MSA Safety Data Privacy StatementEffective Date: May 17, 2023
MSA Safety Incorporated and its affiliated companies ("MSA", also "we") own this website and its subpages and the webpages of its affiliates (hereinafter collectively referred to as "Website"). The intended use of the Website is for business-to-business purposes.
When we refer to "you" or "your," we mean the person accessing this Website. If the person accessing this Website does so on behalf of, or for the purposes of, another person, such as a business or other organisation, "you" or "your" also means that other person, including a business organisation.
As "The Safety Company", safety is in our DNA. We help our customers make informed decisions and pursue a safety-first, work site. Consistent with these principles, safeguarding your privacy is very important to us. We take the protection and safety of your personal information seriously and are committed to maintaining its confidentiality, availability and integrity in our business process. We strive to ensure that personal information collected by us is processed by us strictly in accordance with applicable law.
PURPOSE AND SCOPE
This MSA Data Privacy Notice ("Privacy Notice") provides transparency about personal information that MSA may be process. The purpose of this Privacy Notice is to comply with applicable law and demonstrate our commitment to privacy. This statement generally describes MSA’s practices towards personal information collected from and about you - to market and sell products or services, to communicate with us, or to perform a contract - and our information sharing practices, including the content, services, applications, and related activities conducted through the Website.
We encourage you to read this Privacy Notice carefully. By accessing or using the Website, you acknowledge your understanding and agreement with this Privacy Notice. Please check this Privacy Notice periodically for updates. This Privacy Notice is not intended for MSA associates., this Privacy Notice is not intended for MSA associates.
MSA The Safety Company Group is headquartered at 1000 Cranberry Woods Drive, Cranberry Township, Pennsylvania 16066, United States, and is the controller of the data processing for the administration of this Website. You can find information about MSA’s management and leadership at: http://investors.msasafety.com/management.
To identify the MSA entity responsible for the processing of any specific personal information, you can consult the list of our locations on our public website, ask your MSA business contact, or contact our Global Privacy Team through an information request at our privacy intake portal.
CATEGORIES OF PERSONAL INFORMATION
For the avoidance of doubt, except where specifically stated otherwise, this Privacy Notice defines "personal information" generally as any information relating to an identifiable individual. Personal information that MSA may collect includes any personal information that we are authorised to collect, may include, but is not limited to, the following:
- Contact information to help us communicate with you. This includes name, address, telephone number, title, username, employer, and e-mail.
- Online identifiers to help us optimise and improve your browser experience. This includes IP address, MAC address, user settings, location selection, etc. (for more information, see below at MSA Website: Processing of Personal Information)
- Relationship or transactional information to help us understand our history, who you are, your relationship to MSA or our channel partners, and what MSA products or services might benefit you. This includes user preferences and settings, passwords for MSA accounts, transaction history, purchasing information, inquiries, customer accounts, contact and demographic information.
- Payment or financial information to pay for our products or services. One is example is your credit card number (although as a business-to-business company, we expect that credit cards used for purchasing are tied to an entity’s business account).
- Personal information incidental to the functioning of our products for the benefit of our business customers. For example, personal information that is generated by, collected by, or stored in MSA equipment or any hardware or device interfacing with such equipment in our Safety io platform. Examples could include geolocation data, user settings or preferences, breathing rates in SCBA apparatus, etc. For more information about MSA devices and what data they collect in our software-as-a-service applications, consult the Grid and FireGrid Data Transparency Statement here.
BASIS AND PURPOSE OF PROCESSING
MSA may process personal data in accordance with applicable law. Some reasons that MSA might process your personal information including without limitation:
- To sell or provide you or your customer a product or service (Contractual Basis or legitimate interest)
- To enable communications and interactions between MSA and you (e.g., product support) (Contractual Basis or legitimate interest)
- To market MSA products and services, including through promotions or surveys (Legitimate interest or consent bases)
- For MSA’s own internal business purposes, such as researching or evaluating our products or services or to make enhancements (Legitimate interest)
- For legal, safety or security reasons, such as to protect ourselves against liabilities, or to protect our associates, customers, intellectual property, etc. (Legitimate interest or legal bases)
- To enforce our policies (Legitimate interest)
- To comply with legal or regulatory requirements (Compliance with legal obligation bases)
- For any other purpose that is related to the foregoing, compatible with applicable law, and/or for which you provide consent (Various bases)
In each case, we seek to avoid sharing more personal information than is necessary to fulfil the purpose of sharing and in accordance with applicable law. We may also anonymise or aggregate personal information to share with third parties for any purpose.
COMPLIANCE WITH THE CHILD ONLINE PRIVACY PROTECTION ACT (COPPA)
We refrain from knowingly collecting or maintaining personal information relating to any person under the age of 18. Do not supply personal information to the Website if you are under the age of 18. Your parent or guardian should contact us through our privacy intake portal if you are under the age of 18 and have provided personal information to MSA.
MSA WEBSITE CONTACT
MSA has a Global Privacy Contact Team and, where required by local law, a Data Protection Officer (DPO). General privacy-related inquiries, including any questions about this Privacy Notice, can be directed to our privacy intake portal. This portal can be used regardless of your location.
For any data subject making requests under this Privacy Notice, we may require you to provide us with sufficient information to identify yourself. Any such information you provide shall be used only for this purpose.
MSA WEBSITE: PROCESSING OF PERSONAL INFORMATION
Every time you access this Website, it collects various data and information that are then stored in the log files of the server. The data collected may include the (1) browser types and versions used, (2) operating system used by the party accessing the Website, (3) the website from which an accessing system has reached our Website (known as a referrer), (4) the sub-sites on our Website which are accessed via an accessing system, (5) the date and time of an access to the Website, (6) an Internet Protocol address (IP address), (7) the Internet service provider of the accessing system and (8) other similar data and information, including data aimed at risk prevention in the case of an attack on our IT systems.
The information that we collect is required (1) to correctly display the content of our Website, (2) to optimise the content of our Website as well as the advertisements we display, (3) to ensure the ongoing functionality of our IT systems and the technology relating to our Website, and (4) to provide the necessary information to law enforcement in the event of a cyber-attack. Another crucial reason that we collect such information is to increase data protection and data security at our company to ultimately ensure the best possible level of protection for personal information processed by us.
We erase the personal information as soon as it is no longer required for the purposes for which it was collected. For example, if we collect your IP address for the reasons stated above, we only store it on our web server for a period of seven days, and our backup systems only store the IP address for four weeks.
You have the option to receive company news, industry resources and product information from us via e-mail by signing up through our "Stay informed" feature. We will not use or sell your e-mail address for any other purpose except as authorised by you.
We also offer you the opportunity to subscribe to newsletters through this Website or other marketing tools. Data provided during newsletter registration will be used only for the purposes of sending out the newsletter unless you have provided consent for other uses, such as receiving other advertising or information related to MSA. You can cancel the newsletter subscription at any time by using the unsubscribe option provided in the newsletter.
Part of our Website is the MSA Career Portal. The main purpose of the MSA Career Portal is to support our recruitment and hiring process, and you can apply for jobs directly through the portal. Any personal information we collect during the application process will be used exclusively for employment-related purposes.
In the application process that is operated via the MSA Career Portal we collect, process and use the data provided by you, such as contact details, resume, CV, proof of qualifications, and experience. We employ reasonable security measures to keep this data confidential. Your personal information will be used and stored exclusively for recruitment and hiring purposes in MSA’s applicant tracking system connected to the MSA Career Portal. In considering you for employment at our company or for a specific job, your personal information may be transferred to, stored and/or processed by MSA, its affiliates abroad, and/or third-party partners on their behalf, in countries that may be outside of the applicant’s resident country (e.g., an applicant in the EU or Canada may have their personal information may be transferred to the U.S. as part of our Career Portal administration), but always under obligations of confidentiality, availability and integrity.
Note that MSA will only use your personal information to evaluate your application for a specific position selected by you, unless you provide your consent to use your personal information to consider you for other relevant job postings within MSA. If you are offered a job, the personal information we received through the MSA Career Portal is transferred to a personnel file and subsequently erased from the application system. If you are not offered a job, your data is erased from the application system six months after the position has been filled or when you have revoked your consent.
MSA uses social plugins for social networks such as Facebook, Twitter, Youtube, LinkedIn and Instagram. When you visit our website, these social plugins are deactivated by default. Without your intervention, no data will be sent to these respective social networks.
You can activate a social plugin while visiting the website by clicking on the respective social media icons that appear on our various subpages. Once the social plugin is activated, a direct link to the server of the selected social network is established. The contents of the button are then transmitted from the social network directly to your browser which then incorporates it in the website.
Please note that a social network may be able to retrieve data independently of whether you interact with the social plugin button or not. If you are logged on to a social network, the network can assign your visit to the website through your social network user account. A social network cannot assign a visit to other websites unless and until you activate the respective button there as well. If you want to prevent the combination of data retrieved from your visit to our website with your membership data, you will need to log out from the social network concerned prior to activating any social plugin buttons.
MSA can neither influence nor control the extent or scope data that is collected by social networks through their plugin buttons. Please refer to the data privacy statements of the respective social networks for such information.
WEB ANALYTICS AND COOKIES
MSA uses web analytics, cookies and tracking pixels to enhance your browsing experience. These tools are may be required for certain functionality of the site and are used to collect statistical information about you, your device, and your use of the site and to save preferences for your convenience. Some of these tools may also be temporarily used to serve you content regarding relevant marketing campaigns. In general, the used tools and its purpose are:
- Functional (or required) tools:
- Remember your country and language selection
- Remember your login information
- Maintain your logged in session
- Tracking tools:
- Collect anonymous information about the usage of our Website help us make improvements to our Website based on how our visitors interact with it
- Targeting tools:
- Display our campaigns to you on other websites
You can prevent the storage of cookies and tracking via tracking pixels and changing browser settings or clicking below to alter your cookie preferences on the Website:
Should you choose to disable or delete tools using your preferred browser's settings, please be aware that some pages or functions may not perform as intended. Please use the "Help" feature in your browser for more information.
GOOGLE ADWORDS CONVERSION TRACKER
Google adwords Conversion Tracking is not used for personal identification, but exclusively for statistical purposes to understand how Google ads attract users to our Website. As an adwords customer, we use the Google Conversion Tracking function.
To find out more about Google adwords Conversion Tracking and the processing of personal information, please use the following link: https://support.google.com/google-ads/answer/93148
We have the Google Analytics component (with anonymisation function) integrated on this Website. Google Analytics is a web analytics service that we use to collect, compile and analyse data about the behaviour of visitors to websites. We primarily use this tool to optimise user experience of our website and understand the effectiveness of our advertising.
To find out more about Google Analytics and the processing of personal information, please use the following link: https://support.google.com/analytics/answer/6004245?Hl=en
LINKEDIN MARKETING SOLUTION (CONVERSION TRACKING)
We have the LinkedIn Marketing Solution component Conversion Tracking integrated on this Website. This solution helps us generate leads for candidates and optimise our talent acquisition process.
To find out more, please use the following link: https://www.linkedin.com/help/linkedin/answer/87080/linkedin-marketing-solutions-and-the-general-data-protection-regulation-gdpr-?Lang=en
MARKETO LEAD MANAGEMENT
To find out more about Marketo and the processing of personal information, please use the following link: https://www.marketo.com/company/trust/gdpr/
We have the AddThis social bookmarking integrated on this Website. AddThis is a social bookmarking service that can be integrated into a website with the use of a web widget. Once the widget is added, visitors to the website can bookmark or share an item using a variety of social media services. The service operated under the Oracle Corporation. AddThis allows users to opt-out of their tracking tools via their corporate website.
To find out more about AddThis and the processing of personal information, please use the following link: https://datacloudoptout.oracle.com/
ADOBE MARKETING CLOUD (ADOBE DYNAMIC TAG MANAGER)
We have the Adobe Dynamic Tag Manager integrated on this Website. It provides us tremendous flexibility and control to implement and optimise digital experiences and solve standard tag management problems. This enables us to identify specific users and audience segments on our Website and immediately deliver segment-specific content experience-based reporting that might appeal to them.
To find out more about Adobe Dynamic Tag Manager and the processing of personal information, please use the following link: https://www.adobe.com/privacy/experience-cloud.html
MICROSOFT BING ADS
We have Microsoft Bing Ads services integrated on this Website. We use Microsoft Bing Ads to promote our business online. To more effectively market our product or service, we use a cookie to record the completion of your transaction.
To find out more about Microsoft Bing Ads and the processing of personal information, please use the following link: https://about.ads.microsoft.com/en-us/resources/policies/microsoft-advertising-privacy-policy
FACEBOOK FOR DEVELOPERS (FACEBOOK CONNECT)
We have Facebook Connect integrated on this Website. Facebook Connect is a single sign-on application which allows Facebook users to interact on other websites through their Facebook account. When a user chooses to access a protected content through Facebook Connect, they allow that website to retrieve information they have given to Facebook, including their full name, pictures, wall posts, friend information, etc. This not only allows the user to skip the basic registration steps required by most websites, but it also allows the Website to update the user's Facebook wall and news feed with their activities. By gaining access to the user's friends list, the website can show the user which of their friends have also accessed the Website through Facebook Connect.
To find out more about Facebook Connect and the processing of personal information, please use the following link: https://www.facebook.com/about/privacy/
SAFETY IO APPLICATIONS AND SERVICES
MSA maintains a business subsidiary named Safety io. Safety io is headquartered in Cranberry Township, Pennsylvania, USA. Safety io provides software-as-a-service to customers, and such applications may collect personal information as part of those activities. In this role, Safety io may process personal information received from and on behalf of its customers. For more information, please visit Safety io’s Applications and Services Privacy Statement at https://www.safetyio.com/legal/. MSA will process this information consistent with the legal basis for processing described above and in the aforementioned statement.
For further details, please see the ‘about Hotjar’ section of Hotjar’s support site.
ShopMSA offers authorized MSA Channel Partners the ability to check product pricing and availability, create and review orders, view account details, and similar uses. If you use shopMSA, it may collect personal information incidental these activities, such as channel partner account manager name, business e-mail addresses, and payment information. MSA will process this information consistent with the legal basis for the processing described above.
EU/UK/SWITZERLAND (COLLECTIVELY, “EU+”) DATA PRIVACY STATEMENT
This EU+ Data Privacy Statement provides transparency about any "personal data" of EU+ data subjects per EU+ legal requirements. Art. 13 of the EU General Data Protection Regulation (GDPR), as well as local law based on the EU privacy Directive and the Cookie Directive, including that may be processed through this Website (material scope) and the respective safeguards provided to Website visitors that reside in the European Union (personal scope), in line with Art. 13 of the EU General Data Protection Regulation (GDPR), as well as local law based on the EU eprivacy Directive and the Cookie Directive.
The terms used in this EU Data Privacy Statement correspond to the definitions in Art. 4 GDPR.
Users Outside the EU+ - Some of the aforementioned rights are applicable in certain jurisdictions outside the EU+ as well. Users residing outside the EU+ are welcome to contact us for any questions or requests at the details below.
If you wish to exercise any of your rights or submit a request regarding your Personal Data processed by us, please refer to the contact information below.
WEBSITE HOSTING NOTICE TO EU+ RESIDENTS
MSA’s Corporate Headquarters are in Cranberry Township, Pennsylvania, USA. Accordingly, this Website is hosted in the United States. If you are visiting this Website from outside of the United States, your information is being transferred to, stored or processed in the United States and other countries where our data centre and servers are located and operated. If you are outside of the United States and do not wish to allow the transfer of your personal information to the United States, you should not use this Site and opt-out of the collection of cookies.
For more information on the respective safeguards provided to data subjects that reside in the EU, please see the EU Data Privacy Statement below.
EU+ DATA PROTECTION TEAM AND OFFICER
MSA has appointed an EU Data Protection Team and, where required locally by law, a Data Protection Officer (DPO). If you are an EU resident with questions or comments on how MSA processes personal data, please feel free to contact us through our privacy intake portal.
EU+ RESIDENTS: PURPOSE OF COLLECTION AND LEGAL BASIS FOR PROCESSING
The purpose of collection and legal basis for processing of personal data of EU data subjects is consistent with the purposes outlined above.
MSA’s associates may have access to EU personal data on a need-to-know basis if they need to carry out legitimate tasks.
The website is hosted in the USA, which means that certain data that you provide may require cross-border transfer. Such transfer will take place considering the applicability and scope of EU legal regulations.
DATA SECURITY AND RETENTION
MSA takes data security seriously. We use administrative, technical and organisational security measures designed to protect the data supplied by you and managed by us with the aim of ensuring its confidentiality, availability and integrity. We have taken security measures are protect against the manipulation, loss, destruction, and access of personal data by third parties, and our website security is continually being improved with developing technology.
Although we take the measures described above to ensure the confidentiality of your data, MSA – like any company doing business online – cannot absolutely guarantee its security. You should be aware that there is always some risk in transmitting information over the internet, and when you use our Website, you do so at your own risk.
As detailed more fully in other parts of this Privacy Statement, MSA retains personal data as long as necessary to fulfil our contracts, comply with legal obligations, resolve disputes, and enforce our policies. Retention periods can vary, but take into account the type of information that is collected and the purpose for which it is collected, based on the situation. Our goal is to remove outdated or unused personal data at the earliest reasonable time.
EU+ DATA SUBJECT RIGHTS
If you reside in an EU+ area, you have the following rights:
- The right to be informed about our collection and use of personal data (see this Privacy Statement sections above);
- The right of access to the personal data that we hold about you;
- The right to rectification if any personal data We hold about you is inaccurate or incomplete;
- The right to be forgotten – i.e., the right to ask us to delete any personal data that we hold about you (although MSA only holds your personal data collected through this Website for limited time periods);
- The right to restrict (i.e., prevent) the processing of your personal data;
- The right to data portability (obtaining a copy of your personal data to re-use with another service or organization);
- The right to object to us using your personal data for particular purposes; and
- Rights with respect to automated decision making and profiling.
If you have any cause for complaint or questions about our use of your personal data, please contact us through our privacy intake portal. We will do our best to address any problem that you may have.
Please note that these rights pertain to EU+ residents only, are not absolute, and may be subject to our own legitimate interests and regulatory requirements. A list of Supervisory Authorities is available here.
RIGHTS FOR CALIFORNIA CONSUMERS
In addition to any rights provided under the Privacy Notice above, California law provides additional rights for California consumers. Here is a description of some of the rights that a California consumer may have, depending on their relationship with MSA:
- The right to request a description of the categories and specific pieces of "personal information" that we have collected about them.
- The right to know the categories of "personal information" about them that we may disclose to third parties for a business purpose, with a description of categories of third parties that may receive such information.
- The right to request that we delete "personal information" about them that we have collected from them.
- The right to know and opt out any “sales” of personal information, including information about the categories of personal information and categories of third parties to whom it was sold or shared1.
- The right to correct inaccurate personal information.
1MSA does not sell your data – we are not data brokers, and we don’t put your data on the open market. However, under California’s privacy law, sharing of personal information (e.g., to provide you with personalized ads) may be considered a “sale,” even if no money is exchanged. If you want to opt out of this sharing, please follow the instructions at our California Consumer Privacy Statement.
If you opt out, MSA will stop sharing your information, including with some of our advertising partners, and you will no longer receive personalized offers from MSA on some sites or services.
California residents may not be discriminated against for exercising any of the rights described above.
You can exercise your rights by visiting our privacy intake portal or by calling us toll-free at 1-800-532-9762 (toll free).
For more specific information on the "personal information" we collect, and how to exercise any rights you may have under California law, please visit our California Consumer Privacy Statement. Please note that it may not be required for us to delete "personal information" needed to provide goods or services, complete a transaction, perform a contract with you, retain within the context of our ongoing business relationship by reasonable expectation, or that we may otherwise retain under applicable law.
CHANGES TO THE PRIVACY NOTICE
This Privacy Notice may be revised from time to time as we update the Website or MSA products or services, as laws change, and/or as industry privacy and security best practices evolve. Please check this Privacy Notice periodically for changes and to remind yourself of our policy. Your use of the Website is deemed acceptance of the provisions of this Privacy Notice and your continued use of the Website after any change to our Privacy Notice constitutes acceptance of each revised Privacy Notice. Please exit the Website immediately if you do not agree to the terms of this Privacy Notice, including any subsequent revision.
We appreciate your interest in MSA!