Itron, Inc., its subsidiaries, affiliates, and related entities ("Itron," "we" or "us") is committed to protecting the privacy and security of your personal information. This Global Employee Privacy Policy (“Policy”) describes how Itron collects, uses, and shares personal information about you before, during and after your employment with Itron, in compliance with applicable global privacy and data protection laws.
ACKNOWLEDGEMENT
Acknowledgement of this Policy is required prior to your disclosure of any personal information to Itron.
Please review this policy carefully.
SCOPE OF THE POLICY
This Policy applies to all current and former employees of Itron, potential employees (including applicants), and/or contractors (“Employee”). This Policy describes the categories of personal information that we collect, how we use your personal information, how we secure your personal information, when we may disclose your personal information to third parties, and when we may transfer your personal information outside of your home jurisdiction. This Policy also describes your rights regarding the personal information that we hold about you, including how you can access, correct, and request erasure of your personal information.
We will only process your personal data in accordance with this Policy unless otherwise required by applicable law. We take steps to ensure that the personal information we collect about you is adequate, relevant, not excessive, and processed for limited purposes.
This Policy also applies to your interactions with Itron’s talent acquisition, employment support, and benefit websites operated by or on behalf of Itron (“Services”) and to Itron employmentrelated processes such as training, performance evaluations, and employee management functions or offerings (“Processes”).
Services are intended for use by people aged 16 or older. Itron does not seek to collect personal information about children under the age of 16, except as provided by a parent or legal guardian for benefits purposes. No information should be submitted or posted on Itron's websites by users under the age of 16.
While browsing Services, you may be able to access the websites of third parties through a hyperlink. Itron assumes no responsibility for the privacy practices of third-party websites and recommends you review the privacy statements/notices on all websites before sharing your personal information.
INFORMATION WE COLLECT
Information You Provide to Us
For the purposes of this Policy, personal information means any information related to an identifiable individual. Personal information excludes anonymous or de-identified data that is not associated with a particular individual. To carry out our activities and obligations as an employer, we may collect, store, and process the following categories of personal information, which we require to administer the employment relationship with you:
- Personal contact details such as name, title, addresses, telephone number, and personal email address;
- Characteristic information (i.e., race, age, gender);
- Date of birth;
- Marital and dependent status;
- Beneficiary and emergency contact information;
- Employment records (including professional memberships, references, work history and proof of work eligibility);
- Education and training history;
- Government Identification numbers such as social insurance, social security, driver's license number, or other identification card number;
- Wage and benefit information;
- Compensation history;
- Performance information;
- Start date and end date;
- Location of employment;
- Photographs and videos; and
- Other personal details that you voluntarily provide to us such as in a CV, resume, application, or cover letter.
The personal information we collect is mandatory for us to administer the employment relationship. Failure to provide or allow us to process mandatory personal information may affect our ability to accomplish the purposes stated in this Policy.
We will collect the majority of the personal data that we process directly from you. In limited circumstances, third parties may provide your personal data to us, such as former employers, official bodies (such as regulators or criminal record bureaus), and medical professionals.
In addition, Itron will collect information:
- Provided during the job application and on-boarding process;
- In correspondence regarding payroll, benefits, and expenses data;
- About emergency contacts you provide;
- Through submission of attendance records of holidays, sickness, and other absences;
- Regarding an employee's health to comply with required health, safety, and compliance obligations;
- Non-identifying aggregate information (inferences) may be collected and reviewed to analyze trends or preferences for its business processes and operations including, for example, managing company assets, reporting; and
- Regarding career history (e.g., training records, performance measures, disciplinary and grievance records).
Additional Information We Collect
Background Checks
Itron conducts background checks as part of its regular employment practices.
Drug Testing
Itron may require drug tests for new employees and contractors.
Biometrics
Itron may, in certain limited circumstances and in the interest of physical security, engage in fingerprint or other form of biometric authentication to provide secure access.
CCTV
Itron may, in certain circumstances and in the interest of security, engage in Closed Caption Television (“CCTV”) recording at facilities. CCTV signage is posted where applicable.
Information We Collect Automatically When You Use Our Services or Networks
When you access or use our Services or while on the Itron network systems, Itron may automatically collect information about you, including:
Log Information: log information about your Internet use, including the type of browser you use, access times, pages viewed, your IP address, and the page you visited before navigating to our Services.
Device Information: information about the computer or mobile device you use to access our Services, including the hardware model, operating system and version, unique device identifiers, and mobile network information.
Network Information: technical data, such as access logs and emails and network traffic containing malware signatures, to protect its network and the confidential and proprietary information on its network against attack or unauthorized access.
USE OF EMPLOYEE PERSONAL INFORMATION
Itron only collects Personal Information that it needs to accomplish its legitimate business purposes or fulfill contractual obligations.
Itron processes Personal Information for the following purposes:
- Employee administration (including Payroll processing and benefits administration;
- Business management and planning;
- Processing employee work-related claims (for example, insurance and worker's compensation claims);
- Accounting and auditing;
- Performance reviews and determining performance requirements;
- Assessing qualifications for a particular job or task;
- Education, training, and development requirements;
- Health administration services;
- Complying with health and safety obligations of our employees and assets;
- Gathering evidence for disciplinary action or termination;
- Complying with applicable law;
- Management of its workforce; and
- For other purposes disclosed (or otherwise reasonably apparent) to its employees at the time of collection.
Itron will keep and use Personal Information to enable it to run its business and manage its relationship with the employee effectively, lawfully, and appropriately, during the recruitment process, while the employee is working for Itron, at the time employment ends, and thereafter as necessary.
Itron will provide notice to you and, if required by law, seek your consent, if we need to use Personal Information for a materially different purpose. We may process your personal data without your knowledge or consent where required by applicable law or regulation.
We may also process your personal information for our own legitimate interests, including for the following purposes:
- To prevent fraud.
- To ensure network and information security, including preventing unauthorized access to our computer and electronic communications systems and preventing malicious software distribution.
- To support internal administration with our affiliated entities.
- To conduct data analytics analyses to review and better understand employee retention and attrition rates.
You will not be subject to decisions based on automated data processing without your prior consent.
COLLECTION AND USE OF SPECIAL CATEGORIES OF PERSONAL DATA
The following special categories of personal data may be considered sensitive under the laws of your jurisdiction and may receive special protection:
- Racial or ethnic origin
- Political opinions
- Religious or philosophical beliefs
- Trade union membership
- Genetic data
- Biometric data
- Data concerning health
- Data concerning sex life or sexual orientation
Data relating to criminal convictions and offences may also receive special protection under the laws of your jurisdiction.
We may collect and process the following special categories of personal data when you voluntarily provide them for the following legitimate business purposes, to carry out our obligations under employment law, for the performance of the employment contract, or as applicable law otherwise permits:
- Trade union membership information for the purpose of paying trade union premiums.
- Physical or mental health information or disability status to comply with health and safety obligations in the workplace, to make appropriate workplace accommodations, as part of sickness absence monitoring, and to administer benefits.
- Race or ethnic origin, religious affiliation, health information and sexual orientation to ensure meaningful equal opportunity monitoring and reporting.
Where we have a legitimate need to process special categories of personal information for purposes not identified above, we will only do so after providing you with notice and, if required by law, obtaining your prior, express consent.
We always treat special categories of personal data as confidential, and we will only share such data internally where there is a specific and legitimate purpose for sharing the data. As set out below, we have implemented appropriate physical, technical, and organizational security measures designed to secure your personal data against accidental loss and unauthorized access, use, alteration, or disclosure.
We retain special categories of personal data for as long as necessary to fulfill the purposes we collected it for, as required to satisfy any legal, accounting, or reporting obligations, or as necessary to resolve disputes.
DISCLOSURE OF PERSONAL INFORMATION
Itron discloses Personal Information to third parties where required by law or to our employees, contractors, designated agents, or third-party service providers who require such information to assist us with administering the employment relationship with you or assist us in accomplishing the business purpose for which it was collected, including third-party service providers who provide services to us or on our behalf. Third-party service providers may include, but are not limited to, payroll processors, benefits administration providers, and data storage or hosting providers. These third-party service providers may be located outside of your home. For instance, Itron shares employee personal information with payroll processing vendors and employee benefits administrators.
We require all our third-party service providers, by written contract, to implement appropriate security measures to protect your personal information consistent with our policies and any data security obligations applicable to us as your employer. We do not permit our third-party service providers who process your personal information on our behalf to use your personal data for their own purposes. We only permit them to process your personal information for specified purposes in accordance with our instructions.
We may also disclose your personal information for the following additional purposes where permitted or required by applicable law:
- Between and among Itron and our current and future parents, affiliates, subsidiaries, and other companies worldwide under common control and ownership for the purposes set out in this Policy and as necessary to fulfil our employment contract with you;
- With payroll processing vendors and employee benefits administrators;
- As part of our regular reporting activities to other members of our group of companies;
- To respond to lawful requests by public authorities responsible for public safety, law enforcement, or national security;
- To comply with legal obligations or valid legal processes such as search warrants, subpoenas, or court orders. When we disclose your personal data to comply with a legal obligation or legal process, we will take reasonable steps to ensure that we only disclose the minimum personal data necessary for the specific purpose and circumstances.
- To protect our rights and property.
- During emergency situations or where necessary to protect the safety of persons.
- Where personal information is publicly available.
- In connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business by another company, or if a business transfer or change in ownership occurs and the disclosure is necessary to complete the transaction. In these circumstances, we will limit data sharing to what is absolutely necessary, and we will anonymize the data where possible; or
- For additional purposes with your consent where such consent is required by law.
DO NOT SELL
Except as stated herein, Itron does not rent, sell, or otherwise permit access by third parties to databases containing employee personal information. Other than as described in this Policy, Itron will not disclose employee personal information unless required to do so by law or in the good faith belief that such action (1) is required by law, (2) protects and defends the rights or property of Itron, or (3) is part of a transfer of assets to a successor in interest.
CROSS-BORDER DATA TRANSFERS
Itron may transfer employee personal information among its worldwide locations to more efficiently accomplish the purposes set out in this Policy. Itron takes steps to protect employee personal information when it is transferred to or from another country and in accordance with applicable law.
EU-U.S. DATA PRIVACY FRAMEWORK AND THE UK EXTENSION
For purposes of this section, "Itron" refers only to Itron, Inc., the Itron entity in the U.S. that may receive and process Employee Personal Information from the European Union (EU) and the United Kingdom (UK).
Itron complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF as set forth by the U.S. Department of Commerce. Itron has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles and the UK Extension to the EU-U.S. DPF (Principles) with regard to the processing of personal data received from the EU and the UK in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. If there is any conflict between the terms in this Policy and the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit www.dataprivacyframework.gov.
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, Itron commits to resolve DPF Principles-related complaints about our collection and use of your personal information. EU and UK individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF should first contact Itron at:
Itron, Inc.
ATTN: Global Privacy Office
Legal Department
1250 S. Capital of Texas Hwy
Building 3, Suite 200
Austin, TX 78746
Privacy@itron.com
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, Itron commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) with regard to unresolved complaints concerning our handling of human resources data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF in the context of the employment relationship.
The Federal Trade Commission has jurisdiction over Itron’s compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. Itron may share EU Data with a third-party service provider that processes the data solely on Itron's behalf, and as instructed by Itron, for the legitimate business purposes previously discussed. In the context of an onward transfer, Itron has responsibility for the processing of personal information it receives under the EU-U.S. DPF and UK Extension to the EU-U.S. DPF and subsequently transfers to a third party acting as an agent on its behalf. Itron shall remain liable under the Principles if its agent processes such personal information in a manner inconsistent with the Principles, unless Itron proves that it is not responsible for the event giving rise to the damage.
For sensitive information (i.e., personal information specifying medical or health conditions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership or information specifying the sex life of the individual), Itron shall always seek your affirmative express consent (opt in) if such information is to be (i) disclosed to a third party or (ii) used for a purpose other than those for which it was originally collected or subsequently authorized by the individuals through the exercise of opt-in choice. In addition, Itron shall treat as sensitive any personal information received from a third party and identified and/or treated as sensitive by such third party.
Right to access personal data:
Under the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, you have access to personal information about them that Itron holds and are able to correct, amend, or delete that information where it is inaccurate, or has been processed in violation of the Principles, except where the burden or expense of providing access would be disproportionate to the risks to the individual’s privacy in the case in question, or where the rights of persons other than the individual would be violated.
Your Rights Under the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF: Binding Arbitration Option
At Itron, we respect your rights regarding the protection of your personal data. As part of the EUU.S. DPF and the UK Extension to the EU-U.S. DPF, we offer you the opportunity to invoke binding arbitration under certain conditions. The binding arbitration option described below applies to certain “residual” claims as to data covered by the EU-U.S. DPF and the UK Extension to the DPF. The purpose of this option is to provide a prompt, independent, and fair mechanism, at the option of individuals, for resolution of any claimed violations of the Principles not resolved by any of the other EU-U.S. DPF and the UK Extension to the EU-U.S. DPF mechanisms.
1. Scope
This arbitration option is available to an individual to determine, for residual claims, whether a participating organization has violated its obligations under the Principles as to that individual, and whether any such violation remains fully or partially unremedied. This option is available only for these purposes. This option is not available, for example, with respect to the exceptions to the Principles or with respect to an allegation about the adequacy of the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF.
2. Available Remedies
Under this arbitration option, the EU-U.S. Data Privacy Framework and the UK Extension to the EU-U.S. DPF Panel, the arbitration panel consisting of one or three arbitrators, as agreed by the parties, has the authority to impose individual-specific, non-monetary equitable relief (such as access, correction, deletion, or return of the individual’s data in question) necessary to remedy the violation of the Principles only with respect to the individual. These are the only powers of theEU-U.S. Data Privacy Framework and the Extension to the UK EU-U.S. DPF Panel with respect to remedies. In considering remedies, the EU-U.S. Data Privacy Framework Panel and the Extension to the UK EU-U.S. DPF is required to consider other remedies that already have been imposed by other mechanisms under the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. No damages, costs, fees, or other remedies are available. Each party bears its own attorney’s fees.
3. Pre-Arbitration Requirements
An individual who decides to invoke this arbitration option must take the following steps prior to initiating an arbitration claim: (1) raise the claimed violation directly with the organization and afford the organization an opportunity to resolve the issue within the timeframe set forth in section (d)(i) of the Supplemental Principle on Dispute Resolution and Enforcement; (2) make use of the independent recourse mechanism under the Principles, at no cost to the individual; and (3) raise the issue through the individual’s DPA to the Department and afford the Department an opportunity to use best efforts to resolve the issue within the timeframes set forth in the Letter from the Department’s International Trade Administration, at no cost to the individual.
4. Binding Nature of Decisions
This arbitration option may not be invoked if the individual’s same claimed violation of the Principles (1) has previously been subject to binding arbitration; (2) was the subject of a final judgment entered in a court action to which the individual was a party; or (3) was previously settled by the parties. In addition, this option may not be invoked if a DPA (1) has authority under the Supplemental Principle on the Role of the Data Protection Authorities or the Supplemental Principle on Human Resources Data; or (2) has the authority to resolve the claimed violation directly with the organization. A DPA’s authority to resolve the same claim against an EU data controller does not alone preclude invocation of this arbitration option against a different legal entity not bound by the DPA authority.
An individual’s decision to invoke this binding arbitration option is entirely voluntary. Arbitral decisions will be binding on all parties to the arbitration. Once invoked, the individual forgoes the option to seek relief for the same claimed violation in another forum, except that if non-monetary equitable relief does not fully remedy the claimed violation, the individual’s invocation of arbitration will not preclude a claim for damages that is otherwise available in the courts.
5. Review and Enforcement
Individuals and participating organizations will be able to seek judicial review and enforcement of the arbitral decisions pursuant to U.S. law under the Federal Arbitration Act. Any such cases must be brought in the federal district court whose territorial coverage includes the primary place of business of the participating organization.
This arbitration option is intended to resolve individual disputes, and arbitral decisions are not intended to function as persuasive or binding precedent in matters involving other parties, including in future arbitrations or in EU, UK, or U.S. courts, or FTC proceedings.
6. The Arbitration Panel
The parties will select arbitrators for the EU-U.S. Data Privacy Framework and UK Extension to the EU-U.S. DPF Panel from the list of arbitrators discussed below.
Consistent with applicable law, the Department and the Commission will develop a list of at least 10 arbitrators, chosen on the basis of independence, integrity, and expertise. The following shall apply in connection with this process:
Arbitrators:
(1) will remain on the list for a period of 3 years, absent exceptional circumstances or removal for cause, renewable by the Department, with prior notification to the Commission, for additional 3-year terms;
(2) shall not be subject to any instructions from, or be affiliated with, either party, or any participating organization, or the U.S., UK, EU, or any EU Member State or any other governmental authority, public authority, or enforcement authority; and
(3) must be admitted to practice law in the United States and be experts in U.S. privacy law, with expertise in EU data protection law.
The Department and the Commission have agreed, consistent with applicable law, to the adoption of arbitration rules that govern proceedings before the EU-U.S. Data Privacy Framework and the UK Extension to the EU-U.S. DPF Panel.
7. Arbitration Procedures
- An individual may initiate binding arbitration, subject to the pre-arbitration requirements provision above, by delivering a “Notice” to the organization. The Notice shall contain a summary of steps taken under Paragraph C to resolve the claim, a description of the alleged violation, and, at the choice of the individual, any supporting documents and materials and/or a discussion of law relating to the alleged claim.
- Procedures will be developed to ensure that an individual’s same claimed violation does not receive duplicative remedies or procedures.
- FTC action may proceed in parallel with arbitration.
- No representative of the U.S., EU, or any EU Member State or any other governmental authority, public authority, or enforcement authority may participate in these arbitrations, provided, that at the request of an EU individual, DPAs may provide assistance in the preparation only of the Notice but DPAs may not have access to discovery or any other materials related to these arbitrations.
- The location of the arbitration will be the United States, and the individual may choose video or telephone participation, which will be provided at no cost to the individual. In-person participation will not be required.
- The language of the arbitration will be English unless otherwise agreed by the parties. Upon a reasoned request, and taking into account whether the individual is represented by an attorney, interpretation at the arbitral hearing, as well as translation of arbitral materials will be provided at no cost to the individual, unless the EU-U.S. Data Privacy Framework and the UK Extension to the EU-U.S. DPF Panel finds that, under the circumstances of the specific arbitration, this would lead to unjustified or disproportionate costs.
- Materials submitted to arbitrators will be treated confidentially and will only be used in connection with the arbitration.
- Individual-specific discovery may be permitted if necessary, and such discovery will be treated confidentially by the parties and will only be used in connection with the arbitration.
- Arbitrations should be completed within 90 days of the delivery of the Notice to the organization at issue, unless otherwise agreed to by the parties.
8. Costs
Arbitrators should take reasonable steps to minimize the costs or fees of the arbitrations.
The Department will, consistent with applicable law, facilitate the maintenance of a fund, to which participating organizations will be required to contribute, based in part on the size of the organization, which will cover the arbitral cost, including arbitrator fees, up to maximum amounts (“caps”). The fund will be managed by a third party, which will report regularly to the Department on the operations of the fund. The Department will work with the third party to periodically review the operation of the fund, including the need to adjust the amount of the contributions or of the caps on the arbitral cost, and consider, among other things, the number of arbitrations and the costs and timing of the arbitrations, with the understanding that there will be no excessive financial burden imposed on participating organizations. The Department will notify the Commission of the outcome of such reviews with the third party and will provide the Commission with prior notification of any adjustments of the amount of the contributions. Attorney’s fees are not covered by this provision or any fund under this provision.
SECURITY OF PERSONAL INFORMATION
Itron takes reasonable physical, technical, operational, and administrative measures and contractually requires our suppliers to help protect employee personal information from loss, misuse, unauthorized access, disclosure, alteration, and destruction. Access to Employee Personal Information is limited only to those with a business ‘need-to-know’ based on their assigned job role, and access controls utilized within the systems used to store and process this data. Since the Internet is not completely secure, we cannot fully warrant or ensure the security of the personal information you provide.
Retention
Except as otherwise permitted or required by applicable law or regulation, Itron only retains employee personal information for as long as necessary to fulfill the purposes we collected it for, as required to satisfy any legal, accounting, or reporting obligations, or as necessary to resolve disputes. To determine the appropriate retention period for personal information, we consider applicable legal requirements, the amount, nature, and sensitivity, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process, and whether we can achieve those purposes through other means. We specify the retention periods for your personal information in our Record Retention Schedule.
We may anonymize your personal data so that it can no longer be associated with you. We reserve the right to use such anonymous and de-identified data for any legitimate business purpose without further notice to you or your consent. Once you are no longer an employee of the company, we will retain and securely destroy your personal data in accordance with our document retention policy and applicable laws and regulations.
Training
Itron provides its employees with appropriate training regarding its data protection policies.
MANAGING YOUR DATA
If you are an Itron Employee and a resident of a country or state that provides you with the right to (1) request a copy of the Employee Personal Information Itron holds about you; (2) request correction of any inaccuracies within such data; or (3) delete the Employee Personal Information, then you may submit such requests via our request web form. Itron will use reasonable efforts to supply, correct, or delete information that we hold about you in accordance with applicable laws.
We may request specific information from you to help us confirm your identity and your right to access, and to provide you with the personal information that we hold about you or make your requested changes. Applicable law may allow or require us to refuse to provide you with access to some or all of the personal data that we hold about you, or we may have destroyed, erased, or made your personal data anonymous in accordance with our record retention obligations and practices. If we cannot provide you with access to your personal data, we will inform you of the reasons why, subject to any legal or regulatory restrictions.
GDPR
If you are an Itron Employee and resident of the EU where the General Data Protection Regulation (EU) 2016/679 (“GDPR”) applies, you have a right to:
- Request a copy of the Employee Personal Information about you that Itron holds;
- Request Itron correct your Employee Personal Information if you believe it is not accurate, complete, or up to date; or
- Request Itron delete your Employee Personal Information if:
- It is no longer necessary for the purposes for which we obtained it;
- You have withdrawn your consent, and we have no other legal basis for the processing;
- You have validly objected to our processing of your personal information;
- Itron has unlawfully processed your personal information; or Itron must delete your personal information to comply with a legal obligation.
California Privacy Rights
The California Consumer Privacy Act (“CCPA”) protects a California resident’s right to their Employee Personal Information with exceptions. This applies to Employee Personal Information collected within the past twelve months. If you are an Itron Employee and California resident, Itron may have collected, used, and shared, for business purposes, Employee Personal Information about you as described in this Policy.
Itron does not discriminate against the exercising of these rights.
Itron does not sell Employee Personal Information.
Exercising your rights under CCPA:
- You have the right to request, twice in a 12-month period, that Itron disclose to you your Employee Personal Information that Itron has collected during the past 12 months.
- You have the right to request that Itron delete your Employee Personal Information with exceptions, such as when the deletion of information conflicts with Itron’s compliance with a legal obligation.
If you would like to exercise your right under CCPA to access or delete, please submit this CCPA Request Form. The Itron privacy team will examine your request and respond to you as quickly as possible.
Please note that Itron may retain and use aggregated and de-identified personal information that does not identify you or any individual; Itron may also retain information as needed in order to comply with legal obligations.
Automated processing
Itron does not make decisions about individuals based solely on automated processing, including profiling, (i.e., without human involvement) that have a legal or similarly significant effect on the individuals.
Account Self-Service
You may update, correct, or delete information maintained by Itron for third-party service provider accounts by logging into those accounts and selecting “Deactivate” account under My Account Options or via our request web form; this does not include Itron network access accounts. For all other accounts, please email Privacy@itron.com. Itron will make good faith efforts to respond to your request within thirty (30) days. Please note that Itron may retain certain information, as required by law or for legitimate business purposes, for limited periods of time.
COMPLAINTS
Employees with concerns or complaints regarding Itron’s processing of their Employee Personal Information should raise the concern or complaint first with their direct supervisor. If their direct supervisor is not able to address or resolve their concern or complaint, they should notify Itron’s Privacy department using the information in the “Contact” section below. In the case of unaddressed or unresolved concerns or complaints, employees have a right to notify the supervisory authority in the country in which they are employed.
CONTACT
Itron has designated its Global Privacy Office with primary responsibility for overseeing Itron’s Employee Personal Information privacy practices, implementing this Policy, and advising Itron regarding compliance with applicable data protection laws.
For CCPA specific requests please submit the CCPA Request Form. For all other requests regarding data deletion, complaints, or other inquiries – please fill out our web form.
Additional questions may be submitted to the Global Privacy Officer at: privacy@itron.com or
Itron, Inc.
Global Privacy Office
Legal Department
1250 S. Capital of Texas Hwy
Building 3, Suite 200
Austin, TX 78746
CHANGES TO THIS NOTICE
Itron may change or update this Policy from time to time. If material changes are made, Itron will notify you by email or by revising the “Last Updated” date.