Each entity of the Markem-Imaje Group (the “Company”, "us", "we" or "our") is committed to protecting personal data, and intends to process personal data in a transparent and lawful way. Personal data is any information relating to an identified
or identifiable natural person. Name, address, phone number and bank account number of an individual are examples of personal data. In all circumstances the Company aims to process personal information according to the following principles:
- Transparency: Personal data is used fairly, lawfully, and transparently.
- Limited Use: Personal data is collected for a specific and legitimate business purpose and used in a manner that is compatible with for that purpose. We security dispose of it when it is no longer needed.
- Data Minimization: Only relevant personal data– not excessive amounts – is collected or used.
- Accuracy: We aim to keep personal data accurate and up-to-date.
- Security and Limited Access: Personal data is stored securely and is shared only with those individuals who need the data to accomplish one of the purposes provided in Section 5.
This Privacy Notice (the “Privacy Notice”) is intended to provide our current and potential clients and their employees (“client”, “you”, “your”) with some information regarding how their personal data will
be collected, used, shared, and protected within the processes that will be deployed by the Company, which are described in greater detail in the sections below (the “Processes”). You can find the latest version of this Privacy Notice
. The Company may change this Privacy Notice from time to time by updating this page and, when these changes are material, we will notify you in accordance with
the applicable law.
2. Who is the relevant “controller” of your personal data?
Each entity of the Markem-Imaje Group is a controller when it determines the purposes and means of the processing of your personal data. Our intention is to comply with applicable data protection laws, including the EU General Data Protection Regulation
("GDPR") and applicable local laws.
3. What data is being collected or gathered?
The Company processes your personal data in order to effectively administer the commercial relationship with you or your company, as described further in Section 5 below. We do not collect personal data revealing racial or ethnic origin, political opinions,
religious or philosophical beliefs, trade-union membership, and the processing of genetic data, biometric data in order to uniquely identify a person or data concerning health or sex life and sexual orientation.
The Company will be collecting from you directly or obtaining from other source the following categories of personal data:
- Master data: Your first name, last name, gender, job title, function, department, manager’s name, work email address, landline and mobile work phone number, work fax number, language, decision-maker (Yes/No), Cookies, IP address,
interests for our products and services, bank details, credit card information.
- Ownership: Client’ company ownership information, company owner information.
If you provide us personal data related to other individuals, it is your responsibility to ensure that those data have been collected and processed under applicable law and to inform those individuals of this data privacy notice.
4. How is the data being processed?
The above mentioned personal data are being processed to allow the Company to (i) maintain and keep current customers database, administer the contractual and commercial relationship with its customers; (ii) comply with applicable laws and regulations
and (iii) to enable the Company to run its business and manage its relationship with you effectively, lawfully and appropriately.
We will not use your personal data for decisions based solely on automated processing if the decision produces legal effects concerning you or significantly affects you unless you gave your explicit consent for this processing.
Your personal data may also be processed in connection with any legal proceedings or prospective legal proceedings, for the Company to establish, exercise or defend its legal rights, or to fulfill legal obligations, including but not limited to after
a request from a competent administrative or judicial authority or in any circumstance where such processing is requested according to applicable laws.
5. Why does the data need to be processed?
Processing of your personal data will always be based on legitimate grounds. The Company will be processing the personal data described above for the following purpose(s):
- Fulfilling our contractual obligations to clients and administrating contracts and agreements;
- Verifying identity, which may include natural persons, where a contractual relationship is proposed or exists, in order to assess the financial standing and other commercial risks to our business;
- Maintaining a centralized customers’ database;
- Processing quotations, orders, invoicing, delivery and payment of our products and services;
- Offering services and maintenance contracts;
- Providing help desk services and maintenance support;
- Delivering training;
- Performing marketing campaigns and communication related to our products and services (emailing and phone prospecting) and sending invitations to events;
- Providing and administering e-commerce and sales order automation solutions;
- Organizing meetings and follow-up of commercial relationship;
- Corresponding with attorneys, legal advisors, assessors and financial partners;
- Conduct customers’ survey and case study;
- Developing commercial statistics;
- Administering cookies.
The Company is relying on the following legitimate grounds for these processing operations:
- Legitimate Interests: The processing described is necessary to administer and facilitate our commercial relationship and for the Company's legitimate interest. The Company has weighed these legitimate interests against the fundamental
rights and freedoms of the data subject and concluded that the processing outlined here is legitimate and appropriate. Further information can be provided regarding this analysis upon request.
- Performance of a contract: The processing described is necessary to enter into or for the performance of your commercial agreements and contracts and to administer their management.
- Legal Obligation: Processing linked to tax, safety, and other regulatory compliance obligations is necessary for compliance with a legal obligation to which the Company is subject.
6. Who has access to your personal data?
The Company limits who has access to your personal data in our possession to only those who need it for a legitimate business purpose. Personal data is shared on a “need to know” basis. Only those individuals who need the data to accomplish
a business objective should have access to your personal data, and only for as long as they need it to accomplish the objective. Individual recipients are not authorized to share your personal data with other employees or third parties unless that
sharing is authorized and complies with all applicable Company policies. Specifically, for the Processes, we anticipate that the following categories of recipients will have access to your personal data, for the purposes listed below:
- Sales and Marketing teams: The Company’s Sales and Marketing teams, each in their scope of responsibility, will access and process some of your personnel’ data for the purposes described in Section 5 and, in particular,
for marketing campaigns and management of event invitation, developing commercial statistics and for the management of the commercial relationships.
- Finance team: The Company’s Finance team will access and process some of your personnel’ data for the purposes described in Section 5 and, in particular, for assessing the financial standing and other commercial risks
to our business and for processing invoicing and payment.
- IT teams: Dover Corporation IT teams and Company IT teams, as well as any IT subcontractor acting on behalf of Dover Corporation, or on behalf of the Company, will be able to access some of your personnel’ data
for delivering and supporting IT services.
- Compliance teams: Dover Corporation and Company Compliance teams will be able to access some of your personal data for performing the third party’ due diligence and for complying with export control regulations.
Some of the recipients noted above are located outside of the EU and are likely to be located in many countries worldwide. As described in Section 7 below, all such transfers to internal recipients will be compliant with all applicable laws and regulations.
The Company may engage third-party vendors to assist in processing personal data from time to time. The Company will pass on to any such vendor its obligations under the applicable data privacy law, require that the vendor secure the data, and provide
additional notice as required by law. We will not sell, distribute or lease your personal data to third parties unless we have your permission or are required by law to do so.
7. Where is the data being transferred? On what legal grounds?
Your personnel data may be transferred outside the EU for the purposes listed above according to EU Standard Contractual Clauses, Privacy Shield, or another legally binding and permissible arrangement. Such transfers will be compliant with all applicable
laws and regulations. Specifically, we anticipate that your data may be transferred to several countries worldwide. Relevant additional details regarding the basis for transfers of your personal data can be provided upon request addressed to email@example.com
Your personal data may also be processed and later transferred in connection with any legal proceedings or prospective legal proceedings, for the Company to establish, exercise or defend its legal rights, or to fulfill legal obligations, including but
not limited to after a request from a competent administrative or judicial authority or in any circumstance where such processing is requested according to applicable laws.
8. Data Security
We are committed to ensuring that your personal data is secure. To prevent unauthorized access or disclosure, we have put in place appropriate technical and organizational measures to safeguard and secure the personal data we process. We employ a suite
of various IT security tools to safeguard personal data, restrict access to the data, and have physical and organizational security measures in place to prevent unauthorized or unlawful access to personal data and accidental loss, destruction, or
damage to personal data. The Company also maintains an inventory of personal data and evaluate the protections that we have in place for that data to ensure that our security measures are tailored to the sensitivity of the data.
As an illustration, the following specific security measures are in place:
- Perimeter protection using Firewalls as well as monthly vulnerability scanning, and intrusion detection and prevention systems have been put in place to protect against malicious access.
- Encryption mechanism is used when data are transmitted outside the Company and Dover group network as well as on all data at rest on mobile devices.
- Authentication mechanism with strong password policy and Role Base Access Control for authorizing access to the various resources where personal data are stored and processed.
- Regular security awareness training of all employees to increase our defense.
- Information Security governance including security incident management response plan as well as CyberSecurity program improvement plan based on the NIST-Cyber Security Framework (CSF) as a guideline to measure, enhance and monitor our global security
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
All our third-party service providers and other entities in the group are required to take appropriate security measures to protect your personal information in line with our policies and the risk involved. We do not allow our third-party service providers
to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and per our instructions.
If despite all our efforts, a data breach does occur, we shall do everything in our power to limit the damage. In case of a data breach which is likely to result in a high risk, and depending on the circumstances, we will inform you about remedial actions
to prevent any further damage, as provided by applicable law. We always inform the relevant supervisory authority or authorities without undue delay where we are legally required to do so.
9. Data Retention information
The Company strives to only store your personal for as long as is necessary for the purpose for which we have processed it and to dispose of it securely once that purpose has been fulfilled. How long we retain your data depends on the type of data and
the purpose for which we process your data. The retention periods are established considering legitimate business purposes, according to the local regulations.
However, where the Company is required by the applicable law to retain your data longer or where your data is required to assert or defend against legal claims, the Company will retain your data until the end of the relevant retention period or until
the claims in question have been settled.
10. Data subject rights
Data subjects' rights vary based on your local law. However, you can always ask the Company for more information about the people who will be able to see and access the data that relates to you. If you are aware of inaccurate data, it is your responsibility
to request that data to be updated and corrected.
You may also have the right to:
- Request for confirmation that your personal data is processed by the Company;
- Request a copy of your personal data that is processed by the Company;
- Request to have your personal data corrected, updated, rectified or completed. In this respect, it is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during the period
for which we hold your data;
- Request to have your personal data erased from some or all systems of the Company to the extent legally permitted;
- Request to restrict the processing of your personal data;
- Request a copy of your personal data in a way that would allow the transfer of data to another controller, in a machine-readable, commonly used format;
- Request that your personal data be transferred to another controller;
- Raise an objection to the processing of your personal data on grounds related to your particular situation; or
- Raise an objection to the processing of your personal data for the purposes of direct marketing;
- Withdraw your consent, where specific processing operations involving your personal data are based on your consent;
- Give directives on the fate of your personal data after death (applicable in France only).
The Company is committed to ensuring your data is protected from misuse. If you think your data and information have been used in violation of the laws, regulations, or the applicable data protection provisions, please alert the Company and it will assist
Furthermore, you have the right to lodge a complaint with the supervisory authority, if you believe that your data have been processed unlawfully. Any requests, including those regarding the exercise of such rights, and questions can be directed to your
local representative or firstname.lastname@example.org
Please note that we may need to verify your identity before we can act on your request. Because the exercise of these rights is subject to certain legal conditions and limitations, we may have to decline your request if those conditions are not fulfilled
or if legal limitations apply. In addition, we may reject requests that are unreasonably repetitive, require disproportionate technical effort (for example, developing a new system or fundamentally changing an existing practice), or create a risk
on the privacy of others. In any case, we will seek to deal promptly with your request, and in any event within one month (subject to any extensions to which we are lawfully entitled). If we refuse your request, we will tell you the reasons for doing