Privacy Policy
Updated: December 4, 2023
Last updated: June 2023
Introduction
Valens Semiconductor (the “Company”, “we”, “us”, “our”), respects the privacy and data protection rights of its website visitors and the representatives of its existing and prospective service providers and customers .
This privacy notice (“Privacy Notice”) explains how information is collected and used by the Company in the following contexts:
- The data practices on the Valens website at valens.com and its subdomains such as investors.valens.com (“Website”).
- The data practices regarding personal data of representatives of our existing and prospective customers, reseller partners, and vendors (the “Representatives”).
This Privacy Notice does not apply to the information we collect and processes through our online ordering site partners.valens.com. Our privacy notice for our online ordering site is available here.
We occasionally change this Privacy Notice. We will post any change to this Privacy Notice on our website a reasonable time in advance of the effective date of the change.
The company primarily responsible for your personal information is the Valens Semiconductor group company in the region you are located in, as described below.
Valens Semiconductor Ltd. in Israel is the global management and headquarters of the Valens Semiconductor group, and therefore is also a separate controller. The EU GDPR representative of Valens Semiconductor Ltd. is Valens Semiconductor GmbH in Germany.
| Location | Name | Address |
| Israel | Valens Semiconductor Ltd. | 8 Hanagar St. POB 7152, Hod Hasharon 4501309, Israel |
| United States | Valens Semiconductor Inc. | 1 Blue Hill Plaza (7th Floor), Pearl River, NY 10965, United States |
| Germany | Valens Semiconductor GmbH | Werner-von-Siemens-Str. 2-6, Triwo Technologiepark, Bldg. 5110, 76646 Bruchsal, Germany |
| Japan | Valens Japan Ltd. | Nisso 12 Building, Office #602, Expert Office Grand Shin-Yokohama, 3-6-12, Shin-Yokohama, Kohoku-ku, Yokohama, Kanagawa, Japan |
| China | Valens Trading (Shanghai) Co. Ltd. | Valens, A unit, 3/F Beijing Institute of Technology Innovative Building, Yue Xin 5 Rd, Nanshan District, Shenzhen, China 518064 |
We can be contacted at dataprotection@valens.com .
What We Collect and Why
| Scenario | Purposes | Categories of information processed |
| You make an inquiry through the Website or social media | Our business development in promoting and marketing Valens’s products and services | Name, email address, company affiliation, position, phone number, country, and content of inquiry |
| You subscribe to our newsletters, enrolling to conferences in which we present, or webinars we run | Our business development in promoting and marketing Valens’s products and services | Name, email address, company employed at, position, phone number; country, type of activity (conference, webinar, newsletter subscription). |
| Managing sale and procurement processes, sale and procurement agreements, and business relationship with partners, vendors, and customers | Administering the business relationship with partner, vendor, or customer.Facilitating the provision of support to the partner, vendor, or customer. | Name of the representative of the partner, vendor, or customer, email address, company employed at, position; phone number; country; communications with the representative of the partner, vendor, or customer. |
| You request information regarding Valens’ reports as a publicly traded company | Investor relations | For email alerts: email address and type of alerts requested.For investor request form: Name, email address, company employed at, phone number, country and state/province; indication whether the person is an investor or not. |
| We give the customer access to documents relevant to our relationship with the customer, through an FTP system | Administering the business relationship with the customer. | Username and password for the representative of the customer to use. |
| Essential cookies on the Website | Facilitate a website feature that the user specifically requested | IP address, pages visited, Website functions used, fields completed in forms |
| Non-essential cookies on the Website | Analyze site usage to evaluate and improve its performance, improve user experience on the site, inform and serve personalized ads more relevant to user interests | IP address, pages visited, Website functions used, fields completed in forms |
| Tracking pixel we use on emails and newsletters we send you. | Our business development in promoting and marketing Valens’s products and services. | The time and date, and number of times that you opened our email message. |
Methods and Sources for Collecting your Personal Information
We collect the personal information from several sources:
- Directly from you as when you provide it through email communications, on a social media post, a registration form, or when you give us your business card.
You are not legally obligated to provide us your personal information, but if you do not, we will not be able to handle or respond to your inquiry, maintain our business contact with you, or fulfill your request to register to our webinar, conference, or newsletter.
- From companies operating a conference or tradeshow, if you scan your visitor tag at our booth at the conference or tradeshow we present in.
- From companies operating webinars we present in, and to which you registered.
- From another representative of your organization that provides us with your information.
- Through cookies on the device you use to access our Website, and tracking pixels we use on emails and newsletters we send you.
Sharing your Personal Information
We will not share your information with third parties, except in the events listed below or when you provide us your explicit and informed consent. We do not sell your personal information to third parties.
| Scenario | Purposes | Examples of third parties |
| We will share your personal information with our service providers who assist us with the internal operations of our business and the Website. These companies are authorized to use your personal information in this context only as necessary to provide these services to us and not for their own promotional purposes. | Operating the Website and our business | HubSpot, Salesforce.com, Microsoft, Priority Software, Q4. |
| If you abused your rights to use the Website or violated any applicable law in the course of doing business with us. | Responding to, handling, and mitigating suspected violations of law in connection with our business. | Competent authorities, legal counsels, and advisors. |
| If a judicial, governmental, or regulatory authority requires us to disclose your information. | Complying with a binding request from a competent authority. | Competent authorities. |
| If the operation of the Website or our business is organized within a different framework, or through another legal structure or entity (such as due to a merger or acquisition). | Enabling a structural change in the operation of the Website and our business. | The target entity of the merger or acquisition, legal counsels, and advisors. |
| Third party cookies | See details on our cookie consent banner [LINK] | |
Data Retention and Security
We retain your information for the duration we need it to operate the Website and our business, and interact with customers, partners, and vendors, and thereafter as needed for record-keeping matters.
We will retain your information for the duration needed to support our ordinary business activities operating the Website and interacting with existing and potential customers, vendors, and partners. Thereafter, we will still retain your personal information as necessary to comply with our legal obligations, resolve disputes, establish, and defend legal claims and enforce our agreements. The overall period of retention is approximately 7 years.
We implement measures to secure your information
We implement measures to reduce the risks of damage, loss of information and unauthorized access or use of information. However, these measures do not provide absolute information security. Therefore, although efforts are made to secure your personal information, there is no guarantee that it will be immune from information security risks.
Additional Information for Those in the EEA or UK
International Data Transfers
To facilitate processing your information within the companies in our corporate group and by our service providers, we will transfer your information to countries such as the United States, and Israel. When we transfer personal data to countries not recognized with an adequacy decision, we use data transfer agreements which contain standard data protection contract clauses with adequate safeguards determined by the EU Commission and UK Information Commissioner’s Office.
Legal Basis for Processing your Personal Data
| Purpose or Scenario | Legal Basis |
| Responding to an inquiry | Legitimate interests in developing potential leads and responding to business inquiries |
| Subscribing you to our newsletters, enrolling you to conferences in which we present, or webinars we run | Consent (where data subject subscribes to newsletters on the Website; scans their badge at Valens’ booth in a conference or trade show; enrolls to an online event co-sponsored by Valens). |
| Managing sale and procurement processes, sale and procurement agreements, and business relationship with partners, vendors, and customers | Legitimate interests in administering and performing the contractual obligations with partners, vendors, and customers. |
| You request information regarding Valens’ reports as a publicly traded company | Consent |
| We give the customer access to documents relevant to our relationship with the customer, through an FTP system | Legitimate interests in administering the relationship with customers |
| Cookies that facilitate a website feature that the user specifically requested | Legitimate interests in the proper operation of the Website |
| Cookies that analyze site usage to evaluate and improve its performance, improve user experience on the site, inform and serve personalized ads more relevant to user interests | Consent |
| Responding to, handling, and mitigating suspected violations of law in connection with our business | Legitimate interests in defending and enforcing against violations and breaches that are harmful to our business |
| Complying with a binding request from a competent authority | Legitimate interests in complying with mandatory legal requirements imposed on us |
| Enabling a structural change in the operation of the Website and our business | Legitimate interests in our business continuity |
Data Subject Rights
If you are in the EU or the UK, you have the following rights under the GDPR:
Right to Access and receive a copy of your personal information that we process.
Right to Rectify inaccurate personal information we have concerning you and to have incomplete personal information completed.
Right to easily and at any time withdraw your consent to us processing your personal data to email you our newsletters, investor updates, or to the use of non-essential cookies on our Website. The withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.
Right to Data Portability, that is, to receive the personal information that you provided to us, in a structured, commonly used, and machine-readable format. You have the right to transmit this data to another person or entity. Where technically feasible, you have the right to have your personal information transmitted directly from us to the person or entity you designate.
Right to Object to our processing of your personal information based on our legitimate interest. However, we may override the objection if we demonstrate compelling legitimate grounds, or if we need to process such personal information for the establishment, exercise, or defense of legal claims.
Right to Restrict us from processing your personal information (except for storing it): (a) if you contest the accuracy of the personal information (in which case the restriction applies only for a period enabling us to determine the accuracy of the personal information); (b) if the processing is unlawful and you prefer to restrict the processing of the personal information rather than requiring the deletion of such data by us; (c) if we no longer need the personal information for the purposes outlined in this Notice, but you require the personal information to establish, exercise or defend legal claims; or (d) if you object to our processing based on our legitimate interest (in which case the restriction applies only for the period enabling us to determine whether our legitimate grounds for processing override yours).
Right to be Forgotten. Under certain circumstances, such as when you object to our processing of your personal information based on our legitimate interest and there are no overriding legitimate grounds for the processing, you have the right to ask us to erase your personal information. However, notwithstanding such request, we may still process your personal information if it is necessary to comply with our legal obligations, or for the establishment, exercise, or defense of legal claims. If you wish to exercise any of these rights, please contact us through the channels listed in this Notice.
When you contact us, we reserve the right to ask for reasonable evidence to verify your identity before we provide you with information. Where we are not able to provide you with information that you have asked for, we will explain the reason.
Subject to applicable law, you have the right to lodge a complaint with your local data protection authority. If you are in the EU, then according to Article 77 of the GDPR, you can lodge a complaint to the supervisory authority, in the Member State of your residence, place of work or place of alleged infringement of the GDPR. For a list of supervisory authorities in the EU, click here.
If you are in the UK, you can lodge a complaint to the Information Commissioner’s Office (ICO) pursuant to the instructions provided here.
Additional Information for Individuals Residing in California
If you are an individual residing in California, we provide you with the following information pursuant to the California Privacy Rights Act (CPRA).
We do not collect, use, or disclose sensitive personal information.
This is the personal information we have collected over the past 12 months when we operate as a “business” under the CPRA:
| Categories of Personal Information | Specific Types of Personal Information Collected | Source of Information |
| Identifiers | Name, work email address, phone number | From you.From companies operating a conference or tradeshow, if you scan your visitor tag at our booth at the conference or tradeshow we present in. From companies operating webinars we present in, and to which you registered.From another representative of your organization that provides us with your information. |
| Information that identifies, relates to, describes, or is capable of being associated with, a particular individual | Phone number, country, indication whether a person is an investor or not. | |
| Professional or employment-related information | Company name and position, type of activity (conference, webinar, newsletter subscription) | |
| Commercial information, including products or services purchased, obtained, or considered | Content of inquiries and communications with the representative of the partner, vendor, or customer. | |
| Internet or other electronic network activity information | Username and password for the representative of the customer to use.IP address from which you access the Website or Platform, time and date of access, type of browser used, language used, links clicked, and actions taken while using the Website or opening email messages from us. | Your device |
The following are the CPRA specific business or commercial purposes for which we use each category of personal information. Details about the information we collect for each category are provided in the table above. More details about the business or commercial purposes are provided in the Privacy Notice’s section titled ‘What we collect and why’:
| Categories of Personal Information | Business or commercial purposes pursuant to the CPRA |
| Identifiers | Providing customer service, processing, or fulfilling orders and transactions, verifying customer informationDetecting security incidents, protecting against malicious, deceptive, fraudulent or illegal activity, prosecuting those responsible for that activityUndertaking internal research for technological development and demonstrationUndertaking activities to verify or maintain the quality of the service and to improve, upgrade or enhance the serviceDebugging to identify and repair errors |
| Professional or employment-related information | |
| Commercial information, including products or services purchased, obtained, or considered | |
| Information that identifies, relates to, describes, or is capable of being associated with, a particular individual | |
| Internet or other electronic network activity information |
The chart below explains the personal information we disclosed for a business purpose to third parties in the preceding 12 months:
| Categories of personal information (under the CPRA) | Categories of third parties to whom we disclose your information and the specific business or commercial purpose for the disclosure |
| Identifiers | With outside legal counsel and authorities, for the purpose of responding to, handling, and mitigating suspected violations of law in connection with our business.With third parties to which a law or binding order requires us to disclose your information to. Our purpose in doing so is complying with our obligations under the law or the binding order.With the target entity of our merger, acquisition or reorganization, and legal counsels, and advisors, for the purpose of facilitating the structural change in the operation of our business within a different framework, or through another legal structure or entity (such as due to a merger or acquisition). |
| Professional or employment-related information | |
| Commercial information, including products or services purchased, obtained, or considered | |
| Information that identifies, relates to, describes, or is capable of being associated with, a particular individual | |
| Internet or other electronic network activity information |
The chart below explains about the personal information we shared for online behaviorally targeted ads in the preceding 12 months. Other than this sharing, we have not sold your personal information in the preceding 12 months.
We do not have actual knowledge that we share the personal information of consumers under 16 years of age.
| Categories of Personal Information | Categories of third parties to whom the information is shared for online behaviorally-targeted ads | The specific business or commercial purpose for sharing |
| Internet Protocol (IP) address identifier that your device uses to connect to the internet, and mobile device advertising ID | Ad networks | To show you ads based on your visit to our Website. |
| Internet or other electronic network activity information | ||
| Location data | ||
| Inferences |
Your rights under the CPRA if you are a resident of California
Knowing the personal information, we collect about you
You have the right to know:
- The categories of personal information we have collected about you.
- The categories of sources from which the personal information is collected.
- Our business or commercial purpose for collecting personal information.
- The categories of third parties with whom we share personal information, if any.
- The specific pieces of personal information we have collected about you.
Right to deletion
Subject to certain exceptions set out below, on receipt of a verifiable request from you, we will:
- Delete your personal information from our records; and
- Direct any service providers to delete your personal information from their records.
Please note that we may not delete your personal information if it is necessary to:
- Complete the transaction for which the personal information was collected, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, provide a good or service requested by you, or reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform a contract between you and us.
- Help to ensure security and integrity to the extent the use of the consumer’s personal information is reasonably necessary and proportionate for those purposes.
- Debug to identify and repair errors that impair existing intended functionality.
- Exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law.
- Comply with the California Electronic Communications Privacy Act.
- Engage in public or peer-reviewed scientific, historical, or statistical research that conforms or adheres to all other applicable ethics and privacy laws, when our deletion of the information is likely to render impossible or seriously impair the ability to complete such research, provided we have obtained your informed consent.
- Enable solely internal uses that are reasonably aligned with your expectations based on your relationship with us and compatible with the context in which you provided the information.
or
- Comply with an existing legal obligation.
We also will deny your request to delete if it proves impossible or involves disproportionate effort, or if another exception to the CPRA applies. We will provide you with a detailed explanation that includes enough facts to give you a meaningful understanding as to why we cannot comply with the request to delete your information.
Right to correct inaccurate personal information
If we receive a verifiable request from you to correct your information and we determine the accuracy of the corrected information you provide, we will correct inaccurate personal information that we maintain about you.
In determining the accuracy of the personal information that is the subject of your request to correct, we will consider the totality of the circumstances relating to the contested personal information.
We also may require that you provide documentation if we believe it is necessary to rebut our own documentation that the personal information is accurate.
We may deny your request to correct in the following cases:
- We have a good-faith, reasonable, and documented belief that your request to correct is fraudulent or abusive.
- We determine that the contested personal information is more likely than not accurate based on the totality of the circumstances.
- Conflict with federal or state law.
- Other exception to the CPRA.
- Inadequacy in the required documentation
- Compliance proves impossible or involves disproportionate effort.
We will provide you a detailed explanation that includes enough facts to give you a meaningful understanding as to why we cannot comply with the request to correct your information.
Right to Opt-Out of the Sharing of Personal Information
We share your personal information for behaviorally-targeted ads, as explained above. You have a right to opt-out of that sharing. If you would like to exercise your right to opt-out, please contact us here.
Protection against discrimination
You have the right to not be discriminated against by us because you exercised any of your rights under the CPRA.
Exercising your CPRA rights by yourself or through an authorized agent
If you would like to exercise any of your CPRA rights as described in this Notice, please contact us by e-mail at dataprotection@valens.com.
We will ask you for additional information to confirm your identity and for security purposes, before disclosing the personal data requested to you, by using a two or three points of data verification process, depending on the type of information you require and the nature of your request.
You may also designate an authorized agent to make a request under the CPRA on your behalf. To do so, you need to provide the authorized agent written permission to do so and the agent will need to submit to us proof that they have been authorized by you. We will also require that you verify your own identity, as explained above.