PRIVACY POLICY

Last modification was made Aug 25th, 2025.

Combilift and its subsidiaries are committed to safeguarding your privacy. Contact us at [email protected] if you have any questions or problems regarding the use of your Personal Data and we will gladly assist you.

We collect information to provide services, improve our website, and for marketing with your consent. You can control this at any time via our Cookie Consent Manager or by contacting us. Where required, we conduct Transfer Impact Assessments (TIAs) to evaluate risks related to international data transfers.

Our website honors legally recognized browser-based opt-out signals (e.g., Global Privacy Control) where required by law. Where privacy laws are updated or new frameworks are introduced, we will comply with them even if not explicitly listed in this policy. This includes pending reforms (e.g., Argentina PDPA reform, India DPDP implementation, Indonesia PDP 2026 enforcement).

This Privacy Policy applies to website users, customers, and business contacts. Employee, contractor, and supplier data is processed under separate internal privacy notices.

KEY DETAILS

This website privacy policy describes how Combilift protects and makes use of the information you give the company when you use this website or contact our offices. If you are asked to provide information when using this website or contacting our offices, it will only be used in the ways described in this privacy policy. This policy is updated from time to time. The latest version is published on this page. If you have any questions about this policy, please contact the Marketing Manager.

INTRODUCTION

We gather and use certain information about individuals in order to provide products and services and to enable certain functions on this website. We also collect information to better understand how visitors use this website and to present timely, relevant information to them.

INTERPRETATION

Headings are for convenience only and shall not affect the interpretation of this Privacy Policy.

DEFINITIONS

• Personal Data – any information relating to an identified or identifiable natural person.

• Processing – any operation or set of operations which is performed on Personal Data or on sets of Personal Data.

• Data subject – a natural person whose Personal Data is being Processed.

• Child – a natural person under 16 years of age (or the local digital age of consent where different).

• We/us – Combilift.

DATA PROTECTION PRINCIPLES

We promise to follow the following data protection principles:

• Processing is lawful, fair, and transparent.

• Processing is limited to the purpose.

• Processing is done with minimal data.

• Processing is limited with a time period.

• Data is accurate and up to date.

• Data is secure and confidential.

DATA SUBJECT’S RIGHTS

The Data Subject has the following rights: access, rectification, erasure, restriction, objection, portability, withdrawal of consent, and complaint with a supervisory authority.

WHAT DATA WE GATHER

We may collect the following information:

• Name and job title

• Contact information including email address

• Demographic information such as postcode, preferences, and interests

• Website usage data

• Other information relevant to client inquiries and offers

• Call recordings (retained for 60 days unless there is a clear business case to keep longer).

HOW WE USE THIS DATA

Collecting this data helps us understand what you are looking for from the company, enabling us to deliver improved products and services. Specifically, we may use data:

• For our own internal records

• To improve the products and services we provide

• To contact you in response to a specific enquiry

• To customise the website for you

• To send promotional emails (with consent)

• To contact you via email, telephone, or mail for market research.

TRACKING PIXELS AND TAGS

We use tracking technologies such as pixels, tags, and scripts provided by third parties (including but not limited to LinkedIn Insight Tag, Google Ads Remarketing, and other advertising networks).

These tools may collect information such as your IP address, browser type, pages visited, and interactions with our website. In some cases, this may be linked to your third-party account.

All marketing and tracking pixels are disabled until you provide consent via our Cookie Consent Manager.

COOKIES AND HOW WE USE THEM

Cookies are small files placed on your device to enable site functionality, analytics, and personalization.

• Analyse traffic and improve site structure

• Identify if you are signed in

• Test content variations

• Store preferences

• Recognise returning visitors

Cookies do not provide us with access to your computer or data beyond what you share.

You can control cookies in your browser or via our Cookie Consent Manager. Blocking cookies may affect functionality.

STRICTLY NECESSARY COOKIES

Essential cookies allow us to provide secure services (e.g., compliance, account login). Without them, the site cannot operate properly.

GOOGLE ANALYTICS

We use Google Analytics to measure traffic. You may opt-out via the Google opt-out tool.

CHILDREN

We do not knowingly collect data from children under 13 in the United States (per COPPA) or under the applicable digital age of consent elsewhere.We will remove this data if we become aware of it. We apply the strictest applicable standard depending on jurisdiction (e.g., under 13 in the US, under 16 in the EU).

CONTROLLING INFORMATION ABOUT YOU

When you fill forms, you may opt-in to marketing. You can later withdraw consent:

• Change settings on our website

• Email [email protected]

We do not lease, sell, or distribute personal data unless required by law.

SERVICE PROVIDERS USED

• Typeform – form submissions

• Weglot – translations

• Algolia – search functionality

• Lead Forensics – business visitor analytics

• ZoomInfo – B2B insights

• Google Ads – advertising/remarketing

• LinkedIn Insights – advertising analytics

• Complianz – cookie/consent management

All service providers act under contract as data processors.

INTERNATIONAL DATA TRANSFERS

Where applicable, we rely on participation in the EU–US Data Privacy Framework, UK Extension, or Swiss–US DPF for transfers to certified US entities. Some providers are outside the EEA/UK/Switzerland. Where applicable in Asia-Pacific, we may rely on the APEC Cross-Border Privacy Rules (CBPR) system for compliant transfers. Safeguards include:

• EU SCCs

• UK IDTA/Addendum

• Swiss FADP equivalents

• Binding Corporate Rules (BCRs)

• Transfers only where legally permitted (e.g., no transfer without approval in China, Russia, Saudi Arabia).

DATA RETENTION

Personal data is retained only as long as necessary for the purposes collected, or as required by law. Backups may temporarily retain deleted data securely.

JOB APPLICATIONS

We collect data from job applicants (CVs, cover letters, forms) solely for recruitment. Retained per recruitment policy.

DATA PROCESSING BASES

Processing is based on:
(a) consent; (b) contractual obligations; (c) legal obligations; (d) legitimate interests.

THIRD-PARTY CONTENT AND LINKS

We are not responsible for privacy, security, or content of third-party websites linked from our site. Their policies apply.

DATA ACCURACY DISCLAIMER

We take reasonable steps to keep data accurate but rely on you to notify us of changes.

INTERNET TRANSMISSIONS

No method of internet transmission is fully secure. Data provided is at your own risk.

BUSINESS TRANSFERS

In case of merger, acquisition, or restructuring, data may be transferred to a successor under equivalent protections.

DIRECT MARKETING

We only send marketing where legally permitted and with consent where required. You can opt-out anytime.

REGIONAL COMPLIANCE PRIORITY

If conflict arises between this policy and local law, the stricter law prevails.

SENSITIVE DATA

Where sensitive personal data (e.g., health, biometrics, political opinions) is processed, it will only be done with explicit consent or as legally required. We do not collect or process biometric or genetic data unless strictly necessary and with explicit consent or as legally required.

USER RESPONSIBILITY

Do not submit sensitive personal data (health, financial, ID numbers) unless explicitly requested. Such submissions are at your own risk.

AUTOMATED DECISION-MAKING

We do not use automated decisions with legal or similarly significant effects. Profiling for marketing analytics is limited and consent-based.

CROSS-BORDER CONFLICTS

Where laws conflict, we comply with the stricter rule unless compelled otherwise by a lawful authority.

SERVICE PROVIDER LIABILITY

While we audit providers, we are not liable for their acts/omissions beyond what applicable law requires.

CHANGES TO PROCESSING

If we materially change processing, we will update this policy and seek renewed consent if required.

LIMITATION OF LIABILITY

To the maximum extent permitted by law, Combilift Ltd is not liable for indirect, incidental, or consequential damages arising from data processing. Nothing excludes liability for fraud, willful misconduct, or where not permitted by law.

NO GUARANTEE OF ERROR-FREE PERFORMANCE

We use industry safeguards but cannot guarantee error-free systems or immunity from attacks.

GOVERNING LAW AND JURISDICTION

This policy is governed by Irish law unless overridden by stricter local laws.

INTERNATIONAL USE AND SEVERABILITY

We make no claim our site is lawful everywhere. Use is at your own risk. If any provision is unenforceable, the rest remains valid. By accessing our services, you are responsible for ensuring compliance with local laws in your jurisdiction.

FORCE MAJEURE

We are not liable for failure to comply due to events beyond our control (acts of God, internet outages, government action, malicious activity).

AGGREGATED OR ANONYMIZED DATA

We may use anonymized/aggregated data for research or business purposes. This is not considered personal data.

SURVIVAL OF TERMS

Clauses on liability, governing law, and severability survive termination of this policy.

LEGAL DISCLOSURES AND GOVERNMENT REQUESTS

We may disclose data where legally required (e.g., national security, lawful intercept, trap & trace). Only the minimum data required will be provided, and unlawful requests will be challenged.

SECURITY

We use strong technical and organizational measures (HTTPS, encryption, monitoring, pseudonymisation). No system is 100% secure, but we will notify regulators and users of breaches when required. We will notify supervisory authorities and affected individuals of data breaches within the timeframes required by applicable law.

REGIONAL ADDENDA

United States (Federal and State Privacy Laws)

If you are a resident of the United States, you may have rights under federal and state privacy laws. These rights include:

• California (CCPA/CPRA) – rights to know, access, correction, deletion, portability, opt-out of sale or sharing of personal data, and non-discrimination.

• Colorado (CPA) – rights to access, correction, deletion, portability, and opt-out of targeted advertising, sale, and profiling.

• Connecticut (CTDPA) – rights to access, correction, deletion, portability, and opt-out of targeted advertising, sale, and profiling.

• Virginia (VCDPA) – rights to access, correction, deletion, portability, and opt-out of targeted advertising, sale, and profiling.

• Utah (UCPA) – rights to access, deletion, portability, and opt-out of targeted advertising and sale.

• Nevada (SB220) – right to opt-out of the sale of covered personal information.

• Delaware (DOPPA) – online privacy protections, including enhanced protections for children’s data.

• Oregon (OCPA, effective July 2024) – rights to access, correction, deletion, portability, and opt-out of targeted advertising, sale, and profiling.

• Texas (TDPSA, effective July 2024) – rights to access, correction, deletion, portability, and opt-out of targeted advertising, sale, and profiling.

• Florida (FDBR, effective July 2024) – limited rights regarding targeted advertising, data sale, and sensitive data processing (applies mainly to large businesses).

• Montana (MCDPA, effective October 2024) – rights to access, correction, deletion, portability, and opt-out of targeted advertising, sale, and profiling.

• Tennessee (TIPA, effective July 2025) – rights to access, correction, deletion, portability, and opt-out of targeted advertising, sale, and profiling.

• Indiana (INCDPA, effective January 2026) – rights to access, correction, deletion, portability, and opt-out of targeted advertising, sale, and profiling.

• Iowa (ICDPA, effective January 2025) – rights to access, deletion, portability, and opt-out of sale and targeted advertising.

Additional Federal and State Protections

• Children’s Online Privacy Protection Act (COPPA) – protects the data of children under 13.

• California Shine the Light Law – requires disclosure of third-party data sharing for marketing.

• Other state laws (e.g., Nevada SB220, Delaware DOPPA, Maine ISP Privacy Law) – impose specific obligations on businesses handling residents’ data.

We will also comply with new or amended data protection laws in other jurisdictions as they come into effect.

Brazil (LGPD)
Rights include confirmation of processing, access, correction, deletion, anonymisation, and withdrawal of consent.

Canada (PIPEDA)
Rights include access, correction, and consent withdrawal. Complaints: Office of the Privacy Commissioner of Canada.

South Africa (POPIA)
Rights include notice of collection, access, correction, deletion, and objection. Complaints: Information Regulator.

Japan (APPI)
Rights include disclosure, correction, suspension, and deletion. Informed on overseas transfers.

China (PIPL)
Rights include informed consent, access, correction, deletion, and separate consent for transfers.

India (DPDP Act 2023)
Rights include access, correction, erasure, consent withdrawal, and representation by nominee. Complaints: Data Protection Board of India.

Turkey (KVKK)
Rights include access, correction, deletion, objection, and portability. Complaints: KVKK Authority.

UK (UK GDPR)
Rights aligned with GDPR. Complaints: Information Commissioner’s Office (ICO).

Switzerland (FADP)
Rights include access, correction, and deletion. Complaints: FDPIC.

South Korea (PIPA)
Rights include access, correction, deletion, and suspension. Complaints: PIPC.

Australia (Privacy Act 1988)
Rights include access, correction, and complaint. Complaints: OAIC.

New Zealand (Privacy Act 2020)
Rights include access, correction, and complaint. Complaints: Privacy Commissioner.

Singapore (PDPA)
Rights include access, correction, and withdrawal of consent. Complaints: PDPC.

Mexico (LFPDPPP)
ARCO rights: Access, Rectification, Cancellation, Opposition. Complaints: INAI.

Argentina (PDPA)
Rights include access, correction, deletion, objection to marketing. Complaints: Agencia de Acceso.

Indonesia (PDP Law 2022)
Rights include access, correction, deletion, and consent withdrawal.

UAE (Federal Law 2021)
Rights include access, correction, deletion, restriction, and consent withdrawal.

Saudi Arabia (PDPL)
Rights include access, correction, deletion, consent withdrawal. Transfers restricted.

Russia (Federal Law 152-FZ)
Russian citizens’ data must be stored locally. Transfers limited by law.

Nigeria (NDPR)
Rights include access, correction, deletion, objection, and consent withdrawal. Complaints: NDPB.

Thailand (PDPA 2022)
Rights include access, correction, deletion, and consent withdrawal.

Philippines (DPA 2012)
Rights include access, correction, objection, and deletion. Complaints: National Privacy Commission.

Qatar (QFC Regulations)
Rights include access, rectification, blocking, deletion, and consent withdrawal.

GENDER PAY GAP REPORT 2022

Combilift operate in the heavy industrial engineering and manufacturing sector. We are a global manufacturer of multi-directional forklifts and an acknowledged leader in long load handling solutions. From our HQ in Co. Monaghan we design, manufacturer and export to 85 countries around the world.

Click the icon to download our Gender Pay Gap Report 2022