Like any business, we use service providers to support the operation our website, such as website hosting (Amazon Web Services), enquiry functionality (Perficient Inc) and website user feedback collection (IPSOS). Some of these service providers will process your data as part of the services they offer to us. We take steps to ensure that our service providers treat your data in accordance with the law, only use it in accordance with our contract with them and keep it secure.
Your personal data may be shared across the Finning Group of companies – for example your personal data may be processed by a Finning Group company situated in the country from which you are accessing our website or the country in which you are purchasing our products and services, if different. SITECH may store and process your personal data in Canada, Argentina, Bolivia, Chile and Republic of Ireland being the countries where Finning operates. Each Finning Group company storing or processing your personal data strives to implement appropriate technical and organisational measures in order to protect your personal data against accidental or unlawful destruction, accidental loss or alteration, unauthorised disclosure or access and any other unlawful forms of processing.
Transfers of your information out of the EEA
We may transfer your personal data to Canada, Chile, Argentina, Bolivia and USA, all of which are located outside the European Economic Area:
• in the case of Canada we may transfer information to our affiliates in that country for the purposes of fixing website issues.
• in the case of Canada and USA we may transfer information to certain of our IT service providers who provide their services to us from those countries.
• in the case of Canada, Argentina, Bolivia and Chile we may transfer information to our affiliate companies in the Finning Group which are located there for the purposes of facilitating a coordinated approach to product and service delivery to our global customers.
Any transfer of your data will be carried out in accordance with the Data Protection Laws to safeguard your privacy rights and give you remedies in the unlikely event of a security breach or to any other similar approved mechanisms.
How we keep your data secure
We strive to implement appropriate technical and organisational measures in order to protect your personal data against accidental or unlawful destruction, accidental loss or alteration, unauthorized disclosure or access and any other unlawful forms of processing. We aim to ensure that the level of security and the measures adopted to protect your personal data are appropriate for the risks presented by the nature and use of your personal data. We follow recognised industry practices for protecting our IT environment and physical facilities.