Last updated on 01/04/2025
Hiab Corporation (“we” or “Hiab”) recognizes the importance of protecting individuals’ privacy and processing personal data in accordance with the applicable privacy laws. The purpose of this Privacy Statement (“Statement”) is to communicate the ways we process personal data when you visit our websites, receive newsletters or marketing material from us or participate in events, online forums or social networks hosted by us.
We comply with the European Union (EU) General Data Protection Regulation 2016/679 (GDPR) as well as with any other applicable data protection legislation. Should any applicable mandatory laws or regulations be in conflict with this Statement, we will respect such laws and regulations over any conflicting parts in this Statement.
Data controller, and therefore the legal entity responsible for collection and use of personal data under this privacy policy is Hiab Corporation. The contact information of the data controller is the following:
Hiab Corporation
Business ID: 1927402-8
Address: Itämerenkatu 25, 00180 Helsinki, Finland
Please contact us at privacy@hiab.com if you have any questions in regards to the protection of your personal data or if you wish to exercise your legal rights.
In regards to detailed data processing activities, individual Hiab affiliate companies may also operate as data controllers, either independently or jointly with Hiab. The contact information of the individual Hiab affiliate companies is available upon request.
We collect the personal data for the following purposes:
In addition to the information you may choose to disclose to us, we may collect your name, email address, phone number, employment details such as company, title, role and position, your IP address, and details on how you interact with us and similar information.
If you visit our website, we may also collect information about you through your use of our website, including information gathered through analytics tools and cookies. For more information, please see our Cookie Policy.
Marketing, events, online forums and social networks, newsletters and stock exchange release subscriptions. We collect the personal data either directly from you, through your employer company or the company to which you are otherwise related to, or through publicly available sources such as social media channels.
Website. During your visit on our websites we collect data explicitly from you or generate that data through your use of our websites. To make sure that our website is functioning effectively, we or our service providers may use cookies and web beacons which may collect personal data. Additional information on how we use cookies and other tracking technologies and how you can manage your settings can be found in our Cookie Policy.
Legal basis of processing personal data
We collect and process your personal data on the basis of the following legal bases:
Ensuring effective delivery of our services to you;
These purposes are necessary for the operation of our business in an efficient manner and therefore require the collection and processing of your personal data. We note that the rights of individuals may sometimes override the legitimate interests of a data controller. However, we have made sure that a fair balance is made between the rights of data subjects and the legitimate interests of individuals.
We share your personal data on a regular basis with service providers and business partners that operate and process personal data as data processors on our behalf. These data processors may include IT and technology providers hosting and maintaining our data as well as possible marketing partners. We may share your personal data with our affiliate companies for any of the legitimate purposes described in this Statement. We may share your personal data with authorized third parties, such as our resellers.
Your personal data may be also shared where required under any applicable law or regulation or by the order of a court or public authority, to protect or exercise our or your rights, or to prepare or carry out a merger, asset sale, acquisition or other similar arrangement.
We are committed to applying adequate measures to make sure your personal data is secured reasonably and effectively in all instances, including granting access to personal data only to persons who have a reasonable requirement to access the data to be able to perform tasks they are required to do.
We may transfer your personal data outside the European Union and/or the European Economic Area. In order to ensure adequate protection of any such transferred data, we will ensure that the following conditions apply:
In any case, we will always ensure that your personal data is adequately protected as required by applicable laws and regulations. To receive more information on the recipients outside the European Union and/or the European Economic Area and applicable legal transfer mechanism, please contact us at privacy@hiab.com.
We retain the personal data for only as long as that data is necessary for the purposes we have collected it, or if we are required to retain that data for longer periods in order to comply with applicable laws. Please note that the data retention obligations will differ within Hiab due to differences in local laws. The retention period applied to the personal data in a specific case will depend on the purpose of processing. As an example, information stored for bookkeeping purposes is stored due to a legal requirement for up to ten years.
We will delete or upon notice correct any incorrect or inaccurate data. We are committed to applying our internal data retention policies, as they are in force from time to time.
The retention of cookies is described in the Cookie Policy.
Please contact us at privacy@hiab.com for more detailed information on our data retention policies.
Personal data may be stored either in hardcopy or electronic form. We recognise our obligation to safeguard the sensitive nature of all personal data. We are, therefore, committed to applying protective measures to secure against the unauthorized access, modification, collection, copying, use, and disclosure of any personal data. These measures include: (i) limiting the access and uses of information to those Hiab personnel, contractors and suppliers and other persons who, for in order to be able to perform their relevant tasks need to have, on a fair and lawful basis, access to the personal data; (ii) use of physical and electronic access codes and passwords to control and restrict access; (iii) training and raising awareness on relevant employees and other personnel about data protection and privacy; and (iv) applying updates and at-minimum-industry standard technical security measures.
As a data subject you have the right to ask us to tell you what personal data we at any given time store about it. Subject to local applicable laws you also have the right to:
We will review such requests and execute them to the fullest extent possible in accordance with applicable laws. If you want to review or verify personal data about you, or to have it corrected or request its erasure, or to restrict or object to the processing of your personal data, or to request a copy of such data, you may exercise your rights by contacting us at privacy@hiab.com.
You will not have to pay a fee to access your personal data or to exercise any of your other rights. However, we may charge a reasonable fee if your request is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access the data or to exercise any of your other rights. This is another appropriate security measure to ensure that personal data is not disclosed to any person who has no right to receive it.
We reserve the right to update this Statement at any time and encourage you to review this Statement from time to time for any amendments.
See also:
Privacy Statement - Customers, Partners and Vendors
If you are a California resident, you have rights under the California Consumer Privacy Act of 2018 (CCPA), as amended by the California Privacy Rights Acts of 2020 (CPRA), from hereon referred to as “CCPA”. This supplement to the Privacy Statement - Website and Marketing is an overview of the information that is required by the CCPA, and provides instructions for how to exercise the rights granted by the CCPA. “Personal Information” has the meaning given in the CCPA.
As set out in the ‘Categories of personal data’, above. In addition we may collect general geolocation data, such as information about the approximate location of a visitor's device when they visit our website.
As set out in ‘Purposes of processing personal data’, above.
As set out in the ‘Sources from which we gather your personal data’, above.
As set out in the ‘Disclosures of personal data’, above.
Sale: We do not sell Personal Information as the term ‘sell’ is commonly understood. In CCPA, a sale is defined to include disclosures of Personal Information to a third party for monetary or valuable consideration. Select third parties, such as advertising technology partners and data analytics providers may collect or receive information so that we can provide you with targeted advertising. These third parties may benefit from the use of this information for their own purposes, such as improving their own services, which may qualify as a sale under the CCPA. Within the last 12 months, we may have sold information within each of the following categories, with these third parties:
Personal Information:
Sensitive Personal Information:
Share: We may have shared certain Personal Information with third parties, such as advertising technology partners and data analytics providers for the purpose of targeted advertising, which may qualify as sharing under the CCPA. Within the last 12 months, we may have shared each of the following categories of information, with these third parties:
Personal Information:
Sensitive Personal Information:
As a California resident, you have the right to:
The verifiable consumer request must: (1) provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Information, and (2) describe your request with sufficient detail to enable us to properly understand and respond to it.
You have the right to make a free request two times in any 12-month period. We will make the disclosure within 45 days of receiving your request, unless we request an extension. In the event that we reasonably need a 45-day extension, we will notify you of the extension within the initial 45-day period.
If you want to make a request to know or a request to delete as an authorized agent on behalf of a California resident, you may use the submission methods noted above. As part of our verification process, we may additionally request that you provide proof concerning your status as an authorized agent.
You have the right to be free from unlawful discriminatory treatment for exercising your rights under the CCPA.
We do not knowingly sell or share the personal data of children under the age of 16.
Questions about this supplement or about our handling of your Personal Information may be submitted by sending an email to privacy@hiab.com or by calling (toll free) (800) 837-2351.
For more information on our privacy practices that apply to the Personal Information we collect, use and share, see the Privacy Statement - Website and Marketing.
@2025 Hiab Corporation