Privacy Policy for Markem-Imaje Customers | Updated October 2023

You can find the latest version of this Privacy Notice at https://www.markem-imaje.com/privacy.  

Any type of request can be sent to us in the following languages, German, Spanish, French, English Italian, or Portuguese. 

Your personal data may also be processed in connection with any legal process or claims, for the Company to establish, exercise or defend its legal rights, or to comply with legal obligations, including, but not limited to, following a request from a competent administrative or judicial authority or in any circumstance in which such processing is requested by applicable laws.

The processing of your personal data will always be based on legitimate grounds. 

The Company will process the personal data described above for the following purpose(s):

• fulfill our contractual obligations to customers and administer contracts and agreements;
• verify identity, which may include natural persons, where a contractual relationship is proposed or exists, to assess financial capability and other business risks to our business;
• maintain an up-to-date and centralized database of customers;
• process quotes, orders, billing, delivery and payment of our products and services;
• offer maintenance services and contracts;
• provision of support and maintenance services;
• provide training;
• carrying out marketing and communication campaigns related to our products and services (sending emails and telephone prospecting) and sending invitations to events;
• provide and manage e-commerce and sales order automation solutions;
• organization of meetings and monitoring of the commercial relationship;
• correspond with lawyers, legal advisors, advisors and financial partners;
• conduct customer surveys and case studies;
• produce trade statistics;
• manage cookies.

Legitimate interests: The processing described is necessary to administer and facilitate our business relationship and for the legitimate interest of the Company. 

More information about this analysis can be provided upon request, via our email privacy@markem-imaje.com.

Performance of a contract: The processing described is necessary to enter into or for the execution of your commercial agreements and contracts and to administer their management.

For the processes, we anticipate the following categories of recipients will have access to your personal data, for the purposes indicated below:

Sales and Marketing teams: The Company's Sales and Marketing teams, each in its field of responsibility, will access and process some of your staff data for the purposes described in Section 4 and for marketing campaigns and event invitation management, development of business statistics and for the management of business relationships.

Financial Equipment: The Company's Finance team will access some of its staff data and process it for the purposes described in Section 5, to assess the financial condition and other business risks of our business and to process billing and payment.

IT Teams: The IT teams of Dover Corporation (Parent Company) and the IT teams of the Company, as well as any IT subcontractor acting on behalf of Dover Corporation, or on behalf of the Company, may access some of the data of its personnel to provide and support IT services.

Compliance Equipment: Dover Corporation and the Company's Compliance teams may access some of your personal data to conduct third-party due diligence and to comply with export control regulations.

Legal Team: The legal teams of Dover Corporation and the Company may access some of your personal data to carry out the corresponding legal proceedings under the contract, negotiations or legal proceedings that may be established based on the existing contractual relationship.

Some of the recipients mentioned above may be located outside the EU, EEA, Switzerland or the UK and are likely to be in many countries around the world. As described in Section 6 below, all such transfers to internal recipients will comply with all applicable laws and regulations, following the requirements of the applicable General Data Protection Regulation.

The Company may from time to time engage third-party vendors to assist in processing personal data. The Company will transmit to any of these providers its obligations under applicable data privacy law, require the provider to secure the data, and provide such additional notice as required by law. We will not sell, distribute or transfer your personal data to third parties unless we have your prior consent that will be informed.

Your personal data may be transferred outside the EU or the UK to countries which are not subject to an adequacy decision issued by the European Commission at the UK Secretary of Stata (as applicable) or the Swiss Federal Council, for the purposes listed above under the European Commission's Standard Contractual Clauses (SCC) (europa.eu), or other legally binding and permissible agreement at the time of the Transfer. 

In such a case, Markem Imaje undertakes to put in place all appropriate safeguards to offer a sufficient level of protection to your Personal Data, and in particular to carry out a transfer impact assessment and implement all additional corrective measures necessary to guarantee a level of protection at least equivalent to that conferred by the applicable regulation.

Such transfers will comply with all applicable laws and regulations from time to time. We anticipate that this data may be transferred to various countries around the world.

Relevant additional details may be provided based on transfers of personal data upon request addressed to privacy@markem-imaje.com.

Your personal data may also be processed and subsequently transferred in connection with any legal proceedings or future legal proceedings, for the Company to establish, exercise or defend its legal rights, or to comply with legal obligations, including, but not limited to, upon a request from a competent administrative or judicial authority or in any circumstances where such processing is requested following applicable laws.

We are committed to ensuring the security of your personal data. To prevent unauthorized access or disclosure, we have put in place appropriate technical and organizational measures to safeguard and secure the personal data we process. We employ a set of various IT security tools to safeguard personal data, restrict access to data and have physical and organizational security measures in place to prevent unauthorized or unlawful access to personal data and accidental loss, destruction or damage to personal data. The Company also maintains an inventory of personal data and evaluates the safeguards we have in place for that data to ensure that our security measures are tailored to the sensitivity of the data.

For illustrative purposes, the following specific security measures apply: 

• Perimeter protection has been established through firewalls, as well as monthly vulnerability scanning, and intrusion detection and prevention systems to protect against malicious access.
• An encryption mechanism is used when data is transmitted outside the company and Dover group network, as well as on all data at rest on mobile devices.
• Authentication mechanism with a strong password policy and Role-Based Access Control to authorize access to the various resources on which personal data is stored and processed.
• Regular safety awareness training for all employees to increase our defense.
• Information Security Governance, including a security incident management response plan, as well as a Cybersecurity program improvement plan based on NIST's Cybersecurity Framework (CSF), as a guideline for measuring, improving, and monitoring our overall security program.

We have established procedures to deal with any suspected data breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

All our external service providers and other group entities are required to take appropriate security measures to protect your personal data per our policies and the risk involved. We do not allow our third-party service providers to use the provided personal data for their purposes. We only allow them to process their personal data for specific purposes and according to our instructions.

We will retain your personal data for as long as: 

• Let us maintain a commercial relationship with you;
• In the event that Markem Imaje is required to fulfill a legal obligation, personal data is processed for the time necessary to fulfill this obligation and as provided for by law;
• For the time strictly necessary to use the website and to access the services;
• In the context of marketing operations, three (03) years from the last contact;
• Until the withdrawal of consent, in the event that the processing is based on prior consent;
• In accordance with local country regulations.

If you have any questions about our retention policy, please contact us using the details above.

The rights of the interested parties will be by the regulations in force and the jurisdiction in which you reside. However, you can always ask the Company for more information about the people who will be able to see and access the data that identifies you. 

At any time, you can request the update of your data, but we also remind you that you must notify any information that directly affects the updating of your personal information, having to communicate it as soon as possible, and thus being able to maintain the quality of the data we process for our commercial relationship.

We remind you of the rights granted to you by the current Regulation, without incidentally mentioning the existing rights under your jurisdiction: 

In addition, the Company has the power to reject unreasonably repetitive requests, require disproportionate technical effort (e.g., developing a new system or fundamentally changing an existing practice), or create a risk to the privacy of others. In any case, we will try to process your request under the legally established deadlines. 

There will be no silence on the part of the Company when responding to requests, while if it proceeds or is rejected it will be notified if we have reliable proof of your request.