Our goal is to maintain your trust and confidence when handling your Personal Data. The security of your personal information is our priority. We protect this information by maintaining physical, electronic and procedural safeguards that meet applicable law.
- Personal Data We Collect
- How We Process Your Personal Data
- Children's Information
- Sharing of Personal Data with Third Parties
- Technology Used in Collecting Personal Data
- How we Use Automated Decision Making
- What are Your Rights Related to Your Personal Data
- Right to Lodge a Complaint
- International Transfer of Your Information
- How we Protect Your Personal Data
- How Long We Store Your Personal Data
- How to Contact Us
1. Personal Data We Collect
We collect Personal Data and other types of information provided by you directly, indirectly, advertently and inadvertently (which may be obtained from emails, web forms or in other manners), including, without limitation, the following:
- contact information;
- personal identification information, including: name, date of birth, address, social security number or country identification number, passport number, driver's license number, home phone numbers, personal cell phone numbers, personal email addresses and country of citizenship information;
- IP address;
- business and financial structure and history;
- past business transactions;
- ownership information;
- vendor information;
- financial statements;
- credit explanations and credit histories;
- bank account statements;
- facility lists;
- guarantor information; and
- bank account details.
We may also solicit authorization for Amur to obtain credit information and other financial information regarding all principals, sole proprietors and guarantors, including, at times, personal tax returns.
When you visit our website, our servers may automatically collect your IP address, the name of the domain you used to access the Internet, the link that brought you to our website and any links clicked within our website.
Certain information may also be automatically collected through third-party tools used on Amur’s websites, which collect information that may include your browser type and operating system; IP address and general geographic location; the date and time of your visit; the content viewed on our website; and website features accessed. Some of this information may be retained by us only during your visit to our website, and some information may be gathered on an aggregated, pseudonymous basis.
We may monitor social media or review sites, and collect information posted on comments or reviews. When you post information on social media pages owned or controlled by Amur, we may collect information about your activities on those pages, including whether you visited or commented on the page, and/or provided a rating or review.
2. How We Process Your Personal Data
In this section, we set out the purposes for which we use Personal Data that we collect and, in compliance with our obligations under the General Data Protection Regulation ("GDPR"), identify the legal bases on which we rely to process that Personal Data. These legal bases are set out in the GDPR. The GDPR allows companies to process personal data only when the processing is permitted under the following grounds:
- Consent: where you have consented to our use of your Personal Data;
- Contract performance: where your Personal Data is necessary to enter into or perform our contract with you;
- Legal requirements: where we need to use your Personal Data to comply with our legal obligations;
- Legitimate interests: where we use your Personal Data to achieve a legitimate interest and our reasons for using it outweigh any prejudice to your data protection rights; and
- Vital interests: where we use your Personal Data to protect the vital interests of you or of another natural person.
- Public interest: where we use your Personal Data as necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us.
Your Personal Data may be used for following purposes on the following bases:
- On the bases of fulfilling our contract with you or deciding whether or not to enter into a contract with you, and to fulfill our legitimate interests of determining the creditworthiness of a prospective customer, help prevent fraud and verify safety records:
- We may process your Personal Data in evaluating and processing client transactions. Amur uses a variety of sources to determine the creditworthiness of a prospective customer, help prevent fraud and verify safety records. These sources include credit reporting bureaus, background check companies, business verification sites such as the corporations websites of Secretaries of State, the Federal Department of Transportation’s Safety and Fitness Electronic Records (SAFER) system and other sources.
- If we did not process your Personal Data as described directly above, we could not determine your creditworthiness and therefore, would be unable to offer you credit.
- We may also process your Personal Data to service your account and fulfill your requests.
- If we did not process your Personal Data as described directly above, we could not perform these services for you.
- On the bases of fulfilling our contract with you or deciding whether or not to enter into a contract with you, to enforce our legal rights, and to fulfill our legitimate interests of help prevent fraud:
- We may process your Personal Data for skip tracing, service of legal process, collecting on debt through judicial processes, evaluating settlement proposals, pursuing collection of payment and seizing collateral.
- If we did not process your Personal Data as described above, we could not protect ourselves against potential fraud and therefore, would be unable to offer you credit.
- On the basis of fulfilling our legal requirements:
- We may disclose Personal Data in order to comply with or respond to a request or requirement pursuant to law, regulation, or from a governmental or judicial body, or to help prevent fraud or for risk management purposes.
- We may also use information collected for other legal purposes from time to time.
- On the basis of our legitimate interests in the delivery of our products, services and communications to you as well as to our other customers and partners, and developing and growing our business, we process Personal Data in the following manner:
- Information collected through third-party tools used on Amur’s websites may be used by us and our service providers, affiliates and business partners to measure the number of visits, average time spent, page views and other general statistics about the overall use of our website, in order to monitor and improve website performance, improve our products and services, and make the website easier and more convenient to use.
- We may use technology such as cookies and web beacons to process your Personal Data for the purpose of learning more about how people use our site, including to measure the number of visits, average time spent, page views and other general statistics about the overall use of our website, in order to monitor and improve website performance, improve our products and services, and make the website easier and more convenient to use.
- We may use information obtained from Google Alerts regarding you to alert our sales team to a potential sales opportunity (for example, when a customer has opened an office in a new location).
- We may process your Personal Data as part of managing customer relationships, including assisting in making credit decisions and determining potential eligibility for additional credit.
- On the basis of our legitimate interest to protect our organization and our customers from cyber threats, we process Personal Data in the following manner:
- Pursuant to Recital (49) of the GDPR, organizations have a recognized legitimate interest in collecting and processing Personal Data to the extent strictly necessary and proportionate for the purposes of ensuring network and information security. According to said Recital (49), network and information security means the ability of a network or of an information system to resist events, attacks or unlawful or malicious actions that could compromise the availability, authenticity, integrity and confidentiality of stored or transmitted data, or the security of the related services offered by, or accessible via those networks and systems. Therefore, we process your Personal Data to the extent necessary and proportionate for the purposes of detecting, blocking, reporting and mitigating cyber-threats.
- On the basis that you have provided your consent to have your Personal Data processed, we process Personal Data in the following manner:
- To send you promotional, advertising and other marketing materials or communications from us or our agents via email, facsimile, telephone or text message.
- You may revoke your consent at any time by contacting us, as provided below. Revoking your consent will prevent us from processing your information for the purposes in which we sought consent, but will not affect any other processing of information or the other services we provide to you. Revoking your consent will also not affect the lawfulness of our processing of your Personal Data for the period before you withdrew your consent.
- On the basis of our legitimate interest of reorganizing or making changes to our business, we may process Personal Data in the following manner:
- In the event that we: (i) are subject to negotiations for the sale of our business or part thereof to a third party; (ii) are sold to a third party; or (iii) undergo a re-organization, we may need to transfer some or all of your Personal Data to the relevant third party (or its advisors) as part of any due diligence process for the purpose of analyzing any proposed sale or re-organization. We may also need to transfer your Personal Data to that re-organized entity or third party after the sale or reorganization for them to use for the same purposes as set out in this policy.
3. Children's Information
This Site is not directed to nor is it intended for individuals under the age of 16 and we do not knowingly solicit or collect information from children.
When you provide information to us, we may share your information with service providers we have retained to perform services on our behalf. These service providers will be given only the Personal Data needed to perform the tasks we request of them and they are not authorized by us to use or disclose your information except as necessary to perform services on our behalf or to comply with legal requirements. We have contracts in place holding these companies to the same standards of confidentiality by which we are governed.
We may also share your information with our affiliates and business partners to fulfill your requests, service your account, improve our services, and to develop, inform you about and provide you with offers about our products, services and events, as well as those of our affiliates and business partners.
Amur’s credit department may share a customer’s financial information with credit bureaus, banks and financing sources involved in transactions with such customer, particularly for transactions that are to be syndicated.
Amur may use one or more digital advertising bid management systems, which may be integrated with customer relationship management (CRM) software to pull customer data. Such data may also be made available to a third-party agency for optimization. All information that is collected by means of email is stored with our CRM providers. We may also share information with third parties for services that we believe may be of interest to clients/customers.
Amur shares analytics and performance data - such as application counts, funded dollars related to vendor, losses, reasons for losses, and customer satisfaction data - with vendor partner companies for the purpose of establishing credit eligibility (such as to obtain your FICO score) and determining potential eligibility for additional credit.
We may also disclose your information: (i) if we are required or permitted to do so by law or legal process; (ii) to law enforcement authorities; (iii) when we believe disclosure is necessary or appropriate to prevent physical harm or financial loss or in connection with an investigation of suspected or actual illegal activity; (iv) in the event that all or part of Amur or all or part of its assets are acquired by, merged with, sold to or otherwise disposed of to one or more third parties; or (v) in the event of bankruptcy.
We may aggregate information that we gather about our customers and users of our site, including traffic patterns and services, and provide these statistics to our service providers, affiliates and/or business partners in aggregate form. This aggregate information, however, is not personally identifiable.
Amur does not sell, rent, lease or otherwise share your personal information with third parties for their own marketing purposes.
5. Technology Used in Collecting Personal Data
Amur and third parties that provide content, functionality and services on our website use a variety of technologies to learn more about how people use the website. These primarily include the following:
We and our third-party partners may use web beacons, which is a technology that communicates information from your internet browser to a web server. Web beacons can be embedded in banners and links on vendor websites, videos or emails, and permit a web server to read certain types of information from your browser, check whether you have viewed a particular web page or email message, and determine, among other things, the time and date on which you viewed the web beacon, the IP address of your computer, and the URL of the web page from which the web beacon was viewed. We and our partners use web beacons for a variety of purposes, including to analyze the use of our website and in conjunction with cookies to improve the website and provide you with more relevant promotional materials.
User analytics and social media
Amur utilizes Google Analytics for user analytics and we may also use social media (e.g., Twitter, LinkedIn, Facebook, YouTube, comments, requests and reviews) for purposes of information collection. Your use of social media sites is governed by the privacy policies of those sites. We do not capture or store your login information or other Personal Data for these services but session information or cookies may, however, be stored.
6. How we Use Automated Decision Making
We do not exclusively utilize automated decision making to make any decisions. However, we may use technology to automate the gathering and organization of information about an applicant. These reports may be used in determining whether or not to grant an applicant credit and in determining potential eligibility for additional credit.
7. What are Your Rights Related to Your Personal Data
You have the following rights in relation to your Personal Data:
- to ask us to provide you with information regarding the Personal Data we process concerning you;
- to rectify, update or complete inaccurate or incomplete Personal Data concerning you;
- to delete or request the erasure of Personal Data concerning you that we no longer have a lawful ground to use;
- in certain circumstances, to require us to restrict the way in which we process your Personal Data;
- to withdraw any consent you may have given for us to process Personal Data concerning you;
- to object to our processing of Personal Data concerning you on the basis of our, or of third-parties’, legitimate interests;
- to obtain a copy of the Personal Data that you have provided to us.
Your exercise of these rights is subject to certain exemptions to safeguard the public interest (e.g. the prevention or detection of crime) and our interests (e.g. the maintenance of legal privilege). Where your exercise of any of the rights above is dependent on our action, we will abide by our legal obligation to take reasonable measures to ascertain your identity and the legitimacy of your request, and may ask you to disclose to us any information necessary for that purpose. We will respond to legitimate requests within a month of our receipt of the request. Pursuant to any such requests, we may retain certain data necessary to prevent fraud or future abuse or as otherwise required or permitted by law, including to comply with legal obligations we are subject to, as well as to establish, exercise and defend our legal claims.
Further, we will use reasonable means to ensure that the Personal Data you provided us remains accurate. In order to assist us with this, you should notify us of any changes to the Personal Data you have provided to us.
To exercise of any of the rights above that are dependent on our action, you may contact us by email at email@example.com or by regular mail at:
Amur Equipment Finance
308 North Locust Street, Suite 100
Grand Island, NE 68801
8. Right to Lodge a Complaint
The General Data Protection Regulation gives you the right to lodge a complaint with a supervisory authority, in particular in the European Union (or EEA) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns/ or telephone: 0303 123 1113.
9. International Transfer of Your Information
Amur and its affiliates, service providers, and business partners, are domiciled in the United States and therefore, your Personal Data may be accessed by staff or other persons in, transferred to, and/or stored at, a destination outside the EEA in which data protection laws may be of a lower standard than in the EEA.
Where we transfer Personal Data from inside the EEA to outside the EEA, we may be required to take specific additional measures to safeguard the relevant Personal Data. Certain countries outside the EEA have been approved by the European Commission as providing essentially equivalent protections to EEA data protection laws and therefore no additional safeguards are required to export Personal Data to these jurisdictions. In countries which have not had these approvals (see the full list here), we will establish legal grounds justifying such transfer, such as EU Commission-approved model contractual clauses, or other legal grounds permitted by applicable legal requirements.
11. How we Protect Your Personal Data
Amur has established multiple avenues of protection to safeguard Personal Data. We use a variety of reasonable physical, technical, and administrative measures to safeguard information against loss. Our employees are only given access to files on an as-needed basis, thus limiting exposure of client information. Technologies and processes to protect Personal Data collected on our website include firewalls, strict role-based file security, security for servers and workstations (with managed patching and managed antivirus), SSL certificates for secure remote access and encryption technology for transmission of Personal Data. Our computer systems utilize password protection to prevent access by unauthorized personnel, and we employ other physical, electronic and procedural safeguards to help protect your non-public Personal Data.
However, no security technology is completely secure, and you should remember that email is not a secure means of communication. While we strive to protect the information that we maintain, due to the inherent nature of the Internet, we cannot (and do not) guarantee, and make no representation or warranty about, the security of any information that you transmit to us or which is stored by us.
Amur understands the importance of your privacy rights and takes their protection seriously. We recognize that you have placed your trust in us, and we strive to preserve that trust as a priority. Amur arranges for its employees to be educated on Amur’s privacy policies and procedures and, among other things, directs employees to adhere to Amur’s established guidelines. Amur will monitor the effectiveness of its privacy policies and procedures.
12. How Long We Store Your Personal Data
We shall store your Personal Data based on business needs and legal requirements. We retain your Personal Data for as long as is necessary for the processing purpose(s) for which the information was collected, and any other permissible, related purpose. For example, we may retain certain Personal Data to comply with regulatory requirements regarding the retention of such data. When Personal Data is no longer needed, we securely destroy the data.
13. How to Contact Us
You may contact us by email at firstname.lastname@example.org or by regular mail at:
Amur Equipment Finance
308 North Locust Street, Suite 100
Grand Island, NE 68801