Last Updated: June 4, 2018
Lindsay Corporation and its subsidiaries (collectively, “Lindsay”) collect Personal Data (as defined below) in the context of providing Services (as defined below). This Privacy Notice (this “Notice”) applies to individuals who use any website, application (“app”), product, software, or service of ours that hyperlinks to this Notice (our “Services”). Lindsay respects your privacy and is committed to protecting your Personal Data.
If you use our Services, this Notice describes how we will collect, hold, store, protect, and use your Personal Data. Depending on the Service, we may provide additional or different privacy statements or notices for specific interactions you have with us or to highlight how we use your Personal Data for specific Services. Where we do this, it will be clear which statements apply to which interactions and Services. For example, if you use one of our mobile apps, we may provide you a separate notice in relation to a particular data type collected through that app.
If you are a “Data Subject” under the EU General Data Protection Regulation (the “GDPR”), this is a required notice to you. Lindsay is a “Data Controller” for purposes of this Notice. This means that we are responsible for deciding how we collect, hold, and process your Personal Data. It is important that you read this Notice, together with any other privacy notice we may provide on specific occasions, when we are collecting or processing your Personal Data.
CHILDREN UNDER THE AGE OF 13
Our Services are not intended for children under 13 years of age, and we do not knowingly collect personal information from children under 13. If we learn we have collected or received personal information from a child under 13 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 13, please contact us.
If you have any questions about this Notice or how we handle your Personal Data, please provide such questions to the following email address: Privacy@Lindsay.com.
WHAT PERSONAL DATA DO WE COLLECT?
All the Personal Data we may collect, both from you and from third parties about you, is outlined in the table below.
Before you read that table, it might be useful to explain what “Personal Data” is. The GDPR definition of Personal Data can be found here. Essentially, it boils down to: information about an individual, from which that individual is either directly identified or can be identified.
It does not include ‘anonymous data’ (i.e., information where the identity of the individual has been permanently removed).
However, it does include ‘indirect identifiers’ or ‘pseudonymous data’ (i.e., information which alone doesn’t identify an individual but, when combined with certain additional and reasonably accessible information, could be attributed to a particular person).
Category of Personal Data Collected
What this means
First name, last name, job title, job function, employer, marital status and gender (inferred from your title), contact type, username, or similar identifier.
Business phone number, mobile phone number, home phone number, business facsimile number, business email address, personal email address, alternate email address, business mailing address, zip code or similar, state/province, country.
Marketing and Communications Data
Your preferences in receiving marketing from us and our third parties and your communications preferences, including your preferred language for such communications.
Inferred or assumed information relating to your behavior and interests based on your online activities. This may including information on whether you have filled out a form on our website, whether you have downloaded materials (e.g., whitepapers, ebooks, case studies, etc.) from our website, your activity related to emails we send you (such as “opens,” “clicks,” and “unsubscribes”), your website visit activity (pages visited, including pages on third party websites other than our websites and Services), and your event-related activity (e.g., whether you have attended any trade shows or webinars we have sponsored, hosted, or otherwise been involved in).
Internet protocol (IP) address, your login data (including user identification and password), browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access and use our Services.
We may also collect, use, and share “Aggregated Data” such as statistical or demographic data for any purpose. Aggregated Data may be derived from your Personal Data, but once in aggregated form, it will not constitute Personal Data for the purposes of the GDPR because this data does not directly or indirectly reveal your identity. However, if we combine or connect Aggregated Data with your Personal Data so that it can directly or indirectly identify you, we treat the combined data as Personal Data, which will be used in accordance with this Notice.
We do not collect any “Special Categories of Personal Data” about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
We will only use your Personal Data for the purposes for which we collected it as listed below, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. Depending on your role, Lindsay may process your Personal Data for one or more of the following purposes:
- Account Creation. To register you as a new customer, partner/dealer, or service provider.
- Rights Protection. To ensure that those people who use and access our Services are properly entitled to so so and are not misusing, infringing, or misappropriating our or our licensors’ intellectual property rights (or any other rights) in or to the Services; and to manage Service licenses, access, updates, support, and for similar purposes.
- Security. To keep our websites and Services and associated systems operational and secure.
- Responding to Requests. To respond to inbound requests from you. This will occur in circumstances where you request:
- a member of our team contact you (e.g., when you fill out a form on our website);
- a demonstration of our Services;
- support or other services ancillary to the Services; or
- a free trial of our Services.
- Services-Related Communications and Notifications. To provide information and updates regarding our Services. This will occur in circumstances where:
- a member of our team contacts you regarding a Services-related security or similar incident
- we communicate a change or update to a Service or its functionality; or
- we provide other Service-specific support or services and/or related information.
- Marketing. To keep you informed about new products, features, and services, and/or new educational content. In certain circumstances, this may involve sharing your Personal Data with our marketing partners.
- Marketing Segmentation and Information. To infer what company you work for and other information about you.
If we need to use your Personal Data for an unrelated purpose, we will update this Notice, and we will explain the legal basis which allows us to do so.
LEGAL BASIS FOR PROCESSING
In respect of each of the purposes for which we use your Personal Data, the GDPR requires us to ensure that we have a “legal basis” for that use. Most commonly, we will rely on one of the following legal bases:
- Contractual Necessity. Where we need to perform a contract we are about to enter into or have entered into with you.
- Legitimate Interests. Where it is necessary for our legitimate interests, and your interests and fundamental rights do not override those interests (for example, providing and improving our Services, administering our relationship with you and our business, marketing and growing our business, and in order to exercise our rights and responsibilities).
- Compliance with Law. Where we need to comply with a legal or regulatory obligation (for example, preventing and detecting crime, and assisting police and other authorities with their investigations).
- Vital Interests. Where it is necessary to protect your vital interests or those of another person (for example, where we know or have reason to believe that you or another person may suffer harm).
In circumstances where you have a genuine choice as to whether we should process your Personal Data, we will ask you for your consent. The method used to obtain your consent will depend on the scope and context of the processing that we propose.
IF YOU FAIL TO PROVIDE PERSONAL DATA
Where we need to process your Personal Data either to comply with law or to perform the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you. For example, we may not be able to provide you with the functionalities of the Services (e.g., setting up your account) or we may not be able to respond to or fulfill a request you make of us (e.g., for demonstration of the Services). In this case, we may have to stop you from using our Services, but we will notify you if this is the case at the time.
PERSONAL DATA FROM THIRD PARTY SOURCES
In addition to the Personal Data that we collect directly from you, we may also collect certain of your Personal Data from third party sources. These sources are broken down in the table below, together with a description of whether they are publicly available or not.
Third party data source
Category(ies) of Personal Data received
Social media sites
Partners, Dealers, and Customers
Marketing Vendors and Partners (e.g., event organizers, sponsored content with industry publications)
Market Researchers (e.g., third parties we engage to conduct research on a market topic to develop analysis or guide our marketing approach)
WHO WE MAY SHARE YOUR PERSONAL DATA WITH
The table below describes who we may share your Personal Data with, what we may share, and why we may share it.
Category(ies) of Personal Data we may share.
Status of recipient
Why we may share it
Controllers and/or our Processors
Our affiliates help provide our Services and help manage our customer relationships (including providing customer support, etc.), as well as provide administrative support (including finance, IT, HR, legal operations, sales and partner management, marketing, etc.).
Partners and Dealers
Controllers and/or our Processors
Our partners and dealers help us provide our Services and other services ancillary thereto, as well as marketing of our Services and providing customer feedback.
Service Providers (e.g., our hosting provider, CRM and marketing tool providers, and accounting and financial service providers)
Our service providers provide us with IT, software, content, applications and solutions management, hosting, system administration, management, project‑related marketing, customer feedback, and other services.
Consultants and advisers
Our attorneys, bankers, accountants, auditors, insurers, consultants, and other advisors who provide us with their respective services may need to receive certain elements of your Personal Data to do so.
Marketing Partners (e.g., our referral, reseller, OEM, and other partners)
In certain circumstances, we may co-host, co-sponsor, or otherwise be involved in marketing programs (such as trade shows, webinars, or other events) with our partners. In these circumstances, we may share your Personal Data relevant to the applicable program with such partners.
Partners in corporate transactions
We may disclose Personal Data to third parties to whom we may choose to sell, transfer, or merge all or any parts of our business or our assets. If we undergo a change like this to our business, then the new owners may use your Personal Data in the same way as set out in this Notice.
We may share your Personal Data with both internal parties (i.e., amongst Lindsay and its affiliates) and external third parties who are based outside the European Economic Area (the “EEA”). Any processing of your Personal Data by these parties will involve an export of your Personal Data outside of the EEA where they receive your Personal Data from one of Lindsay’s affiliates within the EEA. We will take commercially reasonable steps to ensure that when we process the Personal Data of individuals based in the EEA or transfer that Personal Data to any third parties outside the EEA, appropriate safeguards are maintained to ensure protection of that Personal Data consistent with the GDPR.
CHANGE OF PURPOSE
If we need to use your Personal Data for a purpose unrelated to that set forth in this Notice, we will notify you and we will explain the legal basis that allows us to do so. We may always process your Personal Data without your knowledge or consent, in compliance with this Notice and all applicable laws, rules, and regulations, when required or permitted by law.
Automated decision-making takes place when an electronic system uses personal information to make a decision without human intervention. We are allowed to use automated decision-making in the following circumstances:
- Where we have notified you of the decision and given you 21 days to request a reconsideration
- Where it is necessary to perform a contract with you and appropriate measures are in place to safeguard your rights
- In limited circumstances, with your explicit written consent and where appropriate measures are in place to safeguard your rights
HOW WE KEEP YOUR PERSONAL DATA SECURE
We have put in place appropriate security measures to prevent your Personal Data from being accidentally lost, used, or accessed in an unauthorized way, altered, or disclosed. In addition, we limit access to your Personal Data to those employees and other staff who have a business need to have such access. They will only process your Personal Data on our instructions, and they are subject to a duty of confidentiality. We have put in place procedures to deal with any actual or suspected Personal Data breach. In the event of any such breach, we have systems in place to work with applicable regulators. In addition, in certain circumstances (e.g., where we are legally required to do so) we may notify you of breaches affecting your Personal Data.
HOW LONG WE STORE YOUR PERSONAL DATA
We will only retain your Personal Data for as long as we reasonably need to use it for the purposes set out above, unless a longer retention period is required by law.
You may have rights under the GDPR and other laws to have access to your Personal Data and to ask us to rectify, erase, and restrict use of your Personal Data. You may also have rights to object to your Personal Data being used, to ask for a transfer of Personal Data you have made available to us, and to withdraw consent to the use of your Personal Data. Further information on how to exercise your rights is set out below.
We will endeavor to honor your rights under applicable data protection laws. You have the following rights under the GDPR and may have similar rights under the laws of other countries:
- Request access to your Personal Data. This enables you to receive a copy of the Personal Data we hold about you and to check that we are lawfully processing it.
- Request correction of the Personal Data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
- Request erasure of your Personal Data. This enables you to ask us to delete or remove Personal Data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your Personal Data where you have exercised your right to object to processing (see below).
- Object to processing of your Personal Data. This right exists where we are relying on a legitimate interest as the legal basis for our processing and there is something about your particular situation, which makes you want to object to processing on this ground. You also have the right to object where we are processing your Personal Data for direct marketing purposes.
- Request the restriction of processing of your Personal Data. This enables you to ask us to suspend the processing of Personal Data about you, for example, if you want us to establish its accuracy or the reason for processing it.
- Request the transfer of your Personal Data. We will provide to you, or a third party you have chosen, your Personal Data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
- Withdraw consent. This right only exists where we are relying on consent to process your Personal Data (“Consent Withdrawal”).
Please contact us at Privacy@Lindsay.com if you wish to exercise any of these rights. Note, however, that these rights are not absolute and do not always apply in all cases. Lindsay may be entitled to refuse any request in certain circumstances and, where this is the case, you will be notified accordingly. In cases of Consent Withdrawal, Lindsay may not be able to provide some or all of its Services to you or the provision of those Services may be affected. If you do exercise your right to object, we will still have the right to process your Personal Data to send you Service-related communications, such as emails we may have to send you relating to the management of your account, your use of our Services, updates to this Notice, etc.
NO FEE USUALLY REQUIRED
You will typically not have to pay a fee to exercise any of the rights discussed above. However, except in relation to Consent Withdrawal, we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive, or we may refuse to comply with your request in these circumstances.
WHAT WE MAY NEED FROM YOU
We may need to request specific information from you to help us confirm your identity and make sure you can exercise any of your rights hereunder. This is a security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
COOKIES AND SIMILAR TECHNOLOGIES
We use may cookies and similar technologies for automatic information collection, as further described below:
- Cookies (or mobile cookies).A cookie is a small file placed on your computer or smartphone. It may be possible to refuse to accept cookies by activating the appropriate setting on your browser or smartphone. However, if you select this setting you may be unable to access certain parts of our Services;
- Web Beacons.Pages of our Services may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit us to count users who have visited those pages or opened an email and for other related Service statistics (for example, recording the popularity of certain website content and verifying system and server integrity).
We also may use these technologies to collect information about your activities over time and across third-party websites, apps, or other online services (behavioral tracking). Email Privacy@Lindsay.com for information on how you can opt out of behavioral tracking on or through our Services and how we respond to browser signals and other mechanisms that enable consumers to exercise choice about behavioral tracking.
YOUR CALIFORNIA PRIVACY RIGHTS
California Civil Code Section 1798.83 permits users of our Services that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to Privacy@Lindsay.com.
If you have a complaint regarding this Notice or with our practices in relation to your Personal Data, you may contact us at Privacy@Lindsay.com. We will reply to your complaint as soon as we can. If you remain unsatisfied, you have the right to contact your local data protection supervisory authority.
CHANGES TO THIS NOTICE
We reserve the right to update this Notice at any time by delivering you a new privacy notice. We may also notify you in other ways from time to time about the processing of your Personal Data.