Epiroc AB, reg. no. 556041-2149, and its subsidiaries (collectively referred to as “Epiroc,” “we,” “us” and “our”) care about your privacy and are committed to protecting your personal data in accordance with fair information practices and applicable data privacy laws. Regardless of in which capacity you share information with us, e.g. as a customer, supplier, shareholder etc., it is important to us that you feel safe about how we treat your personal data.
This Privacy Notice explains how we collect, use and share personal data that you provide to us, or that we may otherwise obtain or generate, which relates to you (“personal data”). Personal data means any information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is someone who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
This Privacy Notice applies to the personal data we obtain through our normal business activities, both online and offline, i.e. collection in connection with sales and marketing, partner and supplier engagement and investor relations. As this Privacy Notice is intended to cover a variety of situations, there may be information contained in the Privacy Notice that does not apply to you.
Epiroc will always abide local laws and regulations and will refrain from the collection or use or personal data in a location where it is prohibited by law. If Country specifics items exists, they can be found at the bottom of this page.
If Country specifics items exists they can be found at the bottom of the page.
In summary, Epiroc may process your personal data for the following purposes:
* to fulfil agreements entered into with customers, suppliers, consultants and other contracting parties;
* to provide and administrate support and customer services;
* to provide efficient marketing;
* to provide information to Epiroc’s shareholders;
* to register and administrate your user account;
* to provide, improve and develop this website or new services and products by analysing your use of this website;
* to assess your abilities and suitability for current or future roles within the company as a job applicant;
* to comply with any legal or regulatory obligations, requirements or requests;
* to protect, defend or enforce our legal rights, or those of others; or
* to enable mergers, divestitures, restricting, reorganization, dissolution and other sale or transfers of Epiroc’s assets. Below, you are provided with more information about e.g. why we process your personal data, which personal data we keep in order to achieve the purposes of the processing and for how long we keep your personal data.
The personal data that we process about you is data that you have provided us with or that we have otherwise acquired as part of the provision of our services. We collect personal data:
* when you create an account to use our services or create a new user for that account;
* when you submit user-interaction data to our services;
* when you complete transactions through this website, such as fulfilling an order for our services and products;
* when you contact our support or customer service;
* when you apply for a position at Epiroc;
* through online forms or otherwise through this website;
* through submittal of written documentation and emails sent to and from Epiroc; and
* when you share information with us through other means, such as meetings, conversations, social media or online forms. Personal data that we collect from other sources We may also collect or receive information about you from other sources such as public registers.
We may share personal data with third parties that are trusted recipients and with whom we have an agreement ensuring that your personal data is processed in accordance with this Privacy Notice. We may share data with:
* our subsidiaries and affiliates;
* third party service providers;
* a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Epiroc’s assets; and
* suppliers in the event of need for sub suppliers on particular components. In certain circumstances, we may also need to disclose personal data upon the request from authorities or to third parties in connection with court proceedings or business acquisition or combination processes, or other similar processes. We will not sell your personal data.
In the capacity of data controller, we are responsible for ensuring that your personal data is processed in compliance with applicable laws and that you can exercise your rights. You may contact us at any time if you wish to exercise your rights. You will find our contact details at the end of this Privacy Notice.
We have an obligation to respond to your requests to exercise your rights within one month of receiving your request. If your request is complex or if we have received many requests, we have the right to extend this deadline to two more months. If we are unable to take the action you request within one month, we will inform you of the reason for the delay and of your right to lodge a complaint with a supervisory authority and to seek judicial remedy.
You will not be charged for requesting information, for communication or measures that we carry out. However, if your request is manifestly unfounded or excessive, we may charge an administrative fee for providing the information or taking the action requested or refuse to act on your request altogether.
You have the right to request:
Access to your personal data. This means that you have the right to request access to the personal data that we hold about you. You also have the right to be provided, at no cost, a copy of the personal data about you that we are processing. We have the right to charge a reasonable administration fee if you request further copies. If you make a request in electronic form, e.g. via email, we will provide you with the information in a commonly used electronic format. Moreover, you have the right to request a copy of the European Commission’s standard contractual clauses and its appendices that we use with any third parties, as mentioned in section 7. Rectification of your personal data. At your request or on our own initiative, we will correct, anonymize, delete or complement data that is inaccurate, incomplete or misleading. You also have the right to complete any incomplete personal data if something relevant is missing.
Erasure of your personal data. You have the right to request that we delete your personal data if there is no compelling reason for us to continue processing the data. Personal data should therefore be erased if:
* it is no longer needed for the purpose for which we collected it;
* we process your personal data based on consent provided by you and you withdraw your consent;
* you object to us processing your data based on a legitimate interest assessment and we have no compelling interest that overrides your interests and rights;
* we have processed the personal data unlawfully; or
* we have a legal obligation to erase the personal data.
However, there may be legal requirements or other compelling reasons that prevent us from immediately erasing your personal data. We will then stop processing your personal data for purposes other than in compliance with the law or where there are no compelling legitimate grounds for doing so.
Restriction of processing. This means that we temporarily restrict the processing of your data. You have the right to request restriction when:
* you consider your data to be inaccurate and you have requested rectification as defined above, while we establish the accuracy of the data;
* the processing is unlawful and you do not want the data to be erased;
* as the personal data controller, we no longer need the personal data for our processing purposes, but you need them to be able to establish, exercise or defend a legal claim; or
* you have objected to the processing as defined below, while waiting for us to consider whether our legitimate interests override yours.
We will take all reasonable measures possible to notify everyone who has received personal data as stated in section 6 above if we have rectified, erased or restricted access to your personal data after you have requested us to do so. If you request information on recipients of your personal data, we will inform you about the recipients.
We always want you to feel confident about providing us with your personal data. We have therefore taken appropriate security measures to protect your personal data against unauthorized access, alteration and erasure.
Even though we work hard to protect your data, no security measures are perfect or impenetrable. Should a security breach occur that may materially impact you or your personal data, e.g. risk of fraud or identity theft, we will contact you to explain what action you can take to mitigate potential adverse effects of the breach.
We strongly advise you to be cautious and to protect your own personal data. You are responsible for keeping your passwords confidential and to avoid others from observing your personal data when using our services in public spaces.