Who are we?
We are Gilbarco Veeder-Root Ltd with headquarters in the United Arab Emirates (Burj Daman Tower, 2nd Floor, Unit C203, Dubai International Financial Centre) and South Africa (Bruma Boulevard, 20 Zulberg Close, Bruma, Johannesburg), E-mail: email@example.com, Telephone: MENA: +971 4 566 7551 and SSA: +2711 856 3600 (“Gilbarco Veeder-Root”).
We provide equipment and services to be installed and operated on petroleum retail sites, on the forecourt and/or in the store, and on non-retail petroleum distributing sites, to customers.
We use your information as further explained in this Privacy Notice. We’ll be the “controller” of the information you provide to us.
Our legal entities in:
- United Arab Emirates is Gilbarco Veeder Root Middle East & Africa - Division of FL MENA FZ LLC (Fortive)
- South Africa is Gilbarco AFS Pty Ltd.
Our website links to other websites, which will have their own privacy notices and terms.
What does this Privacy Notice cover?
We at Gilbarco Veeder-Root take your personal data seriously. This policy:
- sets out the types of personal data that we collect about you;
- explains how and why we collect and use your personal data;
- explains how long we keep your personal data for;
- explains when, why and with who we will share your personal data;
- sets out the legal basis we have for using your personal data;
- explains the effect of refusing to provide the personal data requested;
- explains where we store your personal data and whether we transfer your data outside of the European Economic Area;
- explains the different rights and choices you have when it comes to your personal data; and
- explains how you can contact us.
What about South Africa's Promotion of Access to Information Act?
The Promotion of Access to Information Act, 2000 (“PAIA”) came into operation in South Africa on 9 March 2001. PAIA seeks, among other things, to give effect to the Constitutional right of access to any information held by the State or by any other person where such information is required for the exercise or protection of any right and gives natural and juristic persons the right of access to records held by either a private or public body, subject to certain limitations, in order to enable them to exercise or protect their rights. Where a request is made in terms of PAIA to a private body, that private body must disclose the information if the requester is able to show that the record is required for the exercise or protection of any rights, and provided that no grounds of refusal contained in PAIA are applicable. PAIA sets out the requisite procedural issues attached to information requests.
Section 51 of PAIA obliges private bodies in South Africa, like Gilbarco AFS PTY Ltd, to compile a manual to enable a person to obtain access to information held by such private body and stipulates the minimum requirements that the manual has to comply with.
The Manual constitutes Gilbarco AFS Proprietary Limited ("Gilbarco AFS") PAIA manual. This Manual is compiled in accordance with section 51 of PAIA as amended by the Protection of Personal Information Act, 2013 (“POPIA”), which gives effect to everyone’s Constitutional right to privacy. POPIA promotes the protection of personal information processed by public and private bodies, including certain conditions so as to establish minimum requirements for the processing of personal information. POPIA amends certain provisions of PAIA, balancing the need for access to information against the need to ensure the protection of personal information by providing for the establishment of an Information Regulator to exercise certain powers and perform certain duties and functions in terms of POPIA and PAIA, providing for the issuing of codes of conduct and providing for the rights of persons regarding unsolicited electronic communications and automated decision making in order to regulate the flow of personal information and to provide for matters concerned therewith.
You can access the manual here.
What personal data do we collect about you?
We will collect certain personal information about you in the course of your relationship with us.
This information includes:
Name and address of the company you work for;
Your contact details.
If you visit our website, we may also collect personal data via cookies or similar techniques, including, but not limited to:
Your IP address;
Your cookie ID;
Your web browser;
Your operating system;
The web pages you visit on our websites;
The advertisements you've viewed or clicked through.
Where do we collect personal data about you from?
We may collect personal data about you from the following sources:
- Directly from you. This is information you provide to us via our websites or any other landing pages on the internet, and/or via the completion of documents in which you provide us with your details;
- If you contact us whether by email, telephone, facsimile or post;
- In person, for instance at an arranged meeting or event;
- Voluntary surveys conducted for research purposes;
- From an agent/third party acting on your behalf and/or via one of our distributors/representatives with whom you trade;
- Through publicly available sources. We use the following public sources:
- When visiting one of our facilities in the world when we ask you to provide your name and other data;
- Through the acquisition of databases with your personal contact data, for which you have given consent to a third party;
- Cookies placed on your computer or mobile device when you visit our website.
How and why do we use your personal data?
We use your personal data for the following purposes:
- to contact you to discuss the services or products you receive from us (and any changes to them);
- to contact you to offer additional services or products we have in our portfolio;
- to contact you to invite you to events we are hosting or attending;
- to respond to any questions or concerns you have raised;
- to deal with administrative matters such as invoicing and renewal;
- to otherwise carry out our obligations arising under our contract with you and to enforce the same;
- to carry out anti-money laundering checks;
- to verify your identity;
- to contact you to ask you to participate in consumer research via an online or telephone survey;
- to help us target our marketing communications and adverts so that they’re more relevant to you;
- to use your pseudonymised details to show you advertising on Social Media platforms such as Facebook, LinkedIn or Twitter, or via other third party advertising that may appear on other websites you use.
- To help us improve the user experience on our website, through website behavioural analytics tools.
We will not use your information for any other purposes unless we are required to do so by law.
How long do we keep your personal data?
How long we keep your information will depend on the purpose for which we use it.
We only keep your information for as long as is reasonably necessary for the purposes set out in this Privacy Notice and to fulfil our legal obligations. We have internal rules that set out how long we retain information.
[In summary, however, we will keep your information for the following periods:
We will keep your personal data for as long as you are a customer of Gilbarco Veeder-Root.
This includes situations whereby one of our products is still feasibly considered to be operational and/or in the possession of the individual or company who purchased the product. This is to enable us to respond to any questions or complaints, as well as to fulfil further requests including, but not limited to, the servicing, maintenance, replacement, and/or upgrades of our products. If any of the above ceases to apply, we will keep your data for up to a maximum of 10 years from the date of your last contact with us. This is to enable us to stay in touch about updates to our products and services which may be of renewed interest to you, as well as for our own reporting and customer insight purposes.
If you are not a customer of Gilbarco Veeder-Root (in other words, there has not been a completed transaction with you or your company), we will keep your personal data for a maximum of 5 years after your last contact with us. We will only send marketing communications to you for a maximum of 2 years after your last contact with us.]
Who do we share your personal data with?
We share your personal information with third parties who perform functions on our behalf and who also provide services to us. This includes third party technology solution providers such as advertising providers, professional advisors, IT consultants carrying out testing and development work on our business technology systems, research and mailing houses and function co-ordinators, our distributors/representatives who are providing maintenance and/or support activities on our behalf.
We share your personal information with our other Fortive Group companies for internal reasons, primarily for business and operational purposes.
As we continue to develop our business, we may sell or purchase assets. If another entity acquires us or merges with us your personal information will be disclosed to such entity.
If any bankruptcy or reorganization proceeding is brought by or against us, all such information will be considered an asset of ours and as such it is possible they will be sold or transferred to third parties.
Where required we share your personal information with third parties to comply with a legal obligation; when we believe in good faith that an applicable law requires it; at the request of governmental authorities conducting an investigation; to detect and protect against fraud, or any technical or security vulnerabilities; to respond to an emergency; or otherwise to protect the rights, property, safety, or security of third parties, visitors to the our website, our business or the public.
These third parties comply with similar and equally stringent undertakings of privacy and confidentiality.
No other third parties have access to your information unless we specifically say so in this Privacy Notice, or the law requires this.
Facebook Custom Audience Ads
We may might display interest-based ads to you when you are using Facebook through a tool offered by Facebook called the Custom Audience Tool. This tool allows us to personalise our ads based on your interactions with us, which can include your previous website visits. We do not share any of your personal information with Facebook. This tool allows us to convert your email address to a unique number that Facebook uses to match with unique numbers generated from email addresses of its users.
What legal basis do we have for using your personal data?
We process your information:
- to be able to provide you with products AND/OR services via the Gilbarco Veeder-Root websites.
- as this is necessary for the performance of the contract with you for the supply of equipment and/or the supply of maintenance and/or installation services or to take steps at your request prior to entering into these contracts.
- as this is necessary in pursuit of our legitimate interests in direct marketing, market research and web analytics, and this includes profiling related to audience segmentation and personalisation. While there are some risks with this type of activity, on balance, we consider the risk to your rights of data protection is outweighed by the significant benefits in providing information which we think will be of interest to you, and enabling us to enhance, modify, personalise or otherwise improve our services/communications for the benefit of our customers. We’ve also implemented protections for your rights, by balancing our legitimate interests with any potential impact on you and your rights under data protection and any other relevant law. Our legitimate business interests do not automatically override your interests – we will not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on legitimate interests. More information on this right and on how to exercise it is set out below.
What happens if you do not provide us with the information we request or ask that we stop processing your information?
If you ask us to stop processing your information, and if we do not require this personal information to fulfil our contractual obligations, we will remove your data from our database, within 30 days of the date of the request.
Do we make automated decisions concerning you?
Hubspot, the marketing platform to which we subscribe to, has a built-in Predictive Lead Scoring functionality which may be used for automated decisions. A Predictive Lead Score is assigned to each contact profile. This is calculated by an algorithm which combines user demographic information with behavioural data relating to user engagement across our various digital platforms, namely: marketing emails; website and landing pages; and social platforms. Predictive Lead Scores may be used to identify and prioritise opportunities for automatic follow up, whether by telephone or email.
What about marketing?
Gilbarco Veeder-Root would like to contact you from time to time about our new similar products and promotional offers by email, telephone and/or post.
You can unsubscribe / opt out at any time by clicking the “Unsubscribe” link in any of our communications or by contacting us using the details at the end of this Privacy Notice.
Our group companies in the Fortive Group would also like to contact you from time to time about their products and promotional offers by email, telephone, post. The Group has a wide range of products and services that we do not offer but that may be of interest to you, or they may be able to service your requirements where we are unable to do so.
Each organisation will have its own privacy terms about how it will handle your information. These will tell you how you can opt-out of receiving marketing from them if you change your mind at any time (in addition to using the “Unsubscribe” option in any of their communications).
How do we keep your personal data secure?
We ensure the security of your personal data by the use of perimeter firewalls and email encryption. Regular penetration testing and vulnerability scans are carried out and actioned against. We exercise due diligence in protecting all data that we acquire or retain.
We also take steps to ensure all our subsidiaries, agents, affiliates and suppliers employ adequate levels of security.
What rights do you have in relation to the personal data we hold on you?
By law, you have a number of rights when it comes to your personal data. Further information and advice about your rights can be obtained from the data protection regulator in your country.
What does this mean?
1. The right to be informed
You have the right to be provided with clear, transparent and easily understandable information about how we use your information and your rights. This is why we’re providing you with the information in this Privacy Notice.
2. The right of access
You have the right to obtain access to your information (if we’re processing it), and certain other information (similar to that provided in this Privacy Notice).
This is so you’re aware and can check that we’re using your information in accordance with data protection law.
3. The right to rectification
You are entitled to have your information corrected if it’s inaccurate or incomplete.
4. The right to erasure
This is also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of your information where there’s no compelling reason for us to keep using it. This is not a general right to erasure; there are exceptions.
5. The right to restrict processing
You have rights to ‘block’ or suppress further use of your information. When processing is restricted, we can still store your information, but may not use it further. We keep lists of people who have asked for further use of their information to be ‘blocked’ to make sure the restriction is respected in future.
6. The right to data portability
You have rights to obtain and reuse your personal data for your own purposes across different services. For example, if you decide to switch to a new provider, this enables you to move, copy or transfer your information easily between our IT systems and theirs safely and securely, without affecting its usability.
7. The right to object to processing
You have the right to object to certain types of processing, including processing based on our legitimate interests and processing for direct marketing (i.e. if you no longer want to be contacted with potential opportunities).
8. The right to lodge a complaint
You have the right to lodge a complaint about the way we handle or process your personal data with your national data protection regulator.
9. The right to withdraw consent
If you have given your consent to anything we do with your personal data, you have the right to withdraw your consent at any time (although if you do so, it does not mean that anything we have done with your personal data with your consent up to that point is unlawful). This includes your right to withdraw consent to us using your personal data for marketing purposes.
How can you make a request to exercise your rights?
To exercise any of the rights above, or to ask a question, contact us using the details set out at the end of this Privacy Notice.
How will we handle a request to exercise your rights?
We’ll respond as soon as we can. Generally, this will be within one month from when we receive your request but, if the request is going to take longer to deal with, we’ll come back to you and let you know.
We usually act on requests and provide information free of charge, but may charge a reasonable fee to cover our administrative costs of providing the information for:
- baseless or excessive/repeated requests, or
- further copies of the same information.
Alternatively, the law may allow us to refuse to act on the request.
How can you contact us?
If you have questions on the processing of your personal data, would like to exercise any of your rights or are unhappy with how we’ve handled your information, please contact us here: E-mail: firstname.lastname@example.org, Telephone: MENA: +971 4 566 7551 and SSA: +2711 856 3600 .
If you’re not satisfied with our response to any complaint or believe our processing of your information does not comply with data protection law, you can make a complaint to the data protection regulator in your country.