General Data Privacy Statement
Our companies care about your privacy and are committed to protecting your personal information in accordance with fair information practices and applicable data privacy laws.
This privacy notice explains how we and our subsidiaries collect, use and share personal information that you provide to us, or that we may otherwise obtain or generate, which relates to you (“Personal Information”).
Personal data means any information relating to an identified or identifiable natural person (‘data subject’). An identifiable natural person is someone who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
This privacy notice applies to the personal information we obtain through our normal business activities, both online and offline i.e. collection in connection with sales and marketing, partner and supplier engagement and investor relations.
The Controller of your data is our company that initially collected your data and decided the purposes and means for using your data.
If you have questions about who the Controller of your data is or any other questions about your data, please contact our Privacy Officer by using the email-address shown below.
Recipients of personal data
- Within our company: business functions which require access to your data in order to perform our contractual and legal obligations (i.e. sales, accounting, operations, legal) or for the purpose of our legitimate interests (i.e. marketing).
- Third parties: we may use third parties to provide or perform services and functions on our behalf. We may make personal information available to those third parties to perform these services and functions. Any processing of that personal information will be on our instructions and compatible with the original purposes.
- As required by law: we may also make personal information available to public or judicial authorities, law enforcement personnel and agencies as required by law, including to meet national security or law enforcement requirements, and including to agencies and courts in the countries where we operate. Where permitted by law, we may also disclose personal information to third parties (including legal counsel) when necessary for the establishment, exercise or defense of legal claims, or to otherwise enforce our rights, protect our property or the rights, property or safety of others, or as needed to support external audit, compliance and corporate governance functions.
- Mergers and acquisitions: personal information may be transferred to a party acquiring all or part of the equity or assets of our company or its business operations in the event of a sale, merger, liquidation, dissolution or other.
- Affiliates: we may also transfer and share information to our affiliates in compliance with applicable law.
Because we are a global company with locations in many different countries, we may transfer your Personal Information from one legal entity to another or from one country to another in order to accomplish the purposes listed above. We will transfer your Personal Information consistent with applicable legal requirements and only to the extent necessary for the purposes set out above. Within our group of companies, Personal Information is transferred subject to the same rules and levels of security. If required, data processing agreements will be in place to ensure the necessary level of protection.
We rely on available legal mechanisms to enable the legal transfer of Personal Information across borders. To the extent that we rely on the standard contractual clauses (also called the model clauses) to authorize transfer, we will comply with those requirements, including where there may be a conflict between those requirements and this Notice.
We will not sell or otherwise share your Personal Information outside our group of companies, except to:
- service providers we retained to perform services on our behalf. We will only share your Personal Information with service providers whom we have contractually restricted from using or disclosing the information except as necessary to perform services on our behalf or to comply with legal requirements;
- comply with legal obligations, including but not limited to, in response to a legitimate legal request from law enforcement authorities or other government regulators;
- investigate suspected or actual illegal activity;
- prevent physical harm or financial loss; or
- support the sale or transfer of all or a portion of our business or assets (including through bankruptcy).
We will retain your personal information as long as we have an ongoing relationship with you or as long as necessary to achieve the purpose for which it was collected, usually for the duration of any contractual relationship and for any period thereafter as legally required or permitted by applicable law.
- You have the right to obtain without constraint at reasonable intervals and without excessive delay or expense a copy of all data relating to you that are processed.
- You have the right to obtain the rectification or update of inaccurate or out-of-date personal information.
- You have the right to erasure of personal data.
- You have the right to object, relating to your particular situation, to the processing of your personal data, unless that processing is required by law. Where the objection is justified, the processing must cease.
- You may have the right to request data portability. Data portability is the provision of your personal information in a structured, commonly used and machine-readable form so that it may be transferred to another company easily. The right to data portability is subject to restrictions i.e. data portability does not apply to paper records and must not prejudice the rights of others or sensitive company information.
- You have the right not to be subject to decisions based solely on automated decision making if those decisions produce legal effect or significantly affect you.
- You have the right to withdraw any consent previously granted for a specific purpose, if consent is the legal basis for the processing of your personal information.
We respect these rights and have processes in place to recognize and respond to individuals wishing to exercise these rights. You may request to exercise any of these rights through your local contact or via our Privacy Office (by using the email-address shown below )
We are committed to making sure that your personal information processed is kept secure and has implemented appropriate technical measures and security policies that protect the information it has under its control from:
- Unauthorized access.
- Improper use or disclosure.
- Unauthorized modification.
- Unlawful destruction or accidental loss.
All our personnel and any third parties which we engage to process your personal information are obliged to respect the confidentiality of your information.
Privacy concerns and how to contact us
If you are concerned about an alleged breach of privacy law or any other regulation by us, you can contact our Privacy Office (by using the email-address shown below).
A Privacy Officer will be made available to investigate your complaint and give you information about how it will be handled.
If we do not address any of your requests or fail to provide you with a valid reason why we are unable to do so, you have the right to contact supervisory authority to make a complaint.
Changes to our privacy notice
We reserve the right to change, modify and update this privacy notice at any time. Please check periodically to ensure that you have reviewed the most current notice.