Effective Date:  March 1, 2023

This European Economic Area (EEA), United Kingdom (UK) and Switzerland Resident Privacy Notice supplements the information contained in our Privacy Policy  and applies to residents of the European Economic Area (EEA), the United Kingdom (UK) and Switzerland.  It contains additional information required by the EU General Data Protection Regulation and the UK and Swiss equivalents. These provisions, which should be read together with the statements in the main Axcelis Privacy Policy, explain our practices with regard to data privacy in the EEA, UK and Switzerland.

  1. Purpose of the Processing. The purposes of the processing are described in the section of the main Privacy Policy entitled “COLLECTION AND PROCESSING OF PERSONAL DATA AT AXCELIS.”
  1. Lawful Basis for the Processing. Generally, we process Personal Data on the basis that the processing is necessary for purposes of our legitimate interest in conducting our business in a manner typical in the US semiconductor and manufacturing industry, having taken into account any risks to your fundamental rights and freedoms (including your right to privacy). We may also process Personal Data on other bases permitted by the GDPR, the UK Data Protection Act 2018, and other applicable laws, such as when the processing is necessary for us to comply with our legal obligations, where you have provided your consent, when processing is necessary to fulfil a contract (including pre-contractual measures), and when processing is required to fulfill a legal obligation.
  1. Legitimate Interests of the Controller or Third Party, Where Applicable. Our specific legitimate interests, such as responding to your requests, comments and questions, providing you with products, services, and support, and improving the website, are described in the section of the main Privacy Policy entitled “COLLECTION AND PROCESSING OF PERSONAL DATA AT AXCELIS.”
  1. Data Retention. How long we retain Personal Data varies according to the type of data in question and the purpose for which it is used.  We delete Personal Data within a reasonable period after we no longer need to use it for the purpose for which it was collected or for any subsequent purpose that is compatible with the original purpose.  This does not affect your right to request that we delete your Personal Data before the end of its retention period.  We may archive Personal Data (which means storing it in inactive files) for a certain period prior to its final deletion, as part of our ordinary business continuity procedures.
  1. Transfer of Personal Data. Axcelis Technologies Inc. is headquartered in the USA and hosts Personal Data in the USA. The laws of the USA have not been deemed by the European Commission, the United Kingdom or Switzerland to provide an adequate level of protection to personal data.  When you provide your personal data to us via the Services or contact us by email, you are providing your personal data directly to the USA.  Before you provide your personal data to us via the Services, we request your explicit consent to the transfer of your personal data to the USA.  When you email us, the fact that you have chosen to email us knowing that we are located in the USA will be understood to constitute your explicit consent to the transfer of the personal data in your email (including your email address) to the USA.  Regardless of the differences in US and European privacy laws, we safeguard your personal data as described in our main Privacy Policy and this section.  If we transfer your personal data to a third party, we require the third party to commit contractually to process your personal data only in ways that are consistent with our main Privacy Policy and this section.
  1. Categories of Personal Data. The categories of Personal Data that we process are described in the section of the main Privacy Notice entitled “COLLECTION AND PROCESSING OF PERSONAL DATA AT AXCELIS.”
  1. Recipients of Personal Data. Your Personal Data may disclosed to third-party recipients as described in the section of the main Privacy Policy entitled “SHARING OF PERSONAL DATA.”
  2. Rights of the Data Subjects under the GDPR.You have the following rights with respect to your Personal Data (subject to limitations under the GDPR). If you wish to exercise any of these rights, or if you have any concerns about our processing of your personal data, please contact us in any of the ways listed in the section entitled “Contacts under the GDPR and German Privacy Law.”:
    1. Right of Access
    2. Right to Rectification
    3. Right to restriction of processing
    4. Right to Erasure Right to Data Portability
    5. Right to object
    6. Right to lodge a complaint with a supervisory authority: You have the right, at all times, without prejudice to any other administrative or judicial remedy, to lodge a complaint with a supervisory authority, in particular in the EU Member State of your place of residence, of work or of the place of suspected infringement, if you consider that the processing of Personal Data concerning them is contrary to the GDPR.

The EU Commission has a list here:  https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm

See www.ico.org.uk for information about contacting the UK Information Commissioner’s Office.

See www.edoeb.admin.ch/edoeb/en/home.html for information about contacting the Swiss Federal Data Protection and Information Commissioner.

  1. Name of Data Controller and Contact Details.

    Axcelis Technologies GmbH
    Geschäftsführer: Mary Puma, Andreas Lantenhammer
    Max-Planck-Strasse 8
    85609 Aschheim-Dornach

    For questions concerning the processing of Personal Data within the Framework of the GDPR and under German law, please contact:

    Dr. Sebastian Kraska, Marienplatz 2, 80331 München, Germany
    email: skraska@iitr.de; telephone: +49 89-18917360