This privacy notice was last updated on April 15, 2020, and applies to citizens of Canada, the United States, the United Kingdom, and the European Union. Information relating to the rights of citizens of specific countries, territories, or states can be found below.
For purposes of this Privacy Notice, unless otherwise stated, the term “Valiant TMS” (or “We” or” Our”) means the Valiant Corporation and any of its subsidiaries, parents, or affiliates. In this privacy notice, we explain what we do with the data we obtain about you via https://www.valianttms.com and from other sources. We recommend that you carefully read this notice. We are obligated to comply with the requirements of certain applicable privacy legislation, including but not necessarily limited to the European General Data Protection Regulation (“GDPR”), the United Kingdom Data Privacy Act of 2018 (“UK DPA”) and the California Consumer Privacy Act (“CCPA”). That means, among other things, that:
If you have any questions, or want to know exactly what data we keep of you, please contact us. Contact information for specific jurisdictions is below. If you are from a jurisdiction that is not listed, please contact us at 519-974-5200 or email@example.com.
Valiant TMS processes personal data of staff members, partners, customers, and suppliers to run its usual course of business and to meet all related statutory and contractual requirements. Customer Data Processing Valiant TMS collects and processes personal data provided by interested parties and customers to prepare offers and execute orders, as well as to meet all related contractual and legal obligations. When necessary to meet legal obligations, data may be provided to authorities and public centers. The following categories of personal information may be collected through phone, mail, email and/or web forms:
We process this data based on your consent, and we retain it until it is no longer needed for a legitimate business purpose or until you ask us to delete it. We will not process this information for any purpose that is materially different from what is disclosed here without your explicit consent.
Candidate Data Processing
Contact data and job candidate documentation provided during recruitment is processed electronically to select appropriate candidates for employment, and such data is stored for at least a period of 6 months and will be retained in an employee’s personnel file as permitted or required by applicable laws. In the case of rejection, recruitment documents are maintained as evidence, if approved by the affected individual.
Website Visitor Data
Processing for purposes of compiling and analyzing statistics for website improvement, we collect the following data:
We process this data based on your consent, and we retain it until it is no longer needed for a legitimate business purpose or until you ask us to delete it. We will not process this information for any purpose that is materially different from what is disclosed here without your explicit consent. Our website uses the website features of the web analytics service Google Analytics (Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA, Tel: +1 650 253 0000, email: firstname.lastname@example.org). If you are located outside of the United States, your data is transferred to a third-party country. For processing this data, cookies are used that allow an analysis of the use of the website by users. You can prevent this by setting up your browser so that no cookies are stored. We have a corresponding data processing contract with Google Analytics. Your IP address is captured but immediately pseudonymized. As a result, only a rough localization is possible. The business connection with the web analytics provider is based on adequacy decision of the European Commission. Based on legal regulations of § 96 Abs 3 TKG (telecommunications act) as well as the article 6 paragraph 1 a (consent) and / or b (legitimate interest) of the GDPR. Our concern in the sense of the GDPR (i.e., our legitimate interest) is the improvement of our offerings and our website. Because the privacy of our users is important to us, the user data is pseudonymized. This user data is kept for a period of 26 months.
We do not share your data with third parties except as disclosed herein.
We do note sell your data to third parties. We do, however, disclose personal information if we are required to do so by law or by a court order, in response to a law enforcement agency, to the extent permitted under other provisions of law, or to provide information for an investigation on a matter related to public safety.
Our website responds to and supports the Do Not Track (DNT) header request field. If you turn DNT on in your browser, those preferences are communicated to us in the HTTP request header, and we will not track your browsing behavior.
We are committed to the security of personal data. Protection of data confidentiality, availability, and integrity are important to Valiant. This applies to the same extent for company secrets, customer data, personal data, and to other critically important information. Reasonable technical and organizational safety measures have been implemented for this purpose, according to the current technological state of the art and internationally recognized best practices, as well as according to safety standards. We take appropriate security measures to limit abuse of and unauthorized access to personal data so that only the necessary persons have access to your data. Our security measures are regularly reviewed. All access to your data is protected, at a minimum, via encrypted transmission of the same and through limited account-level access for administration of our system and services. Valiant staff will maintain confidentiality of personal data and are regularly trained in the field of safe handling of personal data and of other critical data.
This Privacy Notice does not apply to third party websites connected by links on our website. We cannot guarantee that these third parties handle your personal data in a reliable or secure manner. We recommend you read the privacy notices on these websites before using these websites.
We reserve the right to amend this privacy notice. You should consult this privacy notice regularly to be aware of any changes. Further, where necessary, we will advise you of changes to this privacy notice on our website home page or via email.
Our website is not designed to attract children and it is not our intent to collect personal data from children under the age of consent in their country or state of residence. We therefore request that children under the age of consent do not submit any personal data to us.
The following apply to those protected by the privacy laws of the nation of Canada:
Because we only process business contact information that is collected for the sole purpose of communication with you related to your use of our services in a professional setting, the information we collect is not governed by the Canadian Personal Information Protection and Electronic Documents Act (“PIPEDA”). Nevertheless, while we are not obligated to follow the guidelines of PIPEDA, your privacy is important to us. Thus:
We will give access to personal information in an alternative format to an individual with a sensory disability and who requests that it be transmitted in the alternative format if (a) a version of the information already exists in that format; or (b) its conversion into that format is reasonable.
Accessing and modifying your data
If you have any questions or want to know what personal data we have about you, please contact us. Please make sure to always clearly state who you are so that we can be certain that we do not modify or delete any data of the wrong person. We will provide you with the requested information only on receipt of a verifiable consumer request. You can contact us by using the information below.
Contact details – Canada
Valiant TMS 6555 Hawthorne Drive N8T 3G6 Windsor Canada
We have appointed a contact person for the organization’s policies and practices and to whom complaints or inquiries can be forwarded: Mika Gruevski, Global Director of Information Technology, 6555 Hawthorne Drive, Windsor, Ontario, Canada N8T 3G6
The following apply to those protected by the European Union General Data Protection Regulation (GDPR) and the United Kingdom Data Privacy Act of 2018 (UK DPA):
If you have any questions or want to know what personal data we have about you, please contact us. You can contact us by using the information below. You have the following rights:
Data security has a very high value in relation to the rights of an affected individual. Thus, execution of your rights is possible only after we can clearly and positively identify you at or after the time of your request.
Data Protection Specialist
Valiant should not be indicated if a data protection administrator is required, as Article 37, paragraph 1 of the EU-GDPR does not apply. According to the importance of data protection, Valiant has designated a data protection coordinator. This person shall be available to affected individuals and to data protection authorities as a contact person and shall take care for personal data topics within the company group. Contact information is available below.
Transfer of personal data to recipients outside the company group and to recipients in other EU countries will only take place in conformity with the effective law and according to a legal basis, as well as with observance of the highest level of confidentiality and data security. Within conventional processing, personal data is exchanged between Valiant’s corporate entities. This exchange is regulated by regulations and Binding Corporate Rules and provides a uniform standard of data protection and processing according to the law. Valiant uses various contractual data processors during data processing. All such processors are contractually obliged upon signing a processing contract to observe all legally binding regulations related to data protection.
European Union Specific
Submitting a complaint If you are not satisfied with the way in which we handle the processing of your data, please let us know. If you are not satisfied with the way in which we handle a complaint about the processing of your data, you have the right to submit a complaint to the Data Protection Authority in your country.
Contact details – European Union
Valiant TMS 6555 Hawthorne Drive N8T 3G6 Windsor Canada
We have appointed a representative within the EU. If you have any questions or requests with respect to this privacy statement or for our representative, you may contact Oliver Haak-Combrink, via gdpr-VTGERemail@example.com or by telephone on +49 (0) 221-8888-93-0. Contacts for data processing in individual EU locations can be found here.
United Kingdom Specific
Submitting a complaint If you are not satisfied with the way in which we handle the processing of your data, please let us know. If you are not satisfied with the way in which we handle a complaint about the processing of your data, you have the right to submit a complaint to the Information Commissioner’s Office at: Wycliffe House Water Lane Wilmslow Cheshire SK9 5AF
Contact details – United Kingdom
Valiant TMS 6555 Hawthorne Drive N8T 3G6 Windsor Canada
Responsible for the processing of personal data in the course of the whistleblowing system ‘EQS Integrity Line’ is the
TMS Turnkey Manufacturing Solutions GmbH
Gaisbergerstrasse 50, A-4031 Linz, Austria
+43 (0) 732-6593-0
The company’s data protection officer can be reached at firstname.lastname@example.org.
The technical implementation of the EQS Integrity Line is carried out on our behalf by EQS Group AG (“EQS”).
In principle, it is possible to use the EQS Integrity Line without providing personal data. However, you can voluntarily disclose personal data as part of the whistleblowing process.
The EQS Integrity Line enables you to contact us and report indications of compliance and legal violations. We process your personal data to review the report you make through the EQS Integrity Line and investigate the alleged compliance and legal violations. Inquiries to you happen through the EQS Integrity Line. Confidentiality is our first priority.
We process your personal data insofar as this is necessary for the fulfillment of legal obligations (Art. 6 para. 1 lit. c DSGVO). In particular, the Federal Act on the Procedure and Protection in the Event of Information on Violations of the Law in Certain Areas of Law (Whistleblower Protection Act – HSchG) of Austria must be fulfilled.
Beyond the scope of application of the aforementioned HSchG, the processing of your personal data takes place insofar as this is necessary to protect the legitimate interests of the company or a third party (Art. 6 para. 1 lit. f DSGVO). We have a legitimate interest in processing the personal data for the prevention and detection of violations within the company, to check the legality of internal processes and to maintain the integrity of the company.
If you voluntarily disclose special categories of personal data to us, we process them on the basis of your express consent (Art. 9 (2) a DSGVO). You have the right to revoke your declaration of consent at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation. In addition, we use your personal data in pseudonymized form for statistical purposes (various evaluations, reporting) and for quality control (Art. 6 para. 1 lit. f DSGVO).
VACE Systemtechnik GmbH, Lunzerstraße 64 | BG 63, A-4030 Linz, Austria is our business consultant specializing in compliance and processes the submitted reports in terms of content. A transfer of your personal data to the extent described above occurs for the technical implementation to EQS – which is the manufacturer and operator of the Integrityline software.
We store personal data only as long as it is necessary for the processing of your notice or we have a legitimate interest in storing your personal data – legal retention obligations also come into question. Subsequently, all personal data will be deleted or anonymized. The storage period depends on the individual case, since, for example, statutes of limitations vary widely.
Finally, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, workplace or the place of the alleged infringement, if you believe that the processing of personal data concerning you violates the GDPR. In Austria, this is the Austrian Data Protection Authority, Barichgasse 40-42, 1030 Vienna, +43 1 52 152-0, email@example.com
The following apply to residents of the state of California and all those protected by the California Consumer Privacy Act (“CCPA”) and its associated regulations:
If you have any questions or want to know which personal data we have about you, please contact us. Please make sure to always clearly state who you are so that we can be certain that we do not modify or delete any data of the wrong person. We will provide the requested information only on receipt of a verifiable consumer request. You can contact us by using the information below. You have the following rights:
Selling and disclosure of personal data to third parties
We have not sold any consumers’ personal data in the preceding 12 months. We have disclosed the following categories of information for a business purpose in the preceding 12 months:
Exercising Access, Data Portability, and Deletion Rights
To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us by either:
Only you or a person registered with the California Secretary of State that you authorize to act on your behalf may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child. You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:
We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. Making a verifiable consumer request does not require you to create any sort of account with us. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request. If you request that we delete your information or that we provide you with specific information, we may require additional verification of your identity.
Response Timing and Format
Within 10 business days of your request, we will confirm receipt of your request and provide you with information about how we will process your request, including our verification process and when you can expect a complete response to your request. In any case, we will attempt to respond to a verifiable consumer request within 45 calendar days of receipt. If we require more time (up to 90 calendar days), we will inform you of the reason and extension period in writing. We will deliver our written response by mail or electronically, at your option. Any disclosures we provide will only cover the 12-month period preceding the date of the request. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance. We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
Contact details – United States
Valiant TMS 6555 Hawthorne Drive N8T 3G6 Windsor Canada