- WHICH INFORMATION MAY WE COLLECT?
Summary: we collect Personal Data about you from your transactions with us, like using our websites, visiting our facilities, calling our call center, making a purchase or entering an agreement with us.
One type of Data is non-identifiable and anonymous information ("non-personal data"). We also collect several categories of personal data ("Personal Data"). Personal Data we collect consists of any personal data provided by you, or by an organization you represent or are associated with or through your use of the Websites, or in preparing and executing a contract with Palram, or when you visit Palram facilities or otherwise engage with Palram. This may include your first and last names, email address, phone numbers, picture, postal address, birthdate, gender, position and organization name, your or your organization’s bank account, credit card and other such payment and billing details, billing address, login credentials, your Palram account username and password and usage details, and other information you may choose to provide to Palram.
Additionally, we may obtain location data related to the geographic location of your laptop, mobile device or other digital device on which the Websites are used.
Palram may also collect the email addresses of people who communicate with Palram via email or via messenger services or other social media platforms or create accounts and login credentials. Palram may also collect information of people who call our call center, including information that enables us to identify the caller and follow-up on the call, as well as any information that is provided in the course of the call, including a voice recording of the call.
By registering on the Websites, or submitting requests for support or information via the Websites, Palram will collect details, including also your name, company name, phone number and personal or company email you provided, address, birthdate and other such information. Palram may use this information to offer Palram’s services and support, and will share this data across Palram group companies and affiliates to optimize its services.
You do not have any legal obligation to provide any information to Palram, however, we require certain information in order to perform contracts, such as sale or purchase. or to provide any services and products. If you choose not to provide us with certain information, we may not be able to provide you with some or all of the services or fulfil your order for products.
You may create a Palram account on certain Palram websites. In some cases you may be able to access Palram services through login credentials of a designated third party website or service (each a “Third Party Account”), including but not limited to Google, LinkedIn, Facebook or Twitter. Doing so will enable you to link your Palram account and your Third Party Account. If you choose this option, then you will be required to approve the connection as well as the provision of information (which may include Personal Information, such as your profile picture, gender, birthdate, headline, summary, friends’ lists, previous positions and organizations), that we may obtain from your Third Party Account. Any data submitted to any Third Party Account, even on and through Palram services, is managed directly by such third party and is not the responsibility of Palram.
Additional third party services may be accessed through our Websites. Palram is not responsible for any personal data or other data submitted to, or otherwise processed through, such third party services. For example, where a credit card purchase is made on our Websites, customers may be redirected to a third party service provider to submit payment, and all aspects of that service and payment, including also any personal data submitted in connection with that service, are within the responsibility of the third party service provider, and not of Palram.
We collect contact and related data about potential customers via our Websites, at events, through social media (such as Facebook and LinkedIn), when it is given for that purpose to our professionals, and through other such sources. This data is used to market our products and keep our followers up to date on Palram. We store this data with third party providers of marketing data processing (for example, Hubspot), including in the USA and elsewhere.
Palram also collects Personal Data through the use of CCTV cameras and employee’ site access cards. This may consist of video images of you in the public spaces at Palram sites, as well as records of your entrances and exits of the Palram sites, buildings and office floors. It may also include identity verification systems and data. Palram may not be aware of the nature of the information collected through our services (for example, through our CCTV systems), and such information may include sensitive or special categories of Personal Data, but we do not knowingly collect such data about our Customers, members, site visitors etc.
Palram also collects data relating to employment candidates. This includes CVs and the data contained therein, notes on meetings, standardized tests, reports, references, interviewer impressions and such industry standard data, as well as collecting data made publicly available or available to us on social networks. We collect such data based on the intention of the candidate to enter into an employment agreement with Palram. Palram also collects data relating to employees. This is governed by a specific notice we have made available to our employees.
- HOW DO WE COLLECT PERSONAL DATA OF YOURS ON PALRAM FACILITIES AND SERVICES?
Summary: We collect Personal Data through your use of our Websites, through data you or others provide when you prepare and enter a contract with us, or otherwise engage with us, or contact us.
In other words, when you are using the Websites, we are aware of it and may gather, collect and record the information relating to such usage, either independently or through the help of third-party services as detailed below. This may include technical information and behavioral information such as the User’s Internet protocol (IP) address used to connect your computer to the Internet, your uniform resource locators (URL), operating system, type of browser, browser plug-in types and versions, screen resolution, Flash version, time zone setting, the User’s ‘clickstream’ on the website, the period of time the User visited the website, methods used to browse away from a page, and any phone number used to call our customer service number. We likewise may place cookies on your browsing devices (see section 'Cookies' below).
We collect Personal Data required to provide services when you register interest, make an order and/or open an account. In addition, we collect your Personal Data, when you provide us such information by entering it manually or automatically, or through your use of our Websites, facilities, services and applications, or in connection with site visits, in the course of preparing a contract, or otherwise in engaging with us. We also collect Personal Data through our CCTV recordings, our call center facilities, and through our card reader and visitor registration systems, which automatically collect information about your presence in the Palram facilities.
- WHAT ARE THE PURPOSES OF PERSONAL DATA WE COLLECT?
Summary: We use Personal Data for a range of lawful purposes, such as: staying in touch, improving our services, meeting our obligations, providing support.
We will use Personal Data to provide and improve our services and products and meet our contractual, ethical, and legal obligations, including, for example:
- to enable us to meet our legal, contractual, ethical and business obligations as an employer and a potential employer for our employees and job applicants;
- carrying out our obligations arising from any contracts entered into between you or your employer or organization and Palram and/or any contracts entered into with Palram and to provide you with the information, products and services that you request from Palram;
- administering your account with Palram including to identify and authenticate you;
- verifying and carry out financial transactions in relation to payments you make in connection with the products;
- notifying you about changes to our service and products;
- contacting you for the purpose of providing you with technical assistance and other related information about the products;
- replying to your queries, troubleshooting problems, detecting and protecting against error, fraud or other criminal activity;
- contacting you to give you commercial and marketing information about events or promotions or additional services and products offered by Palram, including in other locations;
- soliciting feedback in connection with your use of the services and the products purchased;
- tracking use of Palram facilities and services to enable us to optimize them;
- contacting you to inform you of additional services and products which may be of interest to you;
- compliance and audit purposes, such as meeting our reporting obligations in our various jurisdictions, and for crime prevention and prosecution in so far as it relates to our staff, customers, facilities etc;
- if necessary, we will use Personal Data to enforce our terms, policies and legal agreements, to comply with court orders and warrants and assist law enforcement agencies as required by law, to collect debts, to prevent fraud, infringements, identity thefts and any other service misuse, and to take any action in any legal dispute and proceeding;
- for security purposes and to identify and authenticate your access to the parts of the facilities.
- SHARING DATA WITH THIRD PARTIES
Summary: We share data within the Palram group, and with our vendors and service providers.
We may transfer Personal Data to:
Members of our Group: This includes any member of our group, which means our subsidiaries - whether wholly or partially owned by Palram, in the EU, in Israel, in the US and elsewhere.
Third Parties. We transfer Personal Data to third parties in a variety of circumstances. We endeavor to ensure that these third parties use your information only to the extent necessary to perform their functions, that they provide the same level of protection of your rights as we do, and to have a contract in place with them to govern their processing on our behalf. These third parties may include business partners, suppliers, affiliates, agents and/or sub-contractors for the performance of any contract we enter into with you. They may assist us in providing the products we offer, processing transactions, fulfilling requests for information, receiving and sending communications, analyzing data, providing IT and other support services or in other tasks, from time to time. These third parties may also include analytics and search engine providers that assist us in the improvement and optimization of our website, our application, and our marketing.
We periodically add and remove third party providers. At present our third party providers to whom we may transfer Personal Data include also the following: Websites analytics; computing providers; customer ticketing and support; on-site and cloud based database services; vendor and customer interface; payroll and pension management systems and providers; HR management software; time and attendance software; CRM software; ERP software; visitors registration system; project management software; web VC and meeting room platforms; call center systems; recruiting and applicant management software and partners; backup providers; CCTV, physical and cyber security system providers; IT service and support providers; distributors, shipping and logistics companies; our lawyers, accountants; and other standard business services.
In addition, we may disclose your Personal Data to third parties: if some or all of our companies or assets are acquired by a third party including by way of a merger, share acquisition, asset purchase or any similar transaction, in which case Personal Data may be one of the transferred assets. Likewise, we may transfer Personal Data to third parties if we are under a duty to disclose or share your Personal Data in order to comply with any legal or audit or compliance obligation, in the course of any legal or regulatory proceeding or investigation, or in order to enforce or apply our terms and other agreements with you or with a third party; or to assert or protect the rights, property, or safety of Palram, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction and to prevent cybercrime.
For avoidance of doubt, Palram may transfer and disclose non-personal data to third parties at its own discretion.
- WHERE DO WE STORE YOUR DATA?
Summary: we store your data securely at Palram locations or through service providers.
We may keep Personal Data in servers and systems owned or controlled by the Palram in our various sites, or processed by third parties on behalf of Palram, by reputable cloud-service providers and other such service providers. Including in any and all Palram group locations, such as USA, Israel, UK, EU, and many more. Data is also stored in our onsite and offsite backups.
- INTERNATIONAL DATA TRANSFERS
Summary: Personal Data may be transferred between Palram locations and others, and where applicable the necessary safeguards will be implemented.
Personal Data may be transferred to, and stored and used at, a destination outside the EU that may not be subject to equivalent data protection laws to those of the EU. Where your Data is transferred outside of the EU, we will take all steps reasonably necessary to ensure that your Data is subject to appropriate safeguards, and that it is treated securely and in substantive accordance with this Privacy Policy. Palram transfers data from its various locations and jurisdictions to other jurisdictions as follows:
- To Israel. Palram headquarters are based in Israel. Israel is considered by the European Commission to offer an adequate level of protection for the personal information of EU Member State residents; we may transfer data to other countries with an adequacy ruling, too; and
- To the United States of America and additional non-EU locations. Transfer to the US and elsewhere is done subject to Standard Contractual Clauses, or some other mechanism valid under GDPR; and
- Within the EU.
We may transfer your Personal Data outside of the EEA, in order to:
- Store or backup the information;
- Enable us to provide you with the services and products and fulfil our contract with you;
- Fulfill any legal, audit, ethical or compliance obligations which require us to make that transfer;
- Facilitate the operation of our group businesses, where it is in our legitimate interests and we have concluded these are not overridden by your rights;
- To serve our customers across multiple jurisdictions; and
- To operate our parent company, subsidiaries and affiliates in an efficient and optimal manner.
- DATA RETENTION
Summary: we endeavor not to retain Personal Data once it no longer serves the purposes for which we collected it.
Palram will retain Personal Data it processes only for as long as required in our view, to provide the services and as necessary to comply with our legal and other obligations, to resolve disputes and to enforce agreements, and generally to meet the purposes for which it was collected. We will also retain Personal Data to meet any audit, compliance and business best-practices. The retention period will vary based on the form and purpose of the data, and the jurisdictions involved.
Data that is no longer retained may be anonymized or deleted. Likewise, some metadata and statistical information concerning the use of our services are not subject to the deletion procedures in this policy and may be retained by Palram. We will not be able to identify you from this data. Some data may also be retained on our third-party service providers’ servers until deleted in accordance with their privacy policy and their retention policy. Even when we delete data, some Personal Data may remain in our backups and various systems until they are cycled out or until it is feasible to remove that data.
- WEBSITE AND APPLICATION DATA COLLECTION AND COOKIES
Summary: our websites place and track cookies, and collect some data, such as IP addresses. You can control this and stop it through your web browser.
Details of the cookies being used on our site are available on the cookie management tool on our site. Those details will be updated from time to time.
Most browsers will allow you to erase cookies from your computer’s hard drive, block acceptance of cookies, or receive a warning before a cookie is stored. However, if you block or erase cookies your online experience on our website(s) will be limited.
How to disable cookies: the effect of disabling cookies depends on which cookies you disable but, in general, the website and some services delivered through it may not operate properly, may not recognize your device, may not remember your preferences and so on, if cookies are disabled or removed. However, allowing or disabling cookies is your choice and in your control. If you want to disable cookies on our site, you can do so by clicking ‘reject all’ in the cookie management tool on our site, or by rejecting the cookies by category. You will need to do this for each browser and device. Alternatively, you can change your browser settings to reject cookies. How you can do this will depend on the browser you use. Further details on how to disable cookies can be found here:
Our websites may, from time to time, contain links to external sites. We are not responsible for the operation, privacy policies, and practices or the content of such sites.