DATA PROTECTION POLICY - Update: 04/02/22
Since the 25th of May 2018, the new General Data Protection Regulation (GDPR) is applicable. Below explains what our Data Protection Policy covers, as well as how we will or will not utilise same.
In a nutshell, the information we may collect, store and use is to enable ongoing business relations – to facilitate trading and general correspondence with your employees. Our information systems backup and store all information in a secure, off-site and encrypted environment which only METRON can access.
Our data policy
METRON is committed to protecting your personal information and respecting your privacy in everything we do. Our Data Protection Policy lets you know what data we may collect about you, how we use it and gives you information about your rights and how you can get in touch with us.
Guidelines below cover how we handle your information when you contact us through our respective business operation teams and other core uses of your data that help us complete our business transactions.
Information we collect
In order for us to process business transactions we collect customer and supplier registered company details which will include name and contact details (such as email, physical address and telephone numbers, VAT number, banking details). In certain instances, we may also collect additional names and contact details (as per above) dependent on customer or supplier services required: these will include multiple plants, for example.
Why we collect personal information about you
Where we have an obligation as a provider of services (for the performance of a contract)
- To provide you with the service that you have purchased from us.
- Where we have your permission (consent)
- To provide you with news, offers and deals – you can change your ‘consent’ at any time
- To provide you with financial transaction documentation relevant to any and all business transactions (consent as per completed company credit application forms)
Where we have justifiable reason (legitimate interests)
- To enhance or improve your experience with us
- To allow our internal business processes to function- for example transacting with our partners, carrying out audits, producing management information and dealing with complaints
- To undertake market research
- To request feedback on our performance
- To help prevent fraud and maintain security
- To assist in training, quality assurance and compliance
Where we have to do something by law (legal obligation)
- To ensure your rights are met under the applicable laws
- To meet our obligations with law enforcement agencies, courts and other organisations
- To comply with anti-money laundering regulations
- In exceptional circumstances (vital interests)
What about METRON's Saas Solution?
METRON-EVA® Solution enables METRON’s clients to collect all types of data from industrial sites, and to detect and operate energy efficiency levers. The platform offers a real-time map of all energy flows and a visual management of energy performance indicators. By means of machine learning algorithms, transferred data and professional knowledge, the platform enables the identification of non-intuitive optimization tools and the accompaniment of their implementation, in order to leverage the expected gains.
The only personal information (according to GDPR) which is collected with METRON-EVA® Solution is the identification information of the users.At METRON, we strongly encourage the pseudonymization of such identification information, which is defined by the GDPR as "...the processing of personal data in such a way that the data can no longer be attributed to a specific Data Subject without the use of additional information."
Who we share your information with?
We do not sell your information to anyone and only pass it to our trusted partners and service providers who work with us to run our business.
We may pass your information to:
- Service providers who work for us such as cloud providers
- Subsidiary companies who work with us in providing services
- Regulatory bodies, courts and law enforcement agencies
- Our partner companies to supply services and/or where there is a complaint or query
How long do we keep your personal information?
How long we keep your personal information depends on why we have it and what we are doing with it:
- We keep records of any dealings you have with us or our partner companies so that we can respond to any complaints or disputes that may arise
- We will keep other personal information about you if it is necessary for us to do so to comply with the law
Transferring information outside of the EEA
- Your personal information may be processed outside of the European Economic Area (EEA) where privacy laws may not provide protection to the same level as in the European Economic Area (EEA).
- Before any transfer takes place, we will take steps to ensure that your personal information will be adequately protected as required by the GDPR and that safeguards such as standard contractual clauses are in place.
Your rights & choices
- Direct Marketing- You have the right to object to direct marketing.
- Consent- Where we use your information on this basis, you have the right to withdraw that consent
- Access- You can request a copy of your personal information we hold about you and other data relating to how we use your information
- Correction (‘Right to Rectification’)- We always want to use the most up to date information about you so please get in touch if you think we don’t have that
- Deletion (‘Right to be Forgotten’)- In some circumstances, including where we are relying on your consent to use your data, you have the right to request us to delete your information
- Right to Portability- If we have collected your personal data because you have given us consent, or because we need it in order to provide you with a product or service (under a contract), you have the right to receive information you gave to us back in a ‘machine-readable’ format
- ‘Right to Object’ and ‘Right to Restriction of Processing’- If we are using your data for activities under the ‘legitimate interest’ justification and in other circumstances, then you have a right to request restriction of processing and also a right to object to that processing
- Right to Obtain Human Intervention- Where automated processing has taken place where consent has been given or under a contract where the processing has a legal or similarly significant effect
- Complain- You have the right to lodge a complaint if you think that our use of your information doesn’t meet the law.
Keeping your personal information secure
- We take the security of your personal information seriously.
- We’ve implemented technology and security policies, rules and measures to protect the personal information we have under our control, both on and offline, from improper access, use, alteration, destruction and loss
- We will take and continue to take all reasonable and proportionate steps to protect your personal information.
Your privileged contact for data privacy
Do not hesitate to contact your specific point of contact for Data Privacy: firstname.lastname@example.org