1. INTRODUCTION
Marvell Semiconductor, Inc., 5488 Marvell Ln., Santa Clara, CA, 95054, United States, has implemented a Concern Line (the “Concern Line”) on behalf of itself and its subsidiaries and affiliated entities (collectively “Marvell” or “we”, “us”, and “our”) so that employees and others can report concerns. The Concern Line is an alternative to other reporting channels, such as management and/or local HR. You may use whatever reporting channel makes you most comfortable.
2. WHAT INFORMATION MAY BE REPORTED THROUGH THE CONCERN LINE?
The Concern Line may be used to report any possible legal violation, unethical conduct or a violation of our Code of Business Conduct and Ethics (our “Code”). Some examples of things that may be reported through the Concern Line include:
You can also raise concerns through other reporting channels, such as another manager you trust, Human Resources, Ethics and Compliance at compliance@marvell.com, or the Legal Department. For more information, please see Marvell’s Investigations Policy.
3. WHAT CATEGORIES OF DATA MAY BE RECORDED?
The following categories of data may be processed:
Sensitive personal data relating to race or ethnicity, health, sexual life, religion or belief, or trade union membership may be processed as a consequence of a report. If a report to the Concern Line does contain sensitive personal data, that data will only be processed to the extent it is of relevance to the issue reported and only insofar as allowed for under applicable law.
4. WHAT ARE THE PURPOSES OF AND LEGAL BASES FOR THE DATA PROCESSING?
The purposes of the Concern Line include the following:
5. WHO WILL ACCESS THE REPORTS?
Reports will be managed by the assigned individuals responsible for handling the report. The assigned individuals may consist of the local personnel, and may also include personnel who are part of Marvell Semiconductor, Inc.’s Legal, Compliance, Internal Audit, Audit Committee, Board of Directors, and/or Human Resources departments. We will limit the number of individuals involved in any investigation to the extent consistent with a full and complete investigation and proper implementation of any required measures; those persons will be selected based on the seriousness and nature of the reported facts, the subject matter of the report, and the reporting line of the employees involved.
The information collected in your report may also be disclosed to external business consultants and service providers of Marvell or Marvell's affiliates (such as legal, finance and accounting, information technology and human resources advisors and/or similar consultants and advisors), law enforcement or government authorities as necessary to comply with legal requirements or in the course of a legal action, and to legitimate recipients of communications under applicable laws, where required by law or necessary for the purpose of, or in connection with, any legal proceedings.
6. DATA SUBJECT RIGHTS
Depending on your location, you may have various rights relating to your personal data. These may include: the right to access your personal data, the right to have your personal data rectified or erased, the right to restriction of the processing, the right to data portability, the right to object to the processing on grounds relating to your particular situation, and the right to revoke your consent where processing is based on consent. Most of these rights are not absolute and are subject to exemptions under applicable laws.
We will strive to respond to your exercise of right request within one month and may have the right to extend this period based on the applicable laws. If we extend the response period, we will let you know of the extension. You may also have a right to submit a complaint with the competent supervisory authority in the country of your residence, where you work, or where the alleged infringement of the applicable data protection law took place. If you would like to exercise a data right regarding your data, you may contact privacy@marvell.com.
7. DATA RETENTION
Personal data collected through the Concern Line is retained for the period necessary to achieve the purposes described above and in accordance with applicable legal requirement
8. QUESTIONS
If you have any additional question regarding the use of the Concern Line, please contact our Ethics and Compliance team at compliance@marvell.com. For questions related to this Notice or to privacy matters, please contact privacy@marvell.com.
This Notice was last updated in March, 2024.
LOCAL PROVISIONS: EUROPEAN ECONOMIC AREA AND THE UK
1. Controller
If you are located in the EEA and unless otherwise stated in this notice, the controller responsible for the processing of your personal data is the Marvell entity identified in Appendix A and operating in the specified jurisdiction where you file a report.
2. Legal Bases for Processing Personal Data
In accordance with the General Data Protection Regulation (EU) 2016/679 ("GDPR"), Marvell relies on the legitimate interests of Marvell, Marvell’s affiliates or other third parties as legal basis for processing the above-mentioned data categories, where such legitimate interests are not overridden by your interests or fundamental rights and freedoms (Article 6(1)(f) GDPR). “Legitimate interests” could include, without limitation:
Depending on the circumstances of the individual case, Marvell may alternatively rely on the following legal bases for the processing of the above-mentioned data categories:
(i) the necessity of the processing to comply with legal obligations (Article 6(1)(c) GDPR);
(ii) the necessity of the processing to protect vital interests of employees of Marvell, Marvell’s affiliates or other third parties who use the Concern Line or are the subject of a report (Article 6(1)(d) GDPR); or
(iii) consent, where you have provided your consent (Article 6(1)(a) GDPR).
3. Cross-border Data Transfers
As described above, your personal data may be processed and stored by individuals or entities located in countries where the level of data protection is not recognized as adequate by the European Commission. Transfers of personal data to such countries will be made in compliance with applicable law. In particular, Marvell will take the measures required to protect the security and the confidentiality of the data transferred (such as entering into the Standard Contractual Clauses published by the European Commission or putting in place other appropriate safeguards).
If you have additional questions about the processing of your personal data through the Concern Line, or wish to exercise any of your rights, you may contact Marvell as Privacy@Marvell.com.
Appendix A: List of Marvell Entities in Europe and the UK
Controller Entity |
Address |
Marvell Semiconductor Germany, GmbH |
23 Siemensstraße - D-76275 |
Marvell Technology Denmark APS |
24 Agern Alle, Room no. 55-4221, |
Marvell Technology Italy S.r.l. |
Viale della Repubblica 38 CAP |
Marvell Netherlands B.V. |
High Tech Campus 5 |
Marvell Technology Poland Sp. z o.o. |
76 Podole |
Marvell Technology Romania S.R.L. |
Calea Floreasca nr. 246 C, Cladirea Sky Tower, 9th Floor, 22nd Floor and Basement 3, Sector 1, |
Marvell Technology UK Ltd, Sucursal en Espana (Spain Branch) |
Gran Via 6, 4a Planta 28013 |
Marvell Technology Sweden AB |
BDO Mälardälen AB |
Marvell Technology UK Ltd. |
5th Floor Halo - Counterslip |