Last Updated: July 16, 2018
Bimba Manufacturing, together with other members of the IMI Precision Engineering group based in North America, Central America and South America are committed to safeguarding the privacy of our customers, business partners, and users who provide us with their personal information both offline (e.g. via the phone, conferences, exhibitions, and other correspondence) and online such as via our websites at www.bimba.com and www.imi-precision.com and mobile applications called "Bimba CAD" and "Norgren Express App" (App).
The website and the App are operated by Bimba Manufacturing which is the primary data controller for personal information collected via these means.
1. What personal Information do we collect?
At times we may request that you supply us with personal information. Generally this personal information is requested when you want us to provide you with information or a service. We may collect and process the following information about you (where permitted by local law):
Information you provide to us - information you provide to for example, by filling in forms and when attending events or conferences. This may include your name, address, email address, telephone number, Bimba account number, company details, “business card information” and details of your employer;
Our correspondence - if you contact us, we may keep a record of that correspondence;
Anti-Fraud information - information relating to any fraudulent activities provided to us by you or third parties including information which establishes your identity, such as driving licences, passports and utility bills; information about transactions; fraud, offences, suspicious transactions, politically exposed person and sanctions lists where your details are included;
Your transactions - details of transactions carried out through our website or through other channels and of the fulfilment of your orders;
Your comments - any personal information you may provide to us via comments or while using our "Live Chat" functionality or by using the “Norgren Express App” on your smart phone;
Survey information - we may also ask you to complete surveys that we use for research purposes. In such circumstances we shall collect the information provided in the completed survey; and
Website and communication usage - details of your visits to the website and App and information collected through cookies and other tracking technologies, including but not limited to your IP address (a unique identifier for your computer of other device) and domain name, your browser version and operating system, traffic data, location data, web logs and other communication data, and the resources that you access.
2. How do we use your personal information?
In this section, we set out the purposes for which we use personal information that we collect via our website and, in compliance with our obligations under applicable law, identify the “legal bases” on which we rely to process the information.
These “legal bases” are set out in European Data Protection Law, which allows companies to process personal data only when the processing is permitted by the specific “legal bases” set out in law (the full description of each of these bases can be found here).
Please note that in addition to the disclosures we have identified below, we may disclose personal information for the purposes we explain in this notice to service providers, contractors, agents, advisors (e.g. legal, financial, business or other advisors) and affiliates of Bimba that perform activities on our behalf, as well as other members of the Bimba Manufacturing group.
We may use your personal information (where permitted by local law):
To provide our services effectively to you, conduct our business and communicate with you - to administer our services, including to provide you with information services and products that you have requested e.g. a catalogue, to create and run your user sales account, to process your order and carry out our obligations arising from any contracts entered into between you and us and to provide after-sales services to you, including but not limited to administering return or refund policies. This may include passing your data to third parties such as agents, business partners, group companies, contractors or to our advisors (e.g. legal, financial, business or other advisors).
Legal bases: contract performance, legitimate interests (to enable us to perform our obligations and provide our services to you)
To ensure website and App content is relevant to analyse how you use the website and App, and to ensure that the content, services and advertising that we offer are tailored to your needs and interests and to provide you with suggested local distributors who stock products that you are interested in, which may include passing your data to business partners, suppliers and/or service providers. We may also aggregate and/or anonymise your personal information for such purposes;
Legal bases: legitimate interests (to allow us to provide you with the content and services on the website and App)
To conduct checks on you - if you place an order and/or open a sales account with us then we will use your personal data for trade screening against international restricted and denied parties lists and as required by applicable law, regulation and best practice at any given time. If false or inaccurate information is provided and fraud is identified or suspected, details may be passed to fraud prevention agencies and may be recorded by us or by them;
Legal bases: legal obligations, legitimate interests (to ensure that your organisation falls within our acceptable risk profile and to assist with the prevention of crime and fraud). Where this includes special categories of personal information, we will usually rely on substantial public interests (processing for the prevention and detection of fraud/crime), or very rarely where necessary, explicit consent.
To market to you - to provide you with our own and/or our group companies updates and offers, where you have chosen to receive these. We may market to you by post, e-mail, SMS or over the telephone (please see section 4 below for further details). Where required by law, we will ask for your consent at the time we collect your data to conduct any of these types of marketing. We will provide an option to unsubscribe or opt-out of further communication on any electronic marketing communication sent to you or you may opt out by contacting us as set out in section 10 below.
Legal bases: consent, legitimate interest (to keep you updated with news in relation to our products and services)
For our business purposes - for example, for training, quality control, research and development and staff safeguarding purposes and to better understand our business and develop our products and services., which may include passing your data to business partners, suppliers and/or service providers. We may also aggregate and/or anonymise your personal information for such purposes;
Legal bases: legitimate interests (to allow us to improve our services)
To monitor certain activities - For quality control, training and staff safeguarding purposes, we may monitor or record your calls with us and the "Live Chat" service (when this is available). When you use the “Live Chat” function, we will collect your name, email address and chat logs.
Legal bases: legal obligations, legal claims, legitimate interests (to ensure that the quality of our services)
To allow you to use interactive features, including “Live Chat” - to enable you to use interactive features on our website and App such as an instant messaging service called "Live Chat".
Legal bases: legitimate interests (to allow us to provide you with real-time online advice and support)
To understand how you and other interact with certain content - where we have (a) provided you with certain email content; or (b) you have forwarded such email content to recipient(s), you and that recipient will have been presented with a message box which informs you that your interaction with such content will be analysed, and requires you and your recipient(s) to consent to such analysis. Where both you and your recipient(s) consent to such analysis, we will be provided with the name(s) and email address(es) of your recipient(s). We collect this information to better understand who you share our content with and how business decisions are made.
Legal bases: consent (to enable our use of the tracking technology), legitimate interests (to allow us to understand who our content is shared with).
To inform you of changes - to notify you about changes to our services and products.
Legal bases: legitimate interests (to notify you about changes to our service).
To reorganise or make changes to our business - in the event that we are (i) subject to negotiations for the sale of our business or part thereof to a third party, (ii) is sold to a third party or (iii) undergo a re-organisation, we may need to transfer some or all of your personal information to the relevant third party (or its advisors) as part of any due diligence process for the purpose of analysing any proposed sale or re-organisation. We may also need to transfer your personal information to that re-organised entity or third party after the sale or reorganisation for them to use for the same purposes as set out in this policy
Legal bases: legitimate interests (in order to allow us to change our business)
In connection with legal or regulatory obligations law enforcement, regulators and the court service - We may process your personal information to comply with our regulatory requirements or dialogue with its regulators as applicable which may include disclosing your personal information to third parties, the court service and/or regulators or law enforcement agencies in connection with enquiries, proceedings or investigations by such parties anywhere in the world or where compelled to do so. Where permitted, we will direct any such request to you or notify you before responding unless to do so would prejudice the prevention or detection of a crime.
Legal bases: legal obligations, legal claims, legitimate interests (to cooperate with law enforcement and regulatory authorities)
3. Where do we send your personal information?
We are a global company and therefore your personal information may be transferred, accessed, processed or stored in countries around the world including the US and other countries outside of the European Economic Area (EEA) in which data protection laws may be of a lower standard than in the EEA. Regardless of location, we will, where necessary, put in place appropriate safeguards to ensure your information is adequately protected.
Certain countries outside the EEA have been approved by the European Commission as providing essentially equivalent protections to EEA data protection laws and therefore no additional safeguards are required to export personal information to these jurisdictions. In countries which have not had these approvals, (see the full list) we will establish legal grounds justifying such transfer, such as EU Commission-approved model contractual clauses, or other legal grounds permitted by applicable legal requirements.
Please contact us as set out in section 10 below if you would like to see a copy of the specific safeguards applied to the export of your personal information (as required).
4. How long do we keep your personal information?
Our retention periods for personal data are based on business needs and legal requirements. We will keep your information for as long as is necessary for the processing purpose(s) for which they were collected and any other permitted linked purpose. For example, we may retain certain transaction details and correspondence until the time limit for claims arising from the transaction has expired, or to comply with regulatory requirements regarding the retention of such data.
We restrict access to your personal information to those persons who need to use it for the relevant purpose(s). When your information is no longer needed, it is either irreversibly anonymised (and the anonymised information may be retained) or securely destroyed.
For detailed information on the cookies we use and the purposes for which we use them, please see our Cookies Policy.
We will not respond to web browser “do not track” signals. If you would like additional information about online tracking and various opt-out mechanisms, please see http://donottrack.us/
Because we link to social media sites, and from time to time may include third-party advertisements, other parties may collect your personally identifiable information about your online activities over time and across different web sites when you visit this Site.
Please note that not all tracking will stop even if you delete cookies.
6. Third Party Websites
7. How do we protect your personal information?
No data transmission over the Internet or site can be guaranteed to be secure from intrusion. However, we take commercially reasonable physical, electronic and procedural measures to protect the personal information disclosed to us in accordance with data protection legislative requirements.
All information you provide to us is stored on our or our subcontractors’ secure servers and accessed and used subject to our security policies and standards. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential and for complying with any other security procedures that we notify you of. We ask you not to share a password with anyone.
We use encryption (data scrambling) on certain portions of the website and App, such as where you are transmitting financial information, e.g. credit card information. When you are on any third-party website that asks you for confidential information, you should check to see if the information being transmitted is encrypted in order to increase the security of your information. Keep in mind that there is no such thing as perfect security.
8. Your rights
You have the right to ask us not to process your personal information for marketing purposes. We will inform you if we intend to use your information for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by not checking certain boxes on the forms we use to collect your personal information. You can also exercise the right at any time by contacting us as set out in section 10 below.
We will use reasonable endeavours to ensure that your personal information is accurate. In order to assist us with this, you should notify us of any changes to the personal information that you have provided to us by contacting us as set out in section 10 below.
Your rights (this only applies if you are located in the EEA)
If you have any questions in relation to our use of your personal information, you should first contact us as per section 10 section below. Under certain conditions, you may have the right to require us to:
- provide you with further details on the use we make of your information;
- provide you with a copy of information that you have provided to us;
- update any inaccuracies in the personal information we hold (please see above);
- delete any personal information the we no longer have a lawful ground to use;
- where processing is based on consent, to withdraw your consent so that we stop that particular processing (see above for marketing). Please note that if you withdraw your consent, we may not be able to provide a particular service or content to you;
- to ask us to transmit the personal data you have provided to us and we still hold about you to a third party electronically;
- object to any processing based on the legitimate interests ground unless our reasons for undertaking that processing outweigh any prejudice to your data protection rights; and
- restrict how we use your information whilst a complaint is being investigated.
Your exercise of these rights is subject to certain exemptions to safeguard the public interest (e.g. the prevention or detection of crime) and our interests (e.g. the maintenance of legal privilege). In addition, these will vary slightly between EEA states. For example, in France you also have the right to define directives as to how your personal data is to be used after your death. If you exercise any of these rights we will check your entitlement and respond in most cases within a month.
If you are not satisfied with our use of your personal information or our response to any exercise of these rights you have the right to contact the data protection regulator in the EEA country in which you are based. Here is a list of the data protection regulators and their contact details.
10. How to contact us
11. Additional rights