1.1 1.1 This Privacy Policy sets out how we, ELGi Compressors s.r.l. with registered office at Dreve Richelle 167, 1410 Waterloo, Belgium and its subsidiaries (further referred to as “ELGi Compressors s.r.l” separately, or jointly as “ELGi”, “our” or “we”), process the personal data of our employees, suppliers, partners, visitors of our website, and customers (“individual” or “individuals”), in accordance with the EU General Data Protection Regulation (“GDPR”). ELGi Compressors s.r.l., is the controller for personal data collected and processed with respect to these individuals.
The categories of personal data that ELGi processes about you for the purposes described in Section 3 below are:
ELGi generally collects personal data directly from you (electronically, in writing) by way of, among others, website forms and messages you address to us. You may also provide new, or updated or corrected personal data to ELGi from time to time. Personal data we process may include the following:
- 2.1.1 Personal details, such as name, contact details including address, telephone number, company/employer, e-mail address;
- 2.1.2 Other customer details, such as username, password, fax number, job title/function, contact person, tax number, ELGi account number,
- 2.1.3 Other employee details, such as photos, nationality, date of birth, age, gender, national identification number, employee identification number, online identifier, username and password, family status, information about dependents, beneficiary and emergency contact information, experience and qualifications, job-related details (e.g. letters of offer and acceptance, employment contract), participation in compliance trainings, payroll and benefit information (such as salary and wage, banking details, bonus, benefits including for dependents), and where not prohibited by laws, information about recent travel destinations for leisure, only to the extent necessary to determine whether you have visited zones with significant health risks such as the risk of contracting a contagious disease.
- 2.1.4 Other supplier or partner details, such as invoice data, including invoice mailing address, contact name, bank account details, description of work or scope of services and associated information made available for the payment of invoices.
- 2.1.5 Customer preferences, such as product preferences or interest, purchase history, distribution channel used, financial information;
- 2.1.6 Your enquiries and our responses, which may contain personal data;
- 2.1.7 Transaction data, such as when you purchase a product or service from us;
- 2.1.8 Customer service, warranty or other claims.
ELGi collects certain personal data directly from your device, when you visit our website:
- 2.2.1 Device and browser information: We may collect information about your computer and/or device, including device type, IP address, device identifier, and operating system.
- 2.2.2 Location data: If you have enabled access to your location on your mobile device, we may collect location information, including precise and imprecise location derived from your IP address.
- 2.2.3 Information and statistics on site usage: We use cookies to collect information about your use of our website, including content viewed or downloaded, time spent on pages, links clicked, features used, and dates and times of interactions.
For further details concerning the above, including how to disable these technologies, please see Section 9 on Cookies.
- 2.3.1 ELGi collects certain personal data directly from third parties who provide services to ELGi or carry them out on our behalf, such as payment services providers or website management providers.
- 2.3.2 In certain cases, ELGi receives personal data from third parties who provide services to ELGi for the purposes described below. Such parties include social networks that you use to connect with us, such as LinkedIn. We may also receive data from third party service providers such as recruiters who may send us candidates’ profiles and data, or providers who perform personality tests on candidates.
- 3.1.1 performing our contract with you, for instance by providing our goods and services to you;
- 3.1.2 enabling our distributors, suppliers and service providers to perform certain functions on our behalf, including payment processing, logistical or other functions, as may be necessary to fulfil your orders;
- 3.1.3 sending you a newsletter or marketing communications, to inform you of our products and services, which we consider may be of interest to you;
- 3.1.4 responding to your questions and communications with you, for example if you have left your contact details on our website in order for us to contact you;
- 3.1.5 ensuring the security of our website, systems and networks, including by preventing or detecting fraud or abuses, which includes the protection of intellectual property, trade or business secrets;
- 3.1.6 improving our goods and services, for example, by reviewing visits to our website and monitor the demand for specific goods and services;
- 3.1.7 managing HR matters, including recruitment, execution and termination of employment, managing payroll and benefits, ensuring health and safety at the work place, verifying attendance at work, handling promotions and assessing qualifications for a particular job or task, providing trainings and ensuring professional development of staff members, talent management;
- 3.1.8 carrying out other business operations, including invoicing, accounting, business networking, auditing transactions;
- 3.1.9 complying with applicable law, for example, in response to a request from a court or regulatory authority, where such request is made in accordance with the law.
- 3.2.1 to perform a contract that we have in place with you or the company you represent;
- 3.2.2 for the ELGi’s legitimate business interests as outlined in paragraphs 3.1.1, 3.1.3, 3.1.5, 3.1.6 and 3.1.8 above;
- 3.2.3 you provided us with your consent;
- 3.2.4 for the establishment, exercise or defense of a legal claims; or
- 3.2.5 for compliance with a legal or statutory obligation to which ELGi is subject.
3.3 In the event that we use your personal data for other purposes, not specified above, we will inform you about them, and, if required, of our basis for doing so, at the time we collect the personal data from you, to the extent required by law.
In certain circumstances, we wish to disclose or are compelled to disclose your personal data to third parties for the purposes described in this Privacy Policy. Such disclosure will only take place in accordance with the relevant applicable laws and for the purposes listed above. These scenarios may include disclosure:
- 4.1 to our affiliates or associated offices (for more information about ELGi’s affiliates and subsidiaries, please contact us at the address provided in Section 10 below); to our outsourced service providers or suppliers to facilitate the provision of our goods or services, such as hosting service providers, IT system administrators and support services, online payment services and customer services providers;
- 4.2 to third party service providers and consultants, in particular [providers of IT and server security services], in order to protect the security or integrity of our business, including our databases and systems and for business continuity reasons;
- 4.3 to another legal entity, on a temporary or permanent basis, for the purposes of a joint venture, collaboration, financing, sale, merger, reorganization, change of legal form, dissolution or similar event. In the case of a merger or sale, your personal data will be permanently transferred to a successor company;
- 4.4 to public authorities where we are required by law to do so and to defend or enforce our rights, protect our property, assets or safety of others.
- 4.5 Some links in our website will take you to ELGi social media pages located on social media sites such as LinkedIn. Our pages on social media sites are governed by the privacy policy of the companies operating such sites.
- 5.1 We may transfer your personal data to a third party in countries outside the country in which it was originally collected for further processing in accordance with the purposes set out in Section 3 above.
- 5.2 In particular, your personal data may be transferred throughout the ELGi group of companies located abroad. You can find locations of all of our global affiliates here. Intra-group transfers of personal data to recipients in non-EEA countries which do not have the same level of protection as the EEA, take place based on standard clauses approved by the European Commission.
- 5.3 In circumstances where your personal data is transferred to our outsourced service providers located abroad, we will, where required by applicable law, ensure that your privacy rights are adequately protected by appropriate technical, organization, contractual or other lawful means. In particular, we take measures to help protect your personal data when it is transferred from the EEA to third countries. We rely on European Commission adequacy decisions about certain countries, as applicable (see here). Other measures include having standard clauses approved by the European Commission (see here) in our contracts with third parties that receive information outside the EEA or using other acceptable data transfer mechanisms, such as the EU-U.S. Privacy Shield framework for transfers to self-certified U.S. organizations (see here), Binding Corporate Rules (see here), approved Codes of Conduct and Certifications or, in exceptional circumstances, based on permissible statutory derogations.
- 5.4 Now the Brexit transition period has ended, the UK is a ‘third country’ – the name given to all countries outside the EEA (EU member states, plus Iceland, Liechtenstein and Norway). As part of the new trade deal, the EU has agreed to delay transfer restrictions for at least another four months, which can be extended to six months (known as the bridge) – lasting until June 2021. This enables personal data to flow freely from the European Economic Area (EEA) to the UK until either adequacy decisions are adopted, or the bridge ends.
- 5.5 Please contact our DPO at [email protected] for a copy of the safeguards which we have put in place to protect your personal data and privacy rights in these circumstances.
We will retain your personal data as long as is reasonably necessary for the purposes listed in Section 3 above or as required by applicable local law. Retention periods can vary based on the type of personal data and the purpose for which it is used. We retain personal data in accordance with our internal data retention guidelines, based on criteria that include legally mandated retention periods, pending or potential litigation, our intellectual property or ownership rights, contract requirements, operational needs, and historical archiving. Please contact us for further details of applicable retention periods.
The GDPR provides individuals residing in the EEA with various rights with regards to their personal data. In particular, you may exercise the following data protection rights regarding your personal data, if you are visiting our website from the EEA or where the GDPR, or other applicable EU data protection laws so provide, whereby these rights are subject to the conditions laid down in the GDPR.
- 7.1 Access – you have the right to obtain from us confirmation if your personal data is being processed, certain information in this regard and a copy of the personal information undergoing such processing.
- 7.2 Rectification – you have the right to request that inaccurate personal data be corrected and to have incomplete data completed.
- 7.3 Objection – you have the right, when we process your personal data based on our or a third party’s legitimate interests, to object to the processing of your personal data for compelling and legitimate reasons relating to your particular situation, except in cases where legal provisions expressly provide for that processing. In addition, you have the right to object at any time where your personal data is processed for direct marketing purposes. (However, please note that if you object to your use of personal data for direct marketing purposes, we will send you transactional messages in relation to good or services that you have ordered from us. These include responses to your questions and information about goods and services you have ordered from us.)
- 7.4 Portability – you have the right to receive a copy of the personal data that you have provided to us in a structured, commonly used and machine-readable format, and you have the right to transmit them to other controllers. This right only exists if the processing is based on your consent or a contract and the processing is carried out by automated means.
- 7.5 Restriction – you may request that we restrict processing of your personal data if (i) you contest the accuracy of it – for a period we need to verify your request; (ii) the processing is unlawful and you oppose the erasure of it and request restriction instead; (iii) we no longer need it, but you tell us you need it to establish, exercise or defend a legal claim; or (iv) you object to processing based on public or legitimate interest – for a period we need to verify your request.
- 7.6 Erasure – you may request that we erase your personal data if it is no longer necessary for the purposes for which we have collected it, if you have withdrawn your consent and no other legal ground for the processing exists; if the processing is unlawful, or if erasure is required to comply with a legal obligation.
- 7.7 Right to lodge a complaint – you have the right to lodge a complaint with a supervisory authority, in particular in the EU Member State of your residence.
- 7.8 Right to refuse or withdraw consent – please note that in case we ask for your consent to certain processing, you are free to refuse to give consent and you can withdraw your consent at any time without any adverse negative consequences. The lawfulness of any processing of your personal data that occurred prior to the withdrawal of your consent will not be affected.
Cookies are information (small text strings) created by a server that are saved on your browser when you visit a website. Cookies perform different and important functions within the network (i.e. implementation of computer authentication, monitoring of sessions, storage of information on specific configurations concerning users accessing the server, storing preferences).
8.2.1 Technical cookies
These cookies are necessary for the proper functioning of the website, allow browsing of pages and search for other services. Without these cookies we could not provide the services for which users access the website. They can be divided into:
- Navigation or session cookies, which guarantee the normal navigation and use of the website; they are in fact necessary for the proper functioning of the website.
- Functionality cookies, which allow the user to navigate according to a series of selected criteria (for example, the language, the products selected for purchase) in order to improve their experience.
Technical cookies do not require consent, but only the obligation to inform, so they are installed automatically when the user accesses the website.
8.2.2 Analytics cookies
The website uses Google Analytics for statistical purposes. It is a web analysis service provided by Google Inc. (“Google”) that uses cookies that are stored on the user’s device to allow statistical analysis in aggregate form in order to use the website visited.
The data generated by Google Analytics are stored by Google as indicated in the information available at the following link: https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage. You can disable Google Analytics cookies by downloading a specific browser plug-in available at the following URL: https://tools.google.com/dlpage/gaoptout.
Some cookies (session cookies) remain active only until the browser is closed or when the logout command is executed. Other cookies “survive” when the browser is closed and are also available in subsequent visits by the user. These cookies are called persistent and their duration is set by the server when they are created.
You can disable the setting of cookies on your device by configuring the browser (Internet Explorer, Mozilla Firefox, Microsoft Windows Explorer, Safari). However, this action could inhibit the proper functioning of the website.
If you have any questions, comments, or requests regarding this Privacy Policy, please direct your request to:
ELGi Compressors s.r.l.
Dreve Richelle 167,
1410 Waterloo,
Belgium
DPO E-mail address: [email protected]
The following terms are used within this Privacy Policy and mean the following:
- 10.1 “controller” means the natural or legal person, public authority, agency or any other body which alone or jointly with others determines the purposes and means of the processing of personal data;
- 10.2 “EEA” means the European Economic Area and comprises the EU Member States as well as Iceland, Liechtenstein and Norway;
- 10.3 “GDPR” means Regulation (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation);
- 10.4 “personal data” means any information relating to an identified or identifiable natural person (i.e., “data subject”); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity; and
- 10.5 “processing” means any operation or set of operations performed upon personal data, whether or not by automatic means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction.