INTEL’S SUPPLIER COMPLIANCE HANDBOOK

INTEL’S SUPPLIER COMPLIANCE HANDBOOK

INTEL’S SUPPLIER COMPLIANCE HANDBOOK

The Supplier Compliance Handbook is a resource for Intel suppliers to access Intel policies and supplier expectations. Intel reserves the right to update the Supplier Compliance Handbook from time to time. Contents 1. Definitions 2. Privacy& Data Security 3. Additional Compliance with Laws and Rules 4. Retention & Audits 5. Electronic Systems 6. Financial ...Data 7. Accessibility 8. Gift Meals and Entertainment Polices 9. Contingent Workforce Policies 10.Supplier Diversity 11.Business Continuity 12.Ownership and Bailment Revision 2020ww42 © 2020 Intel Corporation 1 1. DEFINITIONS 1.1 For purposes of this Intel’s Supplier Compliance Handbook only, the following definitions apply: (A) “Agreement” means collectively: (a) the agreement between Supplier and Intel that incorporates this Intel’s Supplier Compliance Handbook by reference; and (b) this Intel’s Supplier Compliance Handbook as incorporated. (B) “Supplier” means the party or parties with whom Intel is contracting under the Agreement. 2. PRIVACY & DATA SECURITY 2.1 Compliance with Applicable Privacy Laws & Regulations. Supplier and Intel agree to fully comply with all applicable laws and regulations governing the privacy, security, storage, transfer and use of Intel Data. 2.2 No Information Selling. Supplier agrees that you do not receive any Intel Data as consideration for any services or other items that Supplier provides to Intel. Supplier shall not have, derive or exercise any rights or benefits regarding Intel Data. Supplier must not sell any Intel Data, as the term “sell” is defined in the California Consumer Privacy Act of 2018 (“CCPA”), and agrees to refrain from taking any action that would cause any transfers of Intel Data to or from Supplier to qualify as “selling personal information” under the CCPA. Supplier must not collect, retain, share, disclose, or use any Intel Data: (i) for any purpose other than for the specific purpose of performing services or selling goods to Intel pursuant to written agreements with Intel; or (ii) outside the direct business relationship between Supplier and Intel. 2.3 Control and Ownership. Supplier must not access, collect, store, retain, transfer, use or otherwise process in any manner any Intel Data, except: (i) in the interest and on behalf of Intel; and (ii) as directed by authorized personnel of Intel in writing. Without limiting the generality of the foregoing, Supplier may not make Intel Data accessible to any subcontractors or relocate Intel Data to new locations, except as set forth in written agreements with, or written instructions from Intel. Supplier must return or delete any Intel Data when Intel requests it, except to the extent that to do so would violate applicable law. 2.4 Comply with Data Security Policies. Supplier must keep Intel Data secure from unauthorized access by using your best efforts and state-of-the art organizational and technical safeguards. A. Supplier must comply with Intel’s Information Security Policy as set forth in the Intel Security Addendum (ISA) available at: https://www.intel.com/content/www/us/en/supplier/resources/misc/docum ents/intel-security-addendum.html. B. If Supplier operates one or more cloud computing services to provide contracted services to Intel, Supplier will also comply with the ISA Appendix A – Cloud Security available at: Read the full INTEL’S SUPPLIER COMPLIANCE HANDBOOK.