1. Home
  2. Privacy policy

Privacy policy

Data Protection and Privacy Policy
CrossControl respects individual privacy and values the confidence of its customers, employees, vendors, business partners, and others. CrossControl strives to collect, store, process, and distribute Personal Information in a manner consistent with the laws of the countries in which it operates, as well as with the General Data Protection Regulation (GDPR).

This Data Protection and Privacy Policy (the “Policy”) sets forth the privacy principles that CrossControl follows with respect to Personal Information transferred to CrossControl from anywhere in the world, including transfers from the European Economic Area (EEA) (which includes the member states of the European Union (EU) as well as Iceland, Liechtenstein, and Norway).


Policy Scope
This Policy applies to all Personal Information received and stored by CrossControl in any format, including electronic, paper, or verbal form. 

CrossControl collects, stores, and processes Personal Information from prospective and existing customers, vendors, professional advisers and consultants, distributors, dealers, suppliers, business partners, and other stakeholders. This may include name, contact details, and financial information.

This information may be maintained by CrossControl’s, as well as by authorized agents, in accordance with applicable local legislation. CrossControl processes this information for legitimate business purposes, including:

•    Processing and fulfilling orders
•    Customer service and support
•    Delivery of products and services
•    Warranty and claims management
•    Compliance with legal and regulatory requirements
•    Financial accounting (accounts payable/receivable)
•    Marketing and internal market research
•    Safety and performance management
•    Sales and financial analysis
•    Maintaining accurate contact information

CrossControl also collects, stores, and processes Personal Information from applicants for employment, such as name, contact information, government-issued identifiers, financial account information, and family-related information. This information is maintained by CrossControl and its authorized agents, depending on the position and the relevant office location. CrossControl will not sell or share this information with third parties in ways different from what is disclosed in this Policy. On a global basis, CrossControl establishes and maintains business procedures that are consistent with this Policy. Notwithstanding the foregoing, CrossControl may have separate policies governing the processing of employee personal data and external personal data in countries that are members of the European Union (EU). These policies are consistent with EU data protection law.

All Personal Information collected by CrossControl will be used for legitimate business purposes consistent with this Policy.

CrossControl may process and disclose Personal Information to service providers, advisors, potential business partners, or other third parties in connection with corporate transactions, such as mergers, acquisitions, restructuring, or the sale or transfer of assets.

CrossControl may also process or disclose Personal Information where required by law or where necessary for important public interest reasons. 


Definitions
For the purposes of this Policy, the following definitions apply:

“Agent”
Any third party that processes Personal Information on behalf of CrossControl or under its instruction.

“CrossControl”
Refers to CrossControl, its subsidiaries, divisions, and affiliated entities.

“Personal Information / Personally Identifiable Information (PII)”
Any information that identifies, or can reasonably be used to identify, an individual, either directly or indirectly. This does not include anonymized or publicly available information that has not been combined with non-public data.


Privacy Principles
CrossControl commits to ensuring that all Personal Information covered by this Policy is handled in accordance with applicable data protection laws, including the GDPR, and in line with principles of transparency, accountability, data minimization, and security.


(1) NOTICE
Where CrossControl collects Personal Information directly from individuals, it will inform them about the purposes for which it collects, stores, and processes their Personal Information, the types of non-Agent third parties to which CrossControl may disclose such information, and the choices and means, if any, that CrossControl offers individuals for limiting the use and disclosure of their Personal Information.

This notice will be provided in clear and conspicuous language at the time individuals are first requested to provide Personal Information to CrossControl, or as soon as reasonably practicable thereafter, and in any event before CrossControl uses the information for purposes other than those for which it was originally collected.


(2) CHOICE
CrossControl will offer individuals the opportunity to (opt-in) or (opt-out).
CrossControl will provide individuals with reasonable and accessible mechanisms to exercise their choices whenever such circumstances arise.


(3) DATA INTEGRITY AND PURPOSE LIMITATION
CrossControl will process Personal Information only in ways that are compatible with the purposes for which it was originally collected or subsequently authorized by the individual.

CrossControl will take reasonable and appropriate measures to ensure that Personal Information is relevant for its intended use, and that it is accurate, complete, and kept up to date as necessary for the purposes for which it is processed.


(4) ACCOUNTABILITY FOR ONWARD TRANSFER
CrossControl engages third-party Agents to assist in achieving the purposes described in this Policy, for example to support customers, perform technical operations, and store or transmit data.

CrossControl will take appropriate steps to ensure that any third party to which it discloses Personal Information provides an adequate level of protection for such information. This may include ensuring that:

•    the third party is contractually obligated to provide at least the same level of data protection as required by applicable privacy principles,
•    the third party is subject to applicable data protection laws within the EU/EEA,
•    the third party has implemented recognized data protection safeguards, or
•    the third party is located in a jurisdiction deemed to provide an adequate level of data protection by the European Commission.

Where CrossControl becomes aware that a third party is using or disclosing Personal Information in a manner inconsistent with this Policy, CrossControl will take reasonable and appropriate steps to prevent or stop such use or disclosure.

CrossControl holds third parties to which it discloses Personal Information accountable for maintaining the trust placed in the organization by its employees, customers, and partners.

CrossControl may remain liable for the processing of Personal Information by its Agents if such processing is carried out in a manner inconsistent with applicable data protection regulations, unless CrossControl can demonstrate that it is not responsible for the event giving rise to the damage.


(5) ACCESS AND CORRECTION
Upon request, CrossControl will provide individuals with reasonable access to the Personal Information it holds about them.

CrossControl will also take reasonable and appropriate steps to allow individuals to correct, amend, or delete Personal Information that is demonstrated to be inaccurate, incomplete, or no longer necessary for the purposes for which it is processed.


(6) SECURITY
CrossControl will take reasonable and appropriate technical and organizational measures to protect Personal Information in its possession from loss, misuse, and unauthorized access, disclosure, alteration, or destruction.

CrossControl implements a range of safeguards to ensure the security of Personal Information. Physical security measures are designed to prevent unauthorized access to systems, equipment, and physical records containing Personal Information. Electronic security measures are in place to continuously monitor access to systems and to protect against unauthorized access, including from external threats. These measures include, but are not limited to, the use of firewalls, access controls, and encryption technologies where appropriate.

Access to Personal Information is restricted to those employees of CrossControl, or authorized Agents acting on its behalf, who require such access for legitimate business purposes. Individuals who are granted access to Personal Information are informed of their responsibilities to protect the confidentiality, integrity, and availability of such information, and receive appropriate training and guidance on data protection and information security.


(7) RECOURSE, ENFORCEMENT, AND LIABILITY
CrossControl will conduct periodic reviews and audits of its relevant privacy practices to verify compliance with this Policy and applicable data protection principles.


Dispute Resolution
Any questions, concerns, or complaints regarding the use or disclosure of Personal Information should be directed to CrossControl’s designated Data Protection contact using the contact details provided below.

CrossControl will investigate and seek to resolve all complaints and disputes regarding the processing of Personal Information in accordance with the principles set out in this Policy and applicable data protection laws.


Internet Privacy
CrossControl views the Internet, intranets, and other digital technologies as important tools for communicating with site users. CrossControl recognizes the importance of safeguarding Personal Information collected through the websites it operates.

The primary purpose of CrossControl’s websites is to provide information about its products and services. In general, individuals may visit CrossControl’s websites without disclosing any Personal Information. Visitors may, however, choose to voluntarily provide Personal Information, for example by completing online forms, requesting information about products or services, submitting feedback, or applying for employment.

The Personal Information voluntarily provided may include contact details such as name, home and/or business address, telephone number, and email address. CrossControl collects this information solely for legitimate purposes, such as responding to inquiries, providing requested information, and supporting business operations. CrossControl does not sell such Personal Information.

CrossControl may also collect anonymous or aggregated information about website usage through cookies and similar technologies in order to improve user experience and optimize website functionality. Cookies are small files placed on a user’s device to help recognize the user and enhance navigation.
CrossControl regularly reviews its websites to identify and manage the use of cookies. The cookies used are generally not intrusive and are typically not linked to directly identifiable Personal Information.

Visitors may choose to configure their browser settings to:

•    Receive notifications when cookies are used
•    Accept or reject cookies
•    Disable cookies entirely

Please note that disabling cookies may impact the functionality and performance of certain parts of CrossControl’s websites.

For more detailed information about how cookies are used and managed, visitors are encouraged to review CrossControl’s separate Cookie Policy.


Session Cookies
CrossControl uses session cookies that remain active for the duration of a user’s visit to the website. These cookies are primarily used for essential functions such as load balancing and ensuring optimal website performance.

Where users provide their consent to the use of cookies, certain user data may be linked to their contact information for the purpose of enhancing the browsing experience and delivering content that is tailored to the user’s preferences and interests.

Persistent Cookies for Site Analytics
CookieYes – we use this to manage cookie consent.
You can find CookieYes’ privacy policy here > 

Google Ads – we use this to advertise our products and services online. You can find Google’s Privacy Policy here >

Google Analytics – we use this to understand how the site is being used to improve the user experience. User data is not linked to any of your contact information. You can find out more about Google’s position on privacy as regards its analytics service at >

Google Tag Manager – we use this to implement changes across our websites. You can find Google’s Privacy Policy here >

LinkedIn – we use this to share company information and promote our products and services through advertising. You can find LinkedIn’s Privacy Policy here >

Apsis – we use this to send newsletters and company information to subscribers. We also use this tool for Marketing Automation purposes on the CrossControl website. You can find Apsis privacy policy here >

YouTube – we use this to distribute product and company videos. You can find YouTube’s Privacy Policy here >

Go to our Cookie Policy to learn more >


Contacting our Data controller:
CrossControl provides website users with the option to request that previously provided Personal Information is no longer used, to correct or update such information, or to request its deletion, subject to applicable legal requirements.

Individuals who wish to access, correct, update, restrict, or delete their Personal Information, or otherwise exercise their data protection rights, may submit their request to CrossControl using the designated contact details provided in this Policy.

Send your request to: info@crosscontrol.com
The inquiries should include the individual’s name, address, and other relevant contact information (phone number, email address). 

CrossControl website may contain links to other “non-CrossControl” websites. CrossControl assumes no responsibility for the content or the privacy policies and practices on those websites.