Home
>
Privacy Statement

Privacy Statement

MacGregor Privacy Statement - Sales, Website and Marketing

MacGregor (“we” or “MacGregor”), recognises the importance of protecting people’s privacy and personal data and processing it in accordance with the applicable privacy laws. 

It is the purpose of this Privacy Statement (“Statement”) to communicate the ways we process personal data in connection with managing our customer relationships. This data may concern the personnel or agreement partners (representatives) of our customers that are related to the relationship and for dispute resolution purposes, also other persons that are on the opposing party or otherwise involved in the matter. 

Furthermore, it is the purpose of this Statement to communicate the ways we process personal data when you visit our websites, receive newsletters or marketing material from us or participate in events, online forums or social networks hosted by us.

Should any applicable mandatory laws or regulations be in conflict with this Statement, we will respect such laws and regulations over any conflicting parts in this Statement. If you have any questions or inquiries concerning this Statement and/or your personal data, please contact privacy@macgregor.com

Data controller of personal data

Data controller, and therefore the legal entity responsible for collection and use of personal data under this privacy policy is MacGregor Finland Oy.

Contact information of the data controller:

MacGregor Finland Oy
Business ID: 2557310-4
Hallimestarinkatu 6
20780 Kaarina
Finland

Categories of personal data collected and processed

In case we act as data controller for personal data of our customers’ representatives, the following categories of personal data might be collected for the data processing purposes:

  • Name
  • Work email address and work phone number
  • Information on who is the Customer, i.e. usually your employer

We always screen companies and contact persons against the European Union (EU), Office of Foreign Assets Control (OFAC), and the United Nations (UN) sanctions lists.

In addition, if you visit our websites, we may collect your IP address, and details on how you interact with us and similar information. In this connection, we may also collect information about you through your use of our website, including information gathered through analytics tools and cookies. We use the web site's navigational information to operate and improve those websites. We may also use web site navigational information alone or in combination with other personal data in order to provide you with personalised information about MacGregor and our services and products. For more information, please see our Cookie Policy.

Purposes of processing personal data

Our primary purpose is to collect information about our customers who are other businesses and not individual data subjects or people. As part of our sales and marketing activities we will, however, collect and use personal data for the purposes listed below.

  • Customer relationship management: We collect and process personal data from representatives of our customers for the purpose of managing the business relationship, including but not limited to providing products or services, fulfilling orders, delivering support and assistance, and communicating with our customers.
  • Contractual obligations: Personal data may be processed to fulfil our contractual obligations with our customers, including entering into contracts, performing contractual obligations, and administering accounts.
  • Customer support: We may process personal data to provide customer support, respond to inquiries, resolve issues, and assist with technical or product-related matters.
  • Other purposes: In specific cases, we may process personal data to to execute obligations related to sanctions, to comply with other applicable legal or regulatory requirements and internal policies, documentation and requirements, to handle inquiries, complaints and claims from third parties and to handle inspections and inquiries of supervisory authorities and for the purposes of external audits. 
  • Marketing and promotions, including direct marketing: With your consent or where permitted by law, we may use personal data for marketing and promotional purposes, such as sending newsletters, promotional offers, and updates about MacGregor’s products or services, to operate and improve our websites, to tailor the content of our website to provide you with a more personalised experience, to manage and respond to requests you submit through our website, to market, generate leads and host corporate events, online forums and social networks.
  • Analytics and improvement: Personal data may be processed for analytical purposes to understand customer preferences, improve MacGregor’s products or services, and optimise the customer experience.

Lawful basis of processing personal data

  • We collect and process your personal data based on one or more of the following legal bases:
  • Contractual necessity: The processing of personal data is necessary for the performance of the contract between MacGregor and its customer, including the provision of products or services, fulfilment of orders, and management of contractual obligations.
  • Legal obligations: we may process personal data as necessary to comply with our legal obligations, such as those related to applicable laws and regulatory requirements.
  • Legitimate interests: In certain cases, we may process personal data based on legitimate interests, provided that such processing does not override your fundamental rights and freedoms. MacGregor’s legitimate interests may include managing customer relationships effectively, providing quality customer support, and improving MacGregor’s products or services.
  • Consent: Where required by law or where processing is based on consent, we will obtain the consent of the customer representative before processing personal data for marketing or promotional purposes. You have the right to withdraw your consent at any time.

The sources from which we gather personal data 

We collect the personal data either directly from you, through your employer company or the company to which you are otherwise related to, or through publicly available sources such as social media channels. We may also collect your personal data from public authorities, MacGregor affiliated companies and other third party relations, depending on the type of the services provided. Examples of third party sources include:

  • Registers held by governmental agencies
  • Financial sanction lists
  • Registers held by credit-rating agencies and other commercial information providers 

During your visit on our websites we may collect data explicitly from you or generate personal data through your use of our websites. To make sure that our website is functioning effectively, we or our service providers may use cookies and web beacons which may collect personal data. Additional information on how we use cookies and other tracking technologies and how you can manage your settings can be found in our Cookie Policy.

Data recipients and data transfers 

We share your data on a regular basis only when this is required by the purpose of the personal data for which it was originally collected and only with service providers and business partners that operate and process personal data as data processors on our behalf. These data processors may include IT, technology and tools providers hosting and maintaining our data as well as possible market research partners. 

We are committed to applying adequate measures to make sure your personal data is secured reasonably and effectively in all instances, including granting access to personal data only to persons who have a reasonable requirement to access the data to be able to perform tasks they are required to do.

In certain circumstances, it is permitted that personal data be shared without your knowledge or consent. This is the case where the disclosure of the personal data is necessary for any of the following purposes:

  • The prevention or detection of crime
  • The apprehension or prosecution of offenders
  • The assessment or collection of a tax or duty
  • By the order of a court or by any rule of law 

If we process personal data for one of these purposes, then it may apply an exception to the processing rules outlined in this policy but only to the extent that not doing so would be likely to prejudice the case in question. 

Transfers of personal data between countries are often essential for international trading. MacGregor may need to transfer personal data to countries outside the European Union or the European Economic Area for business purposes.

In order to ensure adequate protection of any such transferred data we typically apply the necessary safeguards in the form of the European Commission Standard Contractual Clauses. However, in individual circumstances other safeguards may apply. In any case, we will always ensure that your personal data is adequately protected as required by applicable laws and regulations. 

Retention of personal data

We retain the personal data for only as long as that data is necessary for the purposes we have collected it, or if we are required to retain that data for longer periods in order to comply with applicable laws. We will also delete or upon notice correct any incorrect or inaccurate data. We are committed to applying our internal data retention policies, as they are in force from time to time. After the retention period, we delete all personal data in accordance with the sensitivity of said data.

Our information security practices

Personal data may be stored either in hardcopy or electronic form. We recognise our obligation to safeguard the sensitive nature of all personal data. We are, therefore, committed to applying protective measures to secure against the unauthorised access, modification, collection, copying, use, and disclosure of any personal data. These measures include: (i) limiting the access and uses of information to those MacGregor personnel, contractors and suppliers and persons who, for in order to be able to perform their relevant tasks need to have, on a fair and lawful basis, access to personal data; (ii) use of physical and electronic access codes and passwords to control and restrict access; (iii) training and raising awareness on relevant employees and other personnel about data protection and privacy; (iv) applying updates and at-minimum-industry standard technical security measures.

Your rights regarding your personal data

As a data subject you have the right to ask us to tell you what data we at any given time store about you. You are entitled to request, based upon a request made in writing to us (using the contact details indicated above in this Statement) and upon successful verification of your identity, the following about your own personal data:

  • Request to access your personal data we are keeping about you
  • Request correction of incorrect or incomplete data
  • Request us to erase your personal data if you deem that it should be erased, subject to applicable laws and our retention criteria 
  • Request us to restrict the use of your data or object to our processing of your personal data
  • Object to us in processing your personal data
  • Request us to move your personal data over to you or to another data controller in accordance with the applicable law
  • If we have requested and you have given us your consent to process your personal data, you may have the right to withdraw that consent in accordance with applicable laws and
  • Lodge a complaint with a relevant data protection authority if you deem that we have processed your personal data in violation of the applicable data protection laws.

If you make a request relating to any of the rights listed above, we will consider each such request in accordance with all applicable data protection laws and regulations. No administration fee will be charged for considering and/or complying with such a request unless the request is deemed to be unnecessary or excessive in nature. 

A response to each request will be provided within thirty (30) days of the receipt of the written request from you. It should be noted that situations may arise where providing the information requested by you would disclose personal data about another individual. In such cases, information must be redacted or withheld as may be necessary or appropriate to protect that person’s rights.

Changes to this Statement

We reserve the right to update this Statement at any time and encourage you to review this Statement from time to time for any amendments.