I. PRIVACY SHIELD
The United States Department of Commerce and the European Commission have agreed on a set of data protection principles to enable U.S. companies to satisfy the requirement under EU law that adequate protection be given to Personal information transferred from the EU to the United States (EU-U.S. Privacy Shield Framework). To learn more about the Privacy Shield program, and to view Ingersoll Rand’s certification, please visit http://www.privacyshield.gov/list.
Ingersoll Rand has a Global Data Protection Officer who assists in ensuring compliance with this Policy and data security issues. Ingersoll Rand educates its employees concerning compliance with this Policy and has self-assessment procedures in place to assure compliance. Ingersoll Rand’s Global Data Protection Officer Michelle Trumpower and its Corporate Legal Team are available to any of its valued employees, customers, vendors, business partners or others who may have questions concerning this Policy or data security practices. Relevant contact information is provided herein. Ingersoll Rand is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission with respect to the Privacy Shield Framework.
This Policy applies to all Personal information received by Ingersoll Rand in any format including electronic, paper or verbal. Ingersoll Rand collects, stores and processes Personal information concerning current and former employees, as well as applicants for employment through its Internet websites, its intranet site, electronic mail and manually. Ingersoll Rand will not sell or share this information with third parties in ways different than what is disclosed in this Policy. On a global basis, Ingersoll Rand will establish and maintain business procedures that are consistent with this Policy. Notwithstanding the foregoing, Ingersoll Rand has separate policies governing the processing of applicants and employee personal data and external personal data in those countries that are members of the EU. These policies are consistent with EU data protection law.
Ingersoll Rand collects, stores, and processes Personal information from current and past employees and applicants for employment, such as name, contact information, government identifier, financial account information, and family information. This information is maintained at the Corporate and Regional HQ level by Ingersoll Rand and its authorized agents, depending on the level of the position as well as the local office of the employee or applicant. Ingersoll Rand collects Personal information for employment related purposes and legitimate human resource business reasons such as personnel and job candidate administration and assessment, recruitment and staffing; payroll administration; absence monitoring; training and development; management planning; appraisal and promotion; union negotiation; production and publication of company address books and telephone and e-mail directories; managing email and other communication systems; production of employee Identity cards; monitoring the use of company resources; information to contact close relatives in case of emergency; filling employment positions; administration and operations of its benefit and compensation programs; meeting governmental reporting requirements; security, health and safety management; performance management; company network access; managing and administering the Ethics HelpLine; facilitating workplace communications; workforce analytics, and authentication. Ingersoll Rand does not request or gather information regarding political opinions, religion, philosophy or sexual preference. To the extent Ingersoll Rand maintains information on trade union membership, medical health, race or ethnicity, Ingersoll Rand will protect, secure and process that information in a manner consistent with this Policy and applicable law.
Ingersoll Rand also collects, stores, and processes Personal information from prospective customers, consumers, vendors, professional advisers and consultants, distributors, dealers, suppliers business partners and others, such as name, contact information, assist in the administration of employee benefit and compensation programs, and financial or other payment information. This information may be maintained at its corporate offices in Swords, Ireland, Davidson, North Carolina, Piscataway, New Jersey or at other Ingersoll Rand facilities, and its authorized agents, consistent with local legislation. Ingersoll Rand collects this Personal information for, among other things, legitimate business reasons such as processing and fulfilling orders; customer service; the provision of services or products to IR, product, warranty and claims administration; meeting governmental reporting and records requirements; maintenance of accurate accounts payable and receivable records; marketing; internal marketing research; safety and performance management; financial and sales data; and contact information. All Personal information collected by Ingersoll Rand will be used for legitimate business purposes consistent with this Policy.
Ingersoll Rand may process and disclose Personal information to service providers, advisors, potential transactional partners, or other third parties in connection with the consideration, negotiation, or completion of a corporate transaction in which an Ingersoll Rand business is acquired by or merged with another business, or sells, liquidates, or transfers all or a portion of its assets.
Ingersoll Rand also may process or disclose Personal information as is reasonably necessary or legally required on important public interest grounds, to respond to lawful requests by public authorities (including to meet national security or law enforcement requests), to meet governmental reporting or records requirements, or for the establishment, exercise or defense of legal claims by Ingersoll Rand or other companies within its corporate group.
For purposes of this Policy, the following definitions shall apply:
“Agent” means any third party that processes Personal information provided by Ingersoll Rand to perform tasks on behalf of or at the instruction of Ingersoll Rand.
“Ingersoll Rand” means Ingersoll-Rand plc, its subsidiaries, divisions and groups, with brands such as Ingersoll Rand, Thermo-King, Trane, and Club Car.
“Personal information” means any information or set of information that identifies or could be used by or on behalf of Ingersoll Rand to identify an individual. Personal information does not include information that is anonymized, or publicly available information that has not been combined with non-public Personal information.
“Sensitive Personal information” means Personal information that reveals race, ethnic origin, trade union membership, political opinions, or religious or philosophical beliefs, that concerns health or sex life, or that contains criminal records. In addition, Ingersoll Rand will treat as Sensitive Personal information any Personal information received from a third party where that third party treats and identifies the Personal information as sensitive.
IV. PRIVACY PRINCIPLES
Ingersoll Rand commits to subject the Personal information covered by this policy to the following principles:
(1) NOTICE: Where Ingersoll Rand collects Personal information directly from individuals, it will inform them about the purposes for which it collects, stores and processes Personal information about them, the types of non-Agent third parties to which Ingersoll Rand discloses that information, and the choices and means, if any, Ingersoll Rand offers individuals for limiting the use and disclosure of their Personal information. Notice will be provided in clear and conspicuous language when individuals are first asked to provide Personal information to Ingersoll Rand, or as soon as practicable thereafter, and in any event before Ingersoll Rand uses the information for a purpose other than that for which it was originally collected.
(2) CHOICE: Ingersoll Rand will offer individuals the opportunity to choose (opt-out) whether their Personal information is (a) to be disclosed to a non-Agent third party, or (b) to be used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual.
For Sensitive Personal information, Ingersoll Rand will give individuals the opportunity to affirmatively and explicitly consent (opt-in) to the disclosure of the information to a non-Agent third party or the use of the information for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual.
Ingersoll Rand will provide individuals with reasonable mechanisms to exercise their choices should requisite circumstances arise.
(3) DATA INTEGRITY AND PURPOSE LIMITATION: Ingersoll Rand will use Personal information only in ways that are compatible with the purposes for which it was collected or subsequently authorized by the individual. Ingersoll Rand will take reasonable steps to ensure that Personal information is relevant to its intended use, accurate, complete and current.
(4) ACCOUNTABILITY FOR ONWARD TRANSFER: Ingersoll Rand uses third-party Agents to assist us in accomplishing the purposes described in this Policy, for example to support our customers, perform technical operations, and store and transmit data. Ingersoll Rand will confirm that any third party to which it discloses Personal information will appropriately safeguard the privacy of that Personal information. Examples of appropriate privacy safeguards include: a contract obligating the third party to provide at least the same level of protection as is required by the relevant privacy principles, the third party being subject to EU data protection law, Privacy Shield certification by the third party, or the third party being subject to another European Commission adequacy finding (e.g., companies located in Switzerland). Where Ingersoll Rand has knowledge that a third party is using or disclosing Personal information in a manner contrary to this Policy, Ingersoll Rand will take reasonable steps to prevent or stop the use or disclosure. Ingersoll Rand holds third parties to which it discloses Personal information accountable for maintaining the trust our employees and customers place in the company. Ingersoll Rand may remain liable under the Privacy Shield Principles if any Agent processes Personal information in a manner inconsistent with the Privacy Shield Principles, unless Ingersoll Rand first demonstrates that it is not responsible for the event giving rise to the damage.
(5) ACCESS AND CORRECTION: Upon request, Ingersoll Rand will grant individuals reasonable access to Personal information that it holds about them. In addition, Ingersoll Rand will take reasonable steps to permit individuals to correct, amend or delete information that is demonstrated to be inaccurate or incomplete. Any employees that desire to review or update their Personal information can do so by contacting their local Human Resources Representative.
(6) SECURITY: Ingersoll Rand will take reasonable precautions to protect Personal information in its possession from loss, misuse and unauthorized access, disclosure, alteration and destruction. Ingersoll Rand protects data in many ways. Physical security is designed to prevent unauthorized access to database equipment and hard copies of sensitive Personal information. Electronic security measures continuously monitor access to our servers and provide protection from hacking or other unauthorized access from remote locations. This protection includes the use of firewalls, restricted access and encryption technology. Ingersoll Rand limits access to Personal information and data to those persons in Ingersoll Rand’s organization, or as Agents of Ingersoll Rand, that have a specific business purpose for maintaining and processing such Personal information and data. Individuals who have been granted access to Personal information are aware of their responsibilities to protect the security, confidentiality and integrity of that information and have been provided training and instruction on how to do so.
(7) RECOURSE, ENFORCEMENT AND LIABILITY: Ingersoll Rand will conduct compliance audits of its relevant privacy practices to verify compliance with this Policy and the relevant privacy principles. Any employee that Ingersoll Rand determines is in violation of this Policy will be subject to disciplinary action up to and including termination of employment.
V. DISPUTE RESOLUTION
Any questions or concerns regarding the use or disclosure of Personal information should be directed to the Ingersoll Rand Data Protection and Privacy Office at the address given below. Ingersoll Rand will investigate and attempt to resolve complaints and disputes regarding use and disclosure of Personal information in accordance with the principles contained in this Policy. For complaints that cannot be resolved between Ingersoll Rand and the complainant, Ingersoll Rand has agreed to participate in the dispute resolution procedures of the panel established by the EU data protection authorities and to cooperate and comply with the Swiss Federal Data Protection and Information Commissioner to resolve disputes pursuant to the relevant privacy principles. In some circumstances, complainants may be able to appeal these decisions by invoking binding arbitration. All of these dispute resolution mechanisms are free of charge to you.
VI. INTERNET PRIVACY AND COOKIES
Ingersoll Rand sees the Internet, intranets and the use of other technologies as valuable tools for communicating and interacting with consumers, employees, vendors, business partners and others. Ingersoll Rand recognizes the importance of maintaining the privacy of Personal information collected through websites that it operates. Ingersoll Rand’s sole purpose for operating its websites is to provide information concerning products and services to the public. In general, visitors can reach Ingersoll Rand on the Web without revealing any Personal information. Visitors on the Web may elect to voluntarily provide Personal information via Ingersoll Rand websites but are not required to do so. Ingersoll Rand collects information from visitors to the websites who voluntarily provide Personal information by filling out and submitting online questionnaires concerning feedback on the website, requesting information on products or services, or seeking employment. The Personal information voluntarily provided by website users is contact information limited to the user’s name, home and/or business address, phone numbers and email address. Ingersoll Rand collects this information so it may answer questions and forward requested information. Ingersoll Rand does not sell this information.
Ingersoll Rand may also collect anonymous information concerning website users through the use of “cookies” in order to provide better customer service. “Cookies” are small files that websites place on users’ computers to identify the user and enhance the website experience. Company personnel periodically audit Ingersoll Rand’s commercial websites to determine what cookies are used on each. The cookies used are typically not intrusive and are not typically connected to visitors’ contact or other identifiable information. Visitors may set their browsers to provide notice before they receive a cookie, giving the opportunity to decide whether to accept the cookie. Visitors can also set their browsers to turn off cookies. Visitors can learn how to control or delete cookies used on Ingersoll Rand’s websites by visiting http://www.aboutcookies.org for detailed guidance. If visitors do suppress the website cookies, however, some areas of Ingersoll Rand websites may not function properly.
The table below describes the cookies used on www.Ingersollrand.com.
We use a session cookie that lasts for the duration of your visit to our site and is used for load balancing.
User data is not linked to any of your contact information.
Persistent Cookies for Site Analytics
Google Analytics – we use this to understand how the site is being used in order to improve the user experience. User data is not linked to any of your contact information.
You can find out more about Google’s position on privacy as regards its analytics service at https://support.google.com/analytics/answer/6004245?hl=en
Adobe Site Catalyst — we use this to understand how the site is being used in order to improve the user experience. User data is not linked to any of your contact information.
You can find out more about Adobe’s position on privacy as regards its analytics service at https://www.omniture.com/en/privacy/product
Few, if any, of Ingersoll Rand’s websites are directed toward children. Nevertheless, Ingersoll Rand is committed to complying with applicable laws and requirements, such as the United States’ Children’s Online Privacy Protection Act (“COPPA”)
Ingersoll Rand websites may contain links to other “non-Ingersoll Rand” websites. Ingersoll Rand assumes no responsibility for the content or the privacy policies and practices on those websites. Ingersoll Rand encourages all users to read the privacy statements of those sites; their privacy practices may differ from those of Ingersoll Rand.
VII. EUROPEAN UNION – GDPR
7.1. As mentioned, this Policy sets forth the privacy principles that Ingersoll Rand follows with respect to Personal information transferred to Ingersoll Rand from anywhere in the world, including transfers from the European Economic Area (EEA) (which includes the twenty-eight member states of the European Union (EU) plus Iceland, Liechtenstein and Norway).
If you are working with our affiliates in the EU or are a data subject in the EU protected by GDPR, you can invoke your rights under GDPR towards the relevant EU Ingersoll-Rand affiliate that controls your personal data at local, national level for the performance of the day to day operations of the relevant affiliate, each acting as a separate controller. For all cross-border processing of personal data in the EEA at group level, the controller is Ingersoll-Rand Company, a New Jersey Corporation, established at 800-E Beaty Street, Davidson, NC 28036-1840 USA (“IR Company”). With respect to such cross-border processing of individuals in the EEA, IR Company has as main establishment in the EEA: Ingersoll Rand International Ltd., Belgian Branch, Alma Court Building, Lenneke Marelaan 6, 1932 St-Stevens-Woluwe, Belgium, with Belgian company number 0826.378.038 (“IR Ltd. Belgian Branch”).
7.2. For job applicants, employees and former employees of our EU Ingersoll-Rand affiliates, separate notices and policies exist in line with EU law, which inform them about our data processing and their rights.
When you are not a job applicant, employee or former employee, we hereunder inform you about your rights under GDPR and how to perform them. In such case, the processing of personal data by the relevant Ingersoll-Rand entities may be based on the necessity to perform a contract with you or in order to take steps at your request prior to entering into a contract, because we have a legal obligation to do so, or because it is in our legitimate interest to do so (for instance if you are working for one of our suppliers or customers who have to receive your data for normal business operations, or because you want to browse through our website), or, alternatively, may be based on your consent (for instance when you have consented to the use of your personal data for direct marketing purposes).
7.3. Under the GPDR individuals have:
The performance of these rights may be subject to certain conditions and exceptions as provided by the GDPR. Individuals who want to perform these rights can do so by contacting:
For current IR Employees: Current EU employees can submit data inquiry requests from the Ingersoll Rand intranet under the menu options MyResources / Policies and Procedures / GDPR Data Subject Requests
For any other Individuals: https://company.ingersollrand.com/privacy-policy/gdpr-request.html
Ingersoll Rand Privacy Inquiries
Ingersoll Rand Company
800 Beaty Street, Building E
Davidson, North Carolina
Attention: Michelle Trumpower, Global Data Protection and Privacy Officer
Ingersoll Rand Privacy Inquiries
Ingersoll-Rand International Ltd.
Lenneke Marelaan 6
Attention: Data Privacy Inquiries (Legal / HR)
The inquiries should include the individual’s name, address, and other relevant contact information (phone number, email address). Ingersoll Rand may require that you provide additional information in order to verify your identity and will use all reasonable efforts to honor such requests as quickly as possible and within the time limits set forth by applicable law.
7.4. Except as otherwise permitted or required by applicable law or regulatory requirements, the relevant Ingersoll-Rand entity that controls your personal data retains personal data only for as long as necessary to fulfill the legitimate business purposes for which the personal data was collected (including, for the purpose of meeting any legal, tax, accounting or other reporting requirements or obligations). If destroying or erasing personal data is not mandatory by law, we may make it anonymous such that it cannot be associated with or tracked back to the individual. Local Ingersoll-Rand entities may have policies that deviate from the above.
With respect to other transfers outside the EEA to third party suppliers, Ingersoll-Rand ensures adequate personal data protection through the implementation of standard contractual clauses—as recognized by the European Commission—with these third party suppliers, or it will work with suppliers who are also certified under the EU – U.S. Privacy Shield and the U.S. – Swiss Privacy Shield Framework.
VIII. CHANGES TO THIS POLICY
The practices described in this Policy are current Personal data protection policies as of May 25, 2018. Ingersoll Rand reserves the right to modify or amend this Policy at any time consistent with the requirements of the relevant principles and applicable law. Appropriate notice will be given concerning such amendments.