PCS B2B Global Privacy Policy

Effective date: March 2026

1) Who we are and scope

PCS Wireless, LLC and its worldwide affiliates (“PCS,” “we,” “us,” or “our”) operate this website (the “Site”). This Policy explains how we handle personal information collected through the Site and through off‑Site business interactions that relate to our business supplier and business customer relationships. We transact business offline and by agreement, no purchases or sales occur on the Site. Our Customer Terms and Conditions posted on the Site govern orders and transactions conducted with PCS.

This Policy is B2B‑focused. PCS generally receives company information (e.g., legal name, KYC details, bank and payment information) and limited personal information about business contacts (e.g., employee name, role, work email/phone).

Program‑specific policies. Certain programs (e.g., device trade‑in programs operated with partners) are governed by separate privacy policies published where those programs operate. Those programs may involve limited consumer information (name and shipping address to send return boxes/labels or manage reverse logistics) and receiving pre‑owned devices; PCS data wipes devices and does not access personal content on them, and the program‑specific privacy policy controls for those activities.

2) The personal information we collect

Business context data we collect may include:

  • Identity and contact (employee name, work email, phone, job title), company details (legal name, address, tax/KYC identifiers), and relationship data (account, communications).
  • Financial and anti‑fraud/KYC information provided by companies (e.g., bank details for settlement, screening results), to the extent needed for onboarding and compliance.
  • Logistics data (ship‑to name/location; courier labels; RMA/return information) when needed to send packaging, labels, or receive returns.
  • Technical/usage data from the Site (IP address, browser/type, pages viewed, referring/exit pages) collected via cookies and similar technologies (see Section 5).

We do not intentionally collect sensitive categories of personal information via the Site (e.g., health, ethnicity, precise geolocation) and the Site is not for children under 13 (or under the minimum age required by local law).

3) How we use personal information

We use personal information to:

  • Operate and improve the Site (analytics, security, troubleshooting).
  • Respond to inquiries and manage our supplier/customer relationships.
  • Onboard and verify counterparties (KYC/AML, fraud and sanctions screening as required by law or best practice).
  • Perform and administer contracts (including purchase orders, settlement, remittances, claims, RMAs, and reverse logistics).
  • Protect PCS (IT and physical security, incident detection/prevention) and comply with laws (tax, accounting, reporting).
  • Corporate transactions (due diligence and integration if we reorganize, merge, or sell part of our business).

Marketing. We may send B2B updates about our services to business contacts. Where required, we will obtain consent; you may opt‑out at any time (see Section 10).

4) Legal bases (EEA/UK)

Where GDPR/UK GDPR applies, we process personal data based on:

  • Legitimate interests (running our B2B operations, Site analytics, security, fraud prevention, business development) and balancing these interests with your rights;
  • Contract (to enter into or perform a contract with your company);
  • Legal obligation (KYC/AML, taxation, recordkeeping); and
  • Consent where required (e.g., certain cookies or electronic marketing).

We do not use solely automated decision‑making that produces legal or similarly significant effects.

5) Cookies and similar technologies

We use necessary cookies and basic analytics to understand Site performance and improve content. You can manage cookies via your browser settings.

6) How we share information

We share personal information only as needed to run our business:

  • PCS group companies worldwide (IT hosting, finance, compliance, support).
  • Service providers (hosting, security, analytics, communications, KYC/AML, logistics, professional advisers) under contracts that restrict their use of your data.
  • Counterparties and partners as necessary to perform contracts (e.g., shipping/returns).
  • Legal, regulatory, and law enforcement requests as required by law.
  • Business transfers (merger, acquisition, or reorganization).

We do not sell personal information and we do not share it for cross‑context behavioral advertising (as those terms are defined under U.S. state privacy laws).

7) International data transfers

PCS operates globally. Your information may be transferred to countries that may have different data‑protection laws than your home country (including the United States). Where required, we use appropriate safeguards, such as EU/UK Standard Contractual Clauses or other legally recognized mechanisms, and implement technical/organizational measures to protect data in transit and at rest. You can contact us to request more information about these safeguards.

8) Data retention

We retain personal information only for as long as necessary to fulfill the purposes described in this Policy, including meeting legal, accounting, audit, fraud‑prevention, and compliance requirements. PCS maintains a global records retention schedule that applies minimum retention periods required under applicable law and industry practice. We also apply periodic reviews to identify data that is no longer needed and securely delete or anonymize such data.

Unless a longer period is required by law, we generally apply the following retention periods:

  • Business contact information (name, work email, phone, role): retained for 3 years after the last business interaction or termination of the commercial relationship. PCS may retain this information for longer periods where required to comply with legal, tax, accounting, audit, fraud‑prevention, or regulatory obligations, to establish or defend legal claims, or where a longer retention period is otherwise permitted or required by applicable law.
  • KYC/AML and due‑diligence records: retained for 5 years after the end of the business relationship, or longer if required under applicable anti‑money‑laundering or financial‑compliance laws.
  • Financial, transactional, and accounting records: retained for 7 years to comply with tax and accounting obligations. PCS may retain these records for longer periods where required under applicable law, to comply with audit or regulatory obligations, to maintain accurate financial reporting, or to establish or defend legal claims.
  • Logistics and shipment/return records (including RMA details): retained for 3 years after fulfillment or closure of the relevant transaction. PCS may retain these records for longer periods where required under applicable law, by contract, to comply with audit or regulatory obligations, to support warranty or reverse‑logistics processes, or to establish or defend legal claims.
  • Technical logs and website analytics data: retained for 12–24 months, unless aggregated or anonymized for longer‑term analytics. PCS may retain certain logs for longer periods where required under applicable law, by contract, for security, fraud‑prevention, or audit purposes, or to establish or defend legal claims.

Where specific retention periods cannot be provided, we apply the following criteria to determine retention duration:

  • statutory record‑keeping requirements in relevant jurisdictions;
  • limitation periods for legal claims;
  • operational needs for fraud prevention, security, or contract administration; and
  • the necessity of maintaining accurate business records.

Once personal information is no longer required for these purposes, we delete or anonymize it in accordance with our global retention schedule and security protocols.

9) Security

We use administrative, technical, and physical safeguards designed to protect personal information. No system is 100% secure; if you suspect any unauthorized access or incident, please contact us immediately (see Section 12).

10) Your choices and rights

Marketing preferences. You can opt‑out of marketing emails at any time by using the link in the message or contacting us.

Cookies. Control via your browser.

Rights by region.

  • EEA/UK: You may request access, correction, erasure, restriction, objection (including to processing based on legitimate interests), and portability. You also have the right to lodge a complaint with your local supervisory authority; we encourage you to contact us first so we can address your concern.
  • United States (certain states): You may have rights to access, correct, delete, and to appeal our decision on a request. Because we do not “sell” or “share” personal information, the opt‑out right from sales/sharing does not apply to our current practices.

To exercise your rights, email privacy@pcsww.com. PCS will verify your identity before processing any request, consistent with applicable law. Verification may include confirming information we already hold about you or requesting additional details needed to authenticate your identity. If you authorize a representative to submit a request on your behalf, we will also require sufficient documentation to confirm both your identity and the representative’s authority, as permitted by applicable law.

PCS will verify authorized‑agent requests as follows:

  1. Verification of Your Identity (the Data Subject)
    PCS may require the individual on whose behalf the request is made to provide information sufficient for PCS to reasonably confirm the individual’s identity.
    This may include:
    • Matching specific information already held by PCS; or
    • Providing additional information that PCS reasonably needs to confirm identity; or
    • Providing a signed declaration confirming that the agent is authorized to act on your behalf.
  2. Verification of the Authorized Representative
    PCS will require the authorized representative to provide:
    • Their name and contact information,
    • Proof of identity, and
    • Documentation demonstrating authority to act for the data subject.

Acceptable documentation may include:

  • A signed written authorization from the data subject;
  • A valid power of attorney under applicable law; or
  • Other legally sufficient evidence demonstrating the agent’s authority.
  1. Direct Confirmation
    PCS may contact the data subject directly to:
    • Confirm that the individual has authorized the representative; and
    • Confirm that the request is genuine.
  2. Insufficient Proof
    If the identity of the data subject or the authority of the authorized representative cannot be verified with reasonable certainty, PCS may request additional documentation or may decline the request as permitted by applicable law.
  3. Security of Requests
    PCS will process verified requests in accordance with applicable data‑protection laws and will not disclose or delete personal information unless and until verification requirements are met.

11) Third‑party links

The Site may link to third‑party websites or services. Their privacy practices are governed by their own policies; please review them.

12) Contact us

PCS Wireless, LLC
Attn: Legal Department
11 Vreeland Road, Florham Park, NJ 07932, USA
Email: privacy@pcsww.com

If you are in the EEA or UK, you may also contact your local data‑protection authority. If required by law, PCS will appoint a representative and publish those details in the relevant Region‑specific Addenda.

13) Changes to this Policy

We may update this Policy from time to time. We will post the updated version and its effective date on this page. Material changes will be communicated where required by law.

 

REGION‑SPECIFIC ADDENDA

EEA / UK Data Protection Addendum

  1. Scope

This Addendum applies to personal data processed by PCS Wireless, LLC and its global affiliates (“PCS”) relating to individuals located in the European Economic Area (“EEA”) or the United Kingdom (“UK”), in connection with PCS’s business‑to‑business operations.

  1. PCS Establishments in the EU and UK

PCS operates through affiliates established in the Netherlands and the United Kingdom, which constitute stable arrangements within the EEA/UK.

  1. Article 27 EU/UK Representative

Because PCS is established in the EU/EEA and UK through its affiliates, PCS is not required to appoint a representative under Article 27 GDPR or Article 27 UK GDPR.

  1. Legal Bases for Processing

Where PCS processes personal data relating to EEA/UK individuals, PCS relies on one or more of the following legal bases:

  • Legitimate interests, including business operations, supplier and customer management, security, and fraud prevention.
  • Performance of a contract with a business customer or supplier.
  • Compliance with legal obligations, including tax, accounting, and due‑diligence requirements.
  1. Cross‑Border Data Transfers

Where transfers of personal data occur within the PCS group or to third‑country recipients, PCS uses appropriate safeguards, such as:

  • EU Standard Contractual Clauses (SCCs),
  • the UK International Data Transfer Addendum, or
  • another mechanism recognized by applicable law.
  1. Data Subject Rights

Individuals in the EEA/UK may exercise their rights of access, rectification, erasure, restriction, portability, and objection, as permitted under GDPR/UK GDPR.

Requests may be submitted to: privacy@pcsww.com

PCS will respond to data subject requests within the time frames required by GDPR/UK GDPR or other applicable law, including any permitted extensions.

  1. Complaints

Individuals may lodge complaints with:

  • their local EEA supervisory authority, or
  • the UK Information Commissioner’s Office (ICO): https://ico.org.uk

                                                                                                                                               

U.S. STATE PRIVACY ADDENDUM

  1. Scope

This Addendum applies to residents of U.S. states that have enacted comprehensive consumer privacy laws, to the extent those laws apply to PCS’s processing of personal information. PCS monitors changes in state privacy laws and updates this Addendum as appropriate.

  1. Applicability to PCS

PCS conducts only business‑to‑business (B2B) operations. Many U.S. state privacy laws apply only to “consumers” acting in an individual or household context and do not apply to individuals acting in a commercial context, such as employees of suppliers or business partners.

Accordingly, these laws typically apply to PCS only in limited circumstances.

  1. Your Rights Where Applicable

If a U.S. state privacy law applies to your interaction with PCS, you may have rights to:

  • Access personal information
  • Correct inaccuracies
  • Delete personal information
  • Obtain a portable copy of personal information
  • Opt out of certain processing, where required by law

You may exercise applicable rights by contacting privacy@pcsww.com.

  1. No Sale or Sharing

PCS does not sell personal information or share it for cross‑context behavioral advertising, as those terms are defined under U.S. state privacy laws.

  1. Non‑Discrimination

PCS will not discriminate against any individual for exercising rights available under applicable U.S. state privacy laws.