McGrath RentCorp Privacy Policy

This Privacy Policy describes what information McGrath RentCorp and its affiliates and subsidiaries and all subdomains (“we” , “our”, “us” or “the Company”) collects from and is related to you, and how we use such information, when you use the Company website at https://www.mgrc.com, https://www.adlertankrentals.com, https://blog.adlertankrentals.com, https://www.enviroplex.com, https://www.mobilemodular.com, https://blog.mobilemodular.com, https://www.mobilemodularcontainers.com, https://blog.mobilemodularcontainers.com, https://www.trsrentelco.com (the "Websites").

Please read this Privacy Policy carefully and in its entirety before using the Websites as it applies to every visitor to the Websites. We reserve the right to make changes at any time to this Privacy Policy. We will advise you of material changes to this Privacy Policy through the Websites or by any other reasonable means of reaching you. All amended terms shall be automatically effective as of the date of the amended Privacy Policy. You should regularly check this Privacy Policy. Your continued use of the Websites constitutes acceptance of any and all changes to this Privacy Policy.

General Disclosure

The Websites are hosted in the United States. If you are visiting the Websites from outside of the United States, please note that by providing your information it is being transferred to, stored or processed in the United States and other countries, where our data center and servers are located and operated. The data protection and other laws of the United States and other countries might not be as comprehensive as those in your country. By using our Websites, you understand that your information will be transferred to our facilities in the United States and to third parties with whom we may share your information. If you are visiting the Websites form outside the United States and do not wish to allow the transfer of your personal data to the United States, you should not use the Websites and opt-out of the collection of cookies.

We take your privacy and the protection of your personal data seriously. We will only store, process and disclose your personal data where we have your consent or a legitimate interest and in accordance with the law. We will make it clear when we collect personal information and will explain what we intend to do with it. We do our best to protect your privacy through the appropriate use of information security measures.

Collection of Personal Information

We collect personal information from correspondence, faxes, live chats, e-mails, telephone inquiries, web forms, and other means of communication. We collect such information when we provide online services, and other lawful purposes. We (and our affiliates and authorized service providers) may collect, store and use:

(a) information about your visits to and use of the Websites;

(b) information about any transactions carried out between you and us, including information relating to online education and other services;

(d) if you create an account with us, we may ask you for your name, geo-location and other demographic information, e-mail address, street address or other personal information. You may, however, visit the Websites without providing that information.

(e) Personal information, such as your name, address, phone number.

(f) if you purchase Company products and services, we collect billing and credit card information.

(g) Anonymous demographic information, which is not unique to you, such as your age and gender.

For customers in the United States, we also may collect information about your computer and your visits to this Site such as your IP address, geographical location, browser type, domain names, referring website addresses, access times, length of visit and number of page views. We may use this information in the administration of this Site, to improve the Sites usability, to provide better service, to send you newsletters, updates, marketing communications, and other information or that may be of interest to you. We may sometimes permit our authorized service providers to have access to aggregate and de-identified statistics about our customers, sales, traffic patterns, usage and related information.

How We Use Your Personal Information

We only collect the personal information necessary to fulfill the purposes identified to you prior to or at the time of collection, or any other reasonable and legitimate purposes or as required by law.

We do not use or disclose your personal information, except for the purposes for which it was collected, or new purposes to which you have consented, or as required or otherwise permitted by applicable law. We do not sell, rent or lease its customer lists to third parties.

We do not, as a condition of providing services to you or on your behalf, or as an administrative or management requirement, require consent to the collection, use or disclosure of personal information beyond that reasonably required for such purposes, or to comply with its obligations under applicable law.

We rely on the following legal grounds to process your personal information, namely:

Performance of a contract. We may need to collect and use your personal information to enter into a contract or to perform a contract that you or your company has with us.

Consent. Where required by applicable laws, we will rely on your consent for collecting your personal information.

Legitimate interests. We may use your personal information with our third party vendors and service providers for our legitimate interests to deliver the services you have requested and to improve our services. All such third parties are prohibited from using your personal information except to provide these services to the Company, and they are required to maintain the confidentiality of your information.

Consistent with our legitimate interests and any choices that we offer or consents that may be required under applicable laws, we may use technical information as described in this privacy policy and use personal information for our marketing and analytical purposes.

We may share your personal information with other business entities in connection with the sale, assignment, merger or other transfer of all or a portion of the Company business or assets to such business entity (including due to a sale in connection with a bankruptcy). We will require any such purchaser, assignee or other successor business entity to honor the terms of this privacy statement.

Law enforcement. We may disclose information in response to a subpoena, search warrant, in connection with judicial proceedings, or pursuant to court orders, legal process or other law enforcement measures.

Protect our rights. We may disclose personal information when we have reason to believe that disclosing this information is necessary to identify, contact or bring legal action against someone who may be violating any agreement with the Company, or may be causing injury to or interference with (either intentionally or unintentionally) our rights or property, other Site users, or anyone else that could be harmed by such activities. We may also disclose or access personal information when we believe in good faith that the law requires it, to establish our legal rights or to defend against legal claims, and for administrative and other purposes that we deem necessary to maintain, service and improve our products and services.

Linking Sites

The Websites contains links to other websites whose privacy practices may differ from ours. The Company is not responsible for the privacy practices or the content of such websites, including any sites that may indicate a special relationship or partnership with us (such as co-branded pages or "powered by" or "in cooperation with" relationships). We do not share information we gather with other websites or any other entities or individuals unless such sharing is approved in advance by you. Other linked sites, however, may collect personal information from you that is not subject to our control. To ensure protection of your privacy, always review the privacy policy of the sites you may visit by linking from the Site. The Websites are hosted in the United States. If you are visiting the Websites from outside of the United States, please note that by providing your information it is being transferred to, stored or processed in the United States and other countries, where our data center and servers are located and operated. The data protection and other laws of the United States and other countries might not be as comprehensive as those in your country. By using our Websites, you understand that your information will be transferred to our facilities in the United States and to third parties with whom we may share your information. If you are visiting the Websites form outside the United States and do not wish to allow the transfer of your personal data to the United States, you should not use the Websites and opt-out of the collection of cookies.

Social Media

We may collect information from other sources, such as social media platforms that may share information about how you interact with our social media content. We do not control how your personal information is collected, stored or used by such third party sites or to whom it is disclosed. You should review the privacy policies and settings on any social networking site that you subscribe to so that you understand the information they may be sharing. If you do not want your networking sites to share information about you, you must contact that site and determine whether it gives you the opportunity to opt-out of sharing such information. The Company is not responsible for how these third party sites may use information collected from or about you.

Security

The Company employs security measures utilizing industry-standard technology to protect the loss, misuse or alteration of personal information that you disclose through the Site. Personal information is stored in a secured database and always sent via an encrypted Internet channel. If you have additional questions regarding security, please feel free to contact us directly at privacyinquiry@mgrc.com.

To ensure that our employees comply with our privacy policies, we have developed a training program that provides all employees with the tools and knowledge to protect member privacy in all aspects of their work. Any employee who violates our privacy policies is subject to disciplinary action, including possible termination and civil and/or criminal prosecution.

We also take additional cybersecurity measures, that include but are not limited to, for example:

We have a cybersecurity training and testing program that applies to all geographic locations- all employees that use technology are required to complete these trainings and testing, which occurs on a regular monthly basis.
We brief our Board of Directors on cybersecurity on a regular basis (this occurs minimally on an annual basis, with additional discussion as needed).
We have purchased cybersecurity insurance.
We are PCI Security Standards Counsel certified. We have also implemented multi-layer cyber protections, including engaging a third-party independent cybersecurity company, who does security testing and monitoring for our Company, which includes penetration testing, auditing, and security assessment.

These and other measures have helped ensure that we have not had an information security breach in the last three years (the relevant period for our external raters) and therefore have not paid any funds towards expenses, penalties, or settlements for same.

Child Online Privacy Protection Act (COPPA) Compliance and Related Information

The Child Online Privacy and Protection Act (COPPA) regulates online collection of information from persons under the age of 13. It is our policy to refrain from knowingly collecting or maintaining personally identifiable information relating to any person under the age of 18. If you are under the age of 18, please do not supply any personally identifiable information through the site. If you are under the age of 18 and have already provided personally identifiable information through the site, please have your parent or guardian contact us immediately using the information below so that we can remove such information from our files.

Retention of Personal Information

We may keep a record of your personal information, including correspondence or comments, in the applicable file specific to you. We will utilize, disclose, or retain your personal information for as long as necessary to fulfill the purposes for which it was collected and for legal or business requirements. We will establish minimum and maximum retention periods and procedures for maintaining and destroying your personal information. When personal information is retained to make a decision about you, we will retain such information for the period required in order to comply with our internal compliance and data retention policies.

Your Choices and Access to Your Personal Information

Subject to the exceptions provided by the applicable law, we will make available to you any specific personal information about you that we have collected, utilized or disclosed, upon your written request. We will make such information available to you in a form that is generally understandable, including explaining any abbreviations or codes and using an alternative format, if required. Simply send your request for access, by completing the REQUEST FORM and e-mail it to privacyinquiry@mgrc.com.

Opt-Out & Unsubscribe

We respect your privacy and give you an opportunity to opt-out of receiving announcements of certain information. Users may opt-out of receiving any or all communications from the Company by contacting us here: Email: privacyinquiry@mgrc.com

If you are a located in the European Economic Area (EEA) the General Data Protection Rule (GDPR) allows Data Subject rights of access, rectification, erasure, restriction, objection or portability in line with the type of services being provided and the right to lodge a complaint to your Supervisory Authority.

We and third parties may use cookies, action tags, or similar technologies on your computer to provide the Websites and online services and help collect data. You may block or delete cookies and control data collection through your web browser settings. However, adjusting your browser preferences may impact your experience with the Websites.

Our third-party advertising partners may collect data about your visits to the Website to help them better understand your advertising preferences, and provide you with offers they believe you will be interested in. You may opt out of receiving certain advertising tailored to you from third parties. If you would like to opt out of behavioral advertising or to learn more, please visit:

Options you select are browser and device specific. To learn more about how we use cookies and your choices, please review our Cookie Statement.

Response Times

We will make every reasonable effort to respond to each of your written requests not later than 30 days after receipt of such requests. When applicable, we will advise you in writing if we cannot meet your requests within this time limit. When applicable, you have the right to make a complaint to the appropriate privacy commission with respect to this time limit.

Costs

We expect to provide access without charge as a general matter. However, we reserve the right to collect a reasonable charge when you request the transcription, reproduction, or transmission of such information. We will notify you, following your request for transcription, reproduction, or transmission, of the appropriate amount that will be charged. You will then have the opportunity to withdraw your request.

Identifying You in Connection with Requests

We may require that you provide to us sufficient information to identify yourself before we provide information about the existence, use, or disclosure of your personal information in our possession. Any such information shall be used only for this purpose.

Contact

Personal information is generally located at our corporate or divisional offices in the United States. A list of corporations, divisions, subsidiaries and affiliates to which this Privacy Policy applies is available upon request. Please direct all complaints or other inquiries regarding personal information, the Privacy Policy and Cookies Policy to our Privacy Director as follows: privacyinquiry@mgrc.com.

Provisions Applicable to California Residents

The provisions below relate solely to residents of the State of California (for purposes of this section “Provisions Applicable to California Residents”, “consumers” or “you”). We included this section to comply with the California Consumer Privacy Act of 2018 (CCPA) and any terms defined in the CCPA have the same meaning when used in this section. If you are a California resident with disabilities, and need to be provided with an accessible version of this section or the policy as a whole, please contact us at privacyinquiry@mgrc.com.

Information We Collect

Our website, as applicable to your use of the Services, collects information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (“ CCPA Covered Personal Information”). In particular, our website has collected the following categories of CCPA Covered Personal Information from its consumers within the last twelve (12) months:

Category	Examples	Collected
A. Identifiers.	A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, or other similar identifiers.	Yes
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).	A name, address, telephone number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information. Some CCPA Covered Personal Information included in this category may overlap with other categories.	Yes
C. Protected classification characteristics under California or federal law.	Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).	No
D. Commercial information.	Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.	Yes
E. Biometric information.	Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.	No
F. Internet or other similar network activity.	Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.	Yes
G. Geolocation data.	Physical location or movements.	Yes
H. Sensory data.	Audio, electronic, visual, thermal, olfactory, or similar information.	No
I. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).	Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.	No
J. Inferences drawn from other personal information.	Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.	No

CCPA Covered Personal Information does not include:

Publicly available information from government records.
Deidentified or aggregated consumer information.
Information or organizations excluded from the CCPA’s scope as set forth in the law.

Note that information regarding job applicants, employees, owners, directors, officers, or contractors, emergency contact information from the same, and information necessary for us to administer benefits to the same, and information we obtain from a consumer acting on behalf of a company and whose communications with us occur solely within the context of us conducting due diligence regarding, or providing or receiving a product or service to or from another company, are generally exempt from much of the CCPA.

We obtain CCPA Covered Personal Information listed above from the following categories of sources:

For all of the above categories collected, we collect this information directly from you.
For Categories A (identifiers), F (internet or other similar network activity information), and G (geolocation data), we collect this information indirectly from you.

Use of CCPA Covered Personal Information

We may use or disclose the CCPA Covered Personal Information we collect for one or more of the following business purposes:

We use all of the above categories of CCPA Covered Personal Information collected to:
- Fulfill or meet the reason you provided the information. For example, if you share your name and contact information to ask a question, we will use that CCPA Covered Personal Information to respond to your inquiry.
- Provide, support, personalize, and develop our Website, products, and services.
- Create, maintain, customize, and secure your account with us.
- Provide you with support and to respond to your inquiries, including to investigate and address your concerns and monitor and improve our responses.
- Personalize your Website experience and to deliver content and product and service offerings relevant to your interests through our Website, third-party sites, and via email or text message (with your consent, where required by law).
- Help maintain the safety, security, quality, and integrity of our Website, products and services, databases and other technology assets, and business, including to detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, and prosecute those responsible for that activity, and to debug to identify and repair errors that impair existing intended functionality.
- Respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
- Evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which CCPA Covered Personal Information held by us about our website users is among the assets transferred.
We use Categories A (identifiers), B (categories listed in the California Customer Records statute), and D (commercial information) information collected to process your requests, purchases, transactions, and payments and prevent transactional fraud.
We use Categories A (identifiers), F (internet or similar network activity), and G (geolocation data) for:
- Auditing related to a current interaction with you and concurrent transactions, including, but not limited to, counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with applicable law.
- Short-term, transient use, provided your CCPA Covered Personal Information is not disclosed to a third party and is not used to build a profile about you or otherwise alter your experience outside the current interaction, including, but not limited to, the contextual customization of ads shown as part of the same interaction.
- Testing, research, analysis, and product development and demonstration, including to develop and improve our Website, products, and services.
For all of the above categories of CCPA Covered Personal Information collected, as described to you when collecting your CCPA Covered Personal Information or as otherwise set forth in the CCPA.

We will not collect additional categories of CCPA Covered Personal Information or use the CCPA Covered Personal Information we collected for different purposes without providing you notice.

Sharing CCPA Covered Personal Information

We may disclose your CCPA Covered Personal Information to a third party for a business purpose. When we disclose CCPA Covered Personal Information for a business purpose, we generally enter into a contract that describes the purpose and requires the recipient to both keep that CCPA Covered Personal Information confidential and not use it for any purpose except performing the contract. In the preceding twelve (12) months, we have disclosed all of the above categories of personal information collected for a business purpose to third party vendors who provide marketing, payment processing, and other services to us.

Company does not sell data.

Your Rights and Choices

The CCPA provides consumers (California residents) with specific rights regarding their CCPA Covered Personal Information. This section describes your CCPA rights and explains how to exercise those rights.

Access to Specific Information and Data Portability Rights

You have the right to request that we disclose certain information to you about our collection and use of your CCPA Covered Personal Information over the past twelve (12) months. Once we receive and verify your request (see Exercising Access, Data Portability, and Deletion Rights ), we will disclose to you:

The categories of CCPA Covered Personal Information we collected about you.
The categories of sources for the CCPA Covered Personal Information we collected about you.
Our business or commercial purpose for collecting that CCPA Covered Personal Information.
The categories of third parties with whom we share that CCPA Covered Personal Information.
The specific pieces of CCPA Covered Personal Information we collected about you (also called a data portability request).

If we disclosed your CCPA Covered Personal Information for a business purpose, a list of disclosures for a business purpose, identifying the CCPA Covered Personal Information categories that each category of recipient obtained.

Deletion Request Rights

You have the right to request that we delete any of your CCPA Covered Personal Information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request (see Exercising Access, Data Portability, and Deletion Rights ), we will delete (and direct our service providers to delete) your CCPA Covered Personal Information from our records, unless an exception applies.
We may deny your deletion request if retaining the information is necessary for us or our service providers to:

Complete the transaction for which we collected the CCPA Covered Personal Information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.

Detect bugs or errors in our Website or service, detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.

Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq. ).

Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.

Comply with a legal obligation.

Make other internal and lawful uses of that information are permitted by law or that are compatible with the context in which you provided it.

Exercising Access, Data Portability, and Deletion Rights
To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us by emailing us at privacyinquiry@mgrc.com or by using the “Contact Us” information set forth below.
Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf (“an Authorized Agent”), may make a verifiable consumer request related to your CCPA Covered Personal Information. You may also make a verifiable consumer request on behalf of your minor child.
Please note that we are not obligated to provide information to a consumer in response to a request more than twice in a twelve (12) month period. The verifiable consumer request must:

Provide sufficient information that allows us to reasonably verify you are the person about whom we collected CCPA Covered Personal Information. Before completing your request to exercise the below, we will verify that the request came from you based on information we have for you in our records, or though some other method in compliance with the CCPA.

Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with CCPA Covered Personal Information if we cannot verify your identity or authority to make the request and confirm the CCPA Covered Personal Information relates to you. With few exceptions, we will only review and fulfill a request from your Authorized Agent if (a) you grant the Authorized Agent written permission to make a request on your behalf, (b) you or the Authorized Agent provides us notice of that written permission, and (c) we are able to verify your and the Authorized Agent’s identity in connection with that notice and the request.
Making a verifiable consumer request does not require you to create an account with us.
We will only use CCPA Covered Personal Information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

Response Timing and Format
We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time, we will inform you of the reason and extension period in writing.
If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.
Any disclosures we provide will only cover the twelve (12) month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your CCPA Covered Personal Information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

Non-Discrimination
You have the right not to receive discriminatory treatment by us for exercising any of your rights under the CCPA. However, we may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive we offer will reasonably relate to your CCPA Covered Personal Information’s value and contain written terms that describe the program’s material aspects. Participation in a financial incentive program requires your prior opt-in consent, which you may revoke at any time.

Other California Privacy Rights
For California residents, California Civil Code Section 1798.83 permits you to request information regarding the disclosure of your personal information, as that term is defined in Section 1798.83, to third parties for the third parties’ direct marketing purposes. To make such a request, you may contact us by emailing us at privacyinquiry@mgrc.com.

At this time, the Company does not honor "Do Not Track" signals.

Data Privacy and Security Policy

Provisions Applicable to California Residents