Employee Personal Data Privacy Policy:

Meritor is committed to providing privacy protection of employee data maintained by the company. It is Meritor’s intention to comply with all local data protection regulations worldwide including the European Commission’s Directive on Data Privacy. The company will certify annually with the U.S. Department of Commerce that Meritor is in compliance with the safe harbor framework approved by the European Union. Compliance with the safe harbor framework demonstrates the adequate privacy protection required by the European Commission’s Directive.

Meritor maintains a global Human Resource Information System (HRIS) to manage and administer the company’s human resources. The database for the HRIS is located at Meritor’s North American data center. The system provides a benefit to the company and employee and is used to support payroll, improve training programs, monitor workplace health and safety, and supports the company goal of being the “best place to work.”

Notice: Employees are asked to provide personal data upon acceptance of employment for the purpose of compensation including fringe benefits and other tasks related to the operation of the company. Employees may request to review their personal information maintained in the HRIS by contacting the Human Resource Representative for their location. Employees should direct any inquires or complaints, regarding personal data, to their local HR Representative.

Choice: There are situations when personal data are transmitted to third parties to provide compensation, fringe benefits, or to satisfy home country government reporting requirements. Prior written consent of employees will not be requested for this employment related data. Meritor will not provide personal data to any other third party without the prior written consent of the employee.

Onward Transfer: Personal data transferred to third parties acting as an agent for Meritor will be required to either subscribe to the safe harbor principles or enter into a written agreement with Meritor requiring the third party to provide at least the same level of privacy protection as is required by the relevant principles.

Security: Access to the HRIS is controlled by a log-on sequence and requires users to identify themselves and provide a password before access is granted. Users are limited to data required to perform their job function. Security features of the HRIS software and developed processes are used to protect personal information from loss, misuse, and unauthorized access, disclosure, alteration and destruction.

Data Integrity and Access: Employee data maintained by the company will be used for the sole purpose of supporting company operations and providing employee benefits. Meritor HR and Payroll processes include tasks and procedures to keep personal data accurate, complete, and current. Employees have the option to review personal data by contacting their local HR representative. As part of the review process, employees can correct, amend, or delete that information where it is inaccurate.

Enforcement: Annual reviews of this policy and principles will take place as part of the certification process with the U.S. Department of Commerce. Meritor will include internal compliance reviews as part of the company internal audit process. Employees should forward any complaints or disputes regarding personal data protection to their local HR Representatives. Complaints or disputes that cannot be remedied by the local HR Representative should be forwarded to the Business Standards Compliance Committee located at:

C330 Confidential
2135 W Maple Road
Troy, Michigan USA
48084-7816

Meritor agrees to cooperate with (local country) data protection authorities to resolve disputes with employees that cannot be remedied directly with the employee.