Privacy Policy

Privacy Policy

This document sets out the privacy policy (“Privacy Policy”) of Baram (2015) Ltd., which is an Israeli legal corporate entity, registered at the Israeli Registrar of Companies under number 51-527090-8 (“Baram”, “we”, “us” and “our”).

Privacy Commitment

Baram is committed to protecting the privacy of all individuals in respect of whom we hold any personal data, regardless of whether those persons are customers, potential customers, business partners or otherwise and regardless of how we have come to possess the personal data. 

Our privacy policy is designed to be compliant with all applicable Israeli privacy and data protection regulations, including without limit the Protection of Privacy Law 5741-1981 and the Privacy Protection (Data Security) Regulations 5777-2017 promulgated thereunder (collectively “Israeli Law”) and the European Union’s General Data Protection Regulation 2016/679 (“GDPR”). 

Baram will ensure that all personal data that you submit to us, or which we collect, via various channels, including without limit via your interaction with our website, through written correspondence (including e-mail) and personal interaction with our representatives and business partners, is only used for the purposes set out in this policy and that it shall be held and stored safely and in compliance with the applicable laws. 

Through this Privacy Policy we aim to inform you about the types of personal data that we collect from individuals, the purposes for which we use the information and the ways in which the information is handled. 

Baram is the controller of all personal data that we collect, meaning that we determine the purposes and means of the collecting and using the personal data. We also control who has access to all personal data that is under our control. Additionally, if any of your personal data is processed, Baram is also the processor of the personal data. For correspondence relating to the Privacy Policy, please address our Data Security Officer, whose details are set out at the end of this Privacy Policy.

What is Personal Data?

For the purpose of this Privacy Policy, “personal data” means any information of any kind relating to you personally and which can be connected to you either directly or indirectly by reference to other information. If information relating to you is anonymized so that we cannot connect you to the personal data by any means, then it is not personal data. 

Information relating to a business rather than to an individual is not personal data for the purposes of this privacy policy. We protect confidential business information in accordance with signed non-disclosure agreements, other applicable commercial agreements and our confidentiality policies. However, business related information that also relates to you, such as email addresses that may be used to identify or to target specific individuals, or personal profiles about you, your employers or employees, is personal data and we will protect that data in the same way that we protect all other forms of personal data in accordance with this privacy policy.

How We Collect Personal Data

We generally collect personal data from you in the following ways:

1. You may complete the contact form on our website, requesting us to make contact with you. This form requires that you provide us with your name, email address, phone number and a message. Depending on the nature of your message, it might also include personal data about yourself or about somebody else. Please do not include in your message any personal data about any other person unless you have their express and fully informed written permission to do so. If we receive from you any personal data relating to somebody else, then we will inform that person that we have received their personal data, specifying the type of personal data and the fact that we received that personal data from you.
2. You may provide us with your personal data at a trade show, meeting or other events.
3. If you are a customer, we will have required you to complete a customer questionnaire to collect certain information from you, which will mostly be related to your business organization, but some of the information may also be your personal data or the personal data of other members of your organization.
4. You may have approached us directly by email or otherwise in connection with interest in our products or for other business purposes and in the course of the communications provided us with personal data.
5. When you order products from us, you will provide us with an address for delivery and details of credit cards or other relevant payment methods.

User Statistics

We obtain certain information when your web browser accesses our website including your IP address, browser type, operating system, mobile network data, pages viewed and access times. This includes information about your browsing actions and patterns on the website, which we will use in order to provide you with a more personal experience. We also aggregate all statistical information regarding the browsing actions and patterns of all visitors to our website and this aggregated statistical information does not identify you.

How we Process your Personal data

“Processing” personal data means performing any operation or set of operations on personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction of the personal data. 

The personal data that you provide to us or that we receive from other sources will be kept confidential. We will only hold, use and disclose your personal data in a manner that is fully compliant with Israeli law and the GDPR and in accordance with our legitimate business purposes, which include: 

1. If you or your organization is a customer or potential customer of Baram, then we will only use your personal data as is specifically required in order to communicate with you in connection with our sales and provision of our services. This might include:
   • Confirming orders
   • Arranging for deliveries and installations of products and systems
   • Provision of various support services by remote or at the business’ premises
   • Issuing invoices and other documents
   • promoting new products and services for you and providing offers
   • responding to enquiries
   • advising you of news and industry updates
   • advising you of events and promotions
   • other relevant business correspondence
   • for our internal business purposes, developing new products, enhancing the website, improving our services, identifying usage trends and visiting patterns, determining the effectiveness of our promotions and meeting contractual obligations
   • administrative purposes, such as sending you important information regarding our website, changes to our terms of business or policies, or other administrative information.
2. If you or your organization is a Baram supplier, distributor, agent or other sales representative or other business partner, then we will only use your personal data in order to communicate with you in connection with our business relationship.
3. We may release your personal data to regulatory or law enforcement agencies, if we are required or permitted to do so.

We will not process your personal data for any reason other than those stated above, unless we first receive your express prior written consent or we are legally required to. The legal basis for processing your personal data is made up of one or more of the following reasons:

• Your consent.
• Providing our goods and services and conducting our business in the manner that we described above.
• Compliance with applicable laws, regulations or other legal process. If we process your personal data in order to comply with a law, regulation or other legal process, then we will notify you of this in writing, unless we are not permitted to.
• The processing is necessary for the purposes of our (or a third party’s) legitimate interests, provided we have established that those interests are not overridden by your rights and freedoms, including your right to have your personal data protected.

How we share your Personal data

Personal data that we collect is stored on third party servers that have been selected, among other reasons, based on their commitments to hold and protect the personal data from unauthorized access or transfer and that have provided commitments consistent with the GDPR and Israeli privacy protection laws. Currently, the personal data is stored on servers located in Frankfurt Germany belonging to Amazon’s AWS cloud services. The personal data is stored on the servers under our own unique account to which no other party has access. Amazon undertakes to store and transfer personal data in accordance with its own strict privacy policy, more information of which can be found at https://aws.amazon.com/compliance/data-privacy-faq/. Only Baram has the power to determine who has access to the personal data held on its account with the AWS cloud and how the personal data may be processed. 

Different members of Baram personnel have different access rights to the personal data stored by Baram and different members of Baram personnel have different permissions for what they may and may not do with the personal data, including with whom they may share personal data. Access and permission for each Baram employee is set according to their responsibilities. Additionally, all personnel who have any kind of access to the personal data are made fully aware of this Privacy Policy and are also trained in Israeli privacy and GDPR requirements. 

As Baram personnel are generally located in Israel, when they access the personal data from the third party servers, the personal data is effectively also transferred out of the EU to Israel and part or all of that personal data may be stored in Israel, such as when it is downloaded onto the Baram employee’s hard drive. 

Our policy is not to share your personal data with any other party unless it is in line with this Privacy Policy and the applicable Israeli laws and GDPR. For example, if you are employed by one of our customers and we would like to share your email address or other contact information with a Baram partner for the purpose of providing you with our services, then we may do so without asking for your specific prior approval. However, if we wish to share the same information with a third-party company that is collecting email contact details for its own direct marketing purposes that are unrelated to our mutual business, then even if we are convinced that sharing the information will be to your personal benefit, we will first send you a message, explain the circumstances and ask for your permission to share the information. We will then require your express written (which may be by email) consent for us to send your personal contact information to that third-party business. 

Whenever we share any personal data with third parties, we require that they contractually guarantee to maintain adequate levels of protection and that any processing of personal data is restricted to the purposes set out in this Privacy Policy and that, where required, they also contractually agree to GDPR approved standard contractual clauses.

New business owners

If we or our business merges with or is acquired by another business or company, we will share your personal data with the new owners of the business or company and their advisors. If this happens, we will notify you of such event in advance, subject to restrictions in transferring commercially sensitive information.

How long we will hold your information

To the extent permissible by applicable law, we will retain your personal data for such period plus 12 further months as is necessary to satisfy or to fulfill the following:

• the purposes for which that personal data was provided;
• an identifiable and ongoing business need, including record keeping;
• a requirement to retain records that may be relevant to any notified regulatory investigations or active legal proceedings;
• comply with any applicable law, regulation, legal process, including, without limitation, court orders and/or compulsory disclosures required by governmental authorities;
• fulfill legitimate interests of Baram that are not outweighed by your right to privacy.

Use of Cookies and Tracking Technology

We use cookies:

• to make our website easier for you to use
• to help stop our online-forms from being used to send spam-email
• to monitor usage so we can spot trends and make improvements

We do not use cookies:

to identify individuals to store personal informationMore information regarding the cookies we use can be found on our cookie notice at Cookie Policy. By choosing to continue using the website, you are agreeing to us using the cookies as described in our cookie notice.

Security

We have put in place reasonable administrative, organizational and technical safeguards and security measures to protect personal data from unauthorized access, disclosure, destruction or alteration, accidental loss, misuse or damage. We use Cryptographic Application Programming Interfaces (CAPI) implementation of the Advanced Encryption Standard (AES) algorithm provided by Microsoft. We regularly review and monitor such safeguards and security measures and update them when we deem it to be required. However, no measures can provide an absolute guarantee against unauthorized access. 

You should understand that the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data while it is being transmitted to our website or sent to us by email via third party networks. Once we have received your information, we will use the procedures and security features described above to reduce the possibility of unauthorized access. 

Your Rights in Connection with Your Personal Data Held by Us.

You have certain rights in relation to personal data about you that we hold. Details of these rights and how to exercise them are set out below. We will require evidence of your identity before we are able to act on any request with respect to exercising any rights. For convenience, please address any requests to us regarding your rights below to our Data Security Officer who is responsible for our implementation of this Privacy Policy. The Data Security Officer’s name and contact details are provided at the end of this document.

Right of Access

You have the right at any time to ask us for a copy of the personal data about you that we hold. Israeli law and GDPR provides certain instances where we may refuse your request for a copy of your personal data, or certain parts of the personal data that we hold. If we refuse your request or any element of it, we will provide you with our written reasons for doing so as soon as possible.

Right of Correction or Completion

If personal data we hold about you is not accurate, out of date or incomplete, you have a right to have the data rectified, updated or completed.

Right of Erasure

You have the right to request that personal data we hold about you is erased if:

• your personal data is no longer necessary for the purposes for which it was collected or otherwise processed;
• you wish to withdraw your consent on which the processing of your personal data was based and there is no other basis justifying such processing;
• you consider and can establish that your personal data has been unlawfully processed; or
• your personal data must be deleted in accordance with a legal obligation.

Right to object to or restrict processing

You have the right to object to our processing of your personal data and you also have the right to object to use of your personal data for direct marketing purposes.

Right of Data Portability

You have a right to receive any personal data that we hold about you in a structured, commonly used and machine-readable format, provided that:

• the personal data is data that you have provided to us previously; and
• the personal data is processed by us using automated means.

Please note that if you are requesting the personal data to be transferred to a third party’s system, we cannot guarantee technical compatibility with that system.

Consent

To the extent that we are processing your personal data based on your consent, you have the right to withdraw your consent at any time.

Complaints

If you are unhappy about our use of your personal data, please do notify us, providing the reasons and we will endeavor to rectify the problem. Please contact our Data Security Officer whose details are provided below. 

If you are based in the EU, you may also lodge a complaint with any Data Protection Authority set up to supervise and enforce the GDPR (“DPA”). There is a DPA in each EU member state and you may report to any DPA, although generally you will report to the DPA set up in the member state in which you are located. Here is a list of all DPAs and their contact details: http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm However, we do take your rights with respect to your personal data very seriously and will appreciate the chance to resolve any issues that you may have before you address a DPA.

Third Party Websites

Please note that clicking on links and banner advertisements on our website can result in your browser accessing a third-party website, where data privacy practices will be different to those of Baram as described in this Privacy Policy and we cannot be responsible for the manner in which those parties hold and process any personal data that they collect from you. We therefore recommend that you review their privacy policies separately before providing such third parties with any of your personal data.

Changes to our Privacy Policy

This Privacy Policy can be changed by Baram at any time. If we change our Privacy Policy in the future, we will advise you of material changes or updates by email. For less substantive changes, we will simply publish the revised policy on our website. You are therefore encouraged to review our Privacy Policy from time-to-time to ensure that you remain updated.

Further Information on Data Protection and Personal Privacy

If you have any enquiries or if you would like to contact us about our processing of your personal data, including to exercise your rights as outlined above, please contact us by email on info@baram-group.com. You may also call alonb@baram-group.com.com who is our Data Security Officer on alonb@baram-group.com.

When you contact us, we will ask you to verify your identity.