

Visiting our website

Data is processed when you first visit our website.

Every access to our web server is automatically stored in so-called log files (e.g. name of the requested file, IP address, access status of the web server, date and time of the request, browser used, etc.). These log files are evaluated for statistical purposes only.

The following personal data may be processed:

Customer domain: We record the domain for which log data is stored.
Anonymised client IP: We collect IP addresses to identify where our servers are being attacked from. These are stored for a maximum of seven days, in line with industry practice. They are then anonymised. However, for privacy reasons, the IP addresses in the log file can only be viewed in anonymised form from the outset of an attack.
Timestamp: This indicates the date and time the site was accessed.
Size of response content delivered through web browser: When a website is visited, temporary data is downloaded. This includes, for example, the images and text displayed by the browser. The log file shows the size of this data.
Referrer sent by the client: This field shows which website the browser has previously visited.
User Agent sent by the client: This includes information such as the type and version of browser and operating system.
The sub-pages of the Vishay website that were accessed.
The Internet Service Provider and comparable data.

In particular, the information collected is processed for the following purposes:

Facilitate a smooth connection to the website,
Facilitate smooth use of our website,
Assess the security and stability of the system,
Optimise our website,
Defend against attacks.

We do not use this data to identify you personally. Such information is used by us for statistical purposes in anonymous form in order to optimise our website and the technology behind it and to make any necessary adjustments.

The processing aims to improve the stability and functionality of our website and enable us to properly present our website to you.

The recipients of the personal data are technical service providers who act as processors for the operation and maintenance of our website.

The personal data is deleted as soon as it is no longer required for the purpose for which it was collected. This is generally the case for personal data used to provide the website at the end of each session.

Data processing in restricted area
Vishay's My Vishay portal is accessible only to users who have previously registered for the portal. The registration process requires the user to provide certain personal data, such as first name, last name, title, email address, company information, etc. Vishay uses this information solely to establish and maintain the user's account, to identify authorised users, and to provide the user with the requested functionality. The processing of the personal data described above is necessary for the conclusion and / or performance of a contract to which you are a party or other legal basis as provided for under applicable laws or regulations.

If the user provides consent, it is possible for us to contact them specifically on the basis of their user behaviour in order to be able to guarantee a user-oriented service. For this purpose, the user's behaviour is processed with regard to the videos, images and links clicked and/or saved.

If the user orders products via our website, we also require his personal data, such as name, e-mail address, business address and payment details, in order to process the order and fulfil our contractual obligations.

Data processing in connection with product orders
When you send us an order enquiry, we process the personal data you provide (e.g. name, business address, email address, telephone number, other booking data/requests, payment data, etc.). Mandatory fields are marked as such because in these cases we need the data to process the contract or to process your contact and you cannot complete the order enquiry without providing it. The relevant processing is conducted only if proper legal bases have been secured.

USE OF COOKIES

When you visit our website https://www.vishay.com/, information is stored on your computer in the form of a cookie in your browser software. This stores information about your use of the website and is used by us.

Cookies are small text files or other storage information that can be used to store and read information on end devices. Cookies can also be used for a variety of purposes, such as ensuring the functionality, security and convenience of online services and analysing traffic patterns. A cookie typically contains the name of the domain from which the cookie data was sent, as well as information about the age of the cookie and an alphanumeric identifier. We use both first-party cookies and third-party cookies that come from a domain other than the domain of the website you are visiting.

On the one hand, we use cookies to make your use of our website more pleasant. For this purpose, we use so-called session cookies to recognise that you have already visited individual pages of our website. These are automatically deleted when you leave our site. Within the password-protected area of the Vishay website, session cookies are used for the duration of your visit. These allow Vishay to use a single sign-on approach for ease of authentication and to control access to the various password-protected areas of the Vishay website. This allows users to move throughout the password-protected areas of the website without having to log in again for each area.

In addition, cookies are used to collect information about how users use the Vishay website, how they navigate through the website, and what areas of the website and products they are interested in. This allows Vishay to improve the site and the user's online experience. The information stored in the cookies is not used by Vishay to identify the user and is not combined with other personal information held about the user.

We also use temporary cookies to improve the user experience, which are stored on your device for a limited period of time. If you visit our website again, it will automatically recognise that you have visited us before and which entries and settings you have made, so that you do not have to enter them again.

We also use cookies to statistically record the use of our website and to evaluate this for the purpose of optimising our offer to you.

The use of cookies is necessary to complete an order. However, a limited use of our services is also possible without the use of cookies.

Depending on the purpose for which cookies are used, the processing is carried out on the basis of a different legal basis under data protection law. In this respect, a distinction is made as follows:

Strictly Necessary Cookies (Essential Cookies)
These cookies are essential to the functionality of the site and cannot be turned off in our systems. They are generally only used in response to your activity, such as service requests, setting your privacy preferences, logging in, accessing secure areas, etc. These cookies do not collect any personally identifiable information that can be used for marketing purposes or track your web browsing activity. You can block or delete these cookies by modifying your browser settings. If you do so, the website may not function properly.

Cookie subgroup	Host	Cookies	Cookies used
Strictly Necessary Cookies	www.vishay.com	JSESSIONID	1st Party
Strictly Necessary Cookies	www.vishay.com	OptanonConsent	1st Party
Strictly Necessary Cookies	www.vishay.com	OptanonAlertBoxClosed	1st Party
Strictly Necessary Cookies	www.vishay.com	DWRSESSIONID	1st Party
Strictly Necessary Cookies	www.vishay.com	eupubconsent	1st Party
Strictly Necessary Cookies	cookielaw.org	__cfduid	3rd Party

Analytics and Other Optional Cookies

These cookies allow us to count visits and traffic sources so that we can measure and improve the performance of our website. They help us to identify which of our pages are the most and least popular, how users move around our website, whether they receive error messages, etc. This information is mainly used to improve our website. For clarification, web analytics are included in this cookie category. These cookies are based on a unique identification of your browser and Internet device (including other technical data such as your IP address, operating system, Internet provider, website from which you are visiting us, etc.). The legal basis for the processing of personal data using these cookies (see below) is your declaration of consent. Consent to data processing can be withdrawn at any time without affecting the lawfulness of the processing based on the consent before its withdrawal.

If you do not accept these cookies, we will not be able to analyse when users have visited our website.

Cookie subgroup	Host	Cookies	Cookies used
Targeting cookies	www.vishay.com	Limelight_HTML_Player_UserId	1st Party
Targeting cookies	transim.com	__utmt	3rd Party
Targeting cookies	transim.com	_ga	3rd Party
Targeting cookies	transim.com	_gat	3rd Party
Targeting cookies	transim.com	__utmz	3rd Party
Targeting cookies	transim.com	__utmb	3rd Party
Targeting cookies	transim.com	_gid	3rd Party
Targeting cookies	transim.com	__utmc	3rd Party
Targeting cookies	transim.com	__utma	3rd Party
Targeting cookies	www.digikey.com	TSxxxxxxxxxxxx	3rd Party
Targeting cookies	www.digikey.com	dk_mfr_trk	3rd Party
Targeting cookies	hubspotusercontent00.net	__cfduid	3rd Party
Performance cookies	vishay.com	__hstc	1st Party
Performance cookies	vishay.com	_gid	1st Party
Performance cookies	vishay.com	_gat_UA-	1st Party
Performance cookies	vishay.com	__hssrc	1st Party
Performance cookies	vishay.com	RT	1st Party
Performance cookies	vishay.com	_ga	1st Party
Performance cookies	vishay.com	__hssc	1st Party
Functional cookies	vishay.com	hubspotutk	1st Party
Functional cookies	vishay.com	ultralibrarian	1st Party
Functional cookies	vishay.com	samacsys	1st Party
Functional cookies	vishay.com	search_result_rows	1st Party
Functional cookies	transim.com	t3id	3rd Party
Functional cookies	hs-analytics.net	__cfduid	3rd Party
Functional cookies	hubspot.com	__cfduid	3rd Party
Functional cookies	hscta.net	__cfduid	3rd Party
Functional cookies	vishay.transim.com	VISHAYROOTSESSION	3rd Party
Functional cookies	vishay.transim.com	ApplicationGatewayAffinity	3rd Party
Functional cookies	vishay.transim.com	ApplicationGatewayAffinityCORS	3rd Party
Functional cookies	hsleadflows.net	__cfduid	3rd Party
Functional cookies	hs-scripts.com	__cfduid	3rd Party
Functional cookies	hs-banner.com	__cfduid	3rd Party

You can find a detailed list of all technically necessary and optional cookies, including their names, functions, lifespan, etc., in our Consent Manager under Cookie Settings.

Most browsers are set to accept cookies automatically. However, you can deactivate the storage of cookies or set your browser to notify you when cookies are sent. You can also delete cookies from your hard drive at any time. You can change your cookie settings and revoke your consent at any time. To change cookie settings, click “Cookie Settings” in the footer of the website. This opens the OneTrust window where you can view and change your cookie settings. If you disable cookies for the Vishay website, you may not be able to take full advantage of all the features of the website.

SOCIAL MEDIA APPEARANCES

Our appearances in Social Media Platforms
Our website does not use any social media plugins. The links on our website are static links to our subpages on various social networks (such as LinkedIn, YouTube and Facebook). These links do not transmit any data to the social network operators simply by visiting our website. Only if you follow one of these links by clicking on it will you be taken to the pages of that social network. In this case, the social network provider may collect personal data from you in accordance with their privacy policy and terms of use, over which we have no control. In this respect, we may be jointly responsible with the provider under data protection law.

If you click on the link, data is usually also collected for Vishay's own business purposes, such as customer messages or comments. We are active on various social media platforms including: LinkedIn, Facebook, YouTube, WeChat and Weibo, and Instagram (each if and to the extent available in the respective region or country). We might analyse information provided to us by the platform operators. This might include information such as names, geolocations, companies, emails, and phone numbers. Please note that not all platforms provide all of this information and we do not usually download this information but only analyse it on the platforms themselves if indeed provided to us. If we do receive emails and phone numbers, it is only through lead generation activities on platforms such as LinkedIn where platform operator agree to download a contact by giving us their information (if available).

Your personal data may be processed for analysis and advertising purposes. This is done, for example, by creating user profiles based on your user behaviour and the resulting interests. Cookies are generally used to create user profiles, which enable your user behaviour and interests to be analysed. The user profiles are generally used to show you advertisements on the respective provider or elsewhere on the Internet that match your interests. In addition to the user profiles, other personal data may be stored, in particular if you are a registered user of the respective provider's platform and are logged in to the platform. For a detailed description of the processing by the respective provider and the possibilities to object (opt-out), please refer to the provider information linked below. Please note that some of the information below might not be available in a region or country. We recommend reviewing your local laws and regulations to ensure compliant access to such platforms.

YouTube Videos
On our website you can watch videos that are integrated by YouTube.

Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Legal basis: Consent, Art. 6 para. 1 sentence 1 lit. a GDPR
Website: https://www.youtube.com/
Privacy policy: https://policies.google.com/privacy?hl=de
Order processing contract: https://policies.google.com/privacy/google-partners?hl=de
Basis third country transfer: EU-US Data Privacy Framework (DPF), standard contractual clauses (https://policies.google.com/privacy/frameworks?hl=de).
Further information: We have used the extended data protection application from YouTube so that YouTube only collects data from you if you click on the respective video. By clicking on the video, you consent to the processing of the personal data collected about you by YouTube.

Facebook (Use of Meta Pixel)
With the help of the Meta Pixel (or comparable functions, for the transmission of event data or contact information by means of interfaces in apps), Meta is able to determine the visitors of our online offer as a target group for the display of advertisements (so-called “Meta ads”). Accordingly, we use the Meta Pixel to display the Meta ads placed by us only to those users on Meta platforms and within the services of Meta's cooperating partners (so-called “audience network“ https://www.facebook.com/audiencenetwork/) who have also shown an interest in our online offering or who have certain characteristics (e.g. interest in certain topics or products that can be seen from the websites visited) that we transmit to Meta (so-called “custom audiences”). With the help of the Meta Pixel, we also want to ensure that our Meta ads correspond to the potential interest of users and are not annoying. With the help of the Meta Pixel, we can also track the effectiveness of the Meta ads for statistical and market research purposes by seeing whether users were redirected to our website after clicking on a Meta ad (so-called “conversion measurement”).

Service provider: Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland
Legal basis: Consent, Art. 6 para. 1 sentence 1 lit. a GDPR
Website: https://www.facebook.com
Privacy policy: https://www.facebook.com/about/privacy
Order processing contract: https://www.facebook.com/legal/terms/dataprocessing
Basis for third country transfers: EU-US Data Privacy Framework (DPF), standard contractual clauses (https://www.facebook.com/legal/EU_data_transfer_addendum)
Further information: Users' event data, i.e. behavioural and interest data, is processed for the purposes of targeted advertising and targeting on the basis of the Joint Controller Agreement (“Controller Addendum”, https://www.facebook.com/legal/controller_addendum). Joint controllership is limited to the collection by and transfer of data to Meta Platforms Ireland Limited, a company based in the EU. The further processing of the data is the sole responsibility of Meta Platforms Ireland Limited, which in particular concerns the transfer of the data to the parent company Meta Platforms, Inc. in the USA (on the basis of the standard contractual clauses concluded between Meta Platforms Ireland Limited and Meta Platforms, Inc.)

LinkedIn
Within our online offering, we collect data from visitors to create “page insights” (statistics) about our LinkedIn profiles. This data includes information about the types of content that users view or interact with, or the actions they take, as well as information about the devices used by users (e.g. IP addresses, operating system, browser type, language settings, cookie data) and information from the user's profile, such as job function, country, industry, hierarchy level, company size and employment status.

We have concluded a special agreement with LinkedIn Ireland (“Page Insights Joint Controller Addendum (the “Addendum”)”, https://legal.linkedin.com/pages-joint-controller-addendum), which regulates in particular which security measures LinkedIn must observe and in which LinkedIn has agreed to fulfil the rights of data subjects (i.e. users can, for example, send information or deletion requests directly to LinkedIn). The rights of users (in particular to information, deletion, objection and complaint to the competent supervisory authority) are not restricted by the agreements with LinkedIn. The joint responsibility is limited to the collection of data by and transfer to Ireland Unlimited Company, a company based in the EU. Further processing of the data is the sole responsibility of Ireland Unlimited Company, which relates in particular to the transfer of data to the parent company LinkedIn Corporation in the USA.

Service provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland
Legal basis: Consent, Art. 6 para. 1 sentence 1 lit. a GDPR
Website: https://www.linkedin.com
Privacy policy: https://www.linkedin.com/legal/privacy-policy
Order processing contract: https://legal.linkedin.com/pages-joint-controller-addendum
Basis for third country transfers: EU-US Data Privacy Framework (DPF), standard contractual clauses (https://legal.linkedin.com/dpa)
Option to object (opt-out): https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out

Instagram
Within our online services, we carry out interest and behaviour-based measurements and analyses of user interactions with our online services (in particular page visits, search entries, transactions, video and page views as well as time and period) for the purpose of creating target groups for the display of content and advertising content within the Instagram platform and the partners involved in its advertising network.

Service provider: Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland
Legal basis: Consent, Art. 6 para. 1 sentence 1 lit. a GDPR
Website: https://about.instagram.com/de-de
Privacy policy: https://privacycenter.instagram.com/policy/?entry_point=ig_help_center_data_policy_redirect
Basis for third country transfers: standard contractual clauses
Option to object (opt-out): https://privacycenter.instagram.com/policy/?subpage=7.subpage.11-ObjectYouHaveThe
Further information: https://privacycenter.instagram.com/policy/

WeChat
Our WeChat account is intended for product display and information sharing, and we do not aim to collect your personal information through it. Any collection and processing of your personal information by Tencent shall be governed by the WeChat privacy policy below, and we are not responsible for such activities.

Service provider: Tencent
Website: https://www.wechat.com/
Privacy policy: https://www.wechat.com/de/privacy_policy.html

Weibo
Our Weibo account is intended for product display and information sharing, and we do not aim to collect your personal information through it. Any collection and processing of your personal information by Sino shall be governed by the Weibo privacy policy below, and we are not responsible for such activities.

Service provider: Sino
Website: https://weibo.com/
Privacy policy: https://weibo.com/signup/v5/privacy

NEWSLETTER SENDING

With the following information we would like to inform you about the content of our newsletter as well as the procedure for registration, dispatch and statistical evaluation and your rights of objection.

We only send newsletters, e-mails and other electronic messages containing advertising information (hereinafter referred to as “newsletter”) if you have consented to this. Subscribing to our newsletter is a double opt-in process. This means that after registering for the newsletter with your email address, you will receive an email asking you to confirm your registration for the newsletter. This confirmation is essential to ensure that you wish to subscribe to the newsletter and that no third party is misusing your email address for this purpose.

By subscribing to our newsletter after completing the double opt-in process, you agree to receive the newsletter and to the procedures described.

Subscriptions to the newsletter are logged in order to provide evidence of the registration process as required by law. This includes recording the time of registration and confirmation and the IP address. Changes to your data stored by the newsletter delivery service are also logged.

The newsletter is sent by the newsletter service provider: Hubspot

You can view the service provider’s privacy policy here: https://legal.hubspot.com/privacy-policy

In addition, according to its own information, the mailing service provider may use this data in pseudonymous form, i.e. without assignment to a user, to optimise or improve its own services, e.g. to technically optimise the dispatch and presentation of the newsletter or for statistical purposes to determine the countries from which the recipients come. However, the mailing service provider will not use the data of our newsletter recipients to write to them itself or pass it on to third parties.

The newsletters contain so-called tracking pixels. A web beacon is a miniature graphic that is embedded in HTML emails. Vishay may use the embedded tracking pixel to determine if and when the newsletter was opened by the recipient and which links contained in the newsletter were clicked by the recipient. The data collected via the tracking pixel will be stored and processed anonymously for statistical purposes, in order to optimise the dispatch of the newsletter and to adapt the content of future newsletters even better to the interests of the recipients.

We will secure proper legal bases for the use of the mailing service provider, the performance of statistical surveys and analyses and the logging of the registration process. We are interested in using a user-friendly and secure newsletter system that serves both our business interests and the expectations of our users.

You can unsubscribe from our newsletter at any time, i.e. revoke your consent to receive the newsletter at any time, either by contacting us informally or by clicking on a link to unsubscribe from the newsletter. You will find such an unsubscribe link at the end of each newsletter.

Your data processed for the purpose of sending the newsletter will then be deleted.

PERSONAL DATA TRANSFERS AND TRANSFERS OUTSIDE THE EU

Vishay
When you place an order with us, we will share your data with our affiliate Vishay, which acts as our fulfilment centre and order processor. The data necessary for picking, packing and delivery will be transferred to Vishay. Without the transfer of data to Vishay, delivery of your order is not possible. The subsequent processing by Vishay is conducted only if proper legal bases have been secured.

The Fulfilment Centre ships the order on behalf of Vishay via an external shipping service provider.

Shipping Service Provider
When you place an order with us, we share your data with a third-party shipping service provider. Our service providers are carefully selected and are required by law and contract to maintain a high level of data protection.

We only provide the shipping service provider with the data necessary for delivery. It is not possible to deliver your order without providing this information to the delivery service.

Payment Service Provider
Depending on which payment service provider you select during the ordering process, we will pass on the payment data collected for this purpose to the bank or payment service provider selected to process the payment. In some cases, the selected payment service providers may collect this data themselves if you have an account with them. In this case, you must log in to the payment service provider with your access data during the ordering process. The privacy policy of the relevant payment service provider will apply.

We use the manually stored payment data (bank details) to process payments or take over the data if it is already been stored with us. If you wish to make any changes, please contact us at https://www.vishay.com/en/company/contacts.

Analytics and Advertising Vendors
For the technical processing of personal data, we use the assistance of external specialised technical vendors Google Analytics, Hubspot, and OneTrust. These vendors generally process your personal data on our behalf and in accordance with our instructions under an order processing contract. These vendors are carefully selected by us and are legally and contractually obliged to ensure a high level of data protection.

Legal and Safety Reasons
Vishay may be required to disclose personal data to the authorities, law enforcement agencies, government agencies, or legal entities. We may disclose personal data by law, litigation, or as a matter of national security to comply with valid legal process including subpoenas, court orders or search warrants, and as otherwise authorized by law. We may also need to disclose personal data in the event of an emergency that threatens an individual's life, health, or security. This processing is based on the fact that it is necessary to comply with legal obligations to which Vishay is subject)

Except as otherwise provided in this privacy policy, we will not share your personal data with third parties unless we are required to do so by law or you have expressly consented. In such cases, we will comply with legal requirements and, in particular, conclude appropriate agreements to protect your data.

Transfer outside EU/EEA or another region where the website is available
Where personal data originates from the EU/EEA and is transferred to entities in third countries outside the EU/EEA, this is done in accordance with the provisions of the GDPR. The transfer is either to a country for which there is an adequacy decision (see Article 45 GDPR). Alternatively, the recipients have submitted to so-called Binding Corporate Rules (see Art. 47 GDPR) or the EU Standard Contractual Clauses of the EU Commission are used (see Art. 46 GDPR). If the transfer of data to entities outside the EU is necessary to fulfil contractual obligations, the transfer is based on Art. 49 GDPR. If the EU Standard Contractual Clauses are used, we will provide you with any further information upon request at privacy@vishay.com. You can also find the EU standard contractual clauses on the website of the EU Commission at https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_de. Any personal data collected from EU data subjects through our websites will be processed in the United States by Vishay or by a third party acting on our behalf. Our websites are hosted in the United States.

Where personal data originates from China and is managed and / or transferred outside China, we will ensure that the requirements under PRC Data Laws applicable to Vishay have been properly fulfilled.

Where personal data originates from other regions (such as the US) and is managed and / or transferred outside of these regions, we will also ensure that the data privacy requirements applicable to Vishay have been properly fulfilled.

STORAGE PERIOD OF THE PERSONAL DATA

Unless otherwise described in this Privacy Policy, personal data will be deleted by Vishay when it is no longer required for the purposes for which it was processed and when legal retention periods have expired. As a general rule, contract-related data will be deleted 24 months after termination of the relevant contract with Vishay.

Personal data of visitors to our website will be deleted when it is no longer needed for the purposes described above, unless a longer retention period is required by law. Usage data is regularly stored for a period of 26 months insofar as no further storage is required, e.g. due to tax and duty regulations. Depending on the data category and country of origin, such storage can last up to 6 years (e.g. for commercial and business letters), 10 years (e.g. for tax-relevant information) or even longer if, for example, an authority has issued a more extensive order to store data.

WEBSITE ENCRYPTION AND SECURITY

When data is transmitted over open networks, such as the Internet, the current state of technology does not allow for the complete protection of the data transmitted. Therefore, please do not send us any confidential data via the Internet (e.g. by e-mail) without adequate protection.

All forms on our website that collect personal data are encrypted using the latest version of the TLS security protocol.

In addition, our systems are protected against unauthorised internal and external access using state of the art technical and organisational measures to ensure a level of protection appropriate to the risk.

These measures include, in particular, ensuring the confidentiality, integrity and availability of data by controlling physical and electronic access to data, as well as access, input, disclosure, availability and segregation. We also have procedures in place to ensure the exercise of data subject rights, deletion of data and response to data threats. We also consider the protection of personal data in the design and selection of hardware, software and processes, through technology design and privacy-friendly default settings.

In addition, all our employees are made aware of data protection laws and are required to maintain confidentiality.

CONTACT FORM

If you contact us via our contact form on the website or by e-mail, we will process your data to the extent necessary to respond your enquiry. If it is necessary to transfer personal data to third parties, e.g. to other Vishay companies, in order to process your enquiry, we will limit the transfer to the data necessary for the purposes of processing in accordance with the principle of data minimisation.

Such processing will be carried out either based on the necessity for the conclusion or performance of a contract to which you are a party, to safeguard our legitimate interests associated with the processing of the respective enquiry or the legitimate interests of a third party (where applicable law provides for such a legal basis or permission), or ) based on the consent, which you provide either explicitly or implicitly by sending your enquiry.

TAKING AND PUBLISHING PHOTOS AND VIDEOS OF EVENTS

We take photos and videos at events for the purpose of documenting the event and public relation. These may also be published on our website and our social media channels as part of our coverage of the event.

If photographs or videos will be taken at an event, you will be informed of this at the entrance and, if applicable, as part of the invitation. You will be given a form to fill in and sign. The recordings will generally be of the event as a whole and not of individual people. The legal basis for the processing is generally the consent of the data subject , or to safeguard our legitimate interests associated with the processing (where applicable law provides for such a legal basis or permission).

For reporting purposes, we may also share these recordings with the press and possibly other Vishay companies or distribution partners and publish them on our own websites and social media channels. The legal basis for processing within the scope of our public relations activities is the consent of the data subject.

Your data will be deleted as soon as the purpose of the processing no longer applies. However, please note that records published on the Internet may be available for a longer period of time.

CALIFORNIA CONSUMER DISCLOSURES

This section is provided pursuant to the California Consumer Privacy Act (the “CCPA”) and applies to personal information we collect from California residents.

Unless otherwise noted, the disclosures in this California Privacy Notice apply to our current practices, as well as our activities in the 12 months preceding the date of this Privacy Policy.

Personal Information Collection, Use and Disclosure
We process the following categories of personal information, as described in the “Processing Purposes, Legal Permission and Scope of Data Collection” and “Use of Cookies” sections above:

Identifiers including name, postal address, unique personal identifier, online identifier, IP address, email address, account name, or other similar identifiers.
Personal records (as described in Cal. Civ. Code § 1798.80(e)), including payment data.
Commercial information, including records of products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
Internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding a consumer’s interaction with an internet website application, or advertisement.
Professional or employment-related information, including title and company information.
Inferences drawn from any of the information identified in this subdivision to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

We disclose the above categories of personal information as described in the “Personal Data Transfers and Transfers Outside the EU” section above.

We do not collect sensitive personal information from California residents.

Do Not Track Signals
Your web browser may have settings that allow you to transmit a “Do Not Track” signal when you visit various websites or use online services. Our website does not respond to “Do Not Track” signals received from browsers.

Selling and Sharing Personal Information
Under the CCPA, we sell and share the following categories of personal information: identifiers, personal records, and internet or other electronic network activity. We have sold and shared personal information to our analytics and advertising vendors for cross-context behavioral advertising and other marketing and advertising services that we use on our website. We do not have actual knowledge that we sell or share the personal information of consumers under 16 years of age.

YOUR RIGHTS AS A DATA SUBJECT UNDER CALIFORNIA PRIVACY LAWS

California residents may have certain rights under the CCPA and the California Shine the Light law.

CCPA
If the CCPA will be applicable to the respective processing activity, you have the right to:

Know what personal information we have collected about you, including the specific pieces of personal information that we have collected about you; categories of personal information that we have collected about you; categories of sources from which the personal information is collected; categories of personal information that we sold or disclosed for a business purpose about you; categories of third parties to whom the personal information was sold or disclosed for a business purpose; and the business or commercial purpose for collecting or selling personal information.
Request that we delete personal information that we collected from you, subject to certain exceptions.
Request that we correct personal information we maintain about you that you believe is inaccurate.
Opt out of the sale of your personal information and request that we do not share your personal information for cross-context behavioral advertising. To opt out of the sale and sharing of your personal information, please click the “Cookie Settings” link in the footer of the website.
Limit the use and disclosure of your sensitive personal information if it is used or disclosed in certain ways.

We do not use or disclose sensitive personal information for purposes that would trigger the right to limit the use and disclosure of your sensitive personal information under the CCPA.

To exercise your rights under the CCPA, please send an e-mail to privacy@vishay.com or call [1-888-354-1131].

When you submit a request, we may ask you to provide information so we can verify your identity before taking action. You may designate an authorized agent to make the request on your behalf. If an authorized agent submits a request for you, we may require you to either verify your own identity directly with us or directly confirm with us that you provided the authorized agent permission to submit the request.

If we deny your request, in whole or in part, as permitted under the CCPA, we will explain why.

We will not discriminate against you for choosing to exercise any of your California privacy rights.

California’s Shine the Light Law
California Civil Code Section 1798.83 permits California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes.
To make such a request, please send an e-mail to privacy@vishay.com.

YOUR RIGHTS AS A DATA SUBJECT UNDER GDPR or PIPL

If GDPR or PIPL will be applicable to the respective processing activity, you have the right to:

Information (Art. 44 of the PIPL, Art. 15 GDPR)
Rectification (Art. 46 of the PIPL, Art. 16 GDPR)
Erasure (Art. 47 of the PIPL, Art. 17 GDPR)
Restriction of processing (Art. 44 of the PIPL, Art. 18 GDPR)
Data portability (Art. 45 of the PIPL, Art. 20 GDPR)
Objection (Art. 44 of the PIPL, Art. 21 GDPR)
Right to lodge a complaint (Art. 50 of the PIPL, Art. 77 GDPR)
Withdraw a consent (Art. 15 of the PIPL, Art. 7 GDPR)

Right to information
You have the right to information about the personal data concerning you. You can contact the Data Protection Officer for information at any time:

Vishay Electronic GmbH
Dr Felix-Zandman-Platz 1
95100 Selb
Germany
Contact: Franziska Eberius
e-mail: privacy@vishay.com

In the event of a request for information that is not made in writing, please understand that we may ask you to provide proof that you are the person you claim to be. For this purpose, we will ask you to provide us with your name and address so that we can verify your identity before disclosing the requested information or carrying out the processing you have requested.

Correction and Deletion
You also have the right to rectify, erase or restrict the processing of your personal data where you are legally entitled to do so. You can contact us at any time at privacy@vishay.com

Data portability
A right to data portability also exists under the Data Protection Regulations and can be requested at unterprivacy@vishay.com. Vishay will endeavour to process your request within one month and to provide you with the requested information free of charge in a structured and commonly used electronic format.

Right to object
Finally, you have the right to object at any time to the processing and use of your data previously stored data for the purpose of future data processing within the framework of the legal requirements. As a general rule, in this case personal data shall no longer be processed unless the controller / data handler demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims, or have secured other legal basis as provided for under applicable laws or regulations. Where the data subject objects to processing for direct marketing purposes, the personal data shall no longer be processed for such purposes.

We will then deactivate your data for further use after the last contract has been fully processed and delete it after the tax and commercial law retention periods have expired, unless there is another purpose and another legal basis is secured.

The objection can be made informally with the subject line “Objection”, stating your name and address, and should be sent to the following address:
Contact: Franziska Eberius
E-mail: privacy@vishay.com

Right to withdraw a consent
You can withdraw a consent at any time by contacting us through the contact details provided or (if available) through the relevant mechanism (e.g. through the privacy cockpit on our website). This does not affect the lawfulness of the processing carried out on the basis of a consent until it is withdrawn.

Right to complain to a supervisory authority
You have the right to lodge a complaint about the processing of personal data by us with the competent data protection supervisory authority.

AMENDING AND UPDATING OF THIS PRIVACY POLICY

If changes to our data processing practices make it necessary, we will revise this privacy policy. We therefore encourage you to review our privacy policy on a regular basis. As soon as the changes require an act of cooperation on your part (e.g. consent) or other individual notification, we will inform you of the adapted changes.

Where we provide addresses and contact information for companies and organisations in this privacy policy, please note that the addresses may change over time. Therefore, if you wish to contact these companies and organisations, please check the specific contact details.

Keyword/Part #	Stock Check/Buy Now	Cross Ref Part #