Aptiv Global Operations Limited and its affiliates (“Aptiv”) as a Data Controller and business is committed to protecting the privacy and security of your Personal Data. “Affiliates” includes all entities controlled by, under common control with, or controlling Aptiv Global Operations Limited, provided that control will mean direct or indirect control or ownership of more than 50% of the voting stock or equity of such entity. Aptiv Global Operations Limited is an Irish company with its registered office at 5 Hanover Quay, Grand Canal Dock, Dublin, D02 VY79, Ireland.
At Aptiv, we care about the protection and privacy of your Personal Data (also referred to as Personal Information).
The Aptiv website is one of our primary channels of communication providing information on our company, products, programs and services. This Privacy Statement applies when you visit our Aptiv.com website, including if you have been directed to this site, or when you contact us with a comment, inquiry or customer support request through this site. By using or accessing this site, or contacting us, you agree that we may process your Personal Data in the manner described in this statement. It is important that you read this statement so that you are aware of how and why we are using your information. If you have any questions about this statement or how we handle your Personal Data, or if you are contacting us to fulfil a Data Subject/Consumer Access request, contact us here.
Personal Data collected about you in connection with other Company websites, products, services or mobile applications (including those made available to you by our group companies) may be covered by different Privacy Statements. It is important that you read this Privacy Statement together with any other Privacy Statements or other Notices we may provide to you.
Personal Data means any information about an individual from which that person can be identified.
When you avail of our services, or purchase Aptiv products, we may collect, store, and use the following categories of Personal Data about you:
The Personal Data we obtain from you is dependent on your interactions with us. We may obtain your data either directly or indirectly.
Directly, when you:
Indirectly, through:
The purposes for which we might collect Personal Data about you include the following:
Where permitted by law, we may combine the information that we collect via our sites with other information we hold about you (such as information about your use of our products and services) in order to offer you an improved and consistent customer experience when interacting with us or for other purposes set forth in this statement.
According to applicable law, each process that involves Personal Data must have a ‘lawful basis’. Identifying the correct lawful basis helps to ensure that Personal Data is used in line with applicable law.
Our lawful bases for processing your Personal Data will be appropriate for the purpose of processing, and the type of data involved. We process your Personal Data when it is necessary for:
This includes Personal Data relating to: health, genetics, ethnicity/race, political opinions, religious/philosophical beliefs, sex life/orientation, trade union membership, migration information, biometrics, criminal data, children’s data) require higher levels of protection. In some jurisdictions, such Sensitive Personal Data may also include: Criminal information; Children’s data; National/Govt Identification (e.g. Social Security Number, Driver’s license, State Identification card, or Passport number); account log-in, financial account, debit card or credit card number in combination with any required security or access code, password, or credentials allowing access to an account; precise geolocation.
We may process such Personal Data in limited circumstances. The lawful basis of processing this data will vary depending on jurisdiction, and the purpose of processing: it may be based on your explicit consent, or where we need to carry out our legal obligations or in relation to legal claims, or where it is needed in the public interest. Less commonly, we may process this type of data where it is needed to protect your interests (or someone else's interests) and you are not capable of giving your consent, or where you have already made the information public.
We may use information about your physical or mental health or status, to ensure your health and safety when you are availing of our services and to ensure that we comply with relevant applicable legislation. Your Sensitive Personal Data will not be used for any additional purposes that are incompatible with the purposes listed in this Privacy Statement unless we provide you with Notice of those additional purposes.
The processing activity may include the following data categories:
This data processing is based on our legitimate business interests. We have a legitimate economic interest in maintaining contacts beyond the initial context and Internal in using them to establish and develop a business relationship and to remain in contact with the parties concerned.
We do not sell or share any of our data subjects’/consumers’ Personal Information, as defined by the CCPA; in the preceding twelve (12) months, we have not sold or “shared” any Personal Data, as “shared” is defined under the CCPA.
We may contact you by mail, email, telephone or social media about our products and services and other events which might be of interest to you.
You have the right to ask us to stop processing your Personal Data for direct marketing purposes. If you wish to exercise this right, you can click unsubscribe from the bottom of the email received or please submit a request through the link here.
We will disclose or share your Personal Data with Third Parties where it is necessary to perform our contract with you, where we have another legitimate interest in doing so or where it is required by law.
We will disclose your data with trusted Third Party service providers. We may also disclose your Personal Data with other Third Parties, for example, in the context of a transfer of our statutory functions or with a regulator or to otherwise comply with the law.
All our Third Party service providers are required to take appropriate security measures to protect your Personal Data based on the associate risks including proper access controls. They will only process your Personal Data on our instructions and are subject to a duty of confidentiality. We require Third Parties to respect the security of your data and to treat it in accordance with the law.
We will retain your Personal Data only as long as necessary to fulfil the purpose(s) for which it was collected, or as required by law. We retain your Personal Data in accordance with applicable laws and our Records Retention policy and Schedule. Otherwise, we aim to keep our files current and will make reasonable efforts to remove Personal Data that is no longer relevant for the purposes for which it was collected.
In some circumstances we may anonymize your Personal Data so that it can no longer be associated with you, in which case we may use such information without further Notice to you.
Aptiv is committed to safeguarding the security and protection of your Personal Data, via a system of governance, policies and processes, and have dedicated Privacy and Security teams to manage risk and implement controls. We have implemented appropriate security measures in order to protect your Personal Data from unauthorized access, use, copying, modification, disclosure, destruction and alteration. We abide by the key principles of Data Protection and Privacy in our Personal Data collection and handling, namely: accountability; lawfulness, fairness and transparency; data minimisation; purpose limitation; storage limitation; managing the confidentiality, integrity and accuracy of Personal Data.
In accordance with applicable law, in certain circumstances, you have the following rights with regard to the processing of your Personal Data:
You may exercise Your Rights via our online form here. In some jurisdictions, you may also designate an authorized agent to make a request on your behalf. The response time for Data Subject Rights Requests varies depending on your jurisdiction and applicable law. If we require more time to respond to your Request, we will inform you.
You will not have to pay a fee to access your Personal Data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is deemed to be unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
When you exercise these rights and submit a request to us, we or our partners may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). We will verify your identity by asking you to authenticate your identity via standard authentication procedures. For example, where relevant we may ask for your email address, order numbers of previous orders of our products and services, the last four digits of a credit or debit card or bank account number used to make a purchase, or the date of your last purchase from us. We also may use a third-party verification provider to verify your identity. These measures are another appropriate security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it.
When you exercise Your Rights, we will not discriminate against you in any way. For example, we will not deny you goods or services, charge you different prices or rates for goods or services, deny you discounts or other benefits or impose penalties on Internal you, or provide you with or suggest that you will receive a different level or quality of goods or services.
California residents have the right to opt out of the selling and sharing of their Personal Data and to limit the use of their sensitive personal data. However, we do not sell or share Personal Data, and we do not use Sensitive Personal Data for any additional purposes that are incompatible with the purposes listed in this Privacy Statement, unless we provide you with Notice of those additional purposes.This website is not designed for children and is not intended to appeal to children. Aptiv does not knowingly collect data from children. If you are under 16 years of age, please do not use this website.
Depending on your jurisdiction, you also have a right to make a complaint at any time to your local Data Protection Supervisory Authority (find a list of EEA Authorities here). Aptiv Global Operations Limited is an Irish Company, and it’s lead EU Regulator is the Irish Data Protection Commission, 21 Fitzwilliam Square South, Dublin 2, D02 RD 28, Ireland or by e-mailing info@dataprotection.ie.
We reserve the right to update this statement at any time. We may also notify you in other ways from time to time about the processing of your Personal Data. If you have any questions about this statement, please submit a request through the link here.
Last Updated: 23 August 2024