Website Privacy Policy

CREDO - Privacy Notice

Effective:  December 3, 2021

Please read this Privacy Notice carefully. It provides important information about your personal information and tells you about your rights under applicable privacy laws.  If you have any questions, comments, or concerns regarding this Privacy Notice and/or our data practices, please contact us at legalnotices@credosemi.com.

If you're a resident of California or Nevada or visiting us from the European Economic Area ("EEA") or United Kingdom (“UK”), you should read this policy and the applicable sections below for residents of California and Nevada and visitors from the UK and EEA.

By accessing or using THE Site (or any part thereof), or submitting information in connection with your use of the Site (or any part thereof), you acknowledge and agree that you have read this Privacy Notice.

Table of Contents

  1. Introduction
  2. Changes to this Privacy Notice
  3. Information We Collect
  4. Children’s Privacy
  5. Sensitive Data
  6. How CREDO Uses Personal Information
  7. Sharing Personal Information
  8. Marketing Communications
  9. Your Choices
  10. Third Party Social Plug-Ins
  11. External Websites
  12. Data Retention
  13. Data Security and Protection
  14. California Privacy Rights – Shine the Light
  15. Nevada Privacy Rights
  16. International Transfers
  17. Additional European and International Data Rights
  18. How to Contact Us

1. Introduction

CREDO Semiconductor, Inc. (“CREDO”, “we”, “our” or “us”) owns and operates CREDO’s corporate-facing website located at www.credosemi.com, (the “Site”) and the Credo Cloud Customer Portal where existing customers of CREDO can access certain support documentation and support services (hereinafter, the “CREDO Cloud”).  This Privacy Policy applies to the Site and the CREDO Cloud, and any services or features that we provide or make available directly in connection with the use of the Site and/or CREDO Cloud (all of the foregoing, collectively, the “Site Services”).

Please note that except for the Site Services as expressly defined above, this Privacy Notice does not apply to any information collected by us in connection with your purchase and/or use of any of our services and/or products, including, without limitation, any semiconductor chips, software products and/or programs (collectively, the “Excluded Products”).  CREDO’s use of personal information processed in connection with your use of any Excluded Products shall be subject to the applicable terms and conditions of purchase, services agreement, and/or end user software and/or product agreement, entered into between you and CREDO for the applicable Excluded Products.

2. Changes to this Privacy Notice

CREDO reserves the right to update or modify this Privacy Notice at any time.  Except for material changes as described below in this Section, all updates and modifications to these documents will be effective from the day they are posted on the Site at https://www.credosemi.com/legal/website-privacy-policy. If we make any material changes to this Privacy Notice, we will notify you of these changes by sending a notification to the email address we have on file for you, and may also post a prominent notice of any such changes on the Site.  It is your responsibility to regularly visit and review this Privacy Notice.  If you do not agree to any updates or modifications to the Privacy Notice, cease all use of the Site Services.  Your continued use of the Site Services after we have posted the updated Privacy Notice, or, in the event of material changes, ten (10) days following the date we first notified you of such material changes via email or the date we posted the notice of such changes on the Site, as applicable, signifies to us that you acknowledge and agree to be bound by the revised Privacy Notice.

3. Information We Collect

How and what personal information we collect in connection with the use of the Site Services depends on how and why you use the Site Services.

The term “personal information” or “personal data” means any information about an individual from which that person may be identified.  For example, it may include a person’s name, telephone number, email address, or payment information, and in some jurisdictions, IP address.  It does not include data from which the identity of an individual has been definitively removed along with any identifiers connected to such individual (also known as anonymous or anonymized data).

Generally, CREDO collects personal information when you:

  • Visit and/or browse the Site,
  • Access and/or use the CREDO Cloud;
  • Interact with and/or use support and other services provided by us as part of or in connection with your use of the Site Services,
  • Sign up for our marketing communications and/or newsletters, and/or
  • Communicate with us directly through the Site or in connection with the Site Services.

In some instances, we collect information directly from you as explained in the Section Information Provided by You Directly to CREDO, and in in certain circumstances, you will not provide any information to us directly, in which case we automatically collect certain information as explained Information Collected Indirectly.

a. Information Provided Directly to CREDO by users of the Site Services

CREDO collects the following types of information directly from you:

  • General Contact Information:  If you request access to the CREDO Cloud as a CREDO customer, or sign up for our marketing communications, and/or submit a request to contact us through our online forms, we will collect general contact information such as your name (first and last), and email address.  In addition, in connection with the above scenarios, we may also ask for your personal or business website (if applicable) and your areas of interest with respect to the CREDO products and/or services.
  • Login Credentials:  When you login to access the CREDO Cloud as a registered customer, we collect your username, password and/or other login credentials.
  • CREDO Cloud ProfileIf you are a registered customer of the CREDO Cloud, you have the option of providing additional information (in addition to your name (first and last) and email, which are required), to add to your customer profile, such as, your phone number, address, preferred language, website, twitter, relationship to CREDO (i.e., consultant), and a profile picture or image.
  • Other InformationIn addition to the above information, if you fill out forms, answer surveys, or contact us (such as your feedback, requests for support, or other communications with us) we collect the information, data, content, documents and/or materials you provide to us in connection with the foregoing.

Please be advised that we may ask you to update your information from time to time in order to keep it accurate.

b. Information Collected Indirectly

i. Usage Information

We, or our authorized third-party service providers, automatically collect technical and/or analytics information about how you use and/or interact with our Services (collectively, “Usage Information”).

Usage Information that we collect consists of information about our users’ interactions with the Site Services.  Usage Information is collected while you are using and/or accessing the Site Services, and may include information about the device and/or platform (e.g., iOS or Android), and/or the web browser, used by you to interact with and/or access the Site Services, your IP address, access dates and times, information about your approximate location (as determined through your IP address), device information, device event information, crash data, and log files and data.

Usage Information allows CREDO to understand how users are interacting with and using the Site Services (which may include administrative and support communications with us), and other actions taken in connection with the use of the Site Services.  We use this information for our internal purposes, specifically to operate, maintain, secure and improve the Site Services.

Typically, all Usage Information is collected in anonymous form and does not identify you personally.  To the extent any Usage Information is linked or tied to personally identifiable information, such information is deemed “personal data” and we will use it and protect it in accordance with this Privacy Notice.

We may also use this information to provide you with notifications, recommendations, and information about specific features of the Site Services and/or additional products, services, or features we believe may be of interest to you.

ii. Cookies and Similar Technologies

We or authorized third parties may collect certain information (including, without limitation, Usage Information) by automated means using technologies such as cookies, web beacons, embedded scripts, pixels, browser analysis tools, server logs, and mobile identifiers; however, even though we use these technologies to track the use of the Site Services, CREDO does not directly track users across third party websites, provided that, certain targeting & advertising partners (as described below) may track you across websites.  For more information on our use of these technologies, see our Cookie Policy at https://www/credosemi.com/legal/cookies .

iii. Targeting & Advertising

We may use third party advertising partners (e.g., Google, Inc.) who use targeting/advertising cookies and similar technologies to deliver advertisements that are more relevant to you and your interests. They are also used to limit the number of times you see an advertisement as well as help measure the effectiveness of the advertising campaigns. They are usually placed by advertising networks with the website operator’s permission. They remember that you have visited a website and this information is shared with other organizations such as advertisers.  For more information on our and/or third-party advertising partners’ use of these targeting & advertising cookies and similar technologies, please see our Cookie Policy.

c. Aggregated Data

With the personal information and other data (including, Usage Information) collected by us, we process “Aggregated Data”, such as statistical or demographic data.  Aggregated Data may be derived from personal information, but is not considered personal information under the law if it does not directly or indirectly reveal your identity.  If we combine or connect Aggregated Data with your personal information so that it can directly or indirectly identify you, we treat the combined data as personal information, which will be processed in accordance with this Privacy Notice.

4.     Children’s Privacy

CREDO does not target the Site Services to, nor knowingly collect personal information, persons under the age of 13 or the equivalent age as specified by law in the applicable jurisdiction (e.g., 16 years of age if you are located in the EEA).  Therefore, we ask you not to provide us with personal information of persons under the age of 13 or the equivalent age as specified by law in your jurisdiction.  If we learn that personal information of persons under the age of 13 or the equivalent age as specified by law in the applicable jurisdiction, has been collected on or through the Site Services, then we may deactivate the account or otherwise terminate access to the Site Services and/or make the user content inaccessible.

5.     Sensitive Data

CREDO does not require you to provide any sensitive data about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, health and genetics, or biometric data to use the Site Services.

6.     How CREDO Uses Personal Information

Our mission is to provide safe, efficient and high-quality services, and we, or our authorized third-party service providers who assist us in providing the Site Services, process your personal information for this purpose.  We process your personal data for the reasons and on the legal basis as follows:

  • In order to perform and/or provide the Site Services you interact with and/or request. This may also include disclosure to the third parties who help us perform our obligations to you in connection with your use of the Site Services, such as hosting and/or customer support providers.
  • Where it is necessary for our legitimate interests (or those of a third party), and your interests and fundamental rights do not override those interests. For example, for security purposes and protection against fraud.
  • Where we need to comply with a legal or regulatory obligation. For example, keeping records of our sales for tax compliance.
  • If we have obtained your prior consent (for example, when you subscribe to our newsletter or participate in our surveys or marketing campaigns). Please note that for this specific legal basis, you have the right to withdraw your consent at any time.

Depending on how you use the Site Services, we use your personal information in the following instances:

  • To host and provide the Site (performance of a contract);
  • To perform and provide the Site Services to you (performance of a contract);
  • Deliver direct marketing communications to you regarding our products and services that we may think are of interest to you (for our legitimate business purposes and with your prior consent where required by law when you are not an existing customer);
  • Respond to your queries and requests, or otherwise communicate directly with you (performance of a contract or sometimes necessary for our legitimate interests);
  • Detect any fraudulent or illegal activity against you, our other customers and users, and/or CREDO (necessary for our legitimate interests);
  • Perform system maintenance and upgrades, and enable new features (performance of a contract or sometimes necessary for our legitimate interests);
  • Provide information to regulatory bodies when legally required, and only as outlined below in Legal Obligations and Security (necessary for compliance with a legal obligation).

7. Sharing Personal Information

Aside from disclosing your information to those of our personnel who are authorized to process the information in order to provide the Site Services and who are committed to confidentiality, we disclose your personal information only to the third parties as described below.

a. Third-Party Service Providers

We share personal information with third parties that provide services to us that help us in the operation, provision, administration and management of the Site Services (“Service Providers”), and to otherwise operate our business.  Depending on how you use the Site Services, the following categories of third parties collect data on our behalf or receive personal information:

  • Hosting providers,
  • Analytics providers,
  • Advertising and marketing partners,
  • Providers of business operations and communication tools,
  • Other third-party service providers that help us provide features and functions for the Site Services (e.g., customer support providers), and
  • Professional service providers, such as auditors, lawyers, consultants, accountants and insurers.

For a list of all Service Providers we use, please contact us. We require all Service Providers to respect the security of your personal information and to treat it in accordance with the law.

b. Business Transfers

We may also share data with third parties to whom we choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal information in the same way as set out in this Privacy Notice.

c. Affiliates and Subsidiaries

Personal information that we collect about you through or in connection with your use of the Site Services may be shared with the employees, contractors, and agents of CREDO and our affiliated and subsidiary entities (“Affiliates”) who are involved in providing or improving the Site Services that we offer to you. We obligate the employees, contractors and agents of CREDO and our Affiliates to ensure the security and confidentiality of your personal information and to act on that personal information only in a manner consistent with this Privacy Notice.

d. Legal Obligations and Security

If we are required to disclose personal information by law, such as pursuant to a subpoena, warrant or other judicial or administrative order, our policy is to respond to requests that are properly issued by law enforcement within the United States. Under such circumstances, unless prohibited by applicable law, we will attempt to provide you with prior notice that a request for your information has been made in order to give you an opportunity to object to the disclosure. We will attempt to provide this notice by email, if you have given us an email address. However, government requests may include a court-granted non-disclosure order, which prohibits us from giving notice to the affected individual. In cases where we receive a non-disclosure order, we will notify you when it has expired or once we are authorized to do so.

Note that if we receive information that provides us with a good faith belief that there is an exigent emergency involving the danger of death or serious physical injury to a person, we may provide information to law enforcement trying to prevent or mitigate the danger (if we have it), to be determined on a case-by-case basis.

e. With your Consent

There may be situations where you are asked to consent to share personal information with third parties for additional reasons not included in this Privacy Notice.  In such event, we will only share such personal information if we have received your prior consent and only for the purposes as listed in the request to share such information.

8. Marketing Communications

If you have signed up to receive direct marketing emails from us, we may use your personal information to send you marketing information about the Site Services, other CREDO products and services, new product releases, and new feature releases of our products and/or services that we think may interest you. We carry out direct marketing by email.

If you no longer wish to receive marketing communications, you have the right at any time to opt out as further explained in Your Choices.

9. Your Choices

a. Accessing, Updating and Correcting Personal information

If you would like to correct or update certain personal information (such as your contact information), please legalnotices@credosemi.com and we will use reasonable efforts to correct and/or update such information.

b. Additional European and International Data Rights

If you are a resident of the European Economic Area, you may have additional rights you can exercise as described here.

c. Direct Marketing

You may manage the receipt of marketing and non-transactional communications by clicking on the “unsubscribe” link located on the bottom of any of our marketing e-mails. We will use commercially reasonable efforts to process such requests in a timely manner.  Note that you cannot opt out of receiving transactional e-mails or communications related to the Site Services (e.g., requests for support), which, for clarification, are not marketing communications.

d. Cookies & Targeted Advertising

You can manage your cookie and tracking preferences as described in our Cookie Policy.

10. Third Party Social Plug-Ins

On or through the Site, we provide third-party “share” buttons which enable you to share certain content via social media sites (e.g., Facebook, Twitter, Instagram, YouTube, and LinkedIn).  These “share” buttons may function as web beacons when you interact with the button.  Please note that when you “share” using the buttons, you may send to the third party provider of the “share” button the information that you are viewing.  If you are not logged into your account with the third party provider, then the third party may not know your identity.  If you are logged in to your account with the third party, then the third party may be able to link information or actions about your interactions with the Site to your account with the applicable third party provider. Please refer to each third party’s privacy policies to learn more about its data practices.

11. External Websites

On or through the Site, we may provide or make available, for informational purposes only, links to other websites or resources with which we do not have a contractual relationship and over which we do not have control (“External Websites”).  Such links are not paid advertisements, nor do they constitute an endorsement by CREDO of those External Websites, and are provided to you only as a convenience. By clicking on links to External Websites, the operators of the External Websites may collect your personal information. We are not responsible for the content or data collection practices of those External Websites, and your use of External Websites is subject to their respective terms of use and privacy policies.

12. Data Retention

Personal information is processed for the period necessary to fulfill the purposes for which it is collected, to comply with legal and regulatory obligations and for the duration of any period necessary to establish, exercise or defend any legal rights.

In order to determine the most appropriate retention periods for your personal information, we consider the amount, nature and sensitivity of your information, the reasons for which we collect and process your personal information, and applicable legal requirements.

In some instances, we may choose to anonymize personal information instead of deleting it, for statistical use, for instance. When we choose to anonymize, we make sure that there is no way that the personal information can be linked back to any specific individual.

13. Data Security and Protection

We have put in place reasonable and appropriate security measures designed to prevent your personal information from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. For example, we use encryption, secure socket layer (SSL), firewalls, and password protection. In addition, we limit access to personal information to those employees, agents, contractors and the third parties who have a business need-to-know.

We also have procedures in place to deal with any suspected data security breach.  However, no method of transmission over the Internet, or method of electronic storage, is 100% secure, and while we take reasonable steps to provide secure services, by using the Site Services, you understand and assume the risks associated with your activities on the internet.

14. California Privacy Rights - Shine the Light

CREDO does not share your personal information with any unaffiliated third party for its direct marketing purposes without your express consent.

California residents who have provided us with personal information have the right (under California Civil Code§ 1798.83) to request and obtain from us, once each year, the details of any personal information we shared with a third party for that third party’s direct marketing purposes during the prior calendar year. The details would include the categories of personal information and the names and addresses of the third party with which it was shared.

To request information about this sharing, you may submit a request with "Your California Privacy Rights" in the subject line, along with your first and last name, and complete mailing address (including street address, city, state, and zip code) by either: sending an email message or writing to us at the email and/or mailing address specified in the How to Contact Us Section.

If you do not submit and send your request with complete information as set forth above, we will not process it.

15. Nevada Privacy Rights

Under Nevada law, certain Nevada residents may opt out of the sale of covered personal information (which includes first and last name, address, email address, phone number, Social Security Number, or an identifier that allows a specific person to be contacted either physically or online) to a person for that person to license or sell such information to additional persons.

CREDO does not currently sell your covered information as defined under applicable Nevada law, however, you may submit an opt-out request, which we will honor as required by Nevada law should we engage in such a sale in the future.

You may submit an opt-out request by sending an email message or writing to us at the email and/or mailing address specified in the How to Contact Us Section; along with your full name, any user name, and complete mailing address (including street address, city, state, and zip code), email address (so that we can contact you, if needed, in connection with the request) and confirmation that you are a Nevada resident.

You must provide us with information reasonably requested by us to verify your identity and the authenticity of the request.  We typically process these requests within 60 days from the day we receive it (and will notify you within that period if we need an additional 30 days to do so).

16. International Transfers

CREDO is based in the United States. The personal information that we collect is sent to and stored on servers located in the United States.  Such storage is necessary in order to process the information. CREDO operates globally and may transfer the personal data that we collect from you to our other offices and/or to the third parties mentioned in the circumstances described above, which may be situated outside of your country or regional area, and may be processed by staff operating outside of your country or regional area. In particular, information provided to us or collected by us likely will be transferred to and processed in the United States by us or our Affiliates and our respective agents and contractors. The data protection laws of the United States or other countries may not be as comprehensive or equivalent to those in your country of residence.

The European Union’s General Data Protection Regulation (“GDPR”) allows for transfer of personal data from the European Union to a third country in certain situations. We rely on legally-provided mechanisms to lawfully transfer personal information across borders.  For example, we may enter into the EU Standard Contractual Clauses adopted by the EU Commission. More information about the Standard Contractual Clauses is available here.

17. Additional European and International Data Rights

The European Union’s General Data Protection Regulation and certain other countries’ data protection laws provide certain rights for data subjects. If you are a resident of the European Economic Area, the United Kingdom or another country with data protection laws that provide for certain data subject rights, you may submit a request to exercise your rights.

We respond to all requests we receive from individuals wishing to exercise their data rights in accordance with applicable data protection laws.

Depending on your country of residence, your rights may include.

  • The right to be informed – that’s an obligation on us to inform you how we use your personal data (and that’s what we’re doing in this Privacy Notice);
  • The right of access – that’s a right to make what’s known as a ‘data subject access request’ for a copy of the personal data we hold about you;
  • The right to rectification – that’s a right to make us correct personal data about you that may be incomplete or inaccurate (though we generally recommend first making any changes in your account);
  • The right to erasure (also known as the ‘right to be forgotten’) – that’s where in certain circumstances you can ask us to delete the personal data we have about you (unless there’s an overriding legal reason we need to keep it);
  • The right to restrict processing – that’s a right for you in certain circumstances to ask us to suspend processing personal data;
  • The right to data portability – that’s a right for you to ask us for a copy of your personal data in a common format (for example, a .csv file);
  • The right to object – that’s a right for you to object to us processing your personal data (for example, if you object to us processing your data for direct marketing); and
  • Rights in relation to automated decision-making and profiling – that’s a right you have for us to be transparent about any profiling we do, or any automated decision-making.
  • Withdraw Consent—that’s the right to revoke any consent you may have previously given us at any time, if we have collected and processed your personal information with your consent. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.
  • File a complaint—that’s the right to file a complaint with a supervisory authority about our collection and processing of your personal information.

Exercising Your Rights

These rights are subject to certain rules around when you can exercise them. If you are located in the European Economic Area and wish to exercise any of the rights set out above, please contact us.

You will not have to pay a fee to access your personal data (or to exercise any of the other rights) unless your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.

We will respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated as required by law.

In addition, if you no longer wish to receive our marketing/promotional information, we remind you that you may withdraw your consent to direct marketing at any time directly from the unsubscribe link included in each electronic marketing message we send to you. If you do so, we will promptly update our databases and will take all reasonable steps to meet your request at the earliest possible opportunity, but we may continue to contact you to the extent necessary for the purposes of providing the Site Services as requested and/or ordered by you or necessary updates regarding and the Site Services used by you.

Finally, you have the right to make a complaint at any time to the supervisory authority for data protection issues in your country of residence. We would, however, appreciate the chance to deal with your concerns before you approach the supervisory authority, so please contact us first.

18. How to Contact Us

If you have any questions about this Privacy Notice and/or our Cookie Policy, including any requests to exercise your legal rights, please contact us as follows:

By email at:
legal@credosemi.com; Subject Line: Privacy Request

By mail at:
CREDO Semiconductor, Inc.
Attn: CREDO Privacy Request
1600 Technology Drive
Floors 5 and 7
San Jose, CA 95110

chevron-down