MAXIMAL FORKLIFTS UK PRIVACY POLICY
MAXIM GB PRIVACY NOTICE
Privacy Notice – European Economic Area & United Kingdom
Definitions:
“Data Protection Laws” means:
To the extent the UK GDPR applies, the laws of the United Kingdom or a part of the United Kingdom;
To the extent the EU GDPR applies, the law of the European Union or any member state of the European Union;
the Data Protection Act 2018, and any domestic national laws in the United Kingdom regarding the processing of personal data to the extent the GDPR ceases to be directly applicable in the United Kingdom, including without limitation the GDPR as transposed into the national law of the United Kingdom;
the Privacy and Electronic Communications (EC Directive) Regulations 2003 (SI 2003/2426) and national laws and secondary legislation implementing the Privacy and Electronic Communications Directive (Directive 2002/58/EC) (as amended); and
any other data protection laws, regulations, guidance and codes of practice relating to the processing of personal data in each case as amended, replaced, updated and/or supplemented from time to time.
If you are from the European Economic Area (“EEA”) and/or UK, our legal basis for collecting, using, storing and transferring your personal information will be in accordance with the Data Protection Laws. This appendix applies to individuals who do not have an employee/human resources relationship with Maxim GB.
Purpose of collecting your Personal Information
We collect and process your personal information to facilitate and manage our relationship with you and comply with our legal, compliance and regulatory obligations. In some cases, we may use your personal information to pursue legitimate interests of our own or those of third parties, provided your interests and fundamental rights do not override those interests.
The reasons for which we, or a contracted third party, will process your personal information are listed in Table 1 below.
Some of those purposes for processing will overlap and there may be several purposes which justify our use of your personal information.
TABLE 1
Types of Data
Purposes of Processing
Legal Basis for Processing
Customers, Dealers and Suppliers
• Identity;
• Contact details (name, address, phone, company name, email);
• Identity of operators of our products;
• Customer name, contact details and sales and service data with third parties;
• Identity of sales representatives of dealers, their sales targets, performance;
• Telemetry data (such as user IDs, including card number, personnel number, operator/vehicle monitoring data and operator training records, and device usage data;
• Recordings of general meetings;
• Streaming and recording of training, service and diagnostic sessions in relation our products and services;
• Contact tracing data;
• Images;
• Profiling/lead scoring from public and/or private companies;
• Billing information (financial accounts data, invoices receipt, residence information);
• Credit checks and financial history checks.
• IP addresses;
• Geographical location;
• Web beacons,
• Cookies and pixels;
• Profiling and tracking data (including online behaviour monitoring and email tracking);
• Data analytics of website usage and browser;
• Social media posts.
• Internet-based data retrieval
• Register as a new customer/dealer/supplier;
• Facilitate communications with you;
• To provide training and support in relation to our products and services;
• Manage relationship with you and to facilitate the sale and service of our products;
• Facilitate provision of telemetry and contact tracing services;
• Facilitate sales improvement outcomes for dealers;
• Marketing, communication and promotional purposes;
• Competitions, surveys;
• To administer and protect the business and website (including sign-on, troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data;
• To provide access to services by third party providers via our website;
• To manage the promotion, buying and selling of goods or services when using web based platforms and sites;
• To investigate violations of law or breaches of other Maxim GB policies;
• Process orders, manage export and sanction controls;
• Evaluate credit worthiness and evaluation potential to enter into a relationship with you;
• To facilitate financial transactions and management, and audit purposes;
• Fulfilling our compliance obligations (e.g. anti-money laundering, screening against sanctions lists);
• Management of our IT systems and to provide services.
• Marketing, communications and promotional purposes;
• To improve products, services and sales;
• To improve customer, dealer and supplier experience;
• To better determine effectiveness of advertising and improve web content;
• To track engagement with email communications and website usage for improved user experience and promotional purposes.
• Performance of a contract with you;
• Legitimate interest;
• Processing is necessary for reasons of public interest in the area of public health;
• Consent (for images to be used for promotional purposes);
• Performance of a contract;
• Comply with legal requirements;
• Legitimate interest (to manage the relationship).
• Consent.
Visitors to Facilities
• Contact Information (e.g. name, address, telephone number, company name, email);
• Image (photograph, CCTV video).
• Measures for health and safety;
• Prevention and detection of crime or other misconduct; Other security and risk management purposes.
• Comply with legal requirements; Legitimate interest (safety and security).
Subscribers to Marketing
• Contact Information (e.g. name, address, telephone number, company name, email address)
• Electronic identification information (e.g., email) and preferences
• To inform you of products, services, promotions and activities.
• Legitimate interest (communicating about related products or services)
• Consent
What is the lawful basis that MAXIM GB processes your Personal Information?
We will only use your personal information when the law allows us to. Generally, we will rely on one or more of the following bases for processing your personal information:
Where we need to perform the contract, we are about to enter into or have entered into with you;
Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests;
Where we need to comply with a legal obligation;
We may also use your personal information in the following situations (which is less likely):
Where we need to protect your interests (or someone else’s interests);
Where it is needed in the public interest or for official purposes; and
Where we have obtained your prior consent (this is only used in relation to voluntary processing and is not used for processing that is necessary or obligatory).
What if you fail to provide your personal information?
If you fail to provide certain information when requested, we may not be able to perform the contract we have entered into with you (such as paying you or providing you with a product), or we may be prevented from complying with our legal or regulatory obligations.
Marketing
We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising. We may use your identity, contact, technical data such as tracking technologies, usage, location, and profile data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (we call this marketing).
You will receive marketing communications from us if we believe our products are of relevance to you, or you have requested information from us or purchased products from us and you have not opted out of receiving that marketing.
You have the right to opt-out at any time of marketing communications we or third parties send you, by clicking on the “unsubscribe” or “opt-out” link in the marketing e-mails. Or you can contact us using the contact details provided under the “Access Rights to Personal Information” heading.
Where you opt out of receiving these marketing messages, this will not apply to personal data provided to us as a result of a product/service purchase, warranty registration, product/service experience or other transactions.
Cookies
We may use various technologies to collect and store information when you use our services, and this may include using cookies and similar tracking technologies, such as pixels and web beacons. These web beacons track certain behaviour (e.g., whether the email sent, opened and whether links within the email were clicked). Some data collected is designed to detect browsing patterns and approximate geographical location to improve user experience. Our use of cookies and other tracking technologies is discussed in more detail in our Cookie Policy.
You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly.
What if the purpose for processing changes?
We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.
Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
Sharing your personal information with third parties
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions. We may share your personal information with third parties as set out below:
Parties
Category
Purpose
Third parties
Providers of technical and product related services
Legitimate business interest.
An acquiring entity of Maxim GB or one of its subsidiaries
Legitimate business interest.
Law Enforcement or regulatory Agencies
For legal compliance, such as employment, social security and tax laws and claims.
Subsidiaries, related entities and affiliates of Maxim GB
Legitimate business interest; For legal compliance, such as employment, social security and tax laws and claims; To administer a contract with you.
International transfers (outside of the European Union)
We may transfer your personal information outside the EEA. Your personal information may also be processed by employees operating outside the EEA who work for MAXIM GB or for our third-party service providers. Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by the UK and EU GDPR and where you have given consent to the transfer.
Safeguarding your personal information
We have put in place appropriate security measures to protect the security of your personal information and provide the appropriate level of security for the risk, including measures designed to prevent your personal information from being accidentally lost, used or accessed in an unauthorized way, altered, or disclosed. Details of those measures are available on request. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know.
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
Retention of personal information
We will only retain your personal information for as long as necessary to fulfil the purposes for which it was collected, including for the purposes of satisfying any legal, regulatory, accounting, or reporting requirements. Your personal information may be kept longer where there is a prospect of a claim or litigation involving you.
Details of retention periods for different aspects of your personal information are available in our data retention policy. To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
Your rights relating to your personal information
Under certain circumstances, by law you have the right to:
Request access to your personal information (commonly known as a “data subject access request”). Subject to certain criteria and the GDPR/UK data protection laws, you may request and receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
Request correction of your personal information. This enables you to have any incomplete or inaccurate personal information we hold about you corrected.
Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no legal or other reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
Request the transfer of your personal information to another party.
Lodge a complaint with the applicable supervisory authority with regard to our processing of your personal information.
If you want to exercise your right(s) as reflected above, you may do so by contacting us at:
Email: info@maximgb.co.uk
With your request, you will need to provide what data or information your request or what right you are seeking to rely upon to enable us to provide a timely response.
You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
What will we need from you
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal information is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
Changes to this document
We reserve the right to update this Privacy Statement and this appendix at any time, and we will provide you with updated documents when we make any substantial updates. We may also notify you in other ways from time to time about the processing of your personal information.