Ngày có hiệu lực: 1/11/2018

Chúng tôi quan tâm đến quyền riêng tư của bạn

HMD Global Oy cam kết tôn trọng quyền riêng tư của bạn và tuân thủ các quy định pháp luật hiện hành về bảo vệ dữ liệu và quyền riêng tư. Chính sách về quyền riêng tư này (gọi tắt là "Chính sách") mô tả cách chúng tôi thu thập và sử dụng dữ liệu cá nhân trong trường hợp HMD là người kiểm soát dữ liệu hoặc trong trường hợp có khả năng áp dụng Chính sách này được chúng tôi đề cập đến. "Dữ liệu cá nhân" là thông tin liên quan đến bạn hoặc một cá nhân khác có thể xác định được danh tính.

Chúng tôi sẽ cung cấp thêm thông tin về quyền riêng tư cụ thể cho từng sản phẩm hoặc dịch vụ trong phần Phụ lục của Chính sách này và những thông báo khác mà bạn có thể nhìn thấy trong quá trình sử dụng các sản phẩm hoặc dịch vụ của chúng tôi. Nếu những thông báo này có sự khác biệt so với Chính sách thì những thông báo đó phải được xem xét trước.

Vui lòng dành thời gian để làm quen với Chính sách của chúng tôi và cho chúng tôi biết nếu bạn có bất kỳ câu hỏi nào.

Chúng tôi thu thập những thông tin gì?

Chúng tôi thu thập dữ liệu cá nhân của bạn và những thông tin khác khi bạn mua hàng, sử dụng hoặc đăng ký sản phẩm và dịch vụ của chúng tôi, tham gia vào các chiến dịch hoặc nghiên cứu, hay tương tác với chúng tôi. Thông tin được phân thành những loại như sau:

• Kích hoạt sản phẩm và dịch vụ. Các sản phẩm và dịch vụ của HMD có thể yêu cầu được kích hoạt điện tử, khi đó, thông tin về thiết bị và loại ứng dụng của bạn, cũng như mã định danh duy nhất của thiết bị, ứng dụng, mạng và đăng ký sẽ được gửi tới HMD.

• Sử dụng sản phẩm và dịch vụ.

  • Khi bạn truy nhập trực tuyến các dịch vụ của chúng tôi, máy chủ web của chúng tôi sẽ tự động tạo thông tin lưu trữ về lần truy nhập của bạn. Các thông tin lưu trữ này thường bao gồm địa chỉ IP, thời gian truy nhập, địa chỉ trang web liên kết, trang đã truy nhập, các liên kết và tính năng đã sử dụng, nội dung đã xem hoặc được yêu cầu, loại trình duyệt hoặc ứng dụng, ngôn ngữ và các thông tin tương tự khác. Ứng dụng của chúng tôi có thể liên hệ với máy chủ theo định kỳ, ví dụ: Để kiểm tra các bản cập nhật hoặc để gửi cho chúng tôi thông tin liên quan đến việc sử dụng dịch vụ.
  • Chương trình Cải thiện. Chúng tôi có thể mời bạn tham gia các chương trình nghiên cứu hoặc cải thiện dịch vụ và sản phẩm theo tinh thần tự nguyện để thu thập thông tin tiết. Để biết thêm thông tin, vui lòng tham khảo phần Phụ lục về Chương trình Trải nghiệm Người dùng của chúng tôi.
  • Định vị và dữ liệu Vị trí.** **Các dịch vụ dựa trên vị trí sẽ thiết lập vị trí chính xác hoặc tương đối chính xác của bạn thông qua các phương thức định vị dựa trên vệ tinh, di động, Wi-Fi hoặc mạng khác. Những công nghệ này có thể bao gồm việc trao đổi dữ liệu vị trí của bạn và mã định danh duy nhất của thiết bị và di động, Wi-Fi hoặc các mạng khác với HMD. Chúng tôi không sử dụng thông tin này để nhận dạng cá nhân mà không được sự chấp thuận của bạn.
• Thông tin bạn cung cấp cho chúng tôi. Khi bạn tạo tài khoản, mua hàng, yêu cầu dịch vụ, tham gia nghiên cứu hoặc chiến dịch hay tương tác với chúng tôi, chúng tôi có thể yêu cầu những thông tin như tên, địa chỉ email, số điện thoại, địa chỉ đường phố, tên người dùng và mật khẩu, phản hồi, thông tin liên quan đến thiết bị, độ tuổi, giới tính và ngôn ngữ, số tài khoản ngân hàng, chi tiết thẻ tín dụng và thông tin tài chính khác của bạn. Chúng tôi cũng lưu trữ hồ sơ về sự chấp thuận, sở thích và cài đặt của bạn, ví dụ: Dữ liệu vị trí, việc tiếp thị và chia sẻ dữ liệu cá nhân.
• Thông tin chúng tôi nhận được từ các nguồn thuộc về bên thứ ba. Chúng tôi có nhận một số thông tin từ các dịch vụ mạng xã hội thuộc về bên thứ ba, ví dụ: Khi bạn đăng nhập vào tài khoản bằng cách sử dụng chi tiết đăng nhập tài khoản mạng xã hội của bạn. Để biết thêm thông tin, vui lòng xem phần Phụ lục về Tài khoản điện thoại Nokia của chúng tôi.
• Giao dịch của bạn với chúng tôi. Chúng tôi lưu trữ hồ sơ về việc mua hàng, tải xuống, nội dung bạn đã cung cấp cho chúng tôi, yêu cầu, sản phẩm và dịch vụ được cung cấp cho bạn, chi tiết thanh toán và giao hàng, liên hệ và giao tiếp cùng các tương tác khác của bạn với chúng tôi. Theo quy định của pháp luật, chúng tôi có thể ghi lại hoạt động liên lạc của bạn với dịch vụ chăm sóc khách hàng của chúng tôi hoặc với các đầu mối liên lạc tương tự.

Lý do chúng tôi xử lý dữ liệu cá nhân?

HMD có thể xử lý dữ liệu cá nhân của bạn cho các mục đích sau đây. Có thể áp dụng với một hoặc nhiều mục đích cùng lúc.

• Cung cấp sản phẩm và dịch vụ. Chúng tôi sử dụng dữ liệu cá nhân của bạn để cung cấp các sản phẩm và dịch vụ, để xử lý các yêu cầu của bạn hoặc để thực hiện hợp đồng giữa bạn và HMD nếu cần, để đảm bảo chức năng và bảo mật sản phẩm và dịch vụ của chúng tôi , để nhận diện bạn cũng như để ngăn chặn và điều tra các hành vi gian lận và lạm dụng khác. Ví dụ: Chúng tôi sử dụng dữ liệu kích hoạt thiết bị để kích hoạt bảo hành thiết bị của bạn và cung cấp dịch vụ chăm sóc khách hàng có liên quan.
• Cá nhân hóa sản phẩm và dịch vụ. Chúng tôi sử dụng dữ liệu cá nhân của bạn để cá nhân hóa sản phẩm và dịch vụ mà bạn đang sử dụng, đồng thời cung cấp các dịch vụ phù hợp hơn với hồ sơ và sở thích của bạn, ví dụ: Đưa ra đề xuất và hiển thị nội dung được tùy chỉnh trong dịch vụ của chúng tôi.
• Tài khoản. Một số dịch vụ yêu cầu phải có tài khoản để giúp bạn quản lý nội dung và tùy chọn của mình. Để biết thêm thông tin, vui lòng xem phần Phụ lục về Tài khoản điện thoại Nokia của chúng tôi.
• Phát triển sản phẩm và dịch vụ. Chúng tôi sử dụng dữ liệu cá nhân của bạn để phát triển sản phẩm, dịch vụ, chăm sóc khách hàng, bán hàng và tiếp thị của chúng tôi. Ví dụ: Bạn có thể tham gia Chương trình Trải nghiệm Người dùng của chúng tôi và cung cấp dữ liệu cá nhân của bạn cho chúng tôi để cải thiện chất lượng và hiệu suất của sản phẩm và dịch vụ. Để biết thêm thông tin về cách chúng tôi sử dụng dữ liệu cá nhân của bạn để phát triển sản phẩm và dịch vụ, vui lòng xem phần Phụ lục về Trải nghiệm Người dùng của chúng tôi. Chúng tôi có thể kết hợp dữ liệu cá nhân về việc bạn sử dụng một sản phẩm và/hoặc dịch vụ cụ thể của HMD mà chúng tôi thu thập được cùng với những dữ liệu cá nhân khác về bạn mà chúng tôi có thể sở hữu, trừ khi các dữ liệu cá nhân đó được thu thập cho một mục đích khác.
• Truyền đạt thông tin với bạn. Chúng tôi sử dụng dữ liệu cá nhân của bạn cho việc liên lạc, ví dụ: Để thông báo với bạn rằng dịch vụ của chúng tôi đã thay đổi hoặc gửi cho bạn cảnh báo quan trọng và các thông báo khác liên quan đến sản phẩm và/hoặc dịch vụ của chúng tôi, cũng như để liên hệ về các vấn đề liên quan đếnchăm sóc khách hàng. Để biết thêm thông tin về cách chúng tôi sử dụng dữ liệu cá nhân của bạn cho mục đích cung cấp các dịch vụ chăm sóc khách hàng của chúng tôi, vui lòng xem phần Phụ lục về Nokia Mobile Care của chúng tôi.
• Tiếp thị. Chúng tôi có thể liên hệ với bạn để thông báo về các đề xuất sản phẩm, dịch vụ hoặc chương trình khuyến mãi mới của chúng tôi và để tiến hành nghiên cứu thị trường khi nhận được sự chấp thuận hoặc đồng ý của bạn. Chúng tôi có thể sử dụng dữ liệu cá nhân của bạn để cá nhân hóa đề xuất của chúng tôi và cung cấp cho bạn các dịch vụ phù hợp hơn với hồ sơ và sở thích của bạn, ví dụ: Để hiển thị nội dung được tùy chỉnh trong dịch vụ của chúng tôi và đưa ra các khuyến nghị về phụ kiện. Điều này có thể bao gồm việc hiển thị nội dung của HMD và bên thứ ba.

Đâu là cơ sở để xử lý?

HMD chỉ xử lý dữ liệu cá nhân của bạn khi được pháp luật cho phép. Việc xử lý dựa trên các cơ sở pháp lý sau đây:

• Hợp đồng. Việc xử lý dữ liệu cá nhân là điều kiện cần để thực hiện hợp đồng giữa bạn và HMD. Chúng tôi sử dụng dữ liệu cá nhân của bạn để cung cấp cho bạn các sản phẩm và dịch vụ của chúng tôi cũng như để đảm bảo chức năng và tính bảo mật của những sản phẩm và dịch vụ này. Nếu bạn không cung cấp cho chúng tôi những thông tin cần thiết, điều đó có nghĩa là chúng tôi không thể cung cấp sản phẩm hoặc dịch vụ cho bạn. Hợp đồng là cơ sở để thực hiện việc xử lý, ví dụ: Trong trường hợp

  • Chúng tôi thu thập dữ liệu cá nhân cần thiết để thực hiện thanh toán và giao hàng cho bạn.
  • Chúng tôi liên lạc với bạn, ví dụ: Để thông báo về các bản cập nhật phần mềm, để gửi cho bạn các cảnh báo và thông báo quan trọng khác liên quan đến sản phẩm và/hoặc dịch vụ của chúng tôi cũng như để liên hệ với bạn về các vấn đề liên quan đến chăm sóc khách hàng.

• Lợi ích hợp pháp. HMD sẽ xử lý dữ liệu cá nhân nếu đó là hành động cần thiết vì lợi ích hợp pháp mà HMD theo đuổi. Lợi ích hợp pháp là lợi ích tuân theo quy định của pháp luật và quan trọng đối với HMD. Trong các hoạt động xử lý dựa trên lợi ích hợp pháp, bạn có quyền lợi cân bằng với lợi ích của HMD. Bạn có thể lấy thêm thông tin về các bài kiểm tra cân bằng bằng cách liên hệ với chúng tôi. Bạn có quyền phản đối việc xử lý dựa trên lợi ích hợp pháp. Đọc thêm về quyền lợi của bạn và cách liên hệ với chúng tôi trong mục "Bạn có những quyền lợi gì?". Lợi ích hợp pháp là cơ sở cho việc xử lý, ví dụ: Trong trường hợp

  • Bạn kích hoạt sản phẩm và dịch vụ HMD theo phương thức điện tử và thông tin về thiết bị và loại ứng dụng của bạn, cũng như mã định danh duy nhất của thiết bị, ứng dụng, mạng và đăng ký sẽ được gửi tới HMD.
  • Chúng tôi liên hệ với bạn để thông báo về các sản phẩm hoặc dịch vụ mới tương tự như sản phẩm hoặc dịch vụ của chúng tôi mà bạn đã sở hữu trước đó.
  • Chúng tôi có thể sử dụng dữ liệu cá nhân của bạn để cá nhân hóa đề nghị của chúng tôi và cung cấp cho bạn các dịch vụ phù hợp hơn với hồ sơ và sở thích của bạn, ví dụ: Đưa ra đề xuất và hiển thị nội dung được tùy chỉnh và tiếp thị trong dịch vụ của chúng tôi. Điều này có thể bao gồm việc hiển thị nội dung từ bên thứ ba.
  • Chúng tôi phân tích thông tin về sở thích, hành vi mua sắm và phản hồi của bạn để phát triển hoạt động kinh doanh, sản phẩm và dịch vụ của chúng tôi.
  • Chúng tôi xử lý dữ liệu cá nhân để ngăn chặn và điều tra các hành vi gian lận và lạm dụng khác cũng như để bảo vệ lợi ích hợp pháp của HMD, ví dụ: Trong tố tụng dân sự hoặc hình sự.

• Sự chấp thuận. Việc xử lý dữ liệu cá nhân của bạn có thể dựa trên sự chấp thuận của bạn. Trong những trường hợp này, chúng tôi sẽ yêu cầu sự chấp thuận của bạn trước khi xử lý dữ liệu của bạn. Việc chấp thuận luôn được thực hiện một cách tự nguyện và bạn có thể rút lại sự chấp thuận bất cứ lúc nào. Việc rút lại sự chấp thuận không ảnh hưởng đến tính hợp pháp của quá trình xử lý dựa trên sự chấp thuận trước thời điểm rút lại. Chúng tôi lưu trữ hồ sơ về sự chấp thuận, sở thích và cài đặt của bạn, ví dụ: Dữ liệu vị trí, việc tiếp thị và chia sẻ dữ liệu cá nhân. Sự chấp thuận là cơ sở cho việc xử lý trong các trường hợp sau đây:

  • Bạn tham gia vào Chương trình Trải nghiệm Người dùng và chúng tôi thu thập chi tiết về cách bạn sử dụng một sản phẩm và/hoặc dịch vụ cụ thể của HMD. Chúng tôi sử dụng dữ liệu để cải thiện các sản phẩm và dịch vụ. Bạn có thể rút lại sự chấp thuận trong phần cài đặt của thiết bị. Để biết thêm thông tin, vui lòng xem phần Phụ lục về Chương trình Trải nghiệm Người dùng của chúng tôi.
  • Bạn đăng ký vào danh sách gửi thư của chúng tôi để biết về các sản phẩm, dịch vụ và chương trình khuyến mãi mới. Bạn có thể rút lại sự chấp thuận cho việc tiếp thị bằng cách nhấp vào liên kết hủy đăng ký ở cuối bản tin.
  • Dịch vụ yêu cầu phải có tài khoản để giúp bạn quản lý nội dung và tùy chọn của mình. Bạn có thể quản lý sự chấp thuận cho việc xử lý trong phần cài đặt tài khoản của bạn.
  • Việc sử dụng sản phẩm và dịch vụ của HMD có thể liên quan đến việc sử dụng dữ liệu vị trí dựa trên sự chấp thuận của bạn. Bạn có thể rút lại sự chấp thuận cho việc xử lý dữ liệu vị trí trong phần cài đặt thiết bị hoặc ứng dụng của bạn.
• Nghĩa vụ pháp lý. HMD có thể phải xử lý dữ liệu cá nhân của bạn để tuân thủ với các yêu cầu pháp lý mà HMD phải tuân theo. Ví dụ: HMD có thể có nghĩa vụ pháp lý phải tiết lộ dữ liệu của bạn cho các nhà chức trách khi được yêu cầu.

Chúng tôi có chia sẻ dữ liệu cá nhân không?

Chúng tôi không bán, cho thuê dài hạn hoặc cho thuê ngắn hạn dữ liệu cá nhân của bạn cho các bên thứ ba. Chúng tôi chỉ cung cấp dữ liệu cá nhân của bạn cho các bên thứ ba trong những trường hợp sau đây:

• Các công ty của HMD và bên thứ ba được ủy quyền. Chúng tôi có thể chia sẻ dữ liệu cá nhân của bạn với các công ty khác của HMD hoặc bên thứ ba được ủy quyền xử lý dữ liệu cá nhân cho HMD với mục đích được nêu rõ trong Chính sách này. Điều này có thể bao gồm, ví dụ: Việc thanh toán thông qua nhà cung cấp dịch vụ mạng của bạn hoặc việc giao hàng cho bạn, cung cấp dịch vụ bao gồm dịch vụ khách hàng, quản lý và phân tích dữ liệu người tiêu dùng, kiểm tra tín dụng và tiến hành nghiên cứu. Khi bạn mua một sản phẩm của HMD, chúng tôi có thể cần phải trao đổi thông tin với nhà cung cấp dịch vụ mạng của bạn. Các bên thứ ba này không được phép sử dụng dữ liệu cá nhân của bạn cho bất kỳ mục đích nào khác. Chúng tôi yêu cầu các bên thứ ba phải tuân thủ nhất quán với Chính sách này và sử dụng các biện pháp bảo mật thích hợp để bảo vệ dữ liệu cá nhân của bạn.
• Tiếp thị. Chúng tôi có thể chia sẻ dữ liệu cá nhân của bạn với các đối tác tiếp thị của chúng tôi, ví dụ: Để quản lý các chiến dịch tiếp thị. Chúng tôi có thể tiến hành tiếp thị chung và các chiến dịch truyền thông khác với đối tác của chúng tôi. Để tránh việc truyền đạt thông tin bị trùng lặp hoặc không cần thiết và để điều chỉnh thông báo cho bạn, chúng tôi có thể cần phải khớp thông tin do HMD thu thập với thông tin do đối tác thu thập trong trường hợp hành động này được pháp luật cho phép. Đối tác tiếp thị của chúng tôi không được phép sử dụng dữ liệu cá nhân của bạn cho bất kỳ mục đích nào khác. Chúng tôi yêu cầu các bên thứ ba phải tuân thủ nhất quán với Chính sách này và sử dụng các biện pháp bảo mật thích hợp để bảo vệ dữ liệu cá nhân của bạn.
• Chuyển giao quốc tế dữ liệu cá nhân. Chúng tôi cung cấp sản phẩm và dịch vụ nhờ nguồn tài nguyên và máy chủ đặt tại nhiều quốc gia và vùng lãnh thổ khác nhau trên thế giới, bao gồm Liên minh châu Âu, Hoa Kỳ, Singapore và Trung Quốc. Do đó, dữ liệu cá nhân của bạn có thể được chuyển giao qua biên giới quốc tế ra ngoài quốc gia nơi bạn sử dụng các sản phẩm và dịch vụ của chúng tôi, bao gồm cả các quốc gia bên ngoài Khu vực Kinh tế châu Âu (EEA), nơi không có luật bảo vệ cụ thể cho dữ liệu cá nhân hoặc có các quy định pháp lý khác biệt về bảo vệ dữ liệu. Trong những trường hợp như vậy, chúng tôi đảm bảo sẽ có cơ sở pháp lý cho việc chuyển giao và thực hiện bảo vệ đầy đủ cho dữ liệu cá nhân của bạn theo quy định của pháp luật, ví dụ: Bằng cách sử dụng thỏa thuận chuẩn đã được các cấp chính quyền có liên quan phê duyệt (nếu cần) và bằng cách yêu cầu sử dụng các biện pháp bảo mật thông tin về tổ chức và kỹ thuật phù hợp khác.
• Tiết lộ bắt buộc. Chúng tôi có thể bị ràng buộc bởi quy định pháp luật bắt buộc về việc tiết lộ dữ liệu cá nhân của bạn cho một số nhà chức trách hoặc các bên thứ ba khác, ví dụ: Cho các cơ quan thực thi pháp luật ở quốc gia nơi chúng tôi hoặc các bên thứ ba đạt diện cho chúng tôi hoạt động. Chúng tôi cũng có thể tiết lộ và xử lý dữ liệu cá nhân của bạn theo quy định của pháp luật để bảo vệ lợi ích hợp pháp của HMD, ví dụ: Trong tố tụng dân sự hoặc hình sự.
• Mua bán và sáp nhập. Nếu chúng tôi quyết định bán, mua, sáp nhập hoặc tái cơ cấu doanh nghiệp của chúng tôi ở một số quốc gia, điều này có thể dẫn đến việc dữ liệu cá nhân được tiết lộ cho người mua trong tương lai hoặc hiện tại và cố vấn của họ hay nhận dữ liệu cá nhân từ người bán và cố vấn của họ.

Làm thế nào để chúng tôi giải quyết quyền riêng tư của trẻ em?

Sản phẩm và dịch vụ HMD thường hướng đến mọi đối tượng. HMD sẽ không chủ tâm thu thập thông tin của trẻ em mà không được sự chấp thuận của cha mẹ hoặc người giám hộ.

Các bước được tiến hành để bảo vệ dữ liệu cá nhân?

Quyền riêng tư và bảo mật là những vấn đề trọng tâm trong quá trình phát triển và phân phối sản phẩm và dịch vụ của chúng tôi. Chúng tôi đã đề ra những trách nhiệm cụ thể trong việc giải quyết các vấn đề liên quan đến quyền riêng tư và bảo mật. Chúng tôi thực thi các chính sách và hướng dẫn nội bộ thông qua việc lựa chọn các hoạt động phù hợp, bao gồm quản lý rủi ro chủ động và phản ứng, kỹ thuật về quyền riêng tư và bảo mật, đào tạo và đánh giá. Chúng tôi tiến hành các bước thích hợp để giải quyết an ninh trực tuyến, quyền riêng tư vật lý, rủi ro mất dữ liệu và các nguy cơ khác có thể xảy ra trong quá trình xử lý và bản chất của dữ liệu được bảo vệ. Ngoài ra, chúng tôi cũng hạn chế cấp quyền truy nhập vào cơ sở dữ liệu có chứa dữ liệu cá nhân cho những người được ủy quyền có nhu cầu hợp lý để truy nhập những thông tin đó.

Cách chúng tôi sử dụng cookie?

HMD sử dụng cookie và các công nghệ tương tự khác để vận hành và cải thiện trang web và đề xuất của chúng tôi. Chúng tôi cũng sử dụng cookie cho việc cá nhân hóa và hiển thị quảng cáo. Một số trang web HMD sử dụng các công nghệ quảng cáo thuộc về bên thứ ba, chẳng hạn như DoubleClick, để phục vụ cho việc quảng cáo.

Miền của chúng tôi có thể bao gồm các yếu tố thuộc về bên thứ ba, trong đó cho phép đặt cookie thay mặt cho bên thứ ba, ví dụ: Liên quan đến mạng xã hội thuộc về bên thứ ba. Để biết thêm thông tin về cách chúng tôi sử dụng cookie, vui lòng xem mục Chính sách cookie của chúng tôi.

Dữ liệu được lưu giữ trong bao lâu?

Chúng tôi thực hiện các bước hợp lý để giữ những dữ liệu cá nhân chính xác mà chúng tôi có được và xóa những dữ liệu cá nhân không chính xác hoặc không cần thiết.

Thời gian lưu giữ sẽ khác nhau tùy thuộc vào loại dữ liệu và dịch vụ hoặc sản phẩm được đề cập. Thời gian lưu dữ liệu cá nhân của bạn được xác định theo các tiêu chí sau đây:

Ngoài ra, HMD phải tuân thủ nghĩa vụ pháp lý về lưu giữ dữ liệu theo quy định phát luật bắt buộc.

Bạn có những quyền lợi gì?

Bạn có quyền biết những dữ liệu cá nhân nào của bạn được chúng tôi lưu giữ theo chi tiết như dưới đây. Bạn có quyền hoàn thiện hoặc cập nhật dữ liệu cá nhân chưa hoàn thiện, không chính xác hoặc đã lỗi thời. Trong một số trường hợp, bạn có quyền xóa, hạn chế hoặc di chuyển dữ liệu hay phản đối việc xử lý dữ liệu cá nhân của bạn. Bạn có thể thực hiện quyền lợi của mình bằng cách quản lý tài khoản và lựa chọn các công cụ quản lý sẵn có trên thiết bị và dịch vụ của chúng tôi hoặc bằng cách liên hệ với chúng tôi. Trong một số trường hợp, đặc biệt là khi bạn muốn chúng tôi xóa hoặc ngừng xử lý dữ liệu cá nhân của bạn, điều này cũng đồng nghĩa với việc chúng tôi không thể tiếp tục cung cấp dịch vụ cho bạn.

• Quyền truy nhập. Bạn có quyền biết những dữ liệu cá nhân nào của bạn được chúng tôi lưu giữ hoặc nhận được xác nhận rằng chúng tôi không xử lý dữ liệu liên quan đến bạn. Bạn có thể truy nhập dữ liệu của mình qua phần cài đặt tài khoản. Bạn cũng có thể yêu cầu quyền truy nhập dữ liệu của mình theo thông tin liên hệ chi tiết bên dưới.
• Quyền cải chính. Bạn có quyền chỉnh sửa những dữ liệu cá nhân chưa hoàn thiện hoặc không chính xác. Bạn có thể sửa và cập nhật dữ liệu của mình qua phần cài đặt tài khoản và chúng tôi khuyên bạn nên làm điều này một cách thường xuyên để đảm bảo dữ liệu cá nhân của bạn luôn được cập nhật. Bạn cũng có thể yêu cầu chỉnh sửa hoặc hoàn thiện dữ liệu của mình theo thông tin liên hệ chi tiết bên dưới.
• Quyền được lãng quên. Bạn có quyền xóa dữ liệu cá nhân của mình trong một số trường hợp, ví dụ: Khi việc xử lý dữ liệu của bạn không còn cần thiết cho mục đích khi dữ liệu đó được thu thập hoặc nếu việc xử lý dựa trên sự chấp thuận của bạn và bạn muốn rút lại sự chấp thuận của mình và không có cơ sở nào khác cho việc xử lý. Xin lưu ý rằng dữ liệu có thể là điều kiện cần để thực hiện hợp đồng giữa bạn và HMD hoặc HMD có thể có cơ sở pháp lý thuyết phục để giữ lại một số dữ liệu nhất định. Nếu bạn muốn xóa những thông tin này, điều đó có nghĩa là chúng tôi không thể tiếp tục cung cấp dịch vụ cho bạn. Bạn có thể xóa dữ liệu của mình qua phần cài đặt tài khoản hoặc theo thông tin liên hệ chi tiết bên dưới.
• Quyền phản đối. Khi việc xử lý dữ liệu cá nhân của bạn dựa trên lợi ích hợp pháp, bạn có quyền phản đối việc xử lý đó. Bạn có thể yêu cầu chúng tôi ngừng xử lý dữ liệu cá nhân của bạn cho các mục đích tiếp thị hoặc định hình. Bạn có thể hủy đăng ký nhận bản tin của chúng tôi bằng cách nhấp vào liên kết hủy đăng ký ở cuối bản tin của chúng tôi. Bạn vẫn có thể nhận các cảnh báo và thông báo quan trọng khác. Bạn có thể sử dụng quyền phản đối của mình qua phần cài đặt tài khoản hoặc theo thông tin liên hệ chi tiết bên dưới.
• Quyền hạn chế xử lý. Trong một số trường hợp, bạn có quyền hạn chế việc xử lý dữ liệu của mình. Khi việc xử lý bị hạn chế, dữ liệu của bạn sẽ chỉ được lưu trữ và không được xử lý thêm. Ví dụ: Nếu bạn không thừa nhận tính chính xác của dữ liệu, bạn có quyền hạn chế xử lý dữ liệu gây tranh cãi trong khi đảm bảo rằng dữ liệu của bạn là chính xác. Bạn có thể sử dụng quyền hạn chế xử lý theo thông tin liên hệ chi tiết bên dưới.
• Quyền di chuyển dữ liệu. Khi việc xử lý được thực hiện bằng các phương pháp tự động và dựa trên hợp đồng hoặc sự chấp thuận, bạn có quyền lấy dữ liệu mà mình đã cung cấp cho HMD dưới định dạng có thể đọc được để có thể chuyển sang cho một người kiểm soát khác. Thao tác này có thể được thực hiện qua phần cài đặt tài khoản hoặc theo thông tin liên hệ chi tiết dưới đây.

Nếu bạn không thể trực tiếp sử dụng quyền di chuyển trên sản phẩm và dịch vụ HMD mà bạn sử dụng, bạn có thể liên hệ với chúng tôi qua

• Cổng thông tin tài khoản điện thoại Nokia: www.nokia.com/phones/sso/login
• Hỗ trợ khách hàng: www.nokia.com/en_int/phones/support#contact-us
• Ứng dụng hỗ trợ trong điện thoại Nokia của bạn
• Thư: HMD Global Oy, c/o Privacy, Bertel Jungin aukio 9, 02600 Espoo, Phần Lan

Bạn có thể yêu cầu thông tin chi tiết về việc di chuyển đến các bên thứ ba, quốc gia thứ ba và các biện pháp bảo vệ được đề cập ở trên bằng cách liên hệ với chúng tôi. Nếu bạn tin rằng HMD vi phạm quyền lợi của bạn theo luật bảo vệ dữ liệu, bất chấp các quy tắc được quy định trong Chính sách quyền riêng tư và phần Phụ lục có liên quan, bạn có quyền gửi đơn khiếu nại tới cơ quan bảo vệ dữ liệu.

Ai là người kiểm soát dữ liệu cá nhân của bạn?

HMD Global Oy là người kiểm soát dữ liệu cá nhân của bạn khi dữ liệu cá nhân được xử lý có liên quan đến điện thoại Nokia, tài khoản điện thoại Nokia và các dịch vụ liên quan khác. Giám đốc Bảo vệ Dữ liệu của chúng tôi là Jari Koljonen.

Đối với những vấn đề liên quan đến việc thực hiện quyền riêng tư của HMD, bạn cũng có thể liên hệ với chúng tôi qua:

HMD Global Oy, c/o Privacy, Bertel Jungin aukio 9, 02600 Espoo, Phần Lan

Các sản phẩm hoặc dịch vụ của chúng tôi có thể chứa liên kết đến các trang web và dịch vụ của các công ty khác với chính sách quyền riêng tư riêng. Mọi liên kết đến các trang web và dịch vụ kể trên chỉ được cung cấp để thuận tiện cho bạn. Trước khi gửi dữ liệu cá nhân của bạn cho bên thứ ba, HMD khuyên bạn nên dành thời gian để làm quen với các chính sách về quyền riêng tư của bên thứ ba này.

Những thay đổi đối với Chính sách quyền riêng tư này

HMD có thể thường xuyên cập nhật Chính sách này để phản ánh những thay đổi trong các hoạt động xử lý dữ liệu cá nhân của chúng tôi đối với các sản phẩm và dịch vụ của chúng tôi hoặc theo quy định của pháp luật. Những thay đổi đối với Chính sách quyền riêng tư này hiện có sẵn tại mục "Những điều đã thay đổi?" trong Cổng thông tin về Quyền riêng tư của HMD (www.nokia.com/phones/privacyportal). Chúng tôi cũng sẽ ghi rõ ngày cập nhật mới nhất tại phần đầu của Chính sách này.

Bạn có thể giúp HMD Global cải thiện chất lượng và hiệu suất của điện thoại Nokia. Khi bạn tham gia vào Chương trình Trải nghiệm Người dùng, chúng tôi sẽ thu thập chi tiết kỹ thuật về điện thoại và dịch vụ của bạn, cách chúng hoạt động và cách bạn sử dụng chúng.

Ví dụ: Dữ liệu được sử dụng để

• cải thiện điện thoại và ứng dụng
• nâng cao tuổi thọ pin
• cung cấp các tính năng và dịch vụ hữu ích hơn
• cá nhân hóa sản phẩm và dịch vụ của chúng tôi mà bạn đang sử dụng và cung cấp các dịch vụ có liên quan hơn phù hợp với hồ sơ và sở thích của bạn, ví dụ: Đưa ra đề xuất và hiển thị nội dung được tùy chỉnh và quảng cáo trong dịch vụ của chúng tôi.

Thông tin được thu thập bao gồm, ví dụ:

• Số nhận dạng điện thoại (IMEI)
• Mẫu điện thoại
• Phiên bản ứng dụng và hệ thống điện thoại
• Mã Di động Quốc gia (MCC)
• Vị trí địa lý (gần điểm truy nhập Wi-Fi hoặc tháp di động)
• Mã Mạng Di động (MNC)
• Địa chỉ IP
• Mức pin
• Các ứng dụng và phần mềm đã cài đặt
• Các liên kết và tính năng đã sử dụng
• Tần suất các ứng dụng đang được sử dụng
• Thông tin về sự cố và lỗi phần mềm

Chúng tôi không sử dụng dữ liệu đã thu thập để nhận dạng cá nhân bạn. Tuy nhiên, bạn có thể kết hợp dữ liệu sử dụng với điện thoại của mình dựa trên mã định danh thiết bị đã thu thập, chẳng hạn như IMEI. Dữ liệu sử dụng điện thoại của bạn chỉ được sử dụng nhằm mục đích cải thiện chức năng và hiệu suất của điện thoại và các dịch vụ cũng như để cá nhân hóa đề xuất của chúng tôi. Ví dụ: Nếu chúng tôi nhận thấy rằng điện thoại di động sử dụng nhiều pin, chúng tôi có thể đề xuất cài đặt để tiết kiệm pin. Chúng tôi có thể chia sẻ dữ liệu thu thập được với nhà phát triển ứng dụng thuộc về bên thứ ba để giúp họ cải thiện các ứng dụng và dịch vụ của họ. Dữ liệu được chia sẻ là ẩn danh và không thể liên kết với bạn hoặc với thiết bị của bạn.

Vị trí kích hoạt (GPS) được thu thập một lần duy nhất trong quá trình kích hoạt điện thoại với điều kiện người dùng đã tham gia Chương trình Trải nghiệm Người dùng. Nếu người dùng không tham gia Chương trình Trải nghiệm Người dùng, vị trí kích hoạt (GPS) sẽ không được thu thập.

Bạn có thể lựa chọn không tham gia Chương trình Trải nghiệm Người dùng qua phần cài đặt thiết bị của bạn.

Nokia Mobile Care is HMD Global's online consumer service that you can contact when you have an inquiry or a request concerning our products or services. You can contact us via the My phone application on your phone or by using the chat or email form found on the Nokia phones website. In some countries, we also have a call service available.

Dữ liệu cá nhân mà bạn cung cấp cho Nokia Mobile Care được xử lý để cung cấp dịch vụ khách hàng, phản hồi các yêu cầu của khách hàng cũng như phát triển các dịch vụ và sản phẩm của chúng tôi.

Depending on your request and method of contacting us, we may collect the following information:

• Tên
• Email
• Quốc gia
• Bản ghi
• Dữ liệu kỹ thuật điện thoại
• Thông tin nhận dạng điện thoại và phần mềm, ví dụ IMEI và phiên bản phần mềm
• Ở các quốc gia có dịch vụ cuộc gọi, chúng tôi cũng thu thập số điện thoại của bạn

In connection with our support services, we can request to collect your phone identification number (IMEI) for checking the warranty period, insurance or other service connected to your phone.

You can view the previous version of this document by clicking here.

Nokia phones account provides you with an access to the online services and personal data associated with your profile and device. Your personal data is processed for the purposes of providing access and control to your data. In addition, it allows us to customize our offering and provide more relevant and meaningful communication with you.

You can create a Nokia phones account by using your email or accounts from Google or Facebook. Depending on the sign-up method, the following information is collected:

• Name

• Email and password

• Phone number

• Country

• Date of registration

• Unique ID assigned for your account

The account information is combined with other personal data that you have provided for us by using your Nokia phone and our services. The collected data includes, for example:

• Order history from the Nokia phones online shop

• Warranty and repair information

• Communication with the customer service

• Participation to Nokia Beta labs

Nokia mobile Tribe is HMD’s voluntary program for both phone users and persons who work for HMD or who promote, market, distribute or sells Nokia branded mobile devices and accessories. The program is used for information sharing and training purposes (learning program), as well as in selected markets for running an incentive program for the phone retailers (incentive program) and for the field force management program. You can use the program via the Nokia mobile Tribe application on your phone. This app provides you access to the Nokia mobile Tribe learning, field force and incentive programs and any other events and activities which may be offered under Nokia mobile Tribe. The purpose of Nokia mobile Tribe is to enable better information sharing and communication, creating stronger sales based on performance and to act as an engagement tool for salespeople.

Your personal data is processed, for example, for the following purposes:

• Improvement of HMD’s services, including help desk improvements, research, marketing, product development and planning, marketing of products
• Operations and development of the Nokia mobile Tribe application, including enabling the joining and using of the application and for mapping user activities
• Connection of reported sales with right salespeople and identification of correct distributor and retailer for facilitation of stocking property
• Compliance with legal obligations based on mandatory law
• Fraud prevention purposes
• Payment processing

The collected information includes, for example:

• First name and last name
• Phone number
• Email address
• Country of residence
• Activity submissions such as photo card and video card submission
• IP address
• Date of birth (optional)
• Address with city and zip code (optional)
• User’s profile photo (optional)

We can share the collected personal data with a third-party app developer to help them improving the application and the Nokia mobile Tribe program. In connection with the incentive program, we also share your internal ID and e-mail ID with payment vendors to enable them to perform the payments.
You can opt out from the Nokia mobile Tribe program by deleting your profile from the application on your phone.

Effective date April 6, 2020

HMD is complying with the California Consumer Privacy Act of 2018 (CCPA), which is a California data protection regulation that enhances the rights and customer protection of California residents. This supplement supplements HMD Global Privacy Policy for products and services and applies only to individuals residing in California from whom we collect personal information as defined in the CCPA (“Personal Information”).

How do we collect, use and share your personal information?

Information regarding the categories of Personal Information we process, the purposes for the processing of each category, and how we share your Personal Information are described in detail in HMD Global Privacy Policy for products and services.

In the preceding twelve (12) months, we have not sold Personal Information to any third parties, including data aggregators.

What are your California consumer rights?

If you are a California resident, as defined in the California Code of Regulations, you have the following rights under the CCPA:

• Right to know and access

  You have the right to submit a verifiable request for information regarding the:

  • categories of Personal Information collected or disclosed by us,
  • purposes for which categories of Personal Information are collected by us,
  • categories of sources from which we collect Personal Information,
    and
  • specific pieces of Personal Information we have collected about you during the past twelve (12) months.

We will provide you with the information in a portable and, to the greatest extent possible, readily useable format once we have received and validated your request.

You can find more information about the collection, use and sharing of your Personal Information from HMD Global Privacy Policy for products and services.

• Right to erasure

You have the right to request deletion of your Personal Information, subject to certain exceptions. We will delete your Personal Information and direct our service providers to do so once we have received and validated your request, unless an exception applies.

• Right to fair treatment

You have the right not to receive discriminatory treatment for the exercise of your CCPA consumer rights, subject to certain limitations.

• How can you exercise your rights?

If you cannot exercise the above described rights directly through the HMD products and services you use, you can contact us and submit your request via:

• Phone: +1 833 766 5420
• Nokia phones account portal: www.nokia.com/phones/sso/login
• Customer support: www.nokia.com/phones/en_int/support#contact-us
• Support application in your Nokia phone
• Mail: HMD Global Oy, c/o Privacy, Bertel Jungin aukio 9, 02600 Espoo, Finland

You have the right to make a free request two times in any 12-month period. We will make the disclosure within 45 days of receiving your request, unless we request an extension. In the event that we reasonably need a 45-day extension, we will notify you of the extension within the initial 45-day period.

Changes to the CCPA Supplement

We reserve the right to amend this supplement at our discretion and at any time (at least every 12 months). When we make changes to this supplement, we will notify you by email or through a notice on our website.

We care about your privacy

We, HMD Global Oy, including our affiliates (herein after referred to as “HMD”), are committed to respect your privacy and to comply with applicable data protection and privacy laws. This Privacy Notice (“Notice”) applies to personal data that is processed in the context of HMD’s business to business (B2B) activities. In this context, HMD processes personal data concerning its corporate clients, potential corporate clients, vendors, subcontractors and other stakeholders.

“Personal data” refers to any information relating to an identified or identifiable natural person.

“Processing” refers to any operation or set of operations which is performed on personal data.

“Controller” refers to the body which alone or jointly with others determines the purposes and means of processing of personal data, i.e. decides about the processing activities.

What information do we collect?

We collect personal data directly from you when you contact us, meet us personally or otherwise interact with us. The collected personal data includes, for example:

• name
• email address
• phone number
• your contact preferences
• your stance towards our offering
• background information

Why do we process personal data?

We process your personal data to enter into and execute agreements, to provide and market our services and products, to communicate with you and to develop our business.

We process personal data when it is necessary for the preparation and execution of agreements. Please note that without your personal data we may not be able to enter into an agreement or provide you with our products and services.

We also process personal data in connection with other commonly agreed testing and supply arrangements relating to our products and services based on our legitimate interest to market our products and services and grow our professional network. In addition, we process personal data to develop our business operations and offering. When a legitimate interest is regarded as the basis for the processing, we have conducted a balancing test to ensure that your rights are taken into account. You can object to such processing and request more information about the balancing test by using the contact details below.

Processing of your personal data can be based on your consent, for example, if you order our newsletter. In these situations, we ask your consent before your personal data is processed. Giving a consent is always voluntary and you have the possibility to withdraw your consent at any time. A withdrawal of consent does not affect the lawfulness of processing based on consent before the withdrawal. You can withdraw your consent by clicking unsubscribe link at the bottom of the newsletter or by contacting us by using the contact details provided below.

Where necessary, we also process personal data to comply with the legal requirements to which HMD is subject to. HMD can have, for example, a legal obligation to disclose your personal data to the authorities when requested.

Do we share personal data?

Your personal data is processed within HMD entities. We do not disclose or otherwise transfer your personal data unless otherwise stated below.

• Service providers. We obtain assistance and use service providers, such as CRM tool providers, in processing personal data for the purposes described in this Notice. Service providers are required to process personal data only in accordance with the applicable laws and HMD’s instructions.

• International transfers of personal data. Running our business involves using resources and servers located in various countries around the world. Therefore, your personal data can be transferred across international borders, including to countries outside the EU or EEA that do not have laws providing specific protection for personal data or that have different legal rules on data protection. In such cases, adequate protection for your personal data is provided as required by applicable law, for example, by using standard data protection clauses and by requiring the use of other appropriate technical and organisational information security measures. You may request information on the details of transfers to third countries and safeguards by using the contact details below.

• Mandatory disclosures and legal proceedings. We can be obligated by mandatory law to disclose your personal data to certain authorities or other third parties to comply with our legal obligations. We may also need to disclose and otherwise process your personal data in accordance with applicable law to defend our legitimate interests, for example, in civil or criminal legal proceedings.

• Mergers and Acquisitions. If we decide to sell, buy, merge or otherwise reorganise our businesses in certain countries, this can involve us disclosing personal data to prospective or actual purchasers and their advisers, or receiving personal data from sellers and their advisers.

How long is the data retained?

We review personal data held in our systems on a periodic basis to ensure that it is not retained longer than it is necessary. Contact details and other information will be deleted within six (6) months after they are no longer needed for the purposes they were collected for (for example, when the role of the person changes in a way that s(he) is no longer representing the organization of which contact person s(he) was).

What steps are taken to safeguard personal data?

We are committed to ensure that your personal data is secure. To prevent unauthorised access or disclosure we implement technical, physical and organizational measures to protect personal data against accidental or unlawful destruction, accidental loss or alteration, and unauthorized disclosure, or access.

We have assigned specific responsibilities to address privacy and security related matters. We enforce our internal policies and guidelines through an appropriate selection of activities, including proactive and reactive risk management, security and privacy engineering, training and assessments. We take appropriate steps to address online security, physical security, risk of data loss and other such risks taking into consideration the risk represented by the processing and the nature of the data being protected. Also, we limit access to our data bases containing personal data to authorised persons having a justified need to access such information. We have implemented appropriate access control measures to ensure that personal data can only be accessed by those who need to process it by virtue of their tasks.

What are your rights?

• Right of access. You have a right to know what personal data we hold about you or to receive a confirmation that we do not process data concerning you.

• Right to rectification. You have a right to have incomplete or incorrect personal data rectified. This means that if there are errors in the data concerning you, or if it is inaccurate or deficient, you have the right to ask HMD to rectify or complete that data.

• Right to erasure (‘Right to be forgotten’). You have the right to have your personal data erased in certain situations, for example, when the processing of your data is no longer necessary for the purposes for which it was collected. Please note that the data can be necessary to perform the contract between you and HMD, or HMD can have compelling legitimate grounds to retain certain data.

• Right to object. When the processing of your personal data is based on legitimate interest, you have a right to object to such processing on grounds relating to your particular situation. You have always a right to object to direct marketing.

• Right to restriction of processing. In certain situations you might have a right to restrict the processing of your personal data. When the processing has been restricted, your data will only be stored and not processed further. For example, if you contest the accuracy of your data, you have the right to have the contested data under a restriction of processing during the time when it is ensured that the data is accurate.

• Right to data portability. When the processing of your personal data is based on a contract or consent and carried out by automated means, you have a right to obtain the data you have provided to HMD in a machine-readable format so that you can transfer it to another controller.

You can exercise your rights by contacting us via the contact details provided below.

If you believe that HMD, regardless of the principles set out in this Notice, infringed upon your rights according to applicable data protection law, you have a right to lodge a complaint with the data protection authority.

Who is the controller of your personal data?

The controller of your personal data is HMD Global Oy, Bertel Jungin aukio 9, 02600 Espoo, Finland. Our Data Protection Officer is Jari Koljonen.

In case you want to use your data protection rights or you have any questions concerning the processing of your personal data, please contact us via

• Customer support: www.nokia.com/en_int/phones/support#contact-us
• Mail: HMD Global Oy, c/o Privacy, Bertel Jungin aukio 9, 02600 Espoo, Finland

Changes to this Notice

We update and modify this Notice from time to time, should it become necessary to do so. Changes to this document can be seen behind the link in the heading: “Look what has been changed”. For data processing that is specific to products or services of HMD, see our Privacy Policy.

We care about your privacy

We, HMD Global Oy, including our affiliates, (herein after referred to as “HMD”) are committed to respect your privacy and to comply with applicable data protection and privacy laws. This Privacy Policy (“Policy”) applies to personal data obtained in the context of a recruitment process within HMD. This Policy explains, inter alia, what kind of personal data we collect about you, how your personal data is processed during the recruitment activities, and what rights you have in relation to such processing of personal data.

This Policy will be supplemented by applicable local mandatory law where necessary. In case mandatory law is in conflict with this Policy, mandatory local law will prevail. We may also provide you with additional information concerning the processing of your personal data in connection with recruitment related systems or services.

“Personal data” refers to any information relating to an identified or identifiable person.

“Processing” refers to any operation or set of operations which is performed on personal data.

“Controller” refers to the body which alone or jointly with others determinates the purposes and means of processing of personal data i.e. decides about the processing.

What information do we collect?

We collect personal data primarily directly from you. In addition, when it is necessary for assessing your suitability for the position you are applying for, personal data can be collected from third party sources to the extent permitted by applicable legislation, or based on your consent. When you apply for a position with HMD, we only collect personal data which is relevant for making the recruitment decision. We collect e.g. the following types of personal data in the course of recruitment activities:

• Basic candidate information such as your name and contact details;
• Information concerning your competences, skills, experience and education;
• Information concerning your preferences, such as preferred country of employment and areas of interest;
• Right to work documentation and other security screening information when needed;

The examples provided are not all-inclusive. We can also collect similar or related information.

Your personal data is received and combined, as applicable, in connection with

• using LinkedIn recruitment services (if you apply via LinkedIn, we are provided with your LinkedIn profile and/or with your CV, based on what you have chosen)
• utilizing recruitment agency services (we receive CVs with professional background and salary details of candidates)
• interviews or other communications with you
• contacting the references you have provided
• receiving right to work documentation
• personality and aptitude assessments
• background checks (realibility and security screenings)

Why do we process personal data?

Your personal data is processed for assessing your suitability for the role for which you are applying for. We can also assess your suitability for the future roles that may become available. In addition, we process your personal data, inter alia, when communicating with you in relation to our recruitment activities, when managing our recruitment and resourcing activities, for developing our recruitment services and systems, and to comply with legal obligations.

Processing of your personal data is necessary for the preparation and execution of an employment or other contract and for compliance with legal obligations. Please notice that failure to provide necessary personal data may disqualify you from employment or other engagement.

We process personal data based on our legitimate interests where applicable. Our legitimate interests include interest to receive and process applications and corresponding data for our recruitment purposes and lawful activities related to running and developing our business, such as developing our recruitment and resources systems and processes. When our legitimate interest is the basis for the processing, we have conducted a balancing test to ensure that your interests are not interfered more than necessary. You have a right to object to the processing based on our legitimate interest. To request more information about the balancing test, please contact us by using the contact details below.

We collect personal data also based on your consent. For example, we may ask you to provide contact details of your references and your consent for contacting them. When we process your personal data on the basis of your consent, you have the right to withdraw your consent any time. You can withdraw your consent by using the contact details below or, in case you have been directly contacted by us, by using the contact details of your recruitment contact. Withdrawal of the consent does not affect the lawfulness of processing based on consent before its withdrawal.

Do we share personal data?

Your personal data is processed only by those members of the staff who are assessing your application and other related information for making the recruitment decision or who are performing support functions to recruiting. These include, for instance, recruiters, hiring managers and other interviewers and individuals performing administrative and IT support functions.

We do not transfer or disclose your personal data to other parties unless otherwise stated below.

• Service providers and partners

We obtain assistance or use service providers for conducting our recruitment activities. We utilize LinkedIn recruitment services in our recruitment activities. When a person is hired, we will form a new employee record to our HR system of which service provider is Sage People Limited. When we utilize service providers, they will be required to process personal data only in accordance with our instructions and to maintain appropriate organisational and technical measures to ensure data security of such personal data. In some countries we also use recruitment agencies as realible partners to help us find suitable candidates and job boards to advertise our open positions. You may request more information on the service provides we use and partners that we have by using the contact details below.

• International transfers of personal data

Our recruitment services are provided using resources and servers located in various countries around the world due to the international nature of our business. Primarily your personal data is only processed within the HMD entity which you are applying for, but when it is necessary for making the recruitment decision on the position you are applying for, your personal data can be transferred across international borders within the HMD entities. This can sometimes include countries outside the European Economic Area (EEA) that do not have laws providing specific protection for personal data or that have different legal rules on data protection. This may come in question, for example, when the hiring manager of the position is located within HMD entity outside of EEA. In addition, when you are applying via LinkedIn, your personal data can be transferred to United States (U.S.). When personal data is transferred outside of EEA, the processing is organized by the data protection clauses approved by the European Commission or by other valid mechanisms guaranteeing equal level of protection as provided by the EU General Data Protection Regulation. You may request information on the details of transfers to third countries and safeguards by using the contact details below.

• Mandatory disclosures and legal proceedings

In some cases we can be obligated by mandatory law to disclose your personal data to certain authorities or other third parties, for example, to law enforcement agencies. Exceptionally we may also need to disclose and otherwise process your personal data in accordance with applicable law to defend our legitimate interests, for example, in civil or criminal legal proceedings.

• Mergers and acquisitions

If we decide to sell, buy, merge or otherwise reorganise our businesses in certain countries, this can involve us disclosing personal data to prospective or actual purchasers and their advisers, or receiving personal data from sellers and their advisers.

How long is the data retained?

Depending whether you are hired or rejected, the personal data you provided will either be used to create an employee record or it will be deleted.

If we choose to employ you, we retain the necessary personal data for the length of your employment and as required by applicable laws.

If we do not employ you, your personal data will be deleted 24 months after the recruitment process from our records. Background check as well as personality and aptitude assessment results will be deleted immediately after the process.

How do we address data quality?

We take reasonable steps to ensure that personal data we process is accurate and not excessive for the purposes for which it is processed. Please note that you have shared responsibility regarding the accuracy of your personal data. You should only submit information which is complete, accurate and up to date.

What steps are taken to safeguard personal data?

We are committed to ensure that your personal data is secure. To prevent unauthorised access or disclosure we implement technical, physical and organizational measures to protect personal data against accidental or unlawful destruction, accidental loss or alteration, and unauthorized disclosure or access.

We have assigned specific responsibilities to address privacy and security related matters. We enforce our internal policies and guidelines through an appropriate selection of activities, including proactive and reactive risk management, security and privacy engineering, training and assessments. We take appropriate steps to address online security, physical security, risk of data loss and other such risks taking into consideration the risk represented by the processing and the nature of the data being protected. Also, we limit access to our data bases containing personal data to authorised persons having a justified need to access such information.

What are your rights?

• Right of access. You have a right to know what personal data we hold about you or to receive a confirmation that we do not process data concerning you.

• Right to rectification. You have right to have incomplete or incorrect personal data rectified or completed.

• Right to be forgotten. You have the right to have your personal data erased in certain situations, for instance, when the processing of your personal data is no longer necessary for the purposes for which it was collected, or if the processing is based on your consent and you want to withdraw your consent and there are no other bases for processing. Please notice that sometimes we may have a legal obligation or other basis to retain your personal data and, thus, it cannot be erased.

• Right to object. When the processing of your personal data is based on legitimate interest, you have the right to object to such processing on grounds relating to your particular situation.

• Right to restriction of processing. In specific situations you might have the right to restrict the processing of your personal data. When the processing has been restricted, your personal data will only be retained and not processed further. For example, if you contest the accuracy of your personal data, you have the right to have the data in question under a restriction of processing during the time when it is assured that it is accurate.

• Right to data portability. When processing of your personal data is based on a contract or your consent and carried out by automated means, you have the right to obtain the data you have provided to us in a machine readable format so that you can transfer it to another controller.

You can exercise your rights by making a request by using the contact details below. Please notice that we need to be able to verify your identify in order to be able to carry out your request.

If you believe that HMD, regardless of the principles set out in the Privacy Policy, infringed upon your rights according to applicable data protection law, you have a right to lodge a complaint with the data protection authority.

Who is the controller of your personal data?

The controller of your personal data during the recruitment phase is the entity you are applying to have a role in, jointly with HMD Global Oy where applicable. The affiliate and HMD Global Oy are jointly responsible for providing you adequate information about the processing of your personal data. HMD Global Oy will carry on your data protection related rights with the assistance of its affiliates. Data Protection Officer of HMD is Jari Koljonen.

In case you want to use your data protection rights or you have any questions concerning the processing of your personal data, please contact:

recruitment@hmdglobal.com or

HMD Global Oy, c/o Privacy, Bertel Jungin aukio 9, 02600 Espoo, Finland

In case you have been directly contacted by us, you can also use the contact details of your recruitment contact.

Changes to this Policy

We may need to update and modify this Policy from time to time in case it becomes necessary to do so. Changes to this document can be seen behind the link in the heading: “Look what has been changed”. Where necessary, we will contact you for informing about the changes to this Policy. For data processing that is specific to a products or services of HMD and is not connected to the recruitment activities, see HMD Global Privacy Policy.

Cookies and how we use them

This policy details how HMD Global Oy uses cookies and cookie-like files and technologies on its websites, e.g. Local Shared Objects, also known as “Flash cookies”, web beacons etc. We refer to these generically as “cookies”. If you visit our websites and you opt-in to the use of cookies, we consider this as an acceptance of our use of cookies.

What are cookies and how do they work?

Cookies are small text files that are sent to and stored in your computer by the websites you visit. Cookies collect in some instances personal data, with which a person can be identified. Cookies are stored in your browser’s file directory. Next time you visit the site, your browser will read the cookie and relay the information back to the website or element that originally set the cookie. Two types of cookies used are "session-only" and "persistent". "Session-only" cookies are deleted when you end your browser session. "Persistent cookies" remain on your device for the time period set in the cookie after which time they delete themselves. However, these cookies may be renewed every time you visit the website. Web beacons are transparent graphic images which are used in combination with cookies to monitor the use of the website.

Cookie types

It is common to distinguish between first-party cookies and-third party cookies. First-party cookies are allocated to the website that you visit while third-party cookies come from a third-party, such as a web analytics program.

Why do we use cookies?

We use cookies to offer you a smoother experience with our web services. View your options for managing cookies in the next chapter.

Necessary functions. These cookies are essential for running our web sites and are the key to providing you a seamless experience. You can navigate uninterrupted e.g. by remembering language and country choices you’ve made and by preserving authentication to secure parts of the domain. These cookies also enable the shopping cart to function and remember products of interest when you are redirected to an Operator site for a possible purchase.

Statistics and site improvement. These cookies enable us to improve our websites by looking at how they are used. We do analytical profiling to understand e.g. unique users reading a particular article (to know what is popular) or if a video file was viewed or abandoned half way through. We also look at where content is accessed so we know how to arrange our sites for optimal user experience.

Web push notifications. With your explicit consent, we may send push notifications via desktop and mobile browser on the website Nokia.com/phones. Web push notifications are notifications that can be sent to you anytime your browser is open, regardless of whether or not you are on the website. We may send you push notifications relating to your activity on our websites, or to inform you about latest product releases and software updates, promotions, online purchase orders and Nokia phones news.

Preferences and personalisation. These cookies help make the content as personalised as possible, for example by showing you targeted banners and relevant recommendations. We examine what type of reference was used to reach our sites, e.g. an email campaign or a link from a referral site, so we can estimate the effectiveness of our promotions and advertising campaigns.

Marketing. We use these cookies to dynamically serve our ads on our own and selected third party websites. Our domains may also include elements that set cookies on behalf of a third party.

How can I manage cookies?

You can review the options available to manage cookies in your browser. The browser can be used to manage cookies relating to statistics and site improvement, preferences and personalisation and marketing. Different browsers use different ways to disable cookies, but they are usually found under a Tools or Options menu. Please follow the instructions below, from the most common web browser manufacturers directly, to configure your browser settings*.

Microsoft Internet Explorer (IE)
Google Chrome
Safari
Firefox

In addition to cookie management, browsers usually let you control files similar to cookies, for example Local Shared Objects, e.g. by enabling the browser’s privacy mode. We use third party vendor managed advertising cookies to promote our products in HMD controlled web sites. You may be able to opt-out from certain third party managed advertising cookies through third party cookie management sites.

You can deactivate web push notifications at any time by switching them off via the settings icon of each notification and in your browser settings.

Can I still visit the website if the cookie-function is disabled?

Yes. Should you have cookies disabled on your online device, you will continue to have the same access to the website content as with cookies enabled. However, some functions such as surveys, tools and shopping cart might operate with reduced functionality or not at all. If you manage or disable the use of cookies your device might receive a cookie to remember this choice. However, this cookie does not include any personal data, with which a person could be identified.

How long do we keep the information?

It depends based on the type of cookies. Session cookies expire when you close the browser. Persistent cookies, including Local Shared Objects (“Flash cookies”), have typical expiration dates ranging from two months up to a couple of years. For more information on cookie expiry see the cookie declaration.

Cookies used, and data collected by third parties

In order to gain more information about the activities on our website and to target advertising, we use 3rd-party cookies for analytics and advertising.

Some of our websites use 3rd-party advertising technologies, such as Google Campaign Manager (previously known as DoubleClick) and the Facebook pixel, to serve ads. These 3rd parties use tracking technologies to collect information from our website and use the information for ad serving, targeting, verification, and reporting. You can opt out from the collecting and manage your preferences through e.g. the following websites: http://www.aboutads.info/choices and http://www.youronlinechoices.eu/.

Our websites use third party analytics, like Google Analytics, a web analytics service provided by Google, Inc. (“Google”) and other third-party cookies for advertising. Google Analytics uses Cookies to help the website analyze how users use the site. The information generated by the cookie about your use of the website (including your anonymized IP address) will be transmitted to and stored by Google on servers in the United States.

Google analytics can collect personal information (e.g. IP address). On behalf of the website provider Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage to the website provider. You can find more information on the data processing of Google Analytics here: https://policies.google.com/technologies/partner-sites?hl=fi.

You can deactivate this data processing in Google’s privacy settings here: https://myaccount.google.com/ and by installing the Google Analytics Opt-out Browser Add-on here: https://tools.google.com/dlpage/gaoptout/.

HMD is not liable for the processing of data by third parties, including cookies and other tracking technologies as well as the links. Privacy policies and terms of use of the third parties are applied. You can find the privacy policy and terms of service of Google below.  Terms of Service Privacy Policy

What else should you know?

We may from time to time change this Cookie Policy. However, if this Policy is changed in a material, adverse way, we will post a notice advising of such change at the beginning of this Policy and on this site's home page. We recommend that you re-visit this Policy from time to time to learn of any such changes to this Policy.

If you have additional questions, please contact us by writing to:

Bertel Jungin aukio 9 02600 Espoo Finland

Cookie declaration

Effective as of 15 September 2017

These license terms are an agreement between HMD Global Oy ("HMD Global") and you. They apply to the pre-release software versions (the "Beta Software") available on Nokia phones beta labs ("Beta Labs"). To participate in the Beta Labs activities, you need to be at least 18 years of age. You understand and agree that participation in the Beta Labs activities is voluntary. HMD Global reserves a right to modify these terms from time to time.

1. LICENSE. Subject your compliance with these license terms, you may install and use the Beta Software on your Nokia device specified in the instructions of Nokia Phones Beta Labs for the purpose of testing and evaluating the Beta Software and providing HMD Global with feedback on quality and usability of the Beta Software.
2. LICENSE RESTRICTIONS. You may not (1) reverse engineer, decompile or disassemble the Beta Software, except to the extent that applicable law expressly permits; (2) use components of the Beta Software to run applications not running on the Beta Software; (3) publish the Beta Software for others to copy; (4) sublicense or sell the Beta Software; or (5) transfer the Beta Software or these terms to any third party.
3. TERM. The term of this agreement will expire upon the commercial release of the Beta Software. You have the right to use the Beta Software under the license terms of this agreement during this period.
4. PRE-RELEASE SOFTWARE. The Beta Software is a pre-release version. It may not work the way a final version of the software will. HMD Global may significantly change it or decide not to release a final version. You understand that you may need to remove pre-loaded, commercial software from your device to install the Beta Software and that you may be unable to revert back to the commercial release of the software you were using prior to installing the Beta Software. Applications you have installed or been using may be unable to function in the same manner than earlier. HMD Global encourages you to back-up all data and information on your device before your participation in the Beta Labs activities. The Beta Software should not be used in business-critical devices. YOU UNDERSTAND THAT BY INSTALLING THE BETA SOFTWARE, YOUR DEVICE MAY NOT BE CAPABLE OF BEING RESTORED TO ITS ORIGINAL CONDITION AND THAT APPLICATIONS MAY BE AFFECTED BY YOUR USE OF THE BETA SOFTWARE. HMD GLOBAL SHALL NOT BE RESPONSIBLE FOR ANY COSTS, EXPENSES OR OTHER LIABILITIES YOU MAY INCUR AS A RESULT OF YOUR TESTING, INSTALLATION OR USE OF THE BETA SOFTWARE, INCLUDING BUT NOT LIMITED TO ANY DAMAGE TO ANY DEVICE, BETA SOFTWARE OR DATA OR ANY LOSS OF DATA.
5. PRIVACY. Data collected in connection with the Developer Preview activities will be treated in accordance with HMD Global Privacy Policy. We are using the data to help us to create, improve, operate or deliver our products, services and content. We may contact you based on your feedback, in order to correct malfunctions in our software or device. We are also using the collected data for internal purposes e.g. data analysis or research.
6. FEEDBACK. If you give feedback about the Beta Software to HMD Global, you acknowledge and agree that (1) HMD Global may have similar development ideas to the feedback; (2) your feedback does not contain confidential or proprietary information of you or any third party; (3) HMD Global is not under any obligation of confidentiality with respect to the feedback; (4) HMD Global and its licensors may freely use, distribute, exploit, further develop and modify feedback for any purpose; and (5) you are not entitled to any compensation from HMD Global.
7. OPEN SOURCE SOFTWARE. Parts of the Beta Software may be provided with notices and open source licenses from third parties that govern the use of those parts. Any licenses granted hereunder do not alter any rights and obligations you may have under such open source licenses.
8. WARRANTY DISCLAIMER. The Beta Software is licensed "AS-IS". HMD Global gives no express warranties, guarantees or conditions. HMD Global excludes the implied warranties of merchantability, fitness for a particular purpose and non-infringement.
9. LIMITATION OF LIABILITY. HMD GLOBAL SHALL NOT BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL OR CONSEQUENTIAL DAMAGES, LOST PROFITS OR FOR BUSINESS INTERRUPTION ARISING OUT OF THE USE OF OR INABILITY TO USE THE BETA SOFTWARE, EVEN IF HMD GLOBAL HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME JURISDICTIONS DO NOT ALLOW EXCLUSION OF CERTAIN WARRANTIES OR LIMITATIONS OF LIABILITY, SO THE ABOVE LIMITATIONS OR EXCLUSIONS MAY NOT APPLY TO YOU. THE LIABILITY OF HMD GLOBAL WOULD IN SUCH CASE BE LIMITED TO THE GREATEST EXTENT PERMITTED BY LAW.
10. GOVERNING LAW. These license terms will be governed by the laws of Finland. Any dispute resolution between you and HMD Global arising of or relating to these license terms shall take place in Finland, Helsinki in the Finnish courts.

These license terms are an agreement between HMD Global Oy ("HMD Global") and you. They apply to the developer preview software builds pre-release software versions (the "Developer Preview Software") available on Nokia phones Android developer preview ("Developer Preview"). To participate in the Developer Preview activities, you need to be at least 18 years of age. You understand and agree that participation in the Developer Preview activities is voluntary. HMD Global reserves a right to modify these terms from time to time.

1. LICENSE. Subject your compliance with these license terms, you may install and use the Developer Preview Software on your Nokia device specified in the instructions of Developer Preview for the purpose of testing and evaluating the Developer Preview Software and providing HMD Global with feedback on quality and usability of the Developer Preview Software.
2. LICENSE RESTRICTIONS. You may not (1) reverse engineer, decompile or disassemble the Developer Preview Software, except to the extent that applicable law expressly permits; (2) use components of the Developer Preview Software to run applications not running on the Developer Preview Software; (3) publish the Developer Preview Software for others to copy; (4) sublicense or sell the Developer Preview Software; or (5) transfer the Developer Preview Software or these terms to any third party.
3. TERM. The term of this agreement will expire upon the commercial release of the Developer Preview Software. You have the right to use the Developer Preview Software under the license terms of this agreement during this period.
4. PRE-RELEASE SOFTWARE. The Developer Preview Software is a pre-release version. It may not work the way a final version of the software will. HMD Global may significantly change it or decide not to release a final version. You understand that you may need to remove pre-loaded, commercial software from your device to install the Developer Preview Software and that you may be unable to revert back to the commercial release of the software you were using prior to installing the Developer Preview Software. Applications you have installed or been using may be unable to function in the same manner than earlier. HMD Global encourages you to back-up all data and information on your device before your participation in the Developer Preview activities. The Developer Preview Software should not be used in business-critical devices. YOU UNDERSTAND THAT BY INSTALLING THE DEVELOPER PREVIEW SOFTWARE, YOUR DEVICE MAY NOT BE CAPABLE OF BEING RESTORED TO ITS ORIGINAL CONDITION AND THAT APPLICATIONS MAY BE AFFECTED BY YOUR USE OF THE DEVELOPER PREVIEW SOFTWARE. HMD GLOBAL SHALL NOT BE RESPONSIBLE FOR ANY COSTS, EXPENSES OR OTHER LIABILITIES YOU MAY INCUR AS A RESULT OF YOUR TESTING, INSTALLATION OR USE OF THE DEVELOPER PREVIEW SOFTWARE, INCLUDING BUT NOT LIMITED TO ANY DAMAGE TO ANY DEVICE, DEVELOPER PREVIEW SOFTWARE OR DATA OR ANY LOSS OF DATA.
5. PRIVACY. Data collected in connection with the Developer Preview activities will be treated in accordance with HMD Global Privacy Policy. We are using the data to help us to create, improve, operate or deliver our products, services and content. We may contact you based on your feedback, in order to correct malfunctions in our software or device. We are also using the collected data for internal purposes e.g. data analysis or research.
6. FEEDBACK. If you give feedback about the Developer Preview Software to HMD Global, you acknowledge and agree that (1) HMD Global may have similar development ideas to the feedback; (2) your feedback does not contain confidential or proprietary information of you or any third party; (3) HMD Global is not under any obligation of confidentiality with respect to the feedback; (4) HMD Global and its licensors may freely use, distribute, exploit, further develop and modify feedback for any purpose; and (5) you are not entitled to any compensation from HMD Global.
7. OPEN SOURCE SOFTWARE. Parts of the Developer Preview Software may be provided with notices and open source licenses from third parties that govern the use of those parts. Any licenses granted hereunder do not alter any rights and obligations you may have under such open source licenses.
8. WARRANTY DISCLAIMER. The Developer Preview Software is licensed "AS-IS". HMD Global gives no express warranties, guarantees or conditions. HMD Global excludes the implied warranties of merchantability, fitness for a particular purpose and non-infringement.
9. LIMITATION OF LIABILITY. HMD GLOBAL SHALL NOT BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL OR CONSEQUENTIAL DAMAGES, LOST PROFITS OR FOR BUSINESS INTERRUPTION ARISING OUT OF THE USE OF OR INABILITY TO USE THE DEVELOPER PREVIEW SOFTWARE, EVEN IF HMD GLOBAL HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME JURISDICTIONS DO NOT ALLOW EXCLUSION OF CERTAIN WARRANTIES OR LIMITATIONS OF LIABILITY, SO THE ABOVE LIMITATIONS OR EXCLUSIONS MAY NOT APPLY TO YOU. THE LIABILITY OF HMD GLOBAL WOULD IN SUCH CASE BE LIMITED TO THE GREATEST EXTENT PERMITTED BY LAW.
10. GOVERNING LAW. These license terms will be governed by the laws of Finland. Any dispute resolution between you and HMD Global arising of or relating to these license terms shall take place in Finland, Helsinki in the Finnish courts.

• Version: 1.0
• Effective date 27 July, 2017
• Audience: Suppliers
• Owner: General Counsel
• Approver: HMD Board
• Related Policies: HMD Code of Conduct, HMD Business Ethics Policy, HMD Environmental, Health & Safety Policy, HMD Conflict Mineral Policy, HMD Human Rights and Labour Policy

1. Scope

In this document, HMD/our/we refer to HMD global Oy (“HMD”) and all its affiliates. The Code of Conduct is global and covers all HMD global Oy’s legal entities. This code outlines what HMD expects from our suppliers in relation to Human Rights & Labour, Business Ethics, Environmental, Health and Safety and Management practices. HMD will assess its suppliers by their conformance to this code and any violation of it will result in remedial actions. Failure of our supplier to comply with this code or the remedial actions set could result in termination of the business contract.

2. Our Approach

This document has been made to comply with international laws and regulations as well as HMDs values. In addition, we have looked to International Standards including; the Electronic Industry Citizenship Coalition’s (EICC) Code of Conduct; United Nations Declaration of Human Rights; United Nations’ Guiding Principles on Business and Human Rights; International Labor Organisation’s (ILO) Core Conventions; Environmental management standard ISO 14001; Organisation for Economic Co-operation and Development (OECD) Guidelines for Multinational Enterprise; Occupational health and safety management standard OHSAS18001 and the Social accountability standard SA 8000.

3. Business Ethics

HMD is strongly committed to conducting ourselves in accordance with our commitment to the highest standards of ethical conduct. Our supplier shall operate by the same Ethical standards we set ourselves and comply by the related policies and procedures, and all applicable national and international laws.

3.1 Improper Payments

HMD believe in fairness and honesty; we obtain and retain our business relationships with these principles firmly in mind. Our supplier shall adhere to anti-corruption laws and shall not allow corrupt or inappropriate payments made by, or on behalf of, our supplier to HMD, our employees or customers, government officials or third parties. These payments can occur in many forms and include among other things; bribes, gifts, entertainment, gratuities, favors, donations or facilitation payments. We extend our understanding of improper payments to include any transfer of value that is not consistent with HMD policies, procedures or applicable laws.

3.2 Fair Competition

Our supplier shall adhere to marketplace regulations and anti-trust laws. These laws protect the market from unethical agreements and collaborations among competitors which may affect competition. Our supplier shall uphold these standards of fair business, advertising and competition.

3.3 Privacy and Security

Privacy and security are key considerations in the creation and delivery of HMD’s products and services. Our supplier shall commit to respect privacy and to comply with applicable data protection and privacy laws. Our supplier shall have in place internal policies and guidelines through an appropriate selection of activities, including proactive and reactive risk management, security and privacy engineering, training and assessments.

Our supplier shall take appropriate steps to address online security, physical security, risk of data loss and other such risks; taking into consideration the risk represented by the processing and the nature of the data being protected. Our Supplier shall not transfer personal data without ensuring it is safe, responsible and legal to do so. When confidential data is no longer needed, it shall be destroyed securely.

3.4 Intellectual Property and Confidential Information

It is essential that Intellectual property rights are followed and respected. Whenever our supplier has a need to transfer technology and know-how they shall do so in a manner that protects intellectual property rights and any information regarding HMD or our affiliates should be safeguarded. In addition, our supplier shall have in place an ‘Incident Response Procedure’ (IRP) to manage breaches of confidential information.

3.5 Dealing with Officials

We prohibit the use of “facilitating payments” which refers to small payments, usually made in cash, which are typically provided to a government official to speed up or guarantee a routine action that the official is already obligated to perform.

3.6 Controllership

Our supplier shall ensure that they disclose requested information related to aspects of this code, including; Human Rights & Labour, Business Ethics, Environmental, Health and Safety and Management as well as general practices such as business activities, financial situation/performance and company structure. Such disclosures of information shall comply with applicable laws and regulations wherever they operate and our supplier shall not condone the falsification of records, misrepresentation of conditions, or practices throughout the supply chain.

3.7 Responsible Sourcing of Minerals

Suppliers or partners who manufacture any aspect of our products (including components and parts) containing tin, tantalum, tungsten or gold, shall have a detailed policy or procedure in place to ensure that the products manufactured, do not directly or indirectly finance or benefit armed groups, that are perpetrators of serious human rights abuses in the Democratic Republic of the Congo, or an adjoining country.

These same suppliers shall maintain a Conflict Mineral Policy outlining their legal compliance, measures for implementation and commitment to responsible sourcing. This includes due diligence on the source and chain of custody of all related minerals. These documents shall be kept and made available for HMD to view upon request for a period of 5 years.

3.8 Confidential Reporting and Non-Retaliation

Our Supplier shall maintain programs that ensure their employees and suppliers have access to confidential and anonymous reporting channels, as well as protection in place for acts of whistleblowing. Our supplier shall have in place a clear, visible and communicated process for anyone working at their facility to be able to raise concerns without fear of retaliation.

4. Labour & Human Rights

At HMD we believe that everyone in our supply chain deserves respect, fair treatment and equal rights. Our suppliers create jobs all over the world and we expect them to commit to making those jobs have a positive impact on their lives. This is true for all workers from direct to indirect, permanent and temporary workers as well as students and migrant workers or any other type of worker. We refer to all types of workers as simply “employees” or “workers” in this document.

4.1 Fair and Freely Chosen Employment

Work shall always be a voluntary act. Our supplier shall comply with this statement and be committed to ensuring that no form of slavery or trafficking of persons are used in any aspect of their business. This includes involuntary prison labour, forced, bonded, debt bonded or indentured persons.

Our supplier shall ensure that every employee has a contract that covers the terms and conditions of their employment agreement that is signed by both the employee and the supplier. The terms and conditions should contain all relevant aspects including but not limited to; working hours and guaranteed wage, overtime rates of pay and compensation, payment and frequency of payment and their notice period. In addition, the contract should be written in the native language of the employee, to ensure they fully understand the terms. In the case of migrant workers this contract should be available to them prior to leaving their country of origin.

Our supplier shall ensure that all employees receive basic induction training and have all the training, equipment and experience to conduct their work duties safety. The employee shall be free to leave their work at any time and their movement should never have their movement unreasonably restricted either within their workplace or when entering or exiting the facility. No employee in our supplier’s facilities, either of the company, or through an agency or any other external employment agreement, should be required to submit possession of their personal documents to anyone. This includes passports, identity and immigration documents or work permits. These personal documents are owned by the individual and should never be held, concealed, destroyed or confiscated. The only reason for any documents being held is if it is required by law.

No employee shall be required to make any payment to either the employer or an agent in order to secure their employment, training or as a form of punishment of any kind or any other fees related to their employment. Our supplier shall ensure that if they uncover any such fees being paid then the money shall be returned to the employee promptly.

Our supplier shall ensure that adequate policies and procedures are in place to protect workers and potential workers against any form of discrimination, harassment, harsh or inhumane treatment or any other unlawful discrimination or treatment, including disciplinary policies and procedures. No worker should be subjected to sexual abuse or harassment, physical, mental or verbal abuse or harassment, corporal punishment or any threats regarding treatment of this kind.

Our supplier shall ensure that they employ, retain and promote possible candidates based on their qualifications, skills and competences only; they shall not consider a person’s race, sex, religion, marital status, pregnancy, nationality, ethnicity, disability, sexual orientation, expression and any other characteristic covered by law. Our supplier shall provide workers with adequate facilities for religious practice. Under no circumstances should employees or potential employees be subjected to medical, physical or pregnancy examination or testing that could be used in a discriminatory way.

4.2 Young Workers Protection

No one under the age of completing compulsory education or under the local legal age of employment or under 15 years of age (whichever is the greatest) shall be employed by, or on behalf of our supplier.

Young workers (under the age of 18) need to be protected and our supplier shall not require them to perform tasks that could risk their health & safety. In addition, young workers should not work overtime or night shifts. Student workers shall be provided with training and support and our supplier shall ensure that they maintain student records and conduct thorough due diligence of educational partners protecting the rights of the student in accordance with applicable laws and regulations. Young workers including; students, interns and apprentices should be paid at least the same rate of pay as other employees that perform equal or similar tasks.

4.3 Working Hours and Wages

Our supplier shall ensure that working weeks do not exceed the restrictions placed on them by local law. No worker shall work in excess of 60 hours per week including overtime and they must have at least one day off per six days worked. Workers shall also be entitled to at least two weeks of paid leave per year. In addition, overtime shall be limited to comply with local law or to a maximum of 12 hours per week. Overtime shall always be paid at a premium rate and be taken as a choice by the employee. Overtime should be used in unusual or emergency situations and not a regular request of workers.

Workers shall be compensated in accordance with local laws in relation to minimum wage rates and legally mandated benefits. Workers shall be provided with wage statement in a timely manner, that makes clear indication of the hours worked, so that they can verify their wage is correct, for the hours they worked. The document should be understandable to the worker in their native language if required. Temporary workers of any kind as well as outsourced workers shall be used within the restrictions of local law.

4.4 Communication, Collective Bargaining and Freedom of Association

Workers shall be provided with access to information that is relevant to them, their employment and their work. They shall be made aware of changes as they happen in order to conduct their work to the best of their ability. Our supplier shall have in place the means to measure worker satisfaction and strive to improve this metric where possible. Workers shall be able to discuss openly their opinions, ideas and concerns without the fear of retaliation of any kind.

Our supplier shall respect the rights of all workers to form and join trade unions of their choosing in conformance with local law. Collective bargaining is an important right of employees and they should be allowed to engage in peaceful assembly. In addition, worker shall be free to refrain for any such activity.

The rights of whistle-blowers shall be protected and confidential channels shall be offered for the reporting of unfair conditions of any kind.

4.5 Modern Slavery

Modern Slavery is an umbrella term that includes; slavery, human trafficking, forced or compulsory labour and servitude. Modern slavery as a term refers to a situation where a person is coerced, deceived, taken unwillingly and/or indebted into a position where they feel trapped, held, compelled or forced to work.

Our supplier shall ensure that anyone working for them or on their behalf is free to choose who they work for, when they work and where they work. Our supplier shall not trap, compel or force another person to work. In addition, they shall have in place a system by which they can monitor anyone contracted to work on their behalf by these same standards. Our supplier shall implement and maintain as part of their due diligence a system to uncover any abuses that may occur and to make this data available to HMD.

We expect our suppliers and their employees to respect human rights and to report any suspected violation of the UK Modern Slavery Act to us through our legal team to ethics@hmdglobal.com.

4.6 Non-Disclosure Agreements

Our supplier shall ensure that any workers that are in contact with confidential information regarding HMD, its subsidiaries or the Nokia brand have signed a Non-Disclosure Agreement (NDA). It is important that the employee is made fully aware of the meaning of this document and the extent of agreement being made.

5. Environmental Protection

HMD are committed to environmental protection and we manage our activities and our supplychain closely to ensure we not only meet the relevant legislation and international standards but wherever we can we strive for higher. We expect our suppliers to be committed to preventing and reducing the impacts of our business through open and ethical management practices.

5.1 Environmental Management System (EMS)

Our supplier shall have in place an Environmental Management System (EMS) that effectively plans, operates and controls significant environmental aspects of their operations and the electronics industry. They shall ensure at all times these measures at least comply with legal and legislative requirements.

We are committed to ensure our suppliers are sharing our values regarding environmental protection. Our suppliers are required to have an EMS in place that is capable of planning, operating and controlling environmental aspects. Our suppliers shall ensure that they periodically review their environmental legislation, applicable regulations and customer requirements and shall supply evidence of their compliance as requested. Additionally, our suppliers shall conduct and/or cooperate with internal and external environmental risk audits. Our supplier shall implement improvement targets and programs, necessary employee training and communication, internal audits and management reviews.

We require our manufacturing partners to be certified as compliant with ISO14001 or the EcoManagement and Audit Scheme (EMAS).

5.2 Improving Environmental Performance

Our suppliers shall have in place continuous improvement projects aimed at identifying, measuring, controlling and improving their environmental performance. Environmental performance includes all significant environmental aspects related to their activity including; energy usage, water access, usage and conservation, waste and defect creation, reducing the materials per product which in turn reduces the effects on mining and biodiversity, reducing the use of hazardous materials and chemicals, improving the processes in place that manage risks and ensuring the cleanest possible treatment and control of waste generation.

Resource usage and waste creation of all kinds need to be reduced wherever possible either at source or through modifying processes or substituting materials. We expect our suppliers to look towards the “EU Waste Hierarchy” model and where possible they should aim to Reduce, Reuse, Recycle and Reclaim in that order of priority whenever and wherever possible.

5.3 Energy Efficiency & Green House Gas (GHG) Emissions

Our supplier shall be committed to reducing their carbon footprint and shall measure, and report on their energy consumption and GHG emissions. This requires them to identify the sources of their emission both internally and externally and for them to define clearly the scope of their reporting.

Our supplier shall look to monitor the data they assemble and highlight areas for cost effective improvements to minimise GHG emissions within their control.

5.4 Air Emissions

We require any emissions to the air created by the operations of our suppliers be characterised, monitored, controlled and treated prior to discharge. These emissions include aerosols and other ozone depleting chemicals, volatile organic chemicals, corrosives, particulates, and combustion by-products. In addition, our suppliers shall continuously improve the performance of their air emission control systems through a routine identification and monitoring processes.

5.5 Water Use Reduction

As part of their EMS our suppliers shall identify and measure their water consumption and investigate ways in which they can reduce it.

5.6 Storm Water Management

As part of their EMS we require our suppliers to take a systematic approach to the way they routinely manage, monitor and report their storm water management. Our suppliers shall minimise the risks of discharges or spills and they shall have robust systems in place to protect against pollutants from entering public drainage and ensure they comply with the law.

5.7 Waste & Wastewater Management

As part of their EMS we require our suppliers to implement a comprehensive system that characterises, monitors, controls and treats waste and wastewater created by their operations and products. We also expect our suppliers to work towards reducing their waste creation and in turn increase the volume of recycled waste. This process must adhere to legal requirements and environmental best practice approaches before any discharge or disposal.

As part of their EMS we also require our suppliers to comply fully with wastewater and solid waste management obligations. They must always maintain a systematic approach to wastewater and solid waste management. This includes having all the required permits and approvals in place (for instance, to store hazardous waste).

5.8 Design for Environment

Our suppliers shall include environmental consideration for all areas of product development. This also include adhering to our substance list and minimising or removing negative environmental impacts whenever it is possible to do so, this includes any hazardous constituents. These improvements can increase the efficiency of our products, reduce the use of materials and enable greater recycling capabilities.

5.9 Substance List

Our suppliers shall follow our Substance List and work closely with us and their suppliers to reduce or ban these materials and chemicals as stated in our Substance List.

5.10 Hazardous Substances

Chemicals and other materials that pose the risk of hazards to the environment require special care and attention. At all times their use should be restricted as much as possible and they should be clearly identified and managed. Their use, handling, storage, movement, recycling, reuse or disposal should be done in a controlled way that poses the least risk to the environment.

6. Health & Safety

As part of their management systems our suppliers shall include aspects related to reducing the risk of work-related injury and illness. This is required to produce working environments that are conducive of productive, safe and healthy work. This requires communication and training as well as processes, rules, regulations and documentation.

6.1 Health & Safety Management System

Our supplier shall have in place an occupational health & safety management system that complies with the OHSAS 18001 or similar internationally recognised standards. The system must be cover aspects such as the planning, operation and control of risks and hazards related to health & safety including; training and communication/feedback sessions for employees, periodic auditing and assigned improvement programs and targets.

As part of this system our supplier shall have a standard procedure in place to access and control the risks of accidents and injuries as well as occupational diseases in a proactive and preventative manner. Additionally, an appointed senior manager shall be responsible for periodically ensuring the system is functioning and is suitable.

6.2 Health & Safety Training and Communication

Our supplier shall ensure that those responsible for ensuring the health and safety of workers are sufficiently trained and knowledgeable as well as given adequate time and resources to perform their tasks. All employees shall be trained on the health and safety aspects that are appropriate for their role in their native language. Health and Safety signage and communications shall be clearly present in and around the facility.

6.3 Occupational Health & Safety

Our supplier shall have measures in place to safeguard against preventable accidents and emergencies. Nominated employees that are responsible for Occupational Health and Safety shall be trained and workers shall be encouraged to raise safety concerns. Employees shall be protected against exposure to potential hazards such as; slip, trips or fall hazards, vehicles, fire or from electrical/energy sources through adequate procedures that identify, minimise and prevent hazards. These procedures include, an ongoing safety training program and safety instructions, preventable maintenance and safe work practices, clear signage, machine maintenance and safeguarding, chemical controls, personal protective equipment and clothing, hearing protection and excessive noise reduction. Additional care shall be taken with employees under 18 year of age (young workers). Supplier shall take responsibility for its employees when they carry out work off premises.

6.4 Emergency Preparations

Emergency procedures shall be in place to identify potential emergency situations and events. Our supplier shall have emergency plans, evacuation procedures, employee training and drills, appropriate fire detection, sufficient extinguishers, adequate exit facilities and recovery plans in place in case any emergency should arise. Our supplier shall have a pro-active approach to emergency risk and ensure that wherever possible risks to life, the environment and property are minimised.

6.5 Occupational Injury and Illness

Our Supplier shall, as part of their Health and Safety Management system have procedures to mitigate and manage injuries and illnesses sustained by their employees. This requires prevention, management, tracking and reporting on occupational injury and illness. Employees shall be provided with a means to report discomfort, illness and/or injuries sustained. All suspected and actual injuries and illnesses reported by employees shall be classified and recorded and employees shall be provided with treatment or equipment to aid with their recovery and prevent future problems. In addition, investigations shall be made and corrective actions taken to eliminate their causes to ensure that workers can return safely to work.

6.6 Industrial Hygiene

Our supplier shall have in place engineering and administrative measures to identify, monitor, control and limit worker’s exposure to chemical, biological and physical agents to prevent overexposures. Adequate personal protective equipment shall be supplied to workers at risk.

6.7 Physically Demanding Work

Our supplier shall have processes to identify, evaluate and control hazards of physically demanding work. Employees shall be protected and train on aspects such as manual handling, repetitive tasks (i.e. in assembly), heavy lifting and prolonged periods of standing or sitting. When such hazards are found, our supplier shall monitor, aim to control and minimise their risks.

6.8 Equipment Safeguarding

Our supplier shall have adequate management systems in place to cover aspects where employees are operating with dangerous or hazardous substances or with equipment, production machines or other machinery. In all of these cases our supplier shall ensure that workers are provided with the correct protective equipment and the equipment/machinery should be fitted with properly maintained guards, interlocks and barriers to ensure our employees safety.

6.9 Clean and Safe Buildings and Facilities

Our supplier shall provide workers with safe and clean buildings and facilities. This includes workers having access to clean drinking water, adequate and clean toilet facilities, sanitary food preparation and storage areas as well as safe and clean eating facilities.

In those facilities that require workers to live on site their dormitories shall be provided for by the supplier or their labour agent. Dormitories shall be well maintained to ensure safety with reasonable personal space. They shall have access to lockable storage for worker’s private belongings. They shall be clean with appropriate emergency exits and signage, access to clean drinking water, hot water for bathing/washing and adequate heating and ventilation. Workers shall have reasonable privileges to enter and leave their accommodation and these facilities shall comply with legal safety standards and regulations.

7. Management

Our supplier shall have a Code of Conduct in place, to showcase their values and commitment to; ethical; environmental; human rights; labour and health and safety topics related to their business operations. Procedures and physical controls that are put in place shall be in relative and adequate for the associated risk and in accordance with our supplier’s Code of Conduct. This document will have a continuous improvement methodology and be based on Internationally recognised standards and management systems as well as comply with all relevant laws and regulations. A copy of the Code of Conduct shall be visible in the facility; written in the local language. In addition, we expect our supplier to have a process for setting requirements in their Code of Conduct on to their suppliers and monitoring their compliance. Our supplier’s management shall ensure that the messages contained their Code of Conduct is transferred throughout their business and relevant employees are trained on its contents and related procedures, risks and policies. In addition, we expect our supplier to be able to show supporting documentation and/or evidence that such actions are taking place and training should be recorded as and when it is completed. Training shall be in accordance applicable laws and regulations.

7.1 Management Systems

Our supplier shall identify the senior executive and company representatives responsible for ensuring the management systems and associated programs are in place. Additionally, senior management will review the systems periodically with the focus on ensuring they are adequate.

7.2 Environmental and Social Objectives

Our supplier shall set performance objectives set to realistic timeframes with implementation plans. These objectives shall look to improve on their environmental and social performance and shall be available in written form if required. The objectives shall also have clear processes in place for reviewing the progress and amending expectations as appropriate.

7.3 Audits, Assessments and Corrective Actions

Our supplier shall conduct self-evaluations periodically and allow for external auditors to conduct similar audits of their facilities to ensure that they conform to legal and regulatory requirements. In cases where the contents of this code are more detailed and/or stricter than local laws and regulations audits shall check to ensure that they comply with the content of this Code of Conduct and our contractual requirements on ethical, environmental and societal responsibility.

Our supplier shall ensure that required corrective actions are taken in a timely manner and these activities are monitored and reported following the correct procedure, ensuring regulatory compliance whilst protecting privacy.

7.4 Communication and Worker Participation and Feedback

Our supplier shall make clearly available their policies and procedures as well as clearly defined expectations and practices they expect their workers to follow. Workers shall receive adequate training to mean these requirements and be given the right to participate in and give feedback on practices and conditions covered. This shall be an ongoing progress of continuous feedback and improvement measure.

7.5 Documentation and Records

Our Supplier shall create and maintain relevant documentation to assure their compliance and conformity on all the matters discussed in this Supplier Code of Conduct. This documentation shall be made available to HMD or external auditors working on behalf of ourselves or our customers. Appropriate measure shall be taken to protect privacy rights.

8. Supplier Management & Purchasing

Our supplier shall have adequate measures in place to set requirements and manage the compliance of their suppliers. The term supplier used in this section includes any company/person who, from HMD’s perspective, would be considered a sub-supplier such as vendors, subcontractors, service providers, partners, etc.

Our supplier’s supplier base strategy and supplier base management systems must ensure subsuppliers conform with HMD’s supplier requirements (including labour and environmental aspects) as well as all applicable laws and regulations. Our supplier shall take these conformance aspects into consideration when choosing their suppliers and they shall have a structure by which they identify, evaluate and select suppliers.

Purchase and Service agreements shall be used with all suppliers and shall include valid NonDisclosure Agreements (NDAs). These NDAs shall align and conform to the NDAs in place between HMD and the supplier.

Our supplier shall set environmental, labour (including health and safety, human rights and ethics) and management requirements on our sub-suppliers. This also includes aspects such as waste handling and recycling. In addition, sub-suppliers who are responsible for waste disposal shall be appropriately authorised and licenced to carry out these tasks and our supplier shall ensure this compliance.

1. Acceptance and Effect

This purchase order ("Purchase Order") is between HMD Global Oy or its affiliate defined in the Purchase Order ("HMD") issuing the Purchase Order and the supplier identified herein ("Supplier") and covers:

1. Goods: the purchase of software and tangible goods
2. Services: The purchase/ordering of services
3. Deliverables: Any intellectual property or other work product developed specifically for HMD by Supplier or a subcontractor of Supplier as part of the Services

This Purchase Order is effective upon Supplier’s commencement of performance or the date of Supplier’s signature below, whichever is earlier. Except as set forth in Section 2 below, Supplier’s acceptance of this Purchase Order is expressly limited to these terms and conditions without counterproposal.

2. Relationship to Other Agreements

The terms and conditions of this Purchase Order are the complete and binding agreement between HMD and Supplier except:

1. If multiple agreements with similar or contradictory provisions could apply to this Purchase Order, the parties agree the most favourable terms to HMD will apply, unless the result would be unreasonable, unconscionable or prohibited by law.
2. Except as stated above in this Section 2, and other than Order Changes described in Section 8 and the Termination provisions in Section 12, additional or different terms will not supersede this Purchase Order unless the parties mutually execute a written document.

3. Packing, Shipment and Returns of Goods or Deliverables

Unless specifically provided in this Purchase Order:

1. Packing.

   1. Price based on weight will include net weight only.
   2. Supplier will not charge HMD for packaging or pre-shipping costs, such as boxing, crating, handling damage, drayage, or storage.

2. Shipping.

   1. Supplier will mark all containers with necessary handling and shipping information, Purchase Order number(s), date of shipment, and names of the consignee and consignor;

   2. An itemized invoice and packing list, and other documentation required for domestic or international transit, regulatory clearance or identification of the Goods or Deliverables will accompany each shipment;

   3. HMD will only pay for the quantity received, not to exceed the maximum quantity ordered;

   4. HMD or its agent will hold over-shipments at Supplier’s risk and expense for a reasonable time awaiting Supplier’s shipping instructions;

   5. HMD will not be charged for shipping or delivery costs;

   6. Goods and Deliverables will be delivered post issuance of the Purchase Order date:

      1. FOB to the HMD designated delivery location if the Goods and Deliverables originate in the same jurisdiction as the HMD designated delivery location; or
      2. DDP (Incoterms 2010) to the HMD designated delivery location for cross border delivery of Goods and Deliverables to the HMD designated delivery location; and

   7. Supplier will bear all risk of loss, damage, or destruction to the Goods or Deliverable, in whole or in part, occurring before final acceptance by HMD at the designated delivery location. HMD is responsible for any loss caused by the gross negligence of its employees before acceptance.

   8. Returns. Supplier will bear the expense of return shipping charges for over-shipped quantities or rejected items.

4. Invoices

1. To the extent that electronic invoicing is available, Supplier will follow that process. If there is no electronic invoicing, invoices will be sent to the following email: invoices@hmdglobal.com
2. Invoice must contain the following information: Purchase Order number, item number, description of item, quantities, unit prices, extended totals, packing slip number, shipping, ship to city and state, taxes, and any other information reasonably required by HMD. Supplier will not charge HMD for researching, reporting on or correcting any errors relating to its invoices. In those circumstances, Supplier authorizes the electronic invoicing provider to receive
   
   
   Supplier’s invoice data not yet constituting an original invoice and subsequently to apply an electronic signature to the invoice data to issue electronic invoices "in the name and on behalf of" Supplier.
3. HMD may dispute any invoice by providing oral or written notice or partial payment. HMD will make commercially reasonable efforts to notify Supplier in writing of any disputed amount within 60 days of receiving the applicable invoice. Neither failing to provide notice nor payment of an invoice is a waiver of any claim or right.

5. Payment Terms / Cash Discounts / Offset / Expenses

1. After HMD accepts the Goods or Services and receives a correct and undisputed invoice (the "Create Date"), HMD will release payment by net 60 days (unless otherwise agreed post issuance of this purchase order)
2. HMD is not obligated to pay any invoice received from Supplier more than 120 days after HMD accepts the Goods or Services.
3. Payment of an invoice will not constitute acceptance of Goods, and is subject to adjustment for errors, shortages, defects or other failure of Supplier to meet the requirements of this Purchase Order.
4. HMD may set-off amounts owed to HMD against an amount HMD owes Supplier or Supplier’s affiliated companies. HMD will provide notice to Supplier within a reasonable time after the setoff.
5. Unless otherwise agreed, Supplier is responsible for all expenses incurred providing the Goods or Services and performing under this Purchase Order.

6. Taxes

1. Except as otherwise provided below, the amounts to be paid by HMD to Supplier do not include any taxes. HMD is not liable for any taxes that Supplier is legally obligated to pay, including, but not limited to net income or gross receipts taxes, franchise taxes, and property taxes. HMD will pay Supplier applicable GST or any other taxes it owes due to this Purchase Order and which the law requires Supplier to collect from HMD. If HMD provides Supplier a valid exemption certificate, Supplier will not collect the taxes covered by such certificate. Supplier will indemnify and hold HMD harmless from any claims, costs (including reasonable attorneys’ fees) and liabilities related to Supplier’s taxes.
2. If the law requires HMD to withhold taxes from payments to Supplier, HMD may withhold those taxes and pay them to the appropriate taxing authority. HMD will deliver to Supplier an official receipt for such taxes. HMD will use reasonable efforts to minimize any taxes withheld to the extent allowed by law.

7. Inspection and Acceptance

1. The Goods and Services must meet the standards and specifications in this Purchase Order. HMD may cancel this Purchase Order if Supplier fails to comply with the Purchase Order standards and specifications.
2. All Goods and Services will be subject to HMD’s inspection and testing, at any time and place, including the period of manufacture and before final acceptance.
3. If any item provided under this Purchase Order is defective in materials or workmanship or not in conformity with the requirements, then HMD may reject it without correction, require its correction within a specified time, accept it with an adjustment in price, or return it to Supplier for full credit. When HMD provides notice to Supplier, Supplier will promptly replace or correct, at their expense, any item rejected or requiring correction. If, after HMD’s request, Supplier fails to promptly replace or correct a defective item within the delivery schedule, HMD may, at its sole option, (i) replace or correct such item and charge the cost to Supplier, (ii) without further notice terminate this Purchase Order for default, return the rejected item to Supplier at Supplier’s expense and Supplier will promptly refund any amounts paid by HMD for the returned item or (iii) require a reduction in price.

8. Order Changes

HMD may suspend Supplier’s performance, increase or decrease the ordered quantities, or make changes for HMD’s reasonable business needs (each, a "Change Order"), by written notice to Supplier, including via e-mail, and without any notice to Supplier sureties, subcontractors or assignees. Unless mutually agreed, a Change Order does not apply to change the Goods and Services timely and fully delivered before the date of the Change Order. If any change causes an increase or decrease in the cost of, or the time required for, the performance of the Purchase Order, an equitable adjustment shall be made in the price or delivery schedule, or both, and the Purchase order shall be modified accordingly in writing.

9. Tools and Equipment

All tools, equipment or materials acquired by Supplier for use in providing the Goods and Services, which have been furnished to, paid for by or charged against HMD, including but not limited to specifications, drawings, tools, dies, molds, fixtures, patterns, hobs, electrodes, punches, artwork, screens, tapes, templates, special test equipment, gauges, content, data, and software, will remain or become HMD’s property, treated as confidential information, and delivered in good condition, normal wear and tear excepted, by Supplier to HMD’s designated delivery location.

10. Ownership and use of the parties’ respective intellectual property

1. Each party will own and retain all rights to its pre-existing intellectual property and any intellectual property developed outside of the Goods and Services under this Purchase Order.
2. If Supplier uses any Supplier or third party intellectual property in any Good or Service, Supplier will continue to own Supplier’s intellectual property. Supplier will grant HMD a worldwide, nonexclusive, perpetual, irrevocable, royalty-free, fully paid up right and license, under all current and future intellectual property, to use Supplier’s and third party intellectual property consistent with HMD’s ownership interests.

3. HMD intellectual property.

   1. Supplier may obtain "HMD Materials" meaning any tangible or intangible materials (including hardware, software, source code, documentation, met methodologies, know how, processes, techniques, ideas, concepts, technologies, and data) provided by or on behalf of HMD to perform the Services. HMD Materials include any modifications to, or derivative works of, the foregoing materials, the trademarks and any data entered into any Supplier database as part of the Services.
   2. HMD retains all interest in HMD Materials and related intellectual property. Supplier has no right to sublicense HMD Materials.

   3. Regarding Supplier’s use of HMD Materials:

      1. Supplier will not modify, reverse engineer, decompile, or disassemble HMD Materials except as allowed by HMD;
      2. Supplier will leave in place, and not alter or obscure, all proprietary notices and licenses contained in HMD Materials;
      3. HMD is not obligated to provide technical support, maintenance or updates for HMD Materials;
      4. Supplier assumes the risk of loss, damage, unauthorized access or use, or theft or disappearance of HMD Materials in Supplier’s (or subcontractor’s) care, custody or control.

   4. License to software and Intellectual Property in the Goods.

      1. Pass through warranties and indemnities. Supplier assigns and passes through to HMD all of the thirdparty manufacturers’ and licensors’ warranties and indemnities for the Goods.
   5. Title to the Goods (other than software) will pass from Supplier to HMD on final acceptance.

11. Representations and Warranties

Supplier represents and warrants that:

1. Supplier has full rights and authority to enter into and perform according to this Agreement. Supplier’s performance will not violate any agreement or obligation between Supplier and any third party;

3. The Services will be performed professionally and be of high grade, nature and quality;

4. Supplier will provide to HMD all Goods and Services free from (i) any defects in design, workmanship and materials, (ii) any liability for royalties, and (iii) any mechanic’s liens or any other statutory lien or security interest or encumbrance;

5. The Goods, Services, Deliverables and any Supplier IP or third-party IP provided to HMD under this Agreement:

   1. Are not governed, in whole or in part, by an Excluded License. "Excluded License" means any software license that requires as a condition of use, modification and/or distribution, that the software or other software combined and/or distributed with it be (a) disclosed or distributed in source code form; (b) licensed to make derivative works; or (c) redistributable at no charge; and
   2. Will not be subject to license terms that require any HMD IP, product, service, or any Supplier IP, or third party IP licensed to HMD, or documentation which incorporates or is derived from the Deliverables, to be licensed or shared with any third party;

6. The Goods, Services, Deliverables and any Supplier IP or third-party IP provided to HMD under this Agreement will not:

   1. To the best of Supplier’s knowledge, infringe any patent, copyright, trademark, trade secret or other proprietary right of any third party; or
   2. Contain any viruses or other malicious code that will degrade or infect any Goods, product, service, or any other software or HMD’s network or systems;

7. Supplier will comply with all applicable laws, rules and regulations whether local, state, federal or foreign;

8. Supplier will comply with and train its employees in all applicable laws against bribery, corruption, inaccurate books & records, inadequate internal controls and money-laundering. Supplier will not offer or give any employee, agent, or representative of HMD gratuities to secure any business from HMD or influence such person to alter the terms, conditions, or performance of any contract with or order from HMD, including but not limited to this Purchase Order.

12. Termination

HMD may terminate this Purchase Order with or without cause. Termination is effective upon written notice. If HMD terminates for convenience, its only obligation is to pay for

1. Deliverables or Goods it accepts before the effective date of termination; or
2. Services performed, where HMD retains the benefit after the effective date of termination.

13. Privacy and Data Protection

1. "Personal Information" means any information provided by HMD or collected by Supplier under this Purchase Order:

   1. That identifies or can identify, contact, or locate the person to whom such information pertains; or
   2. That can be used to derive an individual person’s identification or contact information. Personal Information includes, but is not limited to: name, address, phone number, fax number, e-mail address, social security number or other government-issued identifier, and credit card information. To the extent any other information (e.g., a personal profile, unique identifier, biometric information, and/or IP address) is associated or combined with Personal Information, then such information is also Personal Information.

2. If Supplier collects or accesses any Personal Information as part of performing the Services, Supplier agrees to comply with the most current Data Protection Requirements applicable.
3. Compliance with Supplier Guidelines and Supplier Code of Conduct. Supplier will comply with the most current Supplier Guidelines and the Supplier Code of Conduct as communicated from time to time by HMD.

14. Subcontracting

Supplier will not subcontract with any third party to furnish any Goods or Services without HMD’s prior written consent.

15. Indemnification

Supplier will defend, indemnify and hold harmless HMD against all claims, demands, loss, costs, damages, and actions for (a) actual or alleged infringements of any third party intellectual property or other proprietary rights, which arise from the Goods and Services provided to HMD under this Purchase Order, (b) any claim that, if true, would constitute a breach of any Supplier warranty contained herein, (c) any act or omission of or failure to comply with applicable laws, rules or regulations by Supplier or Supplier’s agents, employees, or subcontractors, (d) any breach of confidentiality obligations, (e) the negligent or willful acts or omissions of Supplier or its subcontractors, which results in any bodily injury or death to any person or loss, disappearance or damage to tangible or intangible property, and (f) any claims of its employees, affiliated companies or subcontractors regardless of the basis, including, but not limited to, the payment of settlements, judgments, and reasonable attorneys’ fees.

16. Insurance

Supplier shall obtain and maintain in force with a reputable insurance company, and on request give evidence of, adequate insurance policies relating to its obligations under the Purchase order. Service Provider's obligations under this clause shall in no way limit or diminish its indemnification obligations, or liability for claims covered, under the terms of the Agreement. If HMD reasonably determines that Supplier’s coverage is not adequate, Supplier will promptly buy additional coverage and notify HMD in writing.

17. Non-Disclosure of Confidential Matters

If the parties have entered into a standard HMD Non-Disclosure Agreement, the terms of such agreement will apply to and be incorporated in this Purchase Order and all terms and conditions of this Purchase Order and HMD Materials will be deemed Confidential Information. If the parties have not entered into a standard

HMD Non-Disclosure Agreement, then Supplier agrees that during the term of this Purchase Order and for 5 years thereafter, Supplier will hold in strictest confidence, and will not use or disclose to any third party, any HMD Confidential Information. The term "HMD Confidential Information" means all nonpublic information that HMD designates, either in writing or orally, as confidential, or which, under the circumstances of disclosure ought to be treated as confidential. HMD Confidential Information includes:

1. The terms and conditions of this Purchase Order;
2. Released or unreleased HMD software or hardware products;
3. Marketing or promotion of any HMD product;
4. Business policies or practices of HMD;
5. Customers or suppliers of HMD;
6. HMD Materials or any information provided by HMD under this Purchase Order or obtained or created by Supplier in the course of providing the Goods or Services; or
7. Information received from others that HMD must treat as confidential.

If Supplier has questions regarding what comprises HMD Confidential Information, Supplier will consult HMD. HMD Confidential Information will not include information known to Supplier before HMD’s disclosure to Supplier, or information that becomes publicly available through no fault of Supplier.

18. Audit

During the term of this Purchase Order and for 4 years after, Supplier agrees to keep all usual and proper records and books of account and all usual and proper entries related to its costs and expenses pertinent to this Purchase Order. During the above referenced period, HMD may audit and/or inspect the applicable records and facilities to verify statements or invoices issued by Supplier and confirm Supplier’s compliance with this Purchase Order. Any such audit will be conducted by HMD corporate internal audit personnel or by a certified public accountant firm selected by HMD Supplier agrees to provide HMD’s designated audit or inspection team reasonable access to the Supplier records and facilities. If the auditors determine that HMD overpaid Supplier, Supplier will reimburse HMD for any such overcharge. HMD will bear the expense of its auditors or inspection team. However, if the audit shows Supplier overcharged HMD by 5% or more during such audit period, Supplier will reimburse HMD for such expenses.

19. Assignments

No right or obligation under this Purchase Order (including the right to receive monies due) will be assigned without the prior written consent of HMD. Any assignment without such consent will be void. HMD may assign its rights under this Purchase Order.

20. Notice of Labor Disputes

Whenever an actual or potential labor dispute delays or threatens to delay the timely performance of this Purchase Order, Supplier will immediately notify HMD in writing of such dispute and furnish all relevant details. Supplier will include a provision identical to the above in each subcontract and, immediately upon receipt of such notice, give written notice to HMD.

21. Patent License

Notwithstanding other conditions stated herein, if Supplier fails in performance according to the terms of this Purchase Order, Supplier, as part of the consideration for this Purchase Order and without further cost to HMD, automatically grants to HMD an irrevocable, non-exclusive, royalty-free right and license to use, sell, manufacture, and cause to be manufactured any and all products, which embody any and all inventions and discoveries made, conceived, or actually reduced to practice by or on behalf of Supplier in connection with a Deliverable under this Purchase Order.

22. Applicable Law

This Purchase order shall be construed and interpreted in accordance with the laws of Finland, excluding its rules for choice of law. All disputes arising out of or in connection with the present Purchase order shall be finally settled under the Rules of Arbitration of the International Chamber of Commerce by one or more arbitrators appointed in accordance with the said Rules. The arbitration shall be held in Helsinki, Finland. The language of the arbitration shall be English. The award shall be final and binding and enforceable in any court of competent jurisdiction. Nothing in the Purchase Order shall be deemed to limit the Parties' rights to seek interim injunctive relief or to enforce an arbitration award in a court of law.

23. Publicity; Use of Trademarks

Supplier will not use any HMD trademark, Nokia trademark/logo or service mark or logo, or cause or permit to be released any publicity, advertisement, news release, public announcement, or denial or confirmation of the same, in whatever form regarding any aspect of this Purchase Order or the relationship between Supplier and HMD without HMD’s prior written approval. If such approval is granted, Supplier may only use HMD trademarks, service marks and logos identified and provided by HMD for the Goods and Services in compliance with prior agreed terms and conditions.

24. Severability

If any court of competent jurisdiction determines that any provision of this Purchase Order is illegal, invalid or unenforceable, or if any terms are illegal, invalid or unenforceable under applicable law, the remaining provisions will remain in full force and effect.

25. Survival

The provisions of this Purchase Order which, by their terms, require performance after the termination or expiration or have application to events that may occur after the termination or expiration of this Purchase Order, will survive the termination or expiration of this Purchase Order. All indemnity obligations will be deemed to survive the termination or expiration of this Purchase Order.

26. Order of priority

In case of the execution of an Agreement between the parties, the terms of the Agreement will supersede the terms of this Purchase order and will be applicable to the parties hereto.