MARK ROBERTS MOTION CONTROL PRIVACY NOTICE

In this privacy notice we explain how we collect and use your personal data. This privacy notice applies to all personal data we process about you when you order, purchase or use our products and services, visit our websites, use our customer support or otherwise interact with Mark Roberts Motion Control.

Mark Roberts Motion Control respects privacy and acknowledges that processing personal data in a lawful and proper manner is an important social responsibility and declares that it will strive to protect personal data. This privacy notice is part of Nikon’s Group Privacy Protection Statement and applies to all personal data that we process concerning our prospective, current and former customers and suppliers, and your usage of our products and services, our website at https://www.mrmoco.com/or otherwise doing business with MRMC (hereafter “you”). In this privacy notice, we explain what personal data we collect and how we use this data. Therefore, we encourage you to read this notice carefully.

Contents

  1. Who we are
  2. What personal data we collect and what we do with your data
  3. How we collect your data
  4. Information sharing
  5. Security measures and data retention
  6. International transfers of personal data
  7. Your rights
  8. How we look after this policy
  9. Contact details for your privacy inquiries

1. Who we are
We are Mark Roberts Motion Control Ltd, Unit 3, South East Studios, Eastbourne Road, Blindley Heath, Surrey, RH7 6JP, United Kingdom, moc.ocomrm@rellortnocatad, +441342838000. We are part of the Nikon Group. Together with Nikon Corporation, Shinagawa Intercity Tower C, 2-15-3, Konan, Minato-ku, Tokyo, 108-6290, Japan, we are responsible for the collection and use of your personal data described in this privacy notice. References to “Mark Roberts Motion Control”, “MRMC”, “we” and “our” throughout this notice, depending on the context, collectively refer to the aforementioned legal entities.

We have determined our respective responsibilities for compliance with the obligations under applicable privacy legislation for processing your personal data in relation to our global processing activities by means of an arrangement between us. In summary, we have arranged that if you want to exercise your rights, such as your right to access, correct, erase, restrict, object or port personal data or to withdraw your consent, or if you have any questions about the processing of your personal data, you can contact MRMC in accordance with Section 9. Contact details for your privacy inquiries. MRMC and Nikon Corporation will assist each other where necessary to ensure that you can exercise your rights and your questions will be handled.

2. What personal data we collect and what we do with your data
We have outlined our data processing operations and the purposes for which we process your personal data in the “Overview of MRMC processing activities” in the Annex below. In summary, we use various systems to deliver products and services to you. For example, MRMC provides Robotic Imaging Solutions, Development, Rental Services, Training and Customer Services.

Legal basis
MRMC processes your personal data to provide our products and services to you, to comply with legal obligations we are subject to or if it is necessary for our legitimate interests or the interests of a third party or on the basis of consent.

When we process your personal data for our legitimate interests or the interests of a third party, we will take reasonable measures to prevent unwarranted harm to you. Our legitimate interests are for example, our interest of improving our product and services delivery by storing contact details, reducing our costs, improving our newsletters and websites by analysing which parts of our communications are most relevant for you. Or for securing our services and facilities, such as for the purposes mentioned in the Annex. More information on the balancing tests we perform is available upon request. Where we process your personal data for our legitimate interests or the interests of a third party, you have the right to object at any time on grounds relating to your particular situation (please see Section 7. Your rights below).

You may withdraw your consent at any time by following the specific instructions in relation to the processing for which you provided your consent, by adjusting your setting (if available) or by reaching us through the contact details in Section 9. Contact details for your privacy inquiries below.

Where we process your personal data for a purpose other than that for which we collected it initially (and we rely on a legal basis other than consent or complying with legal obligations for this new purpose), we will ascertain whether processing for this new purpose is compatible with the purpose for which the personal data was initially collected. More information on this assessment is available upon request (please see Section 7. Your rights below).

3. How we collect your data
Most of the personal data we process is information that you knowingly provide to us directly or through third parties. However, in some instances, we process personal data that we are able to infer about you based on other information you provide to us or on our interactions with you, or personal data about you that we receive from a group company or a third party with your knowledge (please see Section 4. Information sharing and the Annex below).

If you refuse to provide personal data that we require for the performance of a contract or compliance with a legal obligation, we may not be able to provide all or parts of the services you have requested from us.

4. Information sharing
MRMC will process some of your personal data locally. However, as a global organisation, many of our business activities can also be carried out (and business efficiencies achieved) by processing or consolidating information about you in specific or centralised databases and systems located at specific secured facilities worldwide. As a result, your information may be shared with other entities within the Nikon Group. However, each Nikon Group company and those other systems and databases will only collect, receive, use, share or otherwise process such personal data in accordance with applicable laws, this privacy notice and our Nikon’s Group Privacy Protection Statement. Moreover, internally we maintain a strict access policy with regard to the processing of personal data. Only a limited group of authorised MRMC and Nikon staff on a need to know basis will have access to your personal data.

As a rule, we do not share your personal data with anyone outside the Nikon Group. However, we may share your personal data with trusted third parties that perform business functions or provide services to us. All such third parties will be required to adequately safeguard your personal data, subject to agreements that correspond to the requirements of applicable laws. Your personal data may also be shared for investigations (e.g. disclosure to prevent crime or fraud, or to comply with a court order or legislation).

5. Security measures and data retention
MRMC will secure your personal data in accordance with our IT and security policies so that personal data is protected against unauthorised use, unauthorised access and wrongful modifications, loss or destruction. Your personal data will be stored no longer than is necessary for the purpose it was obtained, including compliance with legal and fiscal obligations and for solving any disputes. We have outlined the specific data retention periods in the “Overview of MRMC processing activities” in the Annex below.

6. International transfers of personal data
Given the global nature of our company, your personal data may be transferred to Nikon entities and trusted third parties in countries outside the European Economic Area whose laws may not afford the same level of protection of your personal data. Where necessary, MRMC will ensure that adequate safeguards are in place to comply with the requirements for the international transfer of personal data under applicable privacy laws. For transfers of personal data outside the European Economic Area, MRMC will use Commission approved mechanisms, such as the Privacy Shield certification, and Standard Contractual Clauses as safeguards, such as the “(EU-)controller to (Non-EU/EEA-) controller” Decision 2004/915//EC (see Article 46 GDPR). If you wish to receive a copy of these safeguards, please contact us through the contact details in Section 9. Contact details for your privacy inquiries below.

7. Your rights
You can contact us (please see Section 9. Contact details for your privacy inquiries below) to exercise any of the rights you are granted under applicable data protection laws, which includes (1) the right to access your data, (2) to rectify them, (3) to erase them, (4) to restrict the processing of your data, (5) the right to receiving a file of your personal data and (6) or the right to object to the processing, and where we have asked for your consent, to withdraw this consent. These rights will be limited in some situations. We will, for example, deny your request for access when necessary to protect the rights and freedoms of other individuals or refuse to delete your personal data in case the processing of such data is necessary for compliance with legal obligations. The right to data portability, for example, does not apply in cases where the personal data was not provided by you or if we process the data not on the basis of your consent or for the performance of a contract.

When you would like to exercise your rights, please send your request to the contact details in Section 9. Contact details for your privacy inquiries below. Please note that we may need you to provide additional information to confirm your identity. You also have the right to lodge a complaint with the Information Commissioner’s Office.

You can also contact us if you have any questions, remarks or complaints in relation to this privacy notice.

7.1. Right to access
You may ask us whether or not we process any of your personal data and, if so, receive access to that data in the form of a copy. When complying with an access request, we will also provide you with additional information, such as the purposes of the processing, the categories of personal data concerned as well as any other information necessary for you to exercise the essence of this right.

7.2. Right to rectification
You have the right to have your data rectified in case of inaccuracy or incompleteness. Upon request, we will correct inaccurate personal data about you and, taking into account the purposes of the processing, complete incomplete personal data, which may include the provision of a supplementary statement.

7.3. Right to erasure
You also have the right to have your personal data erased, which means the deletion of your data by us and, where possible, any other controller to whom your data has previously been made public by us. Erasure of your personal data only takes place in certain cases, prescribed by law and listed under article 17 of the General Data Protection Regulation (GDPR). This includes situations where your personal data is no longer necessary in relation to the initial purposes for which it was processed as well as situations where it was processed unlawfully. Due to the way we maintain certain services, it may take some time before backup copies are erased.

7.4. Right to restriction of processing
You have the right to obtain the restriction of the processing of your personal data, which means that we suspend the processing of your data for a certain period of time. Circumstances which may give rise to this right include situations where the accuracy of your personal data was contested but some time is needed for us to verify their (in)accuracy. This right does not prevent us from continuing to store your personal data. We will inform you before the restriction is lifted.

7.5. Right to receive your file (data portability)
Your right to data portability entails that you may request us to provide you with your personal data in a structured, commonly used and machine-readable format and to have such data transmitted directly to another controller, where technically feasible. Upon request, and where this is technically feasible, we will transmit your personal data directly to the other controller.

7.6. Right to object
You also have the right to object to the processing of your personal data, which means you may request us to no longer process your personal data. This only applies in case the ‘legitimate interests’ ground (including profiling) constitutes the legal basis for processing (see para. ‘Legal basis’ above).
At any time and free of charge you can object to direct marketing purposes in case your personal data is processed for such purposes, which includes profiling purposes to the extent that it is related to such direct marketing. In case you exercise this right, we will no longer process your personal data for such purposes.

8. How we look after this policy
We have most recently updated this notice on 2 April 2019 and it replaces earlier versions. We will update this privacy notice from time to time and notify you of any substantive changes.

9. Contact details for your privacy inquiries

Mark Roberts Motion Control Ltd, Establishment Division
Unit 3, South East Studios, Eastbourne Road, Blindley Heath, Surrey, RH7 6JP, United Kingdom

Email: moc.ocomrm@rellortnocatad
Customer Service phone number: 01342838000

OVERVIEW OF MARK ROBERTS MOTION CONTROL PROCESSING ACTIVITIES

Processing operationCategories of personal dataSpecial categories of personal dataPurposesRecipientsRetention periodFurther explanation and source of personal data (if applicable)
Suppliers, Partners, Clients and Group Company Contacts Address, Country, Email, Name, Title Postal Code, Phone numberNo Business Operation and AdministrationAll staff (Personal Communication via email and post with Suppliers, Partners and Clients). Group Company Contacts supplied to Authorised Staff only Data is kept no longer than it is necessary for company operations. For example, criteria for determining data retention period could be: whether our business relationship is active or if there is an existing legal obligation for us to keep your detailsData subject, Third Party: Group Company Liaison Managers providing contact details to enable business operation
Car Hire/Taxi Address, Phone numberNoAdministration, Transfers provision for staff and visitorsReception, Taxi Hire Companies Not stored Data subject
CCTV Video recording No Administration, Building and Premises SecurityAuthorised staff with an accountData is kept no longer than it is necessary for company operations. Criteria for establishing retention period could be: level of security on site Internal Only
Visitors AdministrationName, Car RegistrationNo To Enable visitors’ access to the building, Safety ReceptionDuration of the Visitors BookData subject
Recruitment AdministrationFull Name, Address, Phone, CV, E-mail (Job Applicants)No HR Department RecruitmentData is only kept for as long as it is required and within recommended Retention Periods by CIPDData Subject
Web-Site Management and Marketing Browser History and DetailsNo Web-Site Management and User Experience, Customer ServiceMarketing DepartmentCookies retention period depend on their type. However, all cookies are kept within lawful retention periods. Criteria for cookie retention period could be a type of cookie or their purpose. For example, session cookies only exist while your browser is open Data Subject, Consent for Cookies is obtained
Marketing Database Contact name, Title, Work address, Phone number, Work or Personal email addressNo Marketing and Sales, Newsletters, Leads Generation and Contuinity Marketing and Sales Department Until recepient Opts Out Data Subjects, Enquiry Forms on the Web-Site, Third Party: Exhibition Lists supplied by Exhibition Organisers
Press and Media contacts database Contact name, Title, Work address, Phone number, Work or Personal email address No Marketing, Press Releases Marketing DepartmentUntil recepient Opts Out Data Subject
Social Networking:
LinkedIN Contacts Database,
Facebook, Google +, Vimeo, Twitter, You Tube
Account Name (Username) and other data made available by source. Linked IN (name, email, work history, phone)No Social Networking, Sharing news, videos, advertising, marketing, connecting to prospective clients and candidates on LInkedINRelevant Social Networks Platforms, Marketing Department has access. Linked IN access also is with HR DepartmentData is stored and managed by relevant Social Networking Platforms. MRMC only has data if connection request has been sent by or accepted by the data subject. This could be withdrawn at any time by Data Subject Data Subject, fully managed by relevant Social Networking Platform
Customer Service and Repair Administration Address, Country, Email, Name, Postal Code, Phone number, Customer's Product information (Serial No.)No Administration, Customer relationship, Delivery Services, Contract execution.Authorised staff, service repair point, MRMCWarranty Period and Product Life Period Data Subject Paperwork and emails received from customer with the repair or during the course of servicing or support
Business Accounts and ContractsPhone number, Address, Country, Email, Name, Postal Code, Phone number, Bank Account Numbers, Invoice Data No Business Relationships with Customers, Suppliers and Partners – Administration of Payments on Incoming and Outgoing InvoicesAuthorised staff with a Business Enterprise system loginData is kept no longer than it is necessary for the company operations. For example, criteria for determining data retention period could be: whether you have an account with us. In this case, we will keep your data while your account is active or for as long as needed to provide the services to youData Subject
Rental OperationsName and Email of a shooting event participantsNo Access to and Safety on Shooting LocationsRental DepartmentData is only kept for as necessary as it is required. In this case, it could be the duration of a shooting eventThird Party (Shooting Administrator)