Beamex Privacy Policy

Prospects, customers and business partners

Last update: July 5, 2024

PRIVACY AND YOUR INFORMATION

Auf Deutsch | En français | En español | In italiano | Suomeksi

How we collect, process and protect your personal data

1. Summary

2. Introduction

This Privacy Policy describes the principles according to which Beamex Oy Ab and its subsidiaries and branch offices (hereinafter jointly referred also as “Beamex” or “we“), as joint-controllers of personal data, collect and process personal data concerning current and potential customers, business partners and users of our products and services. Personal information is any information related to an identified or identifiable person, such as a name, email address or photograph.

3. Joint-controllers and contact details for privacy matters

• Beamex Oy Ab (Business ID: 0181602-8, Ristisuonraitti 10, 68600 Pietarsaari, FINLAND, email: privacy@beamex.com), the Beamex Group parent company with the foreign subsidiaries and branch offices as listed below
• Beamex Limited (UK)
• Beamex GmbH (Germany)
• Beamex S.A.S. (France)
• Beamex, Inc. (USA)
• Beamex Calibration Solutions Ltd. (Canada)
• Beamex Calibration Solutions AB (Sweden)
• Beamex B.V. (Netherlands)
• Beamex Measurement Technology (Shanghai) Co., Ltd. (China)

Beamex Oy Ab, the parent company of Beamex group of companies, is the company responsible for running and maintaining the technical systems and software that are used for storing and processing most of the personal data. Beamex Oy Ab is also the main contact for all privacy related questions and enquiries. Please use the above Beamex Oy Ab contact details, if you have any questions regarding privacy.

4. Beamex as a data processor

In connection with the provision of products and services, Beamex itself may act not only as a data controller, but also as a data processor processing personal data on behalf of its customers. Beamex acts as a data processor for instance when a customer of Beamex uses cloud-based Beamex software for processing information about the persons involved with or performing calibrations. The purposes and principles of personal data processing are determined in these situations in the agreement Beamex has concluded with the customer. Beamex may not process such data for any purposes other than for the benefit of the customer in question and in accordance with the customer’s instructions. The principles of how Beamex’s customers process personal data is described in their own privacy policies.

5. What personal data we process, for what purpose and what is the legal basis for the processing

We collect, store and process personal data only for predefined purposes and only on legal grounds.

We process personal data mainly for the following purposes and on the following grounds:

6. From which sources has the personal data been obtained

We receive personal data mainly from you in connection with contacting us, registration, placing an order or contract, or using our products, services or website. The information may be given by you or derived from the use of services or website.

We also collect personal data about our website visitors with a marketing automation system and website analytics tools, so that we can analyze our website use, develop it further and to target relevant advertising and marketing content for our customers and website visitors.

In addition, we may collect personal data about you from other reliable sources or registries you have used, such as third-party websites as well as advertising and social media channels. Examples of data from these sources could be your public profile information (e.g. LinkedIn), interest in our products and services, and references from your colleagues or other people.

7. With whom do we share personal data

As a general rule, your personal data is processed by the personnel of our company when performing their duties. However, we may share personal data with others, especially in the following situations:

(a) Our local subsidiaries, branch offices, partners and resellers. Personal data can also be shared with our subsidiaries and branch offices as well as third-party partners and resellers, who provide local sales, support and services in a country where you are located. For instance, customer requests received through our website are typically transferred directly to the relevant local partner, who will handle and respond to the request. They usually process personal data as independent data controllers pursuant their own privacy policies;

(b) Our service providers. We may use external service providers and outsource some processing of personal data. For example, our LOGiCAL service runs on the servers of an external service provider located in Europe (Microsoft). In implementing digital marketing, we use service providers. We manage customer data with a cloud service-based CRM and marketing automation system. We may also use other service providers. The service providers we use may not use personal data for any of their own purposes, but only for our benefit. We always make sure, for example through contracts, that the confidentiality of your data is maintained and that the data is also otherwise processed in accordance with the law. What data our service providers process at any given time is closely related to the task and purpose for which we use the service provider;

(c) Official and other legal reasons. We may also disclose information when required by law, a court or a competent authority, to respond to a legal claim or to prepare one;

(d) Corporate and business arrangements. We may also disclose information if we were involved in a merger, business transaction or other reorganization of our business; and

(e) Consent of the data subject. We may also disclose information if the person has given their consent to the disclosure of information.

8. International transfers of personal data

Personal data may be transferred outside the EU/EEA especially in the following situations:

(a) Our services provider, such as a cloud-based software we use for marketing, is located outside the EU/EEA;

(b) We have a customer, for instance a user of our online-based LOGiCAL calibration management software, who is located outside the EU/EEA; or

(c) We need to share information for customer service and support purposes (e.g. a contact request) to our local business partner located outside the EU/EEA.

If personal data were to be transferred outside the EU/EEA to a country that is not included in the EU Commission’s decision on an adequate level of data protection, we will make sure that the processing, transfer and storage of your data is carried out on the grounds required by law and with adequate protection mechanisms, such as using the standard contract clauses confirmed by the EU Commission. The standard contract clauses can be found here (part of the text is in English): https://ec.europa.eu/info/law/law-topic/data-protection_fi. The standard contractual clauses have different modules for different situations, most likely we would apply modules 1 (controllercontroller) 2 (controller-processor) or 3 (processor-sub-processor), depending on the situation.

9. Personal data retention periods

We do not store personal data for longer than is necessary for the purpose of their use or as required by contract or law. Personal data can also be deleted in the situation when the data subject withdraws his/her consent or requests the deletion of his/her data (and there is no other legal basis for the processing). Data retention periods can also be governed by legislation (e.g. accounting law, KYC checks, export control, customs handling, tax laws) and the expiration of deadlines related to presenting legal claims (e.g. statutes of limitations).

The necessary storage time can vary, but typically it can mean a few years. Information that is necessary for defending against legal claims may have to be stored for up to 10 years. Accounting documentation is typically kept for 6-10 years. We maintain a minimum information register of data subject requests made in accordance with the data protection legislation (e.g. a request made by a data subject for deletion of data) so that we can demonstrate afterwards that we have implemented the requests of the data subject in accordance with the data protection legislation.

We store online behavior data collected with cookies and other similar technologies as described in the cookie statement produced by our cookie tool. The cookie statement is available on our website.

10. Your rights

You have the following rights in relation to your personal data:

Updating your own information

In case you are a registered user in our digital services, or a customer in our online store, you may have certain limited possibilities to check and update your profile data by accessing your account in the service or online store.

The right to access personal data

You have the right to receive confirmation from us as to whether we are processing personal data concerning you and to know what personal data concerning you we are processing (e.g. a copy of the data). In addition, you have the right to receive additional information about the basis of the processing of your personal data. However, the right to access personal data can be restricted based on legislation, the protection of privacy of other persons and the protection of business secrets.

The right to correct data

You have the right to have your incomplete, incorrect or outdated personal data supplemented or corrected.

The right to delete data

You have the right to request the deletion of your personal data. Your data will be deleted if there is no longer a legal basis for processing personal data.

The right to restrict processing

You may have the right to restrict the processing of your personal data. In this case, the controller generally does not process personal data other than by storing the data. You may have this right, for example, when you dispute the accuracy of your personal data, if the processing is against the law, or if you have objected to the processing of your personal data and are waiting for a response to the request for action in question.

Right to object

If we process your personal data based on our legitimate interest, you have the right to object to such processing based on your personal reasons.

The right to transfer data from one system to another

If we have processed your data on the basis of your consent or to fulfill a contract and the processing has taken place automatically, you have the right to receive the data you have provided us electronically in a commonly used machine-readable format so that the data can be transferred to
another data controller.

Withdrawal of consent

If the processing of personal data is based on consent, you have the right to withdraw it at any time. Withdrawal of consent does not affect the legality of the processing of personal data that took place before the withdrawal. The processing of your personal data is based on consent, for example when you have given permission for electronic direct marketing by consenting to receive marketing information. The processing of non-essential cookies on our website is also based on your consent. You can manage the cookie consents you have given yourself using the cookie tool on our website.

The right to prohibit direct marketing

You always have the right to object to the processing of your personal data for direct marketing purposes and the right to withdraw any consent you may have given for marketing purposes.

11. How you can exercise your rights

You can exercise your rights described above by contacting us, for example, by using the contact information provided in Section 3 of this statement. The use of your rights is basically free of charge for you. If you submit a request electronically, we will deliver the information electronically as far as possible, unless you request otherwise. If necessary, we may ask you to verify your identity or specify your request.

You can easily prohibit email marketing, for example, by clicking the unsubscribe link in the footer of any marketing email.

You can manage consents regarding cookies yourself directly with the cookie management tool on our website.

12. Complaint to the supervisory authority

If you believe that we do not process your personal data in accordance with this privacy statement or the applicable national and European Union data protection legislation, you can file a complaint with the supervisory authority if you wish. In Finland, the authority in question is the office of the Data Protection Commissioner (homepage: https://www.tietosuoja.fi).

13. Security

Personal data in electronic form is properly and carefully stored on servers that are protected by firewalls, passwords and other technical means in accordance with the general practices of the industry. The servers and their backups are located in locked rooms. Any written documents and materials containing personal data of data subjects are kept in locked rooms so that unauthorized persons are prevented from accessing them. Our premises are also locked and well protected. The personal data we collect and process are confidential, and we do not disclose it to anyone other than those who need the information in their work or, in accordance with this privacy statement, to our partners or other recipients.

14. Cookies

We use cookies on our website so that we can offer the best possible user experience to the website visitor. Cookies are short text files that the web server stores on the user’s terminal device. Cookies give us information about how users use our website. We may use cookies to develop our services and website, to analyze website usage, and to target and optimize marketing. Non-essential cookies are processed only with the consent of the website visitor. Consent is given, it is revocable and it is managed using the cookie tool on our website, which opens when a visitor first visits our website and can be opened via the Cookie Settings link in the footer. The cookie banner and the separate cookie statement on our site provide more detailed information about the cookies on our site.

15. Obligation to provide personal data and the consequences of not providing it

Use of certain software and services is only possible for registered users, so if the user does not provide their personal data, use of the service may not be possible.

With legal entity customers processing of certain personal data is also mandatory for instance for concluding and executing contracts and for invoicing purposes.

To the extent possible and when doing business with us, we try to inform you which information is mandatory to fulfill the contract or create a user account and which information you can provide if you wish.

16. Automated decision-making and profiling

Profiling refers to any automatic processing of personal data, where personal data is used to evaluate, for example, a person’s preferences or interests. We may use profiling in the targeting of direct marketing and digital advertising. Profiling may use information collected with cookies about what the website visitor was interested in when visiting our web pages. The use of non-essential cookies is always based on the user’s consent (read more about cookies from our cookie policy). The use of information other than such that is collected with cookies, may be based in particular on our legitimate interest. You have the right to object the processing of personal data based on our legitimate interest (including profiling for marketing purposes).

With the help of profiling, we aim to make content and marketing more relevant, personal and interesting. The profiling performed in connection with our marketing does not include automatic decision-making that would have legal effects or other similar effects on the person.

17. Changes

We may make updates to this privacy statement as our operations, services, privacy principles or applicable legislation change. Unless otherwise stated, changes will take effect when we have posted an updated privacy statement on our website. When we make material changes, we will announce the date of the changes in advance on our website or in another way we deem appropriate.