MARK ROBERTS MOTION CONTROL PRIVACY NOTICE

In this privacy notice we explain how we collect and use your personal data. This privacy notice applies to all personal data we process about you when you order, purchase or use our products and services, visit our websites, use our customer support or otherwise interact with Mark Roberts Motion Control.

Mark Roberts Motion Control respects privacy and acknowledges that processing personal data in a lawful and proper manner is an important social responsibility and declares that it will strive to protect personal data. This privacy notice is part of Nikon’s Group Privacy Protection Statement and applies to all personal data that we process concerning our prospective, current and former customers and suppliers, and your usage of our products and services, our website at https://www.mrmoco.com/or otherwise doing business with MRMC (hereafter “you”). In this privacy notice, we explain what personal data we collect and how we use this data. Therefore, we encourage you to read this notice carefully.

Contents

  1. Who we are
  2. What personal data we collect and what we do with your data
  3. How we collect your data
  4. Information sharing
  5. Security measures and data retention
  6. International transfers of personal data
  7. Your rights
  8. How we look after this policy
  9. Contact details for your privacy inquiries

1. Who we are
We are Mark Roberts Motion Control Ltd, Unit 3, South East Studios, Eastbourne Road, Blindley Heath, Surrey, RH7 6JP, United Kingdom, moc.ocomrm@rellortnocatad, +441342838000. We are part of the Nikon Group. Together with Nikon Corporation, Shinagawa Intercity Tower C, 2-15-3, Konan, Minato-ku, Tokyo, 108-6290, Japan, we are responsible for the collection and use of your personal data described in this privacy notice. References to “Mark Roberts Motion Control”, “MRMC”, “we” and “our” throughout this notice, depending on the context, collectively refer to the aforementioned legal entities.

We have determined our respective responsibilities for compliance with the obligations under applicable privacy legislation for processing your personal data in relation to our global processing activities by means of an arrangement between us. In summary, we have arranged that if you want to exercise your rights, such as your right to access, correct, erase, restrict, object or port personal data or to withdraw your consent, or if you have any questions about the processing of your personal data, you can contact MRMC in accordance with Section 9. Contact details for your privacy inquiries. MRMC and Nikon Corporation will assist each other where necessary to ensure that you can exercise your rights and your questions will be handled.

2. What personal data we collect and what we do with your data
We have outlined our data processing operations and the purposes for which we process your personal data in the “Overview of MRMC processing activities” in the Annex below. In summary, we use various systems to deliver products and services to you. For example, MRMC provides Robotic Imaging Solutions, Development, Rental Services, Training and Customer Services.

Legal basis
MRMC processes your personal data to provide our products and services to you, to comply with legal obligations we are subject to or if it is necessary for our legitimate interests or the interests of a third party or on the basis of consent.

When we process your personal data for our legitimate interests or the interests of a third party, we will take reasonable measures to prevent unwarranted harm to you. Our legitimate interests are for example, our interest of improving our product and services delivery by storing contact details, reducing our costs, improving our newsletters and websites by analysing which parts of our communications are most relevant for you. Or for securing our services and facilities, such as for the purposes mentioned in the Annex. More information on the balancing tests we perform is available upon request. Where we process your personal data for our legitimate interests or the interests of a third party, you have the right to object at any time on grounds relating to your particular situation (please see Section 7. Your rights below).

You may withdraw your consent at any time by following the specific instructions in relation to the processing for which you provided your consent, by adjusting your setting (if available) or by reaching us through the contact details in Section 9. Contact details for your privacy inquiries below.

Where we process your personal data for a purpose other than that for which we collected it initially (and we rely on a legal basis other than consent or complying with legal obligations for this new purpose), we will ascertain whether processing for this new purpose is compatible with the purpose for which the personal data was initially collected. More information on this assessment is available upon request (please see Section 7. Your rights below).

3. How we collect your data
Most of the personal data we process is information that you knowingly provide to us directly or through third parties. However, in some instances, we process personal data that we are able to infer about you based on other information you provide to us or on our interactions with you, or personal data about you that we receive from a group company or a third party with your knowledge (please see Section 4. Information sharing and the Annex below).

If you refuse to provide personal data that we require for the performance of a contract or compliance with a legal obligation, we may not be able to provide all or parts of the services you have requested from us.

4. Information sharing
MRMC will process some of your personal data locally. However, as a global organisation, many of our business activities can also be carried out (and business efficiencies achieved) by processing or consolidating information about you in specific or centralised databases and systems located at specific secured facilities worldwide. As a result, your information may be shared with other entities within the Nikon Group. However, each Nikon Group company and those other systems and databases will only collect, receive, use, share or otherwise process such personal data in accordance with applicable laws, this privacy notice and our Nikon’s Group Privacy Protection Statement. Moreover, internally we maintain a strict access policy with regard to the processing of personal data. Only a limited group of authorised MRMC and Nikon staff on a need to know basis will have access to your personal data.

As a rule, we do not share your personal data with anyone outside the Nikon Group. However, we may share your personal data with trusted third parties that perform business functions or provide services to us. All such third parties will be required to adequately safeguard your personal data, subject to agreements that correspond to the requirements of applicable laws. Your personal data may also be shared for investigations (e.g. disclosure to prevent crime or fraud, or to comply with a court order or legislation).

5. Security measures and data retention
MRMC will secure your personal data in accordance with our IT and security policies so that personal data is protected against unauthorised use, unauthorised access and wrongful modifications, loss or destruction. Your personal data will be stored no longer than is necessary for the purpose it was obtained, including compliance with legal and fiscal obligations and for solving any disputes. We have outlined the specific data retention periods in the “Overview of MRMC processing activities” in the Annex below.

6. International transfers of personal data
Given the global nature of our company, your personal data may be transferred to Nikon entities and trusted third parties in countries outside the European Economic Area whose laws may not afford the same level of protection of your personal data. Where necessary, MRMC will ensure that adequate safeguards are in place to comply with the requirements for the international transfer of personal data under applicable privacy laws. For transfers of personal data outside the European Economic Area, MRMC will use Commission approved mechanisms, such as the Privacy Shield certification, and Standard Contractual Clauses as safeguards, such as the “(EU-)controller to (Non-EU/EEA-) controller” Decision 2004/915//EC (see Article 46 GDPR). If you wish to receive a copy of these safeguards, please contact us through the contact details in Section 9. Contact details for your privacy inquiries below.

7. Your rights
You can contact us (please see Section 9. Contact details for your privacy inquiries below) to exercise any of the rights you are granted under applicable data protection laws, which includes (1) the right to access your data, (2) to rectify them, (3) to erase them, (4) to restrict the processing of your data, (5) the right to receiving a file of your personal data and (6) or the right to object to the processing, and where we have asked for your consent, to withdraw this consent. These rights will be limited in some situations. We will, for example, deny your request for access when necessary to protect the rights and freedoms of other individuals or refuse to delete your personal data in case the processing of such data is necessary for compliance with legal obligations. The right to data portability, for example, does not apply in cases where the personal data was not provided by you or if we process the data not on the basis of your consent or for the performance of a contract.

When you would like to exercise your rights, please send your request to the contact details in Section 9. Contact details for your privacy inquiries below. Please note that we may need you to provide additional information to confirm your identity. You also have the right to lodge a complaint with the Information Commissioner’s Office.

You can also contact us if you have any questions, remarks or complaints in relation to this privacy notice.

7.1. Right to access
You may ask us whether or not we process any of your personal data and, if so, receive access to that data in the form of a copy. When complying with an access request, we will also provide you with additional information, such as the purposes of the processing, the categories of personal data concerned as well as any other information necessary for you to exercise the essence of this right.

7.2. Right to rectification
You have the right to have your data rectified in case of inaccuracy or incompleteness. Upon request, we will correct inaccurate personal data about you and, taking into account the purposes of the processing, complete incomplete personal data, which may include the provision of a supplementary statement.

7.3. Right to erasure
You also have the right to have your personal data erased, which means the deletion of your data by us and, where possible, any other controller to whom your data has previously been made public by us. Erasure of your personal data only takes place in certain cases, prescribed by law and listed under article 17 of the General Data Protection Regulation (GDPR). This includes situations where your personal data is no longer necessary in relation to the initial purposes for which it was processed as well as situations where it was processed unlawfully. Due to the way we maintain certain services, it may take some time before backup copies are erased.

7.4. Right to restriction of processing
You have the right to obtain the restriction of the processing of your personal data, which means that we suspend the processing of your data for a certain period of time. Circumstances which may give rise to this right include situations where the accuracy of your personal data was contested but some time is needed for us to verify their (in)accuracy. This right does not prevent us from continuing to store your personal data. We will inform you before the restriction is lifted.

7.5. Right to receive your file (data portability)
Your right to data portability entails that you may request us to provide you with your personal data in a structured, commonly used and machine-readable format and to have such data transmitted directly to another controller, where technically feasible. Upon request, and where this is technically feasible, we will transmit your personal data directly to the other controller.

7.6. Right to object
You also have the right to object to the processing of your personal data, which means you may request us to no longer process your personal data. This only applies in case the ‘legitimate interests’ ground (including profiling) constitutes the legal basis for processing (see para. ‘Legal basis’ above).
At any time and free of charge you can object to direct marketing purposes in case your personal data is processed for such purposes, which includes profiling purposes to the extent that it is related to such direct marketing. In case you exercise this right, we will no longer process your personal data for such purposes.

8. How we look after this policy
We have most recently updated this notice on 2 April 2019 and it replaces earlier versions. We will update this privacy notice from time to time and notify you of any substantive changes.

9. Contact details for your privacy inquiries

Mark Roberts Motion Control Ltd, Establishment Division
Unit 3, South East Studios, Eastbourne Road, Blindley Heath, Surrey, RH7 6JP, United Kingdom

Email: moc.ocomrm@rellortnocatad
Customer Service phone number: 01342838000

OVERVIEW OF MARK ROBERTS MOTION CONTROL PROCESSING ACTIVITIES

Processing operation Categories of personal data Special categories of pers data Purposes Recipients Retention period Further explanation and source of personal data (if applicable)
Personnel Administration Full Address, Email, Name, Phone number, Photo, CV, Salary Details, Holidays and Overtime, Termination Agreements, Emergency contacts, References, Performance Appraisals, Qualification Certificates, Health questionnaire, ER Records Yes, Health and Medical Contract Execution, Personnel Administration, Business Operations, Compliance with law MRMC A variety of required retention periods for each type of data. We will keep your data for as long as it is necessary for the company operations and within lawful retention periods. For example, data relating or your pay is typically kept for the duration of contract + 6 years. Data subject
Payment Administration Name, Bank Account Details, National Insurance Number No Payment of Salary, provision of company credit card MRMC, Bank We will keep your data for as long as it is necessary for the company operations and within lawful retention periods. Bank will keep the data as per their regulations. Data subject
Pension Administration Full name, Address, E-mail Address, Salary Details No Pension Administration, Compliance with Law MRMC, Smart Pension and any other Pension provider appointed by an employee We will keep your data for as long as it is necessary for the company operations and within lawful retention periods. Pension Provider will keep the data as per their regulations. Data Subjects
Telephone System Provision Name, Phone Number No Enabling speed dial and communication MRMC, Southern Communications We will keep your data for as long as it is necessary for the company operations and within lawful retention periods. For example, mobile numbers will be deleted upon end of employment or working relationship with MRMC. Internal
Benefits Administration: Eye Test Exams, Flu Jab providers Full Name, E-mail Address No Benefit Administration MRMC, Specsavers, Boots We will keep your data for as long as it is necessary for the administration of the benefit. Benefit providers will keep the data as per their regulations. Data Subjects
Visa Sponsorship Tier 2 General Full Address, Name, Salary Details, Job Description, Number of working hours, Passport Details, Work Permit Details No Compliance with law, Contract execution, Issuing Certificate of Sponsorship. MRMC, UK Visas and Immigration Contract Duration + 1 year. Legal Requirement Data subject
Company Audit, Government Research and Annual Statistics Requests Name, Financial Information, Employment Details No Compliance with law MRMC, Contracted Auditing Company, Government Office of Statistics Contract Duration only Data Subject, Internal
Legal Counsel Limited data, subject to requirements of the advice NoObtaining Legal advice Various Legal Firms We will keep your data for as long as it is necessary for the company operations and within lawful retention periods. Law firms will keep their data as per their regulations. Internal
Staff Training Full Address, Name, Email, Phone number, Any Data Relevant to the Training as per provider requirement NoAdministration: Provide Training, To enable training provider to confirm the training, to conduct training and issue training certificates MRMC, Various Training Bodies We will keep your data for as long as it is necessary for the company operations and within lawful retention periods. Retention Periods could depend on type of training attened and it is purpose. For example, if training was conducted to achieve a certain skill level and therefore was also part of Performance Appraisal process, the record will be kept for the duration of contract + 6 years. Data subject
Company Entertainment Providers: Xmas party etc Full Name, Dietary requirements No Organisation of Company Entertainment MRMC, Various Entertainment Bodies We will keep the data for the duration of the event. Following the event, each provider is asked to delete data record. Internal
Customer Service – Business Operation Name, Job Role, E-mail, Phone Number No Installation and service of equipment on client siteMRMC, Various clients as per job number (Project Number) Warranty Period and Product Life Period Data Subject
E-mail System Name,Job Role E-mail Address No Business Communication MRMC We will keep your data for as long as it is necessary for the company operations and within lawful retention periods. The retention period could be longer (up to 6 months), if email account user held a Senior Role within the company. Data subject
Odoo Email, Name, Position, Photo No Odoo System Administration, Maintenance and Development MRMC We will keep your data for as long as it is necessary for the company operations and within lawful retention periods. Retention period creteria could be: the length of service and therefore the number of associated transactions on the system. Data subject
LMS System (Nikon E- learning) Email, NameNo Provision of On-line Training (MRMC and Nikon) MRMC, Bright Alley (LMS System Provider) Contract duration. Internal
Intruder Alarm - Keyholders Building Access Control Name, Email, Phone number No Access to the building, Emergency situation, Security Systems Out of hours. MRMC, Intruder Alarm Company (Churchills) We will keep your data for as long as it is necessary for the company operations and within lawful retention periods. For example, we normally deactive building control access on the date of employee leaving. Data subject
IT Assets Administration Name, IP Adress, Email, Company IT Hardware Information No IT Asset Administration MRMC We will keep your data for as long as it is necessary for the company operations and within lawful retention periods. Retention period will in most cases be the time period it takes to reasign or retire the IT Asset. Internal
2 Factor Authentication to MRMC Services available for access from outside MRMC network Name, Phone Number No Enable staff secure access to MRMC services outside of MRMC premises MRMC We will keep your data for as long as it is necessary for the company operations and within lawful retention periods. Retention period will, in most cases, be the contract duration. Data Subject
Mobile Phone Administration Name, Phone number: Mobile Phone Information No Mobile Phone Administration MRMC, O2, Giff Gaff, Lebara We will keep your data for as long as it is necessary for the company operations and within lawful retention periods. Retention period will in most cases be the time period it takes to reasign or retire a Mobile Phone. Internal
Source Control, Jira, CURRANT, Various Recruitment Websites, Various Software Development Tools Email, Name, Username No Business Operation. Employees register with variety of Software Platforms, including Web-based Platforms for work purposes Administration, Compliance with law, Monitoring Costs, delivery/collection of vehicles, and fleet associated documentation MRMC We will keep your data for as long as it is necessary for the company operations and within lawful retention periods. For example, we would normally deactive access to the relevant tools on date of employee leaving. Internal
Company Car Administration Name, Phone Number, Usage Logs, Vehicle registration, Driving License Number, License Endorsements Record, DVLA notifyable medical data No Administration, Compliance with law, Monitoring Costs, delivery/collection of vehicles, and fleet associated documentation MRMC Contract Duration Data Subject
Access Administration & MRMC ID Name, Photo No Administration, Building Access, MRMC ID creation, Fire & Security MRMC Contract Duration Data Subject
Accident Management Full Address, Email, Name, Phone number: Health and Medical Administration, Compliance with law, Inform Health Authority on Reportable Activities MRMC We will keep your data for as long as it is necessary for the company operations and within lawful retention periods. The retention could be determined by the type of accident, however minor accidents records are kept for 3 years and it is a legal requirement. Data Subject, From third parties: if an accident occurs, Medical Data will be provided to us by NHS
Business Travel Administration Full Name, Phone Number, Passport Details, Visa Details, E-mail, Phone Number No Enable staff to travel for Business MRMC, Hotels and AirTravel Companies, Visa Issuing authorities Duration of Travel Data Subject
CCTV Video and Image recording NoBuilding and Premises Security MRMC Data is kept no longer than it is necessary for company operations. Retention periods can increase if there is evidence of high risk environment, for example, recent burglaries in the area. Internal
GET IN TOUCH