Contact
Regions
 Your Data

Data Governance Statement

FINNING INTERNATIONAL INC. DATA GOVERNANCE STATEMENT

LAST UPDATED December 13, 2024

This Data Governance Statement describes the practices of Finning International Inc., our divisions and subsidiaries (collectively, “Finning,” “we,” “us” or “our”) when collecting, storing, sharing and otherwise using information about our customers related to machines, products, attachments and other assets and their associated worksites (collectively, “Assets”).    We collect this information through online and offline means including: (1) applications and platforms for use on or through computers, APIs, and mobile devices; (2) telematics or other devices on Assets, whether manufactured by Finning, Caterpillar Inc. or any of its affiliates (collectively, “Caterpillar”) or by other companies (“Devices” and, together with the Applications, “Digital Offerings”); and (3) component manufacturers, service providers, and customers.  

For the purposes of this Data Governance Statement, the term “your” (and related terms such as “you”) refers to both the individual accessing this document and each entity for whose benefit you act. You may not procure equipment or services from us unless you agree with this Data Governance Statement. You should regularly review this Statement carefully to understand what information we collect and what we do with that information. By providing System Data, Operations Data, or Personal Information (each as defined below) (collectively, “information”) to us, you agree to the terms and conditions of this Data Governance Statement, including our collection, use and sharing of that information as set out in this Statement.

1. WHAT INFORMATION WE MAY COLLECT

We may collect the following information:

a) System Data

System data is information that is ingested or used by or generated through Digital Offerings, which may include:

  • Device, Asset and Component Information, including model number, serial number, order number, software and hardware version numbers, performance, and configuration, including work tools or other peripheral devices attached to Assets.
  • Electronic Data, including sensor logs, trends, histograms, event data, other alerts, digital state data, fault codes, idle time, daily and cumulative fuel consumption, emissions data, service meter hours, electronic data files downloaded manually or automatically from an Asset, troubleshooting data, and other data, depending on the Customer and Asset and communication channel used by a Device.
  • Inspection Data, including results of inspections using a Finning or third-party inspection system.
  • Device Location Information, including the physical location of an Asset (e.g., determined using satellite, GPS, cell phone tower, Bluetooth or Wi-Fi signals).
  • Fluid Data, including analysis results of fluid samples (such as oil, hydraulic and coolant fluids) obtained using Finning or third-party tools.
  • Event Recorder Data, including location, speed, direction and associated video recordings, use of controls and positive train control information.
  • Service and Maintenance History, including work orders (records of all maintenance, repair, parts purchases, replacement and modification to an Asset), component life (history of usage and wear life of a component), maintenance schedule, planned maintenance, warranty coverage data, maintenance and repair contracts, service intervals (scheduled interval for planned maintenance of component replacement activities for an Asset), component lists (lists of parts that make up an Asset) and service letters (describing special service actions recommended by manufacturers to correct a known problem with an Asset).
  • Site and Environmental Conditions, including the type of work being done, condition of roads or tracks, altitude, climate and material tracking.
  • Patterns of Use, including any user-defined information relating to a product you provide to us through a Digital Offering.

b) Operations Data

Operations Data may include:

  • Information contained in tenders, invoices, purchase orders, sales contracts, service contracts, e-forms and other transactional documentation generated as part of the business relationship between us.
  • Information about our customers, their personnel and end users, including certain Personal Information (as defined below) about such individuals.
  • Work order data, including information about You, the Asset involved, problem identified, and repairs performed.
  • Store hierarchy data, including information about inventory reporting and replenishment processes.
  • Component data, including information related to management and replenishment of parts inventory and customer purchases, returns and replacements.
  • Information used by us to manage a fleet of Assets (either owned or rental).

c) Location Information

We may also receive location information either directly from you or from Caterpillar, which enables us to provide you with localized content and services. In some instances, you may be permitted to allow or deny such uses and/or sharing of your Device’s location, but if you do, we may not be able to provide you with the applicable services and content.

d) Personal Information

Personal Information is information that relates to an identified or identifiable individual, which may include but is not limited to:

  • Name
  • Postal address (including billing and shipping addresses)
  • Telephone number
  • Email address
  • Identification information such as usernames and user IDs
  • The employer or company with which an individual is associated and his or her role and title
  • User Profile information
  • Geo-location information
  • Information about any computer or mobile device with which you access Applications
  • Information about your use of the Applications
  • Audio-visual data
  • Physiological data, such as eye movement, facial expression and heart rate

e) Simulatenous Collection

Information collected by us may simultaneously constitute System Data, Personal Information, and Operations Data, or any combination thereof. 

2. HOW WE MAY COLLECT INFORMATION

We may collect information in a variety of ways. For example, we collect information that you provide to us, information that we collect through your use of our products or services, and information that we collect from publicly available sources or third parties.

a) Information You Provide to Us

We collect information you give us when you engage with us and/or use our products or services. For example, we may collect information when you interact with us, attend one of our stands at a trade show, make an enquiry, place an order or contact our customer service.

b) Information Collected Through Your Use of Our Products and/or Services

In addition to the information you provide to use directly, we may collect information about your use of our Products and/or Services. For example:

  • Through Platforms / Applications / Devices: We may receive information directly via cellular or satellite link, or radio or Ethernet connection from Assets equipped with an Application or a Device that was either pre-installed or installed by us, which may include System Data or Personal Information.  We could also receive information through your use of our single-sign on services, these services will allow us to use your my.cat.com credentials to authenticate your identity and provide you with the option to share certain personal information with us.
  • Through Wearable Technology: · We may collect information through wearable technology, such as fatigue monitoring devices or RFID tags embedded in hardhats or safety vests.

c) Information From Third-Party Sources

We may receive information from publicly and commercially available sources, as permitted by law, which we may combine with other information we receive from you. For example:

  • Via Caterpillar Inc. or its business affiliates or contractors: We may receive information from Caterpillar or its business affiliates or contractors which have collected from you via: (i) cellular or satellite link, or radio or Ethernet connection from Assets, which may include System Data (such as information relating to the Device or Asset) or Personal Information (such as from information generated by fatigue monitoring devices, on-board camera and proximity detection systems, and in-cab monitoring technology); or (ii) Digital Offerings. 
  • From Component Manufacturers and OEMs: We may obtain System Data from manufacturers of the components in your Assets. This information may be provided to us automatically.
  • From Asset Owners and Others: We may receive additional information from Asset owners, operators and other persons who have management responsibility for an Asset.
  • From Other Sources: We may receive your information from other sources, such as credit reference agencies, public databases, joint marketing partners, internet, social media platforms (including from people with whom you are friends or are otherwise connected) and from other third parties. We may collect or generate information from troubleshooting data, from your service providers (such as fluid analysts and site inspectors) or from maintenance, inspection or warranty records.

d) Other Ways We Collect Information

We also may collect other information about you, your device, or your use of the services in ways that we describe to you at the point of collection or otherwise with your consent. You may choose not to provide us with certain types of information, but doing so may affect your ability to use some of the products and services.

3. HOW WE MAY USE INFORMATION

We may use collected information for the following purposes:

a) To Provide Services to You and Others:

  • To allow you to monitor the status of Assets, to complete and fulfil orders, and to communicate with you regarding your purchase or rental of Assets and your purchase of Asset parts, and provide you with related customer service.
  • To fulfil customer support agreements, perform maintenance and repairs and deliver rental Assets or parts.
  • To make recommendations regarding safety, Asset health, maintenance, worksite efficiency and productivity training for operators.
  • To enhance the safety of machine operations, including by tracking proximity to Assets, other objects or humans.
  • To enable remote technician services, such as remote troubleshooting, and remote tuning.
  • To provide you with location-based services and content.
  • To process payment related to our products and services.

b) To Enable Communications:

  • To send administrative or contractual information, for example, information regarding our terms and conditions of sale and rent and of using Digital Offerings, warranty policies or service contracts and in respect of debt recovery.
  • To provide you with information about new products and services and to send you marketing communications that we believe may be of interest to you for which you may opt-out at anytime. 

c) For Other General Business Purposes:

  • To conduct market research.
  • To perform data analytics, audits, improve products, develop new products, enhance, improve or modify our Digital Offerings, identify usage trends and operate and expand our business activities and for statistical analysis based on aggregated and de-identified data, such as benchmarking reports.
  • To provide services to customers, manage work flow, monitor repairs, project future maintenance and service, and troubleshoot issues.
  • To validate effectiveness of recommendations, resolve complaints, and fulfil orders.
  • To manage Asset and parts inventory in order to provide you with machines, parts and services.
  • To manage a fleet of owned or rented Assets.
  • To maximize the efficiency of operations and increase sales.
  • To develop digital applications.
  • To manage your account with us and generally keep our records up to date and to administer our relationship with you.

d) Other Uses:

  • To enable us to administer the Cat Rewards program.
  • To allow you to participate in sweepstakes, competitions or similar promotions and to administer these activities. Some of these activities have additional rules, which could contain additional information about how we use and disclose your information, including Personal Information. We suggest that you read any such rules carefully.
  • For additional uses as agreed by you and us, which may, for example, arise from new types of products or services that we may offer you.

With respect to audio-visual data that identifies an individual or physiological data for an identifiable individual, we will use that data only to provide products and services to our Customers, including to make recommendations regarding safety, Asset health, maintenance, worksite efficiency and productivity training for operators, and to improve our products and services.

4. HOW WE MAY DISCLOSE INFORMATION

a) Third Parties

We may disclose your information to third parties as follows:

  • To Caterpillar: (i) to administer remote services and the Cat Rewards Program; and (ii) for such other purposes as set out in the Caterpillar Data Governance Statement.
  • To our other business partners to assist us with: delivering and improving the products and services you have requested. (.
  • To Asset owners, to permit them to manage the use of their Asset.
  • To our service providers who provide services such as tire replacement, fire suppression systems, engine packaging, data analytics, information technology and related infrastructure provision, application development, platform hosting, customer service, product development and auditing, advisory and other services.
  • To component manufacturers, to permit them to study the use of their products, to improve their products and to develop new products.
  • To agents, service providers and other third parties contracted by or engaged in business with Asset owners, who have management responsibility for the Asset.
  • To those of our third party service providers who supply sub contracted services in relation to maintenance and repair of, or modification to, Assets.
  • To a third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings).
  • As permitted in any other agreements with us including our Terms and Conditions of Equipment Sale.
  • To additional recipients as agreed by you and us.

When your information is disclosed to third parties, such as Caterpillar, your information becomes subject to the third party’s terms of use, privacy policy and/or data governance statement. If we transfer your Personal Information to a third party, we will require the third party to treat your Personal Information in accordance with this Data Governance Statement and Finning’s Privacy Policy. Other than as described in this Data Governance Statement and our Privacy Policy, we do not share your Personal Information with third parties.

b) Required Disclosures

We may also transfer and disclose your information as we believe necessary or appropriate:

  • To comply with a legal process.
  • Under applicable law, including laws outside your country of residence;
  • To respond to an investigation by law enforcement, regulatory authorities or self-regulatory organizations.
  • To protect our business, operations, employees, customers or other stakeholders.
  • In connection with an internal or external investigation involving a potential breach of an agreement or contravention of law.
  • To assist with the detection, prevention and suppression of fraud and other criminal activity and other matters in the public interest.· .

c) De-Identified or Aggregated Information

We may use and disclose de-identified or aggregated information (i.e., information that does not identify you) for any purpose, except where required otherwise under applicable law.

5. INTERNATIONAL TRANSFERS

Your Data may be stored and processed by us, our affiliates and our third party service providers in the United States, Canada, United Kingdom, South America or other jurisdictions that may not have data protection or other laws that are as protective as in your country of residence.  If information is transferred to the United States, Canada, the United Kingdom, Ireland, South America or another foreign jurisdiction, it will be subject to the laws of that jurisdiction and may be disclosed to or accessed by the courts, law enforcement and governmental authorities in accordance with those laws. By transferring Data or allowing Data to be transferred to us, you consent to the transfer, processing and storage of your Data in countries outside of your country of residence, as described in this Data Governance Statement. 

6. SECURITY

We have implemented reasonable organizational, technical and administrative measures designed to protect information within our organization. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of your account has been compromised), please immediately notify us in accordance with the “Contacting Us” section below.

7. ACCESS, CHANGE OR CORRECT PERSONAL INFORMATION

Subject to certain exceptions prescribed by law, you have a right to access and request correction of most personal data that we have about you. In some circumstances, it may not be possible for us to provide you with all of your personal data. For instance, there may be instances where disclosing the requested information would impact the privacy of another individual. Where we cannot provide access to personal data held about you, we will tell you why.

If you think that any personal data we hold about you is inaccurate, you may contact us using the contact details below and we will take reasonable steps to ensure that the information is corrected.  We may take steps to verify your identity before providing you access to your personal data.

If you send any request for access to or correction of your personal data, we will do our best to respond within a reasonable period after your request.

8. ELECTRONIC COMMUNICATIONS

With your consent, we may use personal data to inform you of products or services available from us or our affiliated entities. When collecting information that might be used to contact you about our products and services, we give you the opportunity to opt-out from receiving such communications. Moreover, each e-mail communication we send includes the ability to unsubscribe allowing you to stop delivery of that type of communication. If you elect to unsubscribe, we will remove you from the relevant list.

9. UPDATES TO THIS DATA GOVERNANCE STATEMENT

We may change this Data Governance Statement from time to time and without advance notice. The “LAST UPDATED” legend at the top of this page indicates when this Data Governance Statement was last revised. Any changes will become effective when we post the revised Data Governance Statement. Your use of Digital Offerings following these changes means that you accept the revised Data Governance Statement.

10. CONTACTING US

If you have any questions about this Data Governance Statement, please write us at 19100 – 94 Ave, Surrey, British Columbia V4N 5C3 (Attention: Privacy Officer).