Skip to main content
Arrow Electronics, Inc.
Black_Metallic_Wires_Closeup

Privacy Policy

Arrow ECS Australia Pty Limited (ABN 70 006 687 056) and Arrow ECS New Zealand Limited (NZBN 9429034145050), its related bodies corporate (‘Arrow ECS ANZ’, ‘we’, ‘us’, ‘our’) understand the importance of protecting the privacy and the rights of individuals (‘you’, ‘your’) in relation to personal information. We respect your rights to privacy under both the Australian Privacy Act 1988 (Cth)  and the New Zealand Privacy Act 2020, hereinafter collectively referred to as the (‘Acts’). It is our policy to comply with the requirements of the Acts and the Australian Privacy Principles (‘APPs’) and the New Zealand Information Privacy Principles (‘NZIPPs’) contained therein in all activities of Arrow ECS ANZ involving the collection, management, use, storage, disclosure and handling of personal information.

This privacy policy (‘Privacy Policy’ or ‘Policy”) sets out how we and our related group of companies collect, use, disclose and manage your personal information as it relates to our operations in Australia and in New Zealand, and our interactions with international entities such as Arrow ECS Support Center Morocco SARL, pursuant to our Intra-Group Data Transfer Agreement. This agreement ensures compliance with Australian privacy standards and Moroccan Law no. 09-08 relating to the protection of the individuals with regards to the processing of their personal information, requiring our Moroccan partner to maintain the confidentiality and security of your personal information and to ensure the secure handling and processing of your personal information in Morocco, aligning with our commitment to maintaining high standards of data protection and privacy across our global operations. Our Moroccan counterpart is contractually bound to protect your personal information in accordance with these requirements, ensuring adherence to both Australian, New Zealand and Moroccan Data Protection Laws.

When you engage us to provide you with any goods or services, apply or complete an application for commercial credit, communicate with us through email, by telephone, in writing, participate in any of our promotional activities, or use any of our other services, including our websites, you agree to the use and disclosure of your personal information in the manner described in this Policy.

This Policy is also relevant and applies to other individuals we deal with in connection with commercial credit we provide, such as guarantors and directors. We may from time to time review this Policy so please check our website periodically to stay informed of any updates. All personal information collected and held by us will be governed by the most recently updated Privacy Policy.

Collection of personal information

Personal information means information from which your identity is reasonably identifiable. This may include information or an opinion about you, whether true or not.

The kinds of personal information we may collect and hold will depend on what type of interaction you have with us. Personal information we may collect from you includes, among other things:

  • identity particulars such as your name, phone and facsimile numbers, email addresses, profession or job title;
  • personal information we collect from you when assessing, processing and managing an application by you for commercial credit or in placing an order with us;
  • personal information you provide to us when you participate in a promotion, competition, promotional activity, survey, market research, or subscribe to our mailing list;
  • your bank, credit or debit account details when you make a purchase;
  • your records of communication with us;
  • if you visit our website, your website usage information such as your IP address; and
  • if you are applying for a position with us, we may also collect your visa or citizenship status.

Sensitive information includes health information, criminal history and trade or professional association membership. We generally do not collect sensitive information, unless it is specifically relevant and necessary for the purpose of our business activities and functions. For example, if you are a contractor we are looking to engage to perform professional services, we may require criminal background checks of you or your staff. If we do collect and/or hold sensitive information, we will only do so with your express consent.

How do we collect personal information?

Your personal information is only collected by lawful and fair means and where practicable, only from you or from a person acting or authorised to act on your behalf, unless it is unreasonable or impracticable to do so.

When collecting personal information from you, we may collect in ways including:

  • from your access and use of our websites;
  • during conversations between you and our representatives where you express interest in engaging with us;
  • through your use of telephone and email communication with us or our customers; and
  • when you or your organisation submits a document or data containing personal information (for example, emails, contact forms, order forms, purchase orders, quotes, invoices, credit applications, proof of identification, direct debit requests, agreements, statements of work, surveys, etc).

We may also collect personal information about you from third parties including:

  • our customers (resellers and vendors);
  • publicly available sources;
  • third party companies such as data providers and brokers, credit reporting bodies, law enforcement agencies and other government entities; and
  • if you are applying for a position with us, recruitment companies, websites, other organisations and with your consent, referees.

Some of the personal information we hold or deal with is not collected by us, but by customers and partners. For example, some of our vendors require that each purchase order have end user details (i.e. a contact name and number).

In respect of personal information which is provided to us by our customers and partners, we do seek assurances that all such personal information has been collected lawfully and in compliance with the Acts.

Purposes for which we collect, hold and disclose your personal information

We may collect, hold, use or disclose your personal information for the following primary purposes:

  • our general business operations and functions, including providing you with our product and services;
  • to provide and answer questions about products and services to you and/or your organisation and to send communications when requested;
  • to conduct business processing and related functions including providing personal information to our related bodies corporate, clients, contractors, service providers or other third parties;
  • for marketing (including direct marketing);
  • to update our records to keep your contact details up to date;
  • to process and respond to any complaint made by you;
  • if you are applying for a position with us, to assess your application;
  • to comply with our legal or regulatory requirements, or where required by law;
  • conducting business on our website, and improving our websites; and
  • for any other purpose related to or ancillary to any of the above.

We only collect commercial credit information, and do not generally collect consumer credit information. If we do collect an individual’s credit information, such as a sole trader applying for an account with us, it will always be in the context of commercial credit. Where you have applied for commercial credit account with us, we may also make enquiries in respect of commercial credit with third parties with your consent.

This could include persons nominated by you as trade references, credit reporting bodies (‘CRBs’) and your bankers.
We may also use your personal information for the other purposes related to those described above which would be reasonably expected by you.

We may disclose your personal information collected from you:

  • to our employees, related bodies corporate, vendors, resellers, contractors or service providers in order to provide products and services to you and our clients;
  • to third party services such as web hosting providers, IT systems administrators, mailing houses, couriers, payment processors, debt collectors, and professional advisors such as accountants, solicitors and consultants;
  • for direct marketing, but giving you the opportunity to opt out of such direct marketing and we will include our contact details in any direct marketing;
  • to relevant national and foreign, Federal, State, Territory medical, health, data protection and safety authorities (as required);
  • where the law requires or authorises us to do so;
  • to others that you have been informed of at the time any personal information is collected from you; and
  • to any organisation for any authorised purpose with your express consent.

We may combine or share any information that we collect from you with information collected by any of our related bodies corporate.

What happens if we can’t collect your personal information?

If you do not provide us with the personal information for the purposes described above, some or all of the following may happen:

  • we may not be able to provide the requested products or services to you, either to the same standard, or at all;
  • we may not be able to provide you with information about products and services that you may want, including discounts or promotions; and
  • we may be unable to tailor the content of our websites to your preferences.

Using our website

Our websites may use cookies in order to provide you with more customised service when browsing our website. ‘Cookies’ are small text files placed on computers to enable web systems to recognise users and collect informationo such as IP addresses. You can remove or disable cookies by adjusting your browser settings. However, if you do choose to do this you may not be able to access parts of our websites effectively.

We may use cookies for different purposes such as:

  • to store your preferences and tailor our websites to you;
  • marketing purposes;
  • statistical purposes;
  • to identify if you have accessed a third party website; and
  • security purposes.

Our web server may collect the IP address of your computer when you visit our websites.

We provide links to third party websites. These websites are not under our control, and our Privacy Policy does not cover them. We advise you to examine the privacy policy of those linked websites before disclosing your personal information on them.

Security and storage of personal information

We take all reasonable steps to ensure your personal information is protected from misuse, loss and unauthorised access. Some of the measures we take include installing security and access requirements for all our IT systems, encrypting data and having physical and procedural safeguards. We may hold your information in either electronic or hardcopy form, and will take all reasonable steps to ensure personal information is destroyed or de-identified when no longer needed.

If a substantial data breach has or may have occurred (for example, your personal information was shared with unauthorised persons) we will notify you as soon as is practicable.

We only keep your personal information for as long as it is required for the purpose for which it was collected or as otherwise required by law. We will take appropriate measures to destroy or permanently de-identify your personal information if we no longer need to retain it. These measures may vary depending on the type of information concerned, the way it was collected and how it was stored.

Disclosure of personal information outside Australia and New Zealand

Your personal information may also be processed by, or disclosed to our employees, related bodies corporate, representatives, or other third parties operating outside of Australia who work for, or are engaged by us in other countries.

For example, we may disclose your personal information overseas to entities such as:

  • our related bodies corporate located in New Zealand, Europe, the United States of America and Morocco;
  • our vendors based overseas, such as in the United States of America and Europe, where you have placed to us a purchase order for their products; and
  • our cloud storage providers, who have servers in locations including Singapore, Europe and the United States of America.

Your personal information may also be processed by, or disclosed to our employees of our related body corporate in Morocco, specifically Arrow ECS Support Center Morocco SARL, who process on behalf of Arrow ECS ANZ your quotes and purchase orders when you place a purchase order to us or when Arrow ECS ANZ placed a purchase order for products to one of our vendors.

In accordance with APP 8 and NZIPP 12, we ensure that personal information transferred to our overseas entities, including our Moroccan counterpart, Arrow ECS Support Center Morocco SARL, is protected under comparable safeguards. To meet these obligations, we have implemented an Intra-Group Data Transfer Agreement between Arrow ECS ANZ and Arrow ECS Support Center Morocco SARL. This agreement includes robust contractual measures and is backed by thorough due diligence on the Moroccan entity's data handling practices. These steps are taken to ensure the secure handling and processing of your personal information in Morocco, aligning with our commitment to maintaining high standards of data protection and privacy across our global operations.

Direct marketing and opt-in

We may send you direct marketing communications and information about our products and services that we consider may be of interest to you. You may opt-out of receiving marketing communications by contacting us or by using opt-out facilities if sent by email, and we will then ensure that your name is removed from our mailing list.

We will only offer you products or services where we reasonably believe that they could be of interest or benefit to you. We do not provide your personal information to other organisations for the purposes of direct marketing.

Accurate and up-to-date information

We take reasonable steps to ensure your personal information is accurate, up-to-date and not misleading by updating our records whenever true and correct changes to the data come to our attention.

If you believe your information is incorrect, incomplete or not current, you can request that we update this information by contacting our Privacy Officer (details below).

We will correct information we hold about you if we discover, or you are able to show to a reasonable standard that the information is incorrect. If you seek correction and we disagree that the information is incorrect, we will provide you with our reasons for taking that view.

We disregard information that seems likely to be inaccurate or out-of-date by reason of the time that has elapsed since it was collected or by reason of any other information in our possession.

Accessing and correcting personal information

We acknowledge that you have a general right of access to information concerning you, and to have inaccurate information corrected. You are able to access the personal information we hold about you by contacting our Privacy Officer. If access is refused to your personal information for reasons permitted by the  Acts (e.g. access would interfere with the privacy of others, or if it would result in a breach of confidentiality), we will give you a notice explaining our decision and your options.

If you make an access request, we may ask you to verify your identity and put your request in writing for security reasons. We may charge a reasonable administration fee to cover the costs of meeting your request. We will reply to your request for access within 30 days of notification by you.

Government identifiers

We do not use or adopt government identifiers (e.g. tax file numbers or Medicare numbers) to identify individuals.

Compliance with International Data Protection Laws

In addition to Australian and New Zealand privacy laws, we are mindful of complying with international data protection laws, including General Data Protection Regulation (GDPR) of the European Union and Moroccan Law no. 09-08 relating to the protection of the individuals with regards to the processing of their personal information (Law no.09-08). This ensures a cohesive approach to data protection across our global operations.. If you have any questions as to how your personal data is being handled by us under the GDPR or Moroccan Law no. 09-08, please contact compliance@arrow.com or contact our Privacy Officer using the details below.

Complaints and disputes

If you have reason to believe that we have not complied with our obligations relating to your personal information under this Privacy Policy or under either Act, please refer any complaint or queries to our Privacy Officer.
We will ensure your complaint is handled by our Privacy Officer in an appropriate and reasonable manner. Where necessary we may consult with our related entities and partners in order to deal with your complaint. A written notice of our decision regarding your complaint will be provided to you. If you are not satisfied with the outcome, then you may contact the Office of the Australian Privacy Commissioner:

Website: www.oaic.gov.au
Phone: 1300 363 992

Contact Us

If you have any questions about this Privacy Policy, concerns, or a complaint regarding the treatment of your personal information or a possible breach of privacy, please contact us here or send mail to:

Arrow ECS Australia Pty Limited
Attention: The Privacy Officer (compliance@arrow.com)
Unit 6, 39 Herbert St
St Leonards, NSW 2065, Australia

Arrow ECS New Zealand Limited

Attention: The Privacy Officer (compliance@arrow.com)

c/- Tompkins Wake, Level 8, 430 Victoria Street,

Hamilton, 3204, New Zealand

 

We will treat your requests or complaints confidentially. Our representative will contact you within a reasonable time after receipt of your complaint, to discuss your concerns and outline options regarding how they may be resolved.

Changes to our Privacy Policy

We are constantly reviewing our Privacy Policy to reflect the way we operate as a business and to ensure compliance with evolving data protection laws across different jurisdictions, including Australia, New Zealand, and other countries where we operate. As a result, this Privacy Policy may change from time to time


Last updated: 03/13/2024