Privacy & cookies policy 

Effective Date: September 5, 2023


This Privacy Policy (“Policy”) describes how The AES Corporation and its affiliates and subsidiaries (collectively, “AES” or “we”) collects, uses, shares, and otherwise processes personal data (“Personal Data”) that identifies our customers, prospects, distributors, vendors, end users and suppliers (“you”) that we collect through our websites, mobile applications, business operations and services (collectively, the “Services”).

This Policy does not apply to information collected by any third party, including through any application or content (including advertising) that may link to or be accessible from or through the Services.

For the Privacy Policy applicable to recruiting activities and job candidates, please see Privacy Notice For Applications | AES Corporation Careers.

Please read this Policy carefully to understand our policies and practices regarding your Personal Data and how we will treat it. If you do not agree with this Policy, your choice is not to use our Services or provide Personal Data to AES. By accessing or using our Services, or providing your Personal Data to AES through our Services, you agree that this Policy will govern our processing of your Personal Data unless there is a separate contract between you and AES or separate privacy policy governing such disclosures. This Policy may change from time to time. Your continued use of the Services or disclosure of your Personal Data to AES through our Services after we make changes is deemed to be acceptance of those changes, so please check this Policy periodically for updates.

For purposes of the General Data Protection Regulation (“GDPR”), The AES Corporation shall be considered data controller.

 

Children Under the Age of 16

Our Services are not intended for children under 16 years of age. No one under the age of 16 may provide any Personal Data to AES. We do not knowingly collect Personal Data from children under 16. If you are under 16, do not use or provide any information on the Services or through any of its features, use any of the interactive or public comment features of the Services, or provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or username you may use. If we learn we have collected or received Personal Data from a child under 16 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 16, please contact us as specified below.

 

Summary of Key Points

1. Collection

As a business to business ("B2B") organization, we collect name, contact details, and other Personal Data related to our commercial relationships.

2. Use

We use Personal Data to provide our services and respond to inquiries, to manage accounts and maintain business operations, to provide relevant marketing, and to fulfill other business and compliance purposes. 

3. Sharing

We share Personal Data as necessary to provide our services and respond to requests, and to fulfill other business and compliance purposes.

4. Marketing choices

You have control over how we use Personal Data for direct marketing.

5. Cookies

We use cookies on our Site and in our communications, and provide choices on use of cookies, including third-party targeting and advertising.

6. Data subject rights  

You have certain rights to request access, rectification, deletion, or other actions regarding your Personal Data where required by applicable law.

7. Data security

We maintain technical and organizational measures to protect Personal Data from loss, misuse, alteration, or unintentional destruction.

8. Cross-border data transfers

We provide appropriate protections for cross-border transfers where specified by law.

9. Notice to California consumers

California consumers may have additional rights with respect to their Personal Data.

10. Other issues

We provide other information in this Privacy & Cookies Policy about: (i) the legal basis for collecting and processing Personal Data, (ii) the consequences for not providing Personal Data, (iii) automated decision-making, (iv) do-not-track (DNT) signals, (v) data retention, (vi) links to third-party websites, (vii) employee and contractor issues; and (viii) changes to this Privacy & Cookies Policy.

11. Contact us

Please contact us as detailed below with any questions.

 

1. Collection of Personal Data

We collect the following categories of Personal Data to the extent applicable to your relationship with AES:
 

  • Basic Data: Name, title, company, job responsibilities, phone number, mailing address, email address, contact details, and information related to payments that you make to AES or AES makes to you.
  • Registration Data: Newsletter requests, subscriptions, downloads, usernames, passwords, and information provided at the time of account creation, log-on, and usage.
  • Device Data: Computer Internet Protocol (IP) address, unique device identifier (UDID), cookies and other data linked to a device, and data about usage of our Services and communications.
  • Marketing Data: Data about individual participation in trade shows, investor days and networking events, credentials, associations, services you are interested in, and other preferences.

We collect this information directly from you when you provide it to us or automatically as you navigate through our websites and mobile applications in connection with the Services. Information collected automatically may include usage details, IP addresses, and information collected through cookies, web beacons, and other tracking technologies.

 

2. Use of Personal Data

We use the above categories of Personal Data for the following purposes:

Purpose of Use

Categories of Personal Data

Provide the services you requested, receive services or do business with you, respond to your inquiries, and allow AES to contact you.

Basic Data, Registration Data, Device Data, and Marketing Data

Manage your accounts, maintain our business operations, and allow you access to our proprietary systems.

Basic Data, Registration Data, and Device Data

Make our Services more personal, intuitive, and easy to use.

Device Data

Protect the security and effective functioning of our Services and information technology systems.

Basic Data, Registration Data, and Device Data

Provide relevant marketing about our or our affiliates’ services, or promotions that we are developing, and opportunities that may be available to you.

Basic Data, Registration Data, Device Data, and Marketing Data

Address our compliance and legal obligations and exercise our legal rights.

Basic Data, Registration Data, and Device Data

3. Sharing of Personal Data

We share Personal Data with the following categories of recipients:

Affiliates: We share Personal Data within the AES group of companies as necessary for the purposes we described above.

Service providers: We share Personal Data with service providers to enable such parties to perform functions on our behalf and under our instructions in order to carry out the purposes identified above, including marketing and web hosting.

Auditors and advisors: We share Personal Data with auditors for the performance of audit functions and advisors for the provision of legal and other advice.

Business reorganization: We share Personal Data with any corporate purchaser or prospect to the extent permitted by law as part of any merger, acquisition, sale of company assets, or transition of service to another provider, as well as in the event of insolvency, bankruptcy, or receivership in which Personal Data would be transferred as an asset of AES.

Mandatory disclosures and legal rights: We share Personal Data in order to comply with any subpoena, court order or other legal process, or other governmental request.  We also share Personal Data to establish or protect our legal rights, property, or safety, or the rights, property, or safety of others, or to defend against legal claims.

If you have questions about the parties with which we share Personal Data, please contact us as specified below.

4. Marketing Choices

You have control regarding our use of your Personal Data for directing marketing. If you no longer wish to receive any marketing communications, remain on a mailing list to which you previously subscribed, or receive any other marketing communication, you can choose to not receive such communications at any time. Please follow the unsubscribe link in the relevant communication or contact us as detailed below.

5. Cookies

We use and allow certain third parties to use cookies, web beacons, and similar tracking technologies (collectively, “cookies”) on our websites and mobile applications.


What are cookies?

Cookies are small amounts of data that are stored on your browser, device, communication, or the page you are viewing. Some cookies are deleted once you close your browser, while other cookies are retained even after you close your browser so that you can be recognized when you return to a website. More information about cookies and how they work is available at www.allaboutcookies.org.
 

How do we use cookies?

We use cookies in our websites and mobile applications to provide the Services, gather information about your usage patterns when you navigate our websites and mobile applications in order to enhance your personalized experience, and to understand usage patterns to improve our websites and mobile applications. We also allow third parties to place cookies on our websites and mobile applications in order to collect information about your online activities on our websites and mobile applications over time and across different websites you visit. This information is used to provide advertising tailored to your interests on websites you visit, also known as interest based advertising, and to analyze the effectiveness of such advertising.

Cookies on our websites and mobile applications are generally divided into the following categories:

Strictly Necessary Cookies: These are required for the operation of our websites and mobile applications. They include, for example, cookies that enable you to log into secure areas. These cookies are session cookies that are erased when you close your browser.

Analytical/Performance Cookies: These allow us to recognize and count the number of users of our website and mobile applications and understand how such users navigate through them. This helps to improve how our websites and mobile applications work, for example, by ensuring that users can find what they are looking for easily. These cookies are session cookies, which are erased when you close your browser. We use Google Analytics, and you can see below for how to control the use of cookies by Google Analytics.

Functional Cookies: These improve the functional performance of our websites and mobile applications and make it easier for you to use. For example, cookies are used to remember that you have previously visited a site and asked to remain logged into it. These cookies qualify as persistent cookies, because they remain on your device for us to use during a next visit to our websites and mobile applications. You can delete these cookies via your browser settings.

Targeting Cookies: These record your visit to our websites and mobile applications, the pages you have visited and the links you have followed to recognize you as a previous visitor and to track your activity on our websites and mobile applications and other websites you visit. These cookies qualify as persistent cookies, because they remain on your device for us to use during a next visit to our websites and mobile applications. You can delete these cookies via your browser settings.


What are your options if you do not want cookies on your computer?

You can review your Internet browser settings, typically under the sections "Help" or "Internet Options," to exercise choices you have for certain Cookies. If you disable or delete certain Cookies in your Internet browser settings, you might not be able to access or use important functions or features of our websites and mobile applications, and you may be required to re-enter your log-in details.

To learn more about certain cookies used for interest based advertising by third parties, including through cross-device tracking, and to exercise certain choices regarding such cookies, please visit the Digital Advertising AllianceNetwork Advertising InitiativeDigital Advertising Alliance-CanadaEuropean Interactive Digital Advertising Alliance or your device settings. Please remember that changing your settings with individual web browsers or ad networks will not necessarily carry over to other browsers or ad networks. As a result, depending on the opt-outs you request, you may still see our ads from time to time. Your device may also include a feature (“Limit Ad Tracking” on iOS or “Opt Out of Interest-Based Ads” on Android) that allows you to opt out of having certain information collected through apps used for behavioral advertising purposes.

Analytics
Our websites and mobile applications use third-party analytics tools (e.g., Google Analytics) to collect and process data about your use of the websites and mobile applications, including when you visit, URLs of the websites that you visit prior to visiting our websites and mobile applications and when you visit those websites, and IP addresses assigned to the devices from where you access the Internet. Our analytics providers may set and read cookies to collect this data and your web browser will automatically send data collected by those cookies to our analytics providers. Our analytics providers use this data to provide us with reports that we will use to improve the structure and content of our websites and mobile applications.

For more information on how Google uses this data, visit Google’s Privacy Policy and Google’s page on How Google uses data when you use our partners' sites or apps. To prevent this data from being used by Google Analytics, follow the instructions to download and install the Google Analytics Opt-out Browser Add-on for each browser you use. Using the Google Analytics Opt-out Browser Add-on will not prevent us from using other analytics tools and will not prevent data from being sent to the Services itself or to Google. For more information about how Google Analytics uses cookies to measure user interactions on websites, visit Google Analytics Cookie Usage on Services. You may disable cookies as discussed below, but that may impact your use and enjoyment of the Services.

Advertising
From time to time, our websites and mobile applications may use or participate in advertising networks and related advertising services that are managed and provided by third-party advertising servers, advertising agencies, technology vendors, and research firms, including, without limitation, Google Ads. These services collect information about your visits to and interactions with our websites and mobile applications and other websites and will use that information to target advertisements for goods and services and to display those advertisements on other websites. The information collected may be associated with your personal information. Advertising networks often gather data about consumers who view advertisements to make inferences about a consumer’s interests and preferences, which enables their computers to deliver advertisements directly targeted to the consumer’s specific interests. This practice is often referred to as “online behavioral advertising.” For example, a third-party advertising network might collect the type of web browser you use, the type of computer operating system you use, the domain name of a website you visit, whether or not you visit specific pages of our websites and mobile applications and other websites, the location of your Internet service provider, the date and time of a visit to a website, and other interactions between you and a website.

 

We use Google Ads and Google Analytics advertising features on our websites and mobile applications, which we use for the purposes set forth in this Privacy Policy. Through Google Ads, Google uses your Internet searches, cookies, and similar identifiers (e.g., pixel tags) to collect information about your visits to our websites and mobile applications and your interaction with our products and services to generate targeted advertisements to you on other websites that you visit across the Internet. We may also enable and implement Google Analytics advertising features on the Services. To opt out of remarketing advertising provided through Google, to customize your ad preferences, or to limit Google’s collection or use this information, visit Google’s Safety Center and Google’s Ad Settings and follow Google’s personalized ad opt-out instructions. Opting out will not affect your use of our websites and mobile applications.

6. Data Security

We maintain technical and organizational measures designed to protect Personal Data from loss, unauthorized access, misuse, alteration, disclosure, or unintentional destruction. However, no security measure can guarantee against compromise. You also have an important role in protecting your Personal Data. You should not share your username and password with anyone, and you should not re-use passwords across more than one website.

Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your Personal Data, we cannot guarantee the security of your personal information transmitted to our websites and mobile applications or other AES systems used in connection with the Services. Any transmission of Personal Data is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained in our websites and mobile applications and other AES systems used in connection with the Services.

7. Cross-Border Data Transfers

We transfer Personal Data to various jurisdictions as necessary for the purposes described above, including to jurisdictions that may not provide the same level of data protection as your home country. We provide appropriate protection for cross-border transfers as required by law for international data transfers. With respect to transfers originating from the European Economic Area ("EEA"), we implement standard contractual clauses approved by the European Commission, or other appropriate solutions to address cross-border transfers as required by applicable law. Where required by such laws, you may request a copy of the suitable mechanisms we have in place by contacting us as detailed below.

8. Notice to California Consumers

If you reside in California, we are required by California law to provide you with additional information about how we use and disclose your information, and you may have additional rights with regard to how we use your information. We have included this California-specific information below.

  • CA Personal Information. Consistent with the "Collection of Personal Data" section above, we collect certain categories and specific pieces of information about individuals that are considered "Personal Information" in California ("CA Personal Information"). Specifically, we may collect the following types of CA Personal Information:

    • Identifiers: name, address, telephone number, email address, age, date of birth, username and password for our websites, IP address;

    • Commercial information: services purchased, obtained, or considered, other purchasing or consuming histories or tendencies, payment information, transaction history;

    • Professional or employment-related information; and
    • Internet or other electronic network activity information: computer and connection information, statistics on page views, traffic to and from the websites, ad data and other standard weblog information.
  • Sensitive CA Personal Information: We collect and use the following categories of sensitive personal information as defined under California law:

    • A consumer’s social security, driver’s license, state identification card, or passport number.

  • We collect and use your sensitive personal information for the performance of an agreement with you or to provide services and/or products requested by you and as reasonably expected in the context of such performance.
  • Selling and Sharing of CA Personal Information: We do not sell your personal information as the term “sell” is commonly understood to require an exchange for money. However, please note that our use of advertising and analytics cookies on our websites may be considered a “sale” / “sharing for cross-contextual behavior advertising purposes” of personal information as such terms are defined under the applicable law to include both monetary and other valuable consideration. To be as transparent as possible with you, we consider these uses a “sale” or “share” and will comply with the restrictions of the “sale” or “share” of this information to the extent technologically feasible. In the preceding 12 months, we have “sold” and “shared” for cross-contextual behavioral advertising purposes Internet or other electronic network activity information to recipients of Internet cookie information, which may include our advertising and marketing partners and data analytics providers. We “sell” or “share” your personal information for the purposes set forth in the Use of Personal Data, Sharing of Personal Data, and Cookies sections of this Privacy Policy.

  • Sources: We collect certain categories of CA Personal Information from you and other third parties as described in the "Collection of Personal Data" section above. The categories of third parties from whom we collect CA Personal Information include the following:
    • Third-party partners and service providers;
    • Third party applications (including blogs, chat rooms, or support centers);
    • Advertising networks; and
    • Other companies or organizations, such as market research firms or data aggregators.
  • Purposes: We collect the CA Personal Information for the business and commercial purposes described in the "Use of Personal Data" section above. We also share and/or disclose your CA Personal Information as follows:
  • Sharing your CA Personal Information for business purposes: As described above in the "Sharing of Personal Data" section, we may share the following categories of your CA Personal Information with third party partners, public or government authorities and future business partners for our business purposes:

    • Identifiers;
    • Commercial information;
    • Professional or employment-related information; and
    • Internet or other electronic network activity.
    As described above, examples of business purposes include service fulfillment, internal operations, prevention of fraud and other harm, and legal compliance. The categories of third parties we may share the above information with include, without limitationn.
    • Our affiliates, subsidiaries, and related entities;
    • Your employer or the company or organization you represent;
    • Corporate entities with which we may combine or re-organize (e.g., in the event of a merger, acquisition, or sale of assets);
    • Third party service providers including, but not limited to, payment processors and banks, data analytics and advertising providers, fraud prevention providers, cloud storage providers, IT service providers, and delivery partners; and
    • Law enforcement and government regulators.
       
  • Do Not Track Signals: Some Internet browsers may provide the option to automatically send out Do Not Track (DNT) signals. Due to the configuration of the Internet and the fact not all browsers support DNT signals, at this time, we do not respond to browser DNT signals.
  • California Consumer Rights: California law may grant you certain rights—subject to all applicable limitations, exemptions, or exceptions—regarding our collection and use of your personal information. These rights may include, to the extent applicable and to the extent granted under applicable California law:
    • The right to request the disclosure of (1) what personal information has been collected; (2) the categories of sources from which the personal information was collected; (3) the business or commercial purpose for collection or selling personal information; (4) the categories of third parties with whom we share personal information; and (5) the specific pieces of personal information we have collected about you (e.g., data portability);
    • The right to request the deletion of your personal information that we have collected;
    • The right to request the correction of your personal information that we collected;
    • The right to opt-out of targeted advertising and the sharing of personal information that is shared for cross-contextual behavioral advertising purposes;
    • The right to opt-out of the sale of your personal information; and
    • The right to not be discriminated against due to your exercise of your rights under applicable law. We do not discriminate against users for exercising the rights granted to them under applicable law.
    The above rights are only exercisable by you where the applicable law grants you the right being exerted and where no exception or exemption under applicable law applies. You may also have a registered agent (if and only as permitted under applicable law) that you authorize to act on your behalf. If you have a registered agent act on your behalf, we have the right to authenticate such agent’s authority to act. To exercise the rights described herein (only to the extent applicable), you may submit a verifiable request to us by through the methods set forth under the “Exercise Your CA Rights” section below.
  • Exercising California consumer rights: Should you wish to request the exercise of your other rights as detailed above with regard to your CA Personal Information, we will not discriminate against you by offering you different pricing or services, or by providing you with a different level or quality of services, based solely upon this request. To make a request pursuant to your rights under California law, you may submit a verifiable request to us by:
    • Telephone: +1-703-522-1315
    • Visiting: 4300 Wilson Blvd., Arlington, VA 22203
    Only you or a registered agent (if and only as permitted under applicable law) that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. If you have a registered agent act on your behalf, we have the right to authenticate such agent’s authority to act. Without limiting the foregoing, the verifiable consumer request must:
    • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
    • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.  Making a verifiable consumer request does not require you to create an account with us.  We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request. We will respond to your request within the applicable timeframe required under applicable law. Further, California residents may opt out from the selling or sharing of their personal information for purposes of cross-contextual behavioral advertising by broadcasting the Global Privacy Control (GPC) Opt-Out Preference Signal from extensions and browsers that support the signal. To review extensions and browsers supporting the GPC signal, visit here: https://globalprivacycontrol.org/.

9. Data Subject Rights - GDPR

To the extent the GDPR applies to you, you have the following rights with regard to our processing of your Personal Data:

Right to Access, Correct and Delete Your Personal Data: AES will use reasonable measures designed to ensure that all Personal Data is accurate and up to date. You also have a responsibility to ensure that changes in personal circumstances (for example, change of address, bank account, etc.) are notified to AES so that we can ensure that your Personal Data is up-to-date.

You have the right to request access to any of your Personal Data that AES may hold and to request correction of any inaccurate Personal Data relating to you. You furthermore have the right to request deletion of Personal Data we hold about you.

Right to Withdraw Consent: In the event your Personal Data is processed on the basis of your consent, you have the right to withdraw consent at any time with effect for the future.

Data Portability: To the extent that we use your Personal Data on the basis of consent for the performance of a contract and that Personal Data is processed by automatic means, you have the right to receive all such Personal Data that you have provided to AES in a structured, commonly used and machine-readable format, and also to require us to transmit it to another data controller where this is technically feasible.

Right to Restrict Personal Data Use and Right to Object: You have the right to restrict our use of your Personal Data where (i) you contest the accuracy of the Personal Data; (ii) the use is unlawful but you do not want us to erase the Personal Data; (iii) we no longer need the Personal Data for the relevant purposes, but you require it for the establishment, exercise or defense of legal claims; or (iv) you have objected to our Personal Data use justified on our legitimate interests pending verification as to whether AES has indeed compelling interests to continue the relevant Personal Data use.

Lodge a Complaint: You also have the right to lodge a complaint with a supervisory authority, in particular in your country of residence, if you consider that the collection and use of your Personal Data violates this Policy or applicable law.

10. Other Information

(i) What is the legal basis of processing?

Some jurisdictions require an explanation of the legal basis for the collection and processing of Personal Data. We have several different legal grounds on which we collect and process Personal Data, including: (a) as necessary to perform a transaction (such as in order to provide the services you requested); (b) as necessary to comply with a legal obligation (such as when we use Personal Data for record keeping to substantiate tax liability); (c) consent (where you have provided consent as appropriate under applicable law); and (d) necessary for legitimate interests (such as when we act to maintain our business generally, including maintaining the safety and security of our websites and mobile applications).

(ii) What are the consequences of not providing Personal Data?

You are not required to provide all Personal Data identified in this Policy to use our websites and mobile applications or to interact with us offline, but certain functionalities will not be available if you do not provide certain Personal Data. If you do not provide certain Personal Data, we may not be able to respond to your request, perform a transaction with you, or provide you with marketing that we believe you would find valuable.

(iii) Do we engage in automated decision-making without human intervention?

We do not use automated decision-making without human intervention, including profiling, in a way that produces legal effects concerning you or otherwise significantly affects you.

(iv) Do our websites and mobile applications honor do not track ("DNT") signals sent via browsers?

Given the divergent practices of organizations that offer browsers and the lack of a standard in the marketplace, we do not respond to DNT signals at this time.

(v) How long do we retain Personal Data?

We retain Personal Data for no longer than for the period necessary to fulfill the purposes outlined in this Policy and as otherwise needed to address tax, corporate, compliance, litigation, and other legal rights and obligations.

(vi) Are third-party websites governed by this Privacy & Cookies Policy?

Our websites and mobile applications may contain links and references to other websites administered by unaffiliated third parties. This Policy does not apply to such third-party websites. When you click a link to visit a third-party website, you will be subject to that website's privacy practices. We encourage you to familiarize yourself with the privacy and security practices of the linked third-party websites before providing any Personal Data on that website.

We are active on social media, including Facebook, YouTube, Twitter, Glassdoor, and LinkedIn (“Social Media”). Our websites and mobile applications may allow you to connect and share data with Social Media. Anything you post on Social Media is public information and will not be treated confidentially. We may post (or re-post) on our websites and mobile applications and our Social Media pages any comments or content that you post on our Social Media pages. Your use of Social Media is governed by the privacy policies and terms of the third parties that own and operate those websites and not by this Policy.  

(vii) How does AES handle employee and contractor privacy issues?

Personal Data about our employees, contractors, and other AES temporary workers is addressed through internal company policies and procedures and is outside the scope of this Policy.

(viii) Is there any embedded content in the Services?

Our websites and mobile applications incorporate content, including feeds, scripts embedded in their code, and visible content (e.g., videos), provided by third parties. In some cases, those third parties collect data about how you interact with their content. For example, Google Maps or YouTube.

11. Contact Us

If you have questions or comments regarding this Policy or our privacy practices, please contact us at:

Privacy Office
4300 Wilson Blvd.
11th Floor
Arlington, VA 22203
dataprotectionofficer@aes.com