SITECH Western Canada Solutions Ltd. Data Governance Statement
Lasted Updated 3rd October, 2022
This Data Governance Statement describes the practices of SITECH Western Canada Solutions Ltd. ("SITECH WC", "we", "us" or "our") for collecting, storing and using information about our customers ("Customers", "you" or "your"), including but not limited to: personal data, financial data and data relating to the Caterpillar, and non-Caterpillar machines, products, attachments and other assets operated by or on behalf of Customers ("Assets").
You should regularly review this Statement carefully to understand what information we collect and what we do with that information. By providing System Data, Operations Data, or Personal Information (each as defined below) (collectively, "Data") to us, you agree to the terms and conditions of this Data Governance Statement, including our collection, use and sharing of that information as set out in this Statement.
1. What Information We May Collect
We may collect the following information:
a) System data is information that is transmitted to us through digital platforms ("Platforms"), VisionLink, ProductLink, Trimble, CUBIQ and similar applications ("Applications") and through telematics (and similar devices) ("Devices") (we use the term "Digital Offerings" to refer collectively to all Applications and Devices that we use), which may include:
- Device and Asset Information, including model number, serial number, order number, software and hardware version numbers, performance, and configuration, including work tools or other peripheral devices attached to Assets.
- Electronic Data, including sensor logs, trends, histograms, event data, other alerts, digital state data, fault codes, idle time, daily and cumulative fuel consumption, emissions data, service meter hours, electronic data files downloaded manually or automatically from an Asset, troubleshooting data, and other data, depending on the Customer and Asset and communication channel used by a Device.
- Inspection Data, including results of inspections using a SITECH WC or third-party inspection system.
- Device Location Information, including the physical location of an Asset (e.g., determined using satellite, GPS, cell phone tower, Bluetooth or WiFi signals).
- Fluid Data, including analysis results of fluid samples (such as oil, hydraulic and coolant fluids) obtained using SITECH WC or third-party tools.
- Event Recorder Data, including location, speed, direction and associated video recordings, use of controls and positive train control information.
- Service and Maintenance History, including work orders (records of all maintenance, repair, parts purchases, replacement and modification to an Asset), component life (history of usage and wear life of a component), maintenance schedule, planned maintenance, warranty coverage data, maintenance and repair contracts, service intervals (scheduled interval for planned maintenance of component replacement activities for an Asset), component lists (lists of parts that make up an Asset) and service letters (describing special service actions recommended by manufacturers to correct a known problem with an Asset).
- Site and Environmental Conditions, including the type of work being done, condition of roads or tracks, altitude, climate and material tracking.
- Patterns of Use, including any user-defined information relating to a product you provide to us through a Digital Offering.
- Operations Data
b) Operations Data may include:
- Information contained in tenders, invoices, purchase orders, sales contracts, service contracts, e-forms and other transactional documentation generated as part of the business relationship between us.
- the Customer's name, address, industry, customer category, and the name, position, email address, and telephone number of the Customer's designated contact person.
- Work order data, including information about the Customer, Asset involved, problem identified, and repairs performed.
- Information relating to Customer parts and machine purchases, returns and replacements.
c) Payment Information
Payment Information may include your banking account details, debit card details, credit card details, credit card type (i.e. Visa, Mastercard, American Express), your billing address associated with the credit card, your shipping address and other information that is required to process the payment.
d) Personal Information
Personal Information is information that relates to an identified or identifiable individual, which may include but is not limited to:
- Name
- Postal address (including billing and shipping addresses)
- Telephone number
- Email address
- Identification information such as usernames and user IDs
- The employer or company with which an individual is associated and his or her role and title
- User Profile information
- Geo-location information
- Information about any computer or mobile device with which you access Applications
- Information about your use of the Applications
- Audio-visual data
- Physiological data, such as eye movement, facial expression and heart rate
Information collected by us may simultaneously constitute System Data, Personal Information, and Operations Data, or any combination thereof.
2.How We May Collect Information
We may collect information in a variety of ways. For example, we collect information that you provide to us, information that we collect through your use of our products or services, and information that we collect from publicly available sources or third parties.
a) Information You Provide to Us
We collect information you give us when you engage with us and/or use our products or services. For example, we may collect information when you interact with us, attend one of our stands at a trade show, make an enquiry, place an order or contact our customer service.
b) Information Collected Through Your Use of Our Products and/or Services
In addition to the information you provide to use directly, we may collect information about your use of our Products and/or Services. For example:
- Through Platforms / Applications / Devices: We may receive information directly via cellular or satellite link, or radio or Ethernet connection from Assets equipped with an Application or a Device that was either pre-installed or installed by us, which may include System Data or Personal Information.
- Through Wearable Technology: We may collect information through wearable technology, such as fatigue monitoring devices or RFID tags embedded in hardhats or safety vests.
c) Information From Third-Party Sources
We may receive information from publicly and commercially available sources, as permitted by law, which we may combine with other information we receive from you. For example:
- Via Caterpillar Inc. or its business affiliates or contractors: We may receive information from Caterpillar or its business affiliates or contractors which have collected from you via: (i) cellular or satellite link, or radio or Ethernet connection from Assets, which may include System Data (such as information relating to the Device or Asset) or Personal Information (such as from information generated by fatigue monitoring devices, on-board camera and proximity detection systems, and in-cab monitoring technology); or (ii) Digital Offerings.
- From Component Manufacturers and OEMs: We may obtain System Data from manufacturers of the components in your Assets. This information may be provided to us automatically.
- From Asset Owners and Others: We may receive additional information from Asset owners, operators and other persons who have management responsibility for an Asset.
- From Other Sources: We may receive your information from other sources, such as credit reference agencies, public databases, joint marketing partners, internet, social media platforms (including from people with whom you are friends or are otherwise connected) and from other third parties. We may collect or generate information from troubleshooting data, from your service providers (such as fluid analysts and site inspectors) or from maintenance, inspection or warranty records.
d) Other Ways We Collect Information
We also may collect other information about you, your device, or your use of the services in ways that we describe to you at the point of collection or otherwise with your consent. You may choose not to provide us with certain types of information, but doing so may affect your ability to use some of the products and services.
3. How We May Use Information
We may use collected information for the following purposes:
a) To Provide Services to You and Others:
- To enable us to administer the Cat Rewards program.
- To allow you to monitor the status of Assets, to complete and fulfil orders, and to communicate with you regarding your purchase or rental of Assets and your purchase of Asset parts, and provide you with related customer service.
- To fulfil customer support agreements, perform maintenance and repairs and deliver rental Assets or parts.
- To make recommendations regarding safety, Asset health, maintenance, worksite efficiency and productivity training for operators.
- To enhance the safety of machine operations, including by tracking proximity to Assets, other objects or humans.
- To enable remote technician services, such as remote troubleshooting, and remote tuning.
- To provide you with location-based services and content.
- To process payment related to our products and services.
b) To Enable Communications:
- To send administrative or contractual information, for example, information regarding our terms and conditions of sale and rent and of using Digital Offerings, warranty policies or service contracts and in respect of debt recovery.
- To provide you with information about new products and services and to send you marketing communications that we believe may be of interest to you for which you may opt-out at anytime.
c) For Other General Business Purposes:
- To conduct market research.
- To perform data analytics, audits, improve products, develop new products, enhance, improve or modify our Digital Offerings, identify usage trends and operate and expand our business activities and for statistical analysis based on aggregated and de-identified data, such as benchmarking reports.
- To provide services to Customers, manage work flow, monitor repairs, project future maintenance and service, and troubleshoot issues.
- To validate effectiveness of recommendations, resolve complaints, and fulfil orders.
- To manage Asset and parts inventory in order to provide you with machines, parts and services.
- To manage a fleet of owned or rented Assets.
- To maximize the efficiency of operations and increase sales.
- To develop digital applications.
- To manage your account with us and generally keep our records up to date and to administer our relationship with you.
d) Other Uses:
- To allow you to participate in sweepstakes, competitions or similar promotions and to administer these activities. Some of these activities have additional rules, which could contain additional information about how we use and disclose your information, including Personal Information. We suggest that you read any such rules carefully.
- For additional uses as agreed by you and us, which may, for example, arise from new types of products or services that we may offer you.
With respect to audio-visual data that identifies an individual or physiological data for an identifiable individual, we will use that data only to provide products and services to our Customers, including to make recommendations regarding safety, Asset health, maintenance, worksite efficiency and productivity training for operators, and to improve our products and services.
4. How We May Disclose Information
Except as described in this Data Governance Statement, we will not provide any of your Personal Information to any third parties without your consent. We may, however, share or disclose information that is anonymized, which cannot reasonably be used to identify you, with third parties. We may also disclose information:
- To our business partners, including, Trimble. and its business affiliates or contractors, to assist us with delivering the products and services you have requested.
- To our affiliates, to deliver the products and services that you have requested.
- To Asset owners, to permit them to manage the use of their Asset.
- To our service providers who provide services such as tire replacement, fire suppression systems, engine packaging, data analytics, information technology and related infrastructure provision, application development, platform hosting, customer service, product development and auditing, advisory and other services. Our service providers are given the information they need to perform their designated functions, and are not authorized to use or disclose the information for any other purposes.
- To component manufacturers, to permit them to study the use of their products, to improve their products and to develop new products.
- To agents, service providers and other third parties contracted by or engaged in business with Asset owners, who have management responsibility for the Asset.
- To those of our third party service providers who supply sub contracted services in relation to maintenance and repair of, or modification to, Assets.
- To a related third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, Assets or stock (including in connection with any bankruptcy or similar proceedings).
- To additional recipients as agreed by you and us.
When your information is disclosed to third parties, such as Caterpillar Inc. and its business affiliates or contractors, your information becomes subject to the third party’s terms of use, privacy policy and/or data governance statement.
We may also transfer and disclose your information to third parties to comply with a legal obligation including the following:
- To a related third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, Assets or stock (including in connection with any bankruptcy or similar proceedings).
- To additional recipients as agreed by you and us.
- an investigation by law enforcement, regulatory authorities or self-regulatory organizations;
- if a warrant or court order or other instrument compels us to disclose personal information, which may include lawful access by Canadian, UK, Chilean, US or other foreign governmental authorities, courts or law enforcement agencies;
- the protection of our assets or where necessary for the establishment, exercise or defence of legal claims;
- other organizations in the case of investigating a breach of an agreement or contravention of law;
- for the detection, prevention and suppression of fraud and other criminal activity and other matters in the public interest;
- the protection of our employees, customers and others; and
- in situations otherwise permitted or required by applicable Canadian, UK, Chilean, US or other law.
5. International Transfers
Your Data may be stored and processed by us, our affiliates and our third party service providers in the United States, Canada, United Kingdom, South America or other jurisdictions that may not have data protection or other laws that are as protective as in your country of residence. If information is transferred to the United States, Canada, United Kingdom, South America or another foreign jurisdiction, it will be subject to the laws of that jurisdiction and may be disclosed to or accessed by the courts, law enforcement and governmental authorities in accordance with those laws. By transferring Data or allowing Data to be transferred to us, you consent to the transfer, processing and storage of your Data in countries outside of your country of residence, as described in this Data Governance Statement.
6. Security
We have implemented reasonable organizational, technical and administrative measures designed to protect information within our organization. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of your account has been compromised), please immediately notify us in accordance with the "Contacting Us" section below.
7. Access, Change or Correct Personal Information
Subject to certain exceptions prescribed by law, you have a right to access and request correction of most personal data that we have about you. In some circumstances, it may not be possible for us to provide you with all of your personal data. For instance, there may be instances where disclosing the requested information would impact the privacy of another individual. Where we cannot provide access to personal data held about you, we will tell you why.
If you think that any personal data we hold about you is inaccurate, you may contact us using the contact details below and we will take reasonable steps to ensure that the information is corrected. We may take steps to verify your identity before providing you access to your personal data.
If you send any request for access to or correction of your personal data, we will do our best to respond within a reasonable period after your request.
8. Electronic Communications
With your consent, we may use personal data to inform you of products or services available from us or our affiliated entities. When collecting information that might be used to contact you about our products and services, we give you the opportunity to opt-out from receiving such communications. Moreover, each e-mail communication we send includes the ability to unsubscribe allowing you to stop delivery of that type of communication. If you elect to unsubscribe, we will remove you from the relevant list.
9. Retention
We will retain your Personal Information for the period necessary to fulfil the purposes outlined in this Data Governance Statement unless a longer retention period is required or permitted by law.
10. Updates To This Governance Statement
We may change this Data Governance Statement from time to time and without advance notice. The "LAST UPDATED" legend at the top of this page indicates when this Data Governance Statement was last revised. Any changes will become effective when we post the revised Data Governance Statement. Your use of Digital Offerings following these changes means that you accept the revised Data Governance Statement.
11. Contacting Us
If you have any questions about this Data Governance Statement, please write us at privacy@finning.com.