PRIVACY POLICY

Image

Cargotec Privacy Statement

Cargotec Corporation (“We” or “Cargotec”), recognize the importance of protecting people’s privacy and personal data and processing it in accordance with the applicable privacy laws. It is the purpose of this Privacy Statement (“Statement”) to communicate the ways we process personal data in our marketing and sales activities. Should any applicable mandatory laws or regulations be in conflict with this Statement, we will respect such laws and regulations over any conflicting parts in this Statement.

If you have any questions or inquiries concerning this Privacy Statement and/or your personal data, please contact privacy@cargotec.com.

Who is the data controller of personal data?

Data controller, and therefore the legal entity responsible for collection and use of personal data under this privacy policy is Cargotec Corporation. In regards to detailed data processing activities, individual Cargotec affiliate companies may also operate as data controllers, either independently or jointly with Cargotec Corporation.

Why do we collect personal data?

Our primary purpose is to collect information about our customers who are other businesses and not individual data subjects or people. As part of our sales and marketing activities we will, however, collect and use personal data for the purposes of being able to provide our products and services to our customers and manage our customer relations. We also use personal data for the purposes of marketing, lead generation as well as hosting corporate events, online forums and social networks.

In regards to our websites, we use the web site navigational information to operate and improve those websites. We may also use web site navigational information alone or in combination with other personal data in order to provide you with personalized information about Cargotec and our services and products.

What personal data do we collect?

General customer relations management. For the purposes of providing our products and services to our customer entities, and to manage our customer relations, as well as to seek prospective and potential new customers, we will collect information about individuals who are employed by or otherwise connected to those companies. Such information includes basic identifying details such as name, email address, title and position in the related company.

Marketing. For the purpose of marketing we may collect your name, address, email, information on your work title or position and your employer the company or the company to which you are otherwise related.

Website. If you visit our website, we may also collect information about you through your use of our website, including information gathered through analytics tools and cookies.

Where do we collect the personal data from?

General customer relations management. For the purposes of providing our products and services to our customers and to manage our customer relations, we collect the personal data either directly from you, through your employer company or the company to which you are otherwise related to, or through publicly available sources such as social media channels.

Marketing. For the purposes of our marketing, we collect the personal data either directly from you, through your employer company or the company to which you are otherwise related to, you are employed by or otherwise related to, or through publicly available sources such as social media channels.

Website. During your visit on our websites we collect data explicitly from you or generate that data through your use of our websites.

What is the legal basis for the processing of personal data?

We collect and process your personal data based on legitimate interests related to the aboveexplained purposes and our operations. In some instances we may also request for your consent.

Who do we share personal data with?

We share your data on a regular basis only with service providers and business partners that operate and process personal data as data processors on our behalf. These data processors may include IT, technology and tools providers hosting and maintaining our data as well as possible market research partners. Other data processors may also include professional service providers such as headhunters or job applicant assessment service providers.

We are committed to applying adequate measures to make sure your personal data is secured reasonably and effectively in all instances, including granting access to personal data only to persons who have a reasonable requirement to access to the data to be able to perform tasks they are required to do.

Do we transfer my personal data outside the European Union or the European Economic Area?

We may transfer your personal data outside the European Union and/or the European Economic Area. In order to ensure adequate protection of any such transferred data we typically apply the necessary safeguards in the form of the European Commission Standard Contractual Clauses. However, in individual circumstances other safeguards may apply. In any case, we will always ensure that your personal data is adequately protected as required by applicable laws and regulations.

How long do we retain personal data?

We retain the personal data for only as long as that data is necessary for the purposes we have collected it, or if we are required to retain that data for longer periods in order to comply with applicable laws. We will also delete or upon notice correct any incorrect or inaccurate data. We are committed to applying our internal data retention policies, as they are in force from time to time.

Our Information Security Practices

Personal data may be stored either in hardcopy or electronic form. We recognize our obligation to safeguard the sensitive nature of all personal data. We are, therefore, committed to applying protective measures to secure against the unauthorized access, modification, collection, copying, use, and disclosure of any personal data. These measures include: (i) limiting the access and uses of information to those Cargotec personnel, contractors and suppliers and persons who, for in order to be able to perform their relevant tasks need to have, on a fair and lawful basis, access to personal data; (ii) use of physical and electronic access codes and passwords to control and restrict access; (iii) training and raising awareness on relevant Employees and other personnel about data protection and privacy; (iv) applying updates and at-minimum-industry standard technical security measures.

What rights do individuals have in regards to their personal data?

You have the right to ask us to tell you what data we at any given time store about it. Subject to local applicable laws you also have the right to:

(a) request us to erase your personal data if you deem that it should be erased, subject to applicable laws and our retention criteria;

(b) request us to restrict the use of your data or object to our processing of your personal data;

(c) object to us in processing your personal data;

(d) request us to move your personal data over to you or to another data controller in accordance with the European Data Protection Regulation;

(e) if we have requested and you have given us your consent to process your personal data, you may have the right to withdraw that consent in accordance with applicable laws; and

(f) lodge a complaint with a relevant data protection authority if you deem that we have processed your personal data in violation of the applicable data protection laws.

Please note that we will review such requests and execute them in the fullest extent possible in accordance with applicable laws.