With respect to personal data received or transferred pursuant to the Privacy Shield Frameworks, Korrus is subject to the regulatory and enforcement powers of the U.S. Federal Trade Commission.
Korrus also complies with applicable United States state privacy laws, including those applicable to California citizens.
As used in this Policy, the following terms shall have the meanings set forth below.
“Customer” means a user, reseller, supplier, or distributor of the Services provided by Korrus.
“Data Subject” means any person whose Personal Data is being collected, held or processed by Korrus.
“Personal Data” means (a) with respect to individuals in the EU and Switzerland, information about an identified or identifiable individual that is received by Korrus in the U.S. from the EEA or Switzerland and recorded in any form, and not where individual persons cannot be identified or situations in which pseudonyms are used. (The use of pseudonyms involves the replacement of names or other identifiers with substitutes so that identification of individual persons is not possible.); and (b) with respect to individuals located in all other countries, information about an identified or identifiable individual that is received by Korrus.
“Prospective Customer” means a potential user, reseller, supplier, or distributor of the Services provided by Korrus.
Korrus’s Role as a Service Provider to its Customers
Korrus designs, manufactures and sells high-end LED lighting fixtures and solutions and provides certain sales, marketing and product support services to its customers, which might also include product warranty services or other technical services (collectively, “Services”) to its Customers and Potential Customers in the located throughout the word, including in the EEA, and Switzerland through employees who may be located in the U.S.
In the performance of Services, Korrus will request information required to perform the applicable Services and will retain such information only for as long as necessary to provide the Services or for compatible purposes, such as to provide additional Services, to comply with legal requirements, or to preserve or defend Korrus’s legal rights.
When Korrus processes Personal Data, Korrus does so only for the purpose of providing the Services or pursuant to its Customer’s or Prospective Customer’s instructions. Korrus may collect, store, and process anonymized forms of Personal Data, and use that anonymized data for its own analytical and other purposes.
Types of Information Collected
Korrus collects data and information it receives when an individual uses a web browser or other similar web application or device to visit Korrus’s website on the Internet. Korrus may also combine data and information it collects with data and information received from third parties. Some, but not all, of this data and information may be Personal Data.
Korrus may have access to certain non-identifying information of users and third parties, such as browser type and version, operating system, and similar technical and other information made available by the user’s browser, device, or Internet provider. This information is not Personal Data and Korrus may collect, store, process, and use this information without limitation. For clarity, IP addresses are treated as Personal Data, as further described below.
As required by applicable law (including, without limitation, the Privacy Shield), Data Subjects have the right to access the Personal Data an organization holds about them. If such Personal Data is inaccurate or processed in violation of the Privacy Shield Principles, a Data Subject also has a right to request that Personal Data be corrected, amended, or deleted. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States under Privacy Shield, should direct their query to privacy@Korrus.com. If requested to remove data, Korrus will respond within a reasonable timeframe.
When Korrus receives Personal Data, it does so on its Customer’s or Prospective Customer’s behalf. To request access to, or correction, amendment or deletion of, Personal Data, Data Subjects should contact the Korrus at privacy@Korrus.com. Korrus will cooperate with its Customers’ and Prospective Customers’ reasonable requests to assist Data Subjects to exercise their rights, if any, existing under the Privacy Shield.
As required by applicable law (including, without limitation, the Privacy Shield), Data Subjects may have the right to opt out of (a) sale or disclosures of their Personal Data to third parties not identified at the time of collection or subsequently authorized, and (b) uses of Personal Data for purposes materially different from those disclosed at the time of collection or subsequently authorized.
Korrus will provide an individual opt-out choice, or opt-in for sensitive data, before Korrus shares such data with third parties, other than to its agents or affiliates, or before Korrus uses it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of such data, please submit a written request to
Korrus uses commercially reasonable physical, technical and organizational measure designed to preserve the security and integrity of Personal Data. For example, Korrus’s electronic information systems requires user authentication via password or similar means. Korrus also employs access restrictions, limiting the scope of employees who have access to Personal Data subject to this Policy. Despite these precautions, no data security safeguards guarantee 100% security all of the time. In the event that any information under Korrus’s control is compromised as a result of a breach of security, Korrus will take reasonable steps to investigate the situation and where appropriate, notify those individuals whose information may have been compromised, and take other steps in accordance with any applicable laws and regulations.
Korrus will not retain Personal Data longer than allowed by applicable law or regulation.
To provide such Services, Korrus may access and use Personal Data. Korrus will apply the following Privacy Shield Principles to Personal Data physically or remotely transferred from the EEA or Switzerland to the U.S.
Korrus will not disclose Personal Data to a third party, except as stated below:
Korrus may disclose Personal Data to advertisers, subcontractors, and third-party agents who assist Korrus in providing Services to its Customers or assist Korrus in processing data as permitted in this Policy. Before disclosing Personal Data to a subcontractor or third-party agent, Korrus will obtain assurances from the recipient that it will: (a) use the Personal Data only to assist Korrus as provided in this Policy; (b) provide at least the same level of protection for Personal Data as required by the Principles; and (c) notify Korrus if the recipient is no longer able to provide the required protections. Upon notice, Korrus will act promptly to stop and remediate unauthorized processing of Personal Date by a recipient.
Korrus’s accountability for personal data that it receives in the United States under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, Korrus remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process the personal data on its behalf do so in a manner inconsistent with the Principles, unless Korrus proves that it is not responsible for the event giving rise to the damage.
Korrus may also be required to disclose, and may disclose, Personal Data in response to lawful requests by public authorities, including for the purpose of meeting national security or law enforcement requirements. To the extent permitted, Korrus will inform its relevant Customer or Prospective Customer before making such disclosure and provide it with a reasonable opportunity to object to such disclosure.
Recourse, Enforcement, and Liability
Korrus has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit http://www.bbb.org/EU-privacy-shield/for-eu-consumers for more information and to file a complaint. This service is provided free of charge to you.
If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at
For More Information
Data Subjects with questions about how Korrus processes Personal Data, or Data Subjects who are EU or Swiss individuals, who wish to request access to, limit use of, or limit disclosure of Personal Data should contact Korrus at:
837 North Spring Street, Suite 103
Los Angeles, CA 90012
This policy is executed in English and may be translated into other languages. In the event of any conflict or discrepancy between the English language version and a translated version, the English language version of this policy shall control.
Korrus may revise this Policy at any time. If Korrus decides to materially change this Policy, Korrus will post the revised Policy at this location.
Effective Date: January 2021