Your personal data are processed by ELM Bouwmachines b.v., Transportweg 10, 2742 RH Waddinxveen, Netherlands, and its subsidiaries, branches and affiliates.
1.1. (hereinafter: “ELM”, “we”, “us”, “our”). You can contact us via e-mail at email@example.com
1.3. Where reference is made to certain laws or regulations, such reference shall also include any change, replacement or annulment of said laws or regulations, including any related executive decisions.
Types of personal data we process
2.1. Whenever you use our Website, Webshops and Social Media Channels, we collect:
• Technical information associated with the device you use, such as your IP address, browser type, geographical location and operating system;
• Information concerning your browsing behaviour, such as how long you visit, what links you click on, what pages you visit and how many times you visit a page.
2.2. When you fill out the contact form on our Website, or contact us via e-mail, telephone, fax or Social Media Channels, we collect:
• The basic identity information you provide us with, such as name, e-mail address, postal address, telephone number, the company you work for, your function;
• The content of your communication and the technical details of the communication itself , such as with whom you correspond at our end, and the date and time;
• Publicly available information of your profile on Social Media Channels;
• Any other personal data you choose to provide to us.
2.3. When you place an order or when you accept our order or when you register yourself on one of our Webshops, as customer or supplier, we collect:
• The basic identity information we require to process the order, such as your name, company, function, postal address and telephone number;
• Details pertaining to the order itself.
2.4. All of the personal data listed above, we receive directly from you. It may happen that we receive additional information about your preferences and surfing behaviour from partners such as Google, Facebook, Twitter, LinkedIn. If you require more information about the personal data these parties process about you and make available to others, you are kindly requested to consult their respective privacy policies:
• Google: https://www.google.com/intl/en/policies/privacy/
• Facebook: https://www.facebook.com/about/privacy
• Twitter: https://twitter.com/en/privacy
• LinkedIn: https://www.linkedin.com/legal/privacy-policy
• SAP: https://www.sap.com/corporate/en/legal/privacy.html
Purposes for processing
3.1. ELM processes your personal data to provide you in a personalised and efficient way with the information, products and services you request via the Website, e-mail, telephone, fax, Social Media Channels and Webshops.
3.2. ELM processes your personal data for marketing purposes, i.e. to provide you with targeted communications, promotions, offerings and other advertisements of ELM and selected partners.
3.3. Unless you are an existing customer who has already purchased similar goods or services from us and who we wish to target with our own marketing material, ELM will only send you communications, promotions, offerings, newsletters and other advertisements via e-mail or other person-to-person electronic communications channels if you have explicitly consented to receiving such communications, promotions, offerings, newsletters and other advertisements.
3.4. ELM processes your personal data to comply with legal obligations or to comply with any reasonable request from competent law enforcement agents or representatives, judicial authorities, governmental agencies or bodies, including competent data protection authorities.
Your personal data may be transferred upon ELM’s own initiative to the police or the judicial authorities as evidence or if there are justified suspicions of an unlawful act or crime committed by you through your registration with or use of the Website, Webshops, our Social Media Channels or other communication with us.
3.5. ELM may be required to collect and transfer your personal data to our financial institution or payment service provider to allow your financial institution and the payment service provider to comply with their legal obligations, such as obligations under applicable anti-money laundering and counter-terrorism financing legislation.
3.6. ELM processes your personal data to perform statistical analyses so that we may improve our Website, Webshops, products and services or develop new products and services.
3.7. ELM may process your personal data for informing any third party in the context of a possible merger with, acquisition from/by or demerger by that third party, even if that third party is located outside the EU.
Legal basis for processing your personal data
4.1. For processing your personal data under the conditions outlined in clause 3.3, ELM as the responsible party asks for your consent.
4.2. The processing of your personal data for the purpose of fulfilling an order you have placed via one of our Webshops is necessary for performing the agreement between you and ELM.
4.3. The processing of your personal data for the purposes outlined in clauses 3.4 and 3.5 is necessary to allow ELM to comply with our legal obligations.
4.4. The processing of your personal data for the purposes outlined in clauses 3.1, 3.6, 3.7 and 3.8 is necessary for the purpose of the legitimate interests of ELM, which are:
• Continuous improvements to ELM’s Website, Webshops, Social Media Channels, products and services to ensure that you have the best experience possible;
• Keeping our Website, Webshops, Social Media Channels, products and services safe from misuse and illegal activity;
• Marketing and promotion of our products, services, brands an overall successful commercialization of our products and services.
5.1. ELM does not send your personal data in an identifiable manner to any third party without your explicit permission to do so. You understand, however, that if you use our Social Media Channels, your personal data is also processed by the social media providers. If you purchase anything via our Webshops, a financial institution or payment service provider may also receive your personal data in order to provide their services.
5.2. ELM relies on third party processors to provide you the Website and Webshops as well as to process your personal data on our behalf. These third party processors are only allowed to process your personal data on behalf of ELM upon explicit written instruction of ELM. ELM warrants that all third party processors are selected with due care and are obliged to observe the safety and integrity of your personal data.
Location and transfer
6.1. ELM processes your personal data first and foremost within the EEA. However, in order to process your personal data for the purposes outlined in clause 3 above, we may also transfer your personal data to other entities within the ELM group or to third parties who process on our behalf which are located outside the EEA. Each entity outside the EEA that processes your personal data shall be bound to observe adequate safeguards with regard to the processing of your personal data. Such safeguards will be the consequence of:
• The recipient country having legislation in place which may be considered equivalent to the protection offered within the EEA; or
• Of a contractual arrangement between ELM and that entity. All ELM entities are parties to a contractual arrangement based on the EC’s Standard Contractual Clauses (controller-to-controller) (Commission Decision C(2004)5721.
6.2. ELM may transfer anonymised and/or aggregated data to organizations outside of the EEA. Should such transfer take place, ELM will ensure that there are safeguards in place to ensure the safety and integrity of your data as well as all rights with respect to personal data you might enjoy under applicable mandatory law.
7.1. ELM does it utmost best to process only those personal data which are necessary to achieve the purposes listed under clause 3.
• An overriding interest of ELM, your financial institution, the payment service provider, or any other third party in keeping your personal data identifiable;
• A legal or regulatory obligation or a judicial or administrative order that prevents ELM from de-identifying them.
7.3. You understand that an essential aspect of our marketing efforts pertains to making our marketing materials more relevant to you. This means that ELM builds a profile of you based on relevant characteristics as outlined in clause 2 and then uses this profile to provide you with communications, promotions, offerings, newsletters and other advertisements about products and services that may interest you.
7.4. ELM will take the appropriate technical and organizational measures to keep your personal data safe from unauthorised access or theft as well as accidental loss, tampering or destruction. Access by personnel of ELM or our third party processors will only be on a need-to-know basis and subject to strict confidentiality obligations. You understand, however, that safety and security are best efforts obligations only which can never be guaranteed.
7.5. If you are registered to receive communications, promotions, offerings, newsletters and other advertisements via e-mail or other person-to-person electronic communications channels, you can change your preferences for receiving such communications, promotions, offerings, newsletters and other advertisements by surfing to our Preference Centre.
8.1. A cookie is a small file, typically consisting of letters and numbers, downloaded onto a device when the user accesses certain websites (including the Web Site). Cookies are then sent back to originating website on each subsequent visit. Cookies are useful because they allow a website to recognize a user’s device. There are various types of cookies, such as:
Session cookies – allow websites to link the actions of a user during a browser session. They may be used for a variety of purposes such as remembering what a user has put their shopping basket as they browse around a site. These session cookies expire after a browser session so would not be stored longer term.
Persistent cookies – are stored on a users’ device in between browser sessions which allows the preferences or actions of the user across a site (or in some cases across different websites) to be remembered. Persistent cookies may be used for a variety of purposes including remembering users’ preferences and choices when using a site or to target adverting.
First and third party cookies – Whether a cookie is ‘first’ of ‘third’ party refers to the website or domain placing the cookie. First party cookies in basic terms are cookies set by a website visited by the user – the website displayed in the URL window. Third party cookies are cookies that are set by a domain other than the one being visited by the user. If a user visits a website and a separate company sets a cookie through that website this would be a third party cookie.
• Remember your settings during and between visits.
• Improve the speed/security of the site.
• Allow you to share pages with social networks like Facebook or Twitter.
• Continuously improve our website for you.
• Make our marketing more efficient.
• Collect any personally identifiable information (without your express permission).
• Collect any sensitive information (without your express permission).
• Pass data to advertising networks.
• Pass personally identifiable data to third parties.
• Google Analytics: to gather site performance information.
• Yahoo Web Analytics: to gather site performance information.
• JavaEE: remembering your setting for our website.
• SiteLanguage: remembering your language selection on the site between visits.
We communicate with you to provide information, products and services that you have requested. It is your choice to send us these requests. Through your internet browser, you may have the option to reject this Web Site’s cookies and still use this Web Site. However, your access to this Web Site will be limited. You may always opt out of receiving marketing emails by following the instructions on the marketing email.
Please remember that if you do choose to disable cookies, you may find that certain sections of our website do not work properly.
9.1. You have the right to request access to all personal data processed by ELM pertaining to you. ELM reserves the right to charge an administrative fee for multiple subsequent requests for access that are clearly submitted for causing nuisance or harm to ELM.
9.2. You have the right to ask that any personal data pertaining to you that are inaccurate, are corrected free of charge. If a request for correction is submitted, such request shall be accompanied of proof of the flawed nature of the data for which correction is asked.
9.3. You have the right to withdraw your earlier given consent for processing your personal data, in which case clause 8.4 will apply.
9.4. You have the right to request that personal data pertaining to you be deleted if they are no longer required in light of the purposes outlined in clause 3 or if you withdraw your consent for processing them. However, you need to keep in mind that a request for deletion will be evaluated by ELM against:
• Overriding interests of the ELM, your financial institution, the payment service provider or any other third party;
• Legal or regulatory obligations or administrative or judicial orders which may contradict such deletion.
Instead of deletion you can also ask that ELM limits the processing of your personal data if and when (a) you contest the accuracy of that data, (b) the processing is illegitimate or (c) the data are no longer needed for the purposes listed under clause 3 but you need them to defend yourself in judicial proceedings.
9.5. You have the right to oppose the processing of personal data if you are able to prove that there are serious and justified reasons connected with his particular circumstances that warrant such opposition. However, if the intended processing qualifies as direct marketing, you have the right to oppose such processing free of charge and without justification.
9.6. You have the right to receive from us in a structured, commonly used and machine-readable format all personal data you have provided to us.
9.7. If you wish to submit a request to exercise one or more of the rights listed above, you can send an e-mail to firstname.lastname@example.org. An e-mail requesting to exercise a right shall not be construed as consent with the processing of your personal data beyond what is required for handling your request. Such request should clearly state which right you wish to exercise and the reasons for it if such is required. It should also be dated and signed, and accompanied by a digitally scanned copy of your valid identity card proving your identity. If you use the contact form, ELM may ask you for your signed confirmation and proof of identity.
ELM will promptly inform you of having received this request. If the request proves valid, ELM shall honour it as soon as reasonably possible and at the latest thirty (30) days after having received the request.
If you have any complaint regarding the processing of your personal data by ELM, you may always contact ELM via the e-mail address listed in this clause. If you remain unsatisfied with ELM’s response, you are free to file a complaint with the competent data protection authority.