Privacy Statement

 

The privacy and the protection of personal data is important to AGCO Finance Limited. This privacy statement outlines how we collect and use personal data and meet our data protection obligations. 

For questions related to this statement or the processing of personal data in general, please contact us via: privacyofficeireland@dllgroup.com

Table of Contents

1. Who should read this privacy statement?
2. What do we expect from our customers, partners, and suppliers?
3. Who is responsible for the processing of your personal data?
4. What personal data do we process?
5. Do we process special categories of personal data?
6. What are the lawful grounds we rely on when processing your personal data?
7. When and why do we process your personal data?
8. Do we use automated individual decision-making, including profiling?
9. How do we protect your personal data?
10. With whom will we share your personal data?
11. How do we handle the transfer of your personal data to a country where the standards for the protection of personal data are not as high?
12. How long do we store your personal data?
13. What choices and rights do you have regarding your personal data?
14. How can you contact us with a request, question, or complaint?
15. Will we update this privacy statement?


1. Who should read this privacy statement?

This privacy statement is for our customers, partners, suppliers, and other individuals that make use of our services and/or visit our websites, online applications or offices.  When we refer to our customers, partners, and suppliers, we also include the potential customers, partners, and suppliers.

This privacy statement applies to you, if your personal data is processed by us:

  • as a customer (i.e. if we provide, or offer to provide to you, a financial solution).
  • as a partner (i.e., an organisation that refers customers to us, or an organisation that works with us, to develop and distribute our financial products), if we seek to create or have a relationship with you.
  • as a supplier, in the course of receiving products, services, or offers from you.
  • as a customer, partner, supplier or other individual when you visit one of our websites, online applications or our offices.

Within the different groups, as identified above, we may apply different forms of processing. If such differentiation is applicable and deemed relevant by us, we will mark that out in this privacy statement.  
This privacy statement only applies to our customers, partners, suppliers and our online visitors and office visitors. If you are a job applicant or employee, you will be provided with another privacy statement covering how we manage your personal information for that relationship.

2. What do we expect from our customers, partners, and suppliers?

We expect our customers, partners, and suppliers to comply with applicable data protection and privacy laws and to keep the principles of data minimization and transparency top of mind.

As a customer, partner, or supplier, you must not provide us with more personal information about yourself, your employees, representatives, clients, or Ultimate Beneficial Owners (UBOs) than we might need for a given purpose. 

You must inform your employees, representatives, clients, or Ultimate Beneficial Owners (UBOs) about your intention to transfer their personal information to us.  You may refer them to this privacy statement so that they can learn how and why we process their personal data.

3. Who is responsible for the processing of your personal data?

AGCO Finance Limited (‘AGCO Finance’) is accountable and responsible for the transparent and lawful processing of your personal data.  AGCO Finance is a private limited liability company established under the laws of Ireland.

Our contact information is:
AGCO Finance Limited
Registered Address: 7th Floor, 76 Sir John Rogerson’s Quay, Dublin 2, D02 C9D0
Postal address: AGCO Finance DAC, Customer Service Centre, P O Box 4525, Kenilworth, CV8 9AX
Telephone: +353 1 447 9312
Companies Registration Office registration number: 314627
VAT number: IE6334627M

AGCO Finance is a 49% owned subsidiary of AGCO Holding B.V (AGCO Corporation”) and 51% owned by De Lage Landen International B.V. (“DLL”) which is a wholly owned subsidiary of Coöperatieve Rabobank U.A. (“Rabobank” and together with its subsidiaries, the “Rabobank Group”).

A Data Protection Officer (“DPO”) has been appointed for De Lage Landen International B.V. and its subsidiaries (“DLL Group”). The DLL Group DPO can be contacted by email via privacyoffice@dllgroup.com.

4. What personal data do we process?

AGCO Finance processes certain personal data of customers, partners, and suppliers, including their contact information (e.g., name, address, email, etc.), contract data (e.g., financial situation, bank account, risk profile, etc.), and information contained in recorded conversations and emails. The personal data we process of visitors to our websites, online applications, and offices can include contact data, tracking technologies, and camera images. 

“Personal data” is any information directly or indirectly relating to an individual, or any information that can be used to identify an individual. 

Personal data is “processed” when any activity is undertaken on your personal data, such as collection, storage, access, use, transfer, disclosure, and deletion. 
For partner, and supplier relationships, the personal data AGCO Finance processes mainly consists of information relating to the customer’s, partner’s, or supplier’s directors, representatives, and, if applicable, UBOs.  This is because AGCO Finance predominantly enters into partner, and supplier relationships with legal persons (e.g., limited liability companies and corporations), rather than with individuals while customer relationships mainly consists of individuals.  For customer relationships we predominantly process personal data of organisations which are considered to be natural persons (e.g., sole traders and partnerships with natural persons participating). 
As part of these relationships, we may process the following personal data: 

Contact and identification data 
Your name, address, telephone number, (business) e-mail address, copy of ID, date of birth, business VAT number (if applicable), and copy of proof of residency.

Contract/agreement data 
Contract number, contract duration, information concerning your financial situation, payment history, bank account details, risk profile, our products or services, and the process of obtaining financial services.

Data used to ensure your and our security, to prevent and investigate fraud, and to prevent money laundering and financing of terrorism 
Personal data that are processed in the external and internal referral registers of Rabobank and any personal data processed in relation to credit reference agencies and in national and international sanctions lists.

Recorded calls, recordings of video chat and online chat sessions, video surveillance, and documentation of e-mails 
Information concerning our conversations via telephone or in online chat sessions, inbound and outbound e-mail communications, and camera images that we record in our offices.

Data related to the use of our websites and online applications 
Cookies or similar tracking technologies may collect your IP address, data about the applications and devices you use to visit our website and online applications.

5. Do we process special categories of personal data?

If needed, we will process some “special categories” of personal data relating to you. As this information is more sensitive, we take extra care to determine whether such special categories of personal data are necessary for our processing.

We may collect special categories of personal data which are considered more sensitive, such as information relating to your racial or ethnic origin, criminal history, and health/biometric data. We will only process these special categories of personal data if necessary for the applicable purposes, as further described below.

Race or ethnic background
For certain anti-terrorism reasons, we may be required to record information about your country of birth.  We may also have/take/store your photograph or film you on our CCTV (closed-circuit television) if you visit our offices. However, we do not register your race or ethnic background, and we do not use race or ethnic background to make decisions.

Personal data concerning criminal convictions
We may process data related to your criminal record or criminal convictions in the context of anti-money laundering, fraud prevention, and regulatory reporting which may be obtained from open sources (e.g. media searches) or national sanction, fraud and crime prevention databases.

Biometric data
If you have registered your fingerprint for log-in purposes in any electronic application operated by us, we may process your biometric data for this purpose.

6. What are the lawful grounds we rely on when processing your personal data?

We rely on one of the following lawful grounds whenever we process your personal data:

  • Consent;
  • Legal obligation;
  • Contractual necessity;
  • Legitimate interests

Data protection and privacy laws require us to have a lawful ground for processing your personal data.  Depending on the purposes for which we process your personal data, the lawful ground may differ. 

Consent 
You give us your permission to use your data.  You are always free to withdraw your consent. 

Legal obligation
Legally, we are obliged to process your personal data.

Contractual necessity
We need your personal data to enter into a contract with you and comply with our contractual commitments to you.

Legitimate interest
We have a legitimate interest in processing your personal data, which is not outweighed by your interests, fundamental rights, and freedoms.  For example, AGCO Finance has a legitimate interest in processing your personal data when requesting you to complete a survey on how we can improve our services.

7. When and why do we process your personal data?

We process personal data of our customers, partners or suppliers (and/or their representatives, employees and UBOs where relevant) for a variety of purposes.

When you (as a customer or a partner on behalf of a customer) obtain a quote from us to finance an asset 
You may contact us directly for a quote for a finance product, such as a lease, hire purchase, or loan, in relation to an asset you are purchasing, or one of our partners may contact us to provide you with a quote. Minimal personal data, often limited to company name, is collected along with the information about the asset you are buying to provide a provisional quote.  We will also process the contact details of the partner who obtains the quote from us. 
Lawful ground: Contractual necessity

When you (as a customer or a partner on behalf of a customer) make an application for a finance product
If a quote is accepted and you wish to make an application, we need to process your personal data, such as your business name, contact details, company information, bank details, identity verification, and any supporting evidence requested by us. We will also process the contact details of the partner who sends an application to us. 
Lawful ground: Contractual necessity

When we establish a new relationship with you as a partner or supplier 
If we establish a new partner or supplier relationship, then we will process the personal data of the relevant employees and the representatives of that partner or supplier in the administration of the new relationship and as part of our due diligence checks.
Lawful ground: Contractual necessity

When we undertake credit decisions
We assess your credentials from a risk perspective and validate whether you can fulfil the payment obligations under the contract. This method is called credit decisioning, which is based on an automated process and uses data collected from publicly available sources and the Central Bank of Ireland’s Credit Register (CCR)  More details are described in Chapter 8. 

In some instances, we will also review your payment history of any prior contractual relationships you have with us or the Rabobank Group and may request further information to evidence the financial status of your company to assist in this decision making.  This may include company reports, bank and financial statements, and data pulled from public websites.

We also undertake credit checks on partners and suppliers to manage the financial risk of our business.
Lawful ground: Contractual necessity

When we undertake KYC/AML, identity verification, and integrity checks
We must confirm the identity of our customers, our partners, their representatives, and UBOs to comply with Know Your Customer (KYC) and Anti-Money Laundering (AML) requirements.  We may do this by making a copy of identity documents, which we will only use for identification and verification purposes. 

We also consult available external and internal referral registers of Rabobank, incidents registers and warning systems, and national and international sanctions lists.

We undertake these checks at the start of any contract negotiation and once a contract is live we will continue this monitoring on a regular basis. 
Lawful ground: Legal obligation

When we activate a contract and make payments for the asset(s) we are financing or the products and services we are acquiring
We will undertake final checks on the contract documentation, reviewing payment details, signature screening and verifying bank details, before making payments to either our customers or partners for the financed asset or our suppliers for products or services purchased.
Lawful ground: Contractual necessity

When we send invoices to our customers and receipt payments
We undertake daily payment reconciliations to ensure customer accounts are paid on time and in line with the contractual provisions.
Lawful ground: Contractual necessity

When we collect payments of our customers
We will collect your bank details to set up regular payments in accordance with your contract terms.  Card payment details may also be processed for one-off payment collections.
Lawful ground: Contractual necessity

When we provide our Credit Reference Agency with Customer payment history
We share the payment history of our customers with  the CCR to fulfil our reciprocal contractual obligations.
Lawful ground: Legitimate Interest

If customers fail to make payments on time
If you do not adhere to your contract requirements, we will contact you to seek solutions if arrears should emerge and collect outstanding payments.  We may also request additional information on your current financial status so that we can make an assessment of your ability to adhere to a repayment plan.
Lawful ground: Contractual necessity

When we collect or recover an asset of our customers or sell their debt
If you do not adhere to the contract terms, in some cases we may employ specialist solicitors, debt collection and recovery agents to recover the asset and any amounts outstanding on the account. 
Lawful ground: Contractual necessity

Account management and contract management for customers, partners and suppliers
We process your personal data to establish and maintain our business relationship with you.  For customers, we process your personal data to inform you about the remaining term or outstanding obligations on your contract.
Lawful ground: Contractual necessity

When we remarket and resell an asset of our customer
We may remarket an asset that we have previously leased to you. Any assets that are remarketed that can store any type of data or information have all data wiped prior to the asset being resold. If you purchase an asset from us, we will process your contact and payment details to effect the asset sale. 
Lawful ground: Legitimate interest (Remarketing) / Contractual necessity (reselling & data wiping)

If you have a query on your contract
We will process your personal data if you contact us with a query about your contract. If you call our Customer Service team, we record these calls for monitoring and improvement purposes. 
Lawful ground: Contractual necessity (managing queries) and Legitimate interest (call recording)

When we ask you for feedback
We may ask you to rate our services whenever we interact with you by email, or we may send you separate feedback requests (e.g., a feedback questionnaire) so that we can understand where we can make improvements.
Lawful ground: Legitimate interest

If we send you mail
If we need to send you hard copy documents via a postal service, we will share your name and contact details with the postal service provider.
Lawful ground: Contractual necessity 

When we contact you about similar products or services
Where we have an existing customer relationship with you, we may contact you to make you aware of products or services that are similar and may be of interest.
Lawful ground: Legitimate interest

When we undertake direct marketing
If you are a potential new customer, we may contact you to make you aware of our products and services.
Lawful ground: Legitimate interest

When we share customer information with our partners to manage the relationship
We may share details of your asset purchase and contract details such as term as well as start and end dates with the partner who introduced you as a customer to AGCO Finance. 
Lawful ground: Legitimate interest

When we build business relationships with new customers, partners and suppliers
We may obtain your contact and company details via our relationship with an intermediary with whom you have or had a business relationship, via Rabobank Group or via internet searches of publicly available information.
Lawful ground: Legitimate interest

To manage our risk
We are obliged by the Central Bank of Ireland to review and assess creditworthiness risk, which may require the development of risk models that include personal data. This allows us to determine risk exposure and the extent of the financial buffer we must hold, when providing financial services. Risk models calculate the chances of you getting in arrears. These enable us to prevent possible payment difficulties and/or handle these faster. We independently review the financial products we provide and our risk exposure to ensure we act responsibly.
Lawful ground: Legal obligation / Legitimate interest (when law does not specifically set out that we need to process personal data to meet this obligation)

For our financial planning, audits, regulatory, and internal reporting
We use personal data of our customers to populate aggregated reports which are required for financial and regulatory reporting. We also use aggregated data to construct strategic plans and develop and enhance our business processes.
Lawful ground: Legal obligation (audits and regulatory reporting) / Legitimate interest (planning and internal reporting)

If a company merger, acquisition, or divestment takes place
If we acquire, merge, or divest one of our business entities, we will process your personal data to transfer your contract to the relevant entity.  
Lawful ground: Contractual necessity 

In the transfer of receivables/securitization
If we transfer our agreement with you to another financial institution, our agreement is taken over, or if a merger or demerger occurs, your personal data may be processed by a third party acquiring your contract with us, however, it will be a condition of any such transfer that such third party agrees to comply with applicable data protection and privacy laws. 
Lawful ground: Contractual necessity

We process the personal data of visitors of our websites, online applications (e.g. portals, mobile apps) and offices for a variety of purposes.

When you visit our websites and online applications
We operate cookies or similar tracking technologies on our websites and online applications to ensure they function correctly. You can read more about how we use cookies or similar tracking technologies in our Cookie Statement.
Lawful ground: Consent 

If you access an online account via our online applications
If you are given a log in to a AGCO Finance customer or partner online web portal or mobile application, we will process your contact details and provide you with security credentials to enable you to access your account. Cookies and tracking technologies are in operation on these sites which you can read more about in our Cookie Statement. 
Lawful ground: Legitimate interest

To manage our facilities
If you visit an AGCO Finance or DLL office, we operate CCTV and ensure access to offices is managed securely. Your image is captured by our CCTV systems and your contact details are recorded to provide you access to our offices via a secure pass.
Lawful ground: Legitimate interests

In addition, we may process the personal data of anyone who interacts with us for legal, compliance and business improvement purposes.

To develop and improve our systems and processes
We may process personal data to develop and improve our systems and processes. When we test new systems, wherever possible we will aggregate, anonymize, or scramble data so that it is no longer identifiable.
Lawful ground: Legitimate interest

To manage and evidence our compliance with data protection and privacy laws
If you exercise any of your rights under data protection and privacy law, we will process your data to manage your request. If we experience a data breach, we will process the data of impacted individuals as required to mitigate risk and inform you of a breach where it is required.
Lawful ground: Legal obligation

If you make a complaint
We will process your contact details and any supporting information to administer, investigate, and respond to your complaint. 
Lawful ground: Legal obligation

When we make or receive a legal claim
We will process personal data if we make or receive a legal claim in respect of the contract we have with you. We may share your personal data with legal specialists for the purpose of defending our legal rights.
Lawful ground: Legal obligation

For legal and regulatory compliance purposes
In some cases, we may be instructed by relevant government or supervisory authorities to process or share your personal data to comply with a regulatory requirement, court order or assist with an investigation. 
Lawful ground: Legal obligation

8. Do we use automated individual decision-making, including profiling?

AGCO Finance does rely on decisions made solely through automated means, subject to your right to request a manual review.

To improve our efficiency, we use process automation.  For instance, we rely on algorithms to help us with credit scoring, development of risk models, and creation of so-called scorecards.  Whenever we use algorithms or automation we do not solely rely on the outcome of the algorithms or automations for a decision in all cases.  Instead, when requested, we ensure human oversight and involvement.  For example, where a credit scoring algorithm produces a negative outcome and a customer or partner requests a review, a trained and experienced member of staff will review the outcome and base the final decision on their judgement.

9. How do we protect your personal data?

We use various technical and organisational measures to protect your personal data against destruction, loss, unauthorized disclosure, and unlawful processing. Only employees who require access for the purposes specified in Chapter 7 of this Privacy Statement will process your personal data. All our employees are bound by a duty of confidentiality.

AGCO Finance is subject to the Rabobank Privacy Codes.  The Rabobank Privacy Codes apply as “Binding Corporate Rules” (“BCRs”).  This means we must meet minimum standards in the collection and processing of personal data. 

AGCO Finance is committed to taking the necessary organisational and technical measures to protect your personal data when we process it and share it with third parties.  These include: 

  • All our employees are subject to confidentiality obligations to ensure the adequate protection of your personal data.
  • We use appropriate security measures to ensure the confidentiality, integrity, and availability of your data, as well as certifying systems and services which are resilient and are able to restore data in the event of a data loss.
  • Where possible, we aim to secure your personal data by lessening or removing personally identifying elements.
  • We regularly evaluate the effectiveness of our technical and organisational measures to ensure continuous improvement in the security of processing personal data.
  • We usually only process your personal data for the purposes for which these were originally collected. Personal data may also be processed for a legitimate business purpose different from the original purpose (secondary purpose), but only if the secondary purpose closely relates to the original purpose. 
  • When we share your data with third parties outside of the Rabobank Group, we perform due diligence and thorough assessments of those parties and verify the secure processing of your personal data by way of contractual terms and conditions. 
The Rabobank Privacy Codes are available on the DLL website.

10. With whom will we share your personal data?

Where needed, we may share your personal data with:

  • Other AGCO Finance and DLL or AGCO entities globally or within the Rabobank Group
  • Trusted third parties outside AGCO Finance, DLL or the Rabobank Group
  • CCR
Sometimes we may have a clear and legitimate reason to share your data with other parties.

Sharing data within the AGCO Finance and DLL Group
As a global organization personal data may be transferred to other entities in the AGCO Finance and DLL Group who provide operational support enabling the delivery of better customer services.  We also provide products and services to global partners and customers and collaborate across the various AGCO Finance and DLL entities to deliver global solutions. 

Sharing data within the AGCO Group
As a mutual customer of AGCO Finance and AGCO Corporation we may share your personal data between these entities to ensure that we maintain a complete customer view and provide you with the best possible customer service. 

Sharing data within the Rabobank Group
The “Rabobank Group” consists of Rabobank plus all its subsidiaries. There may be times when we share personal data with Rabobank or other Rabobank Group entities. For instance, you may be a customer of Rabobank and AGCO Finance, respectively, and we might share your data internally to avoid a duplication of your efforts. Alternatively, we may share your data with Rabobank (or vice versa) if we think they might have a financial product that might be of interest to you.

Sharing data outside the Group
Like any other company, we rely on the services of third parties.
When we engage specialist suppliers, consultants, or contractors to assist us in running our business, we may share your personal data with them where it is necessary for the service they provide to us.  For instance, we may use a third party to perform a background screening or credit checks on our behalf or use services hosted in a third-party cloud environment. 

Any third party that we employ is checked to ensure they are reliable, and we only engage them where they enter into a proper contract with us and implement appropriate security and other measures to guarantee that your personal data remains confidential.

When legally obligated to do so, we will share your personal data with government authorities, regulators or supervisory authorities, and law enforcement agencies.

11. How do we handle the transfer of your personal data to a country where the standards for the protection of personal data are not as high?

When we share personal data across borders within the Rabobank Group, we rely on Rabobank’s Binding Corporate Rules. When we transfer your personal data to third parties located in a country which does not offer the same level of protection for your personal data as the UK, we take extra measures to protect your personal data.

Your personal data may be transferred to a country outside the UK or European Economic Area (EEA) that provides a lower level of protection to personal data than the legislation in the UK or EEA. 

Transfers within the Rabobank Group
When we share your data with other entities of the Rabobank Group that are in countries other than the country in which your personal data was originally collected, we rely on the Rabobank’s Privacy Codes. The Rabobank Privacy Codes apply as “Binding Corporate Rules” (“BCRs”) which are a set of rules that all Rabobank Group entities must comply with to ensure an adequate level of protection for your personal data. Because of these codes, the same rules apply to all entities of the Rabobank Group, permitting us to share data within the Rabobank Group. The Rabobank Privacy Codes are available on the DLL website. 

Transfers outside the Rabobank Group
When we transfer your data to a third party located in a country outside the Ireland or EEA that provides a lower level of protection for personal data, we take extra measures to protect your data.

We will apply additional safeguards so that your data is protected to the same level as the data protection and privacy laws in the EU.  This includes undertaking transfer impact and risk assessments, implementing contractual measures approved by Ireland’s Data Protection Commissioner’s Office and implementing other extra security measures where needed.

12. How long do we store your personal data?

Generally, we will store your personal data for as long as we need it for the purposes for which we have collected it.

We do not store your personal data for longer than we need to achieve the purposes for which we have collected it or for the secondary purposes for which we reuse it. 

We have a retention policy which specifies how long we store data. In most cases, this is 7 years after the end of the contract or your relationship with AGCO Finance. Sometimes this period is longer, for example, if a supervisory authority asks us to do so, if you have filed a complaint that makes it necessary to keep the underlying personal data for a longer period, or in specific cases for archiving or legal proceedings. Sometimes we use shorter retention periods, for example for telephone call and camera recordings. 

We have implemented appropriate technical and organizational measures to ensure that only people that have a right to access your information can access it. For example, our marketing department has access for a shorter period compared to our tax department.

We will delete personal data at an earlier time if you request us to delete your personal data, unless another law prevails.

13. What choices and rights do you have regarding your personal data?

Individuals are granted certain rights concerning the processing of their personal data. These rights are:

  • the right of access and rectification
  • the right of erasure
  • the right to restrict personal data processing
  • the right to data portability
  • the right to object to data processing, and
  • the right to withdraw consent.
Your rights concerning the processing of your personal data: 

Access and Rectification 
You can ask us to access the personal data we hold about you.  Where you believe that your personal data is incorrect or incomplete, you can ask us to correct or add more detail to your personal data.

Erasure 
You can ask us to erase your personal data processed by us.  If we do not have any legal obligations or legitimate business reasons to retain your personal data, we will fulfill your request.

Restriction 
You can ask us to limit the personal data we hold about you.  We may refuse this type of request if we have a lawful reason to continue holding your personal data (e.g., the exercise of a contract, a legal archiving duty, or the establishment, exercise, or defense of legal claims). 

Portability 
You have the right to ask us to provide to you a copy of your personal data in a structured and machine-readable format or to transfer your personal data on your behalf to a third party.  Transfer of personal data directly to a third party can only be done if it is technically possible.

Objection 
You have the right to object to the processing of your personal data.  If you object to our processing of your information, we will stop the processing where there is no overriding legal or regulatory requirement.  If an overriding requirement exists, we will inform you of this.

Consent withdrawal 
If you have given your consent to us to process your personal data, you can withdraw your consent at any time.  We will stop any processing allowed solely by consent within 30 days of receiving your request.

14. How can you contact us with a request, question, or complaint?

We would like to hear from you if you have any questions about this privacy statement, or if you wish to exercise any of your rights.

For questions related to this privacy statement, please contact our local privacy officer or local compliance officer via: privacyofficeireland@dllgroup.com  

If you would like to exercise any of your rights, please do so by completing this form:

Submit a Request or Complaint

We will respond within one month after we have received your request. In some cases, however, we may need to extend this period for up to another 2 months. We may need to ask you for some additional details to clarify your request or provide verification of your identity. 

If you are unhappy with how we handle a request, question, or complaint, you can contact the Data Protection Commissioner at www.dataprotection.ie or write to them at:

Office of the Data Protection Commissioner
21 Fitzwilliam Square South,
Dublin 2,
D02 RD28,
Ireland
 

15. Will we update this privacy statement?

Last updated on 31/12/2023

This privacy statement will be updated from time to time in case of additional legal requirements or if we process personal data for new purposes.