Privacy Notice

Sun Chemical Privacy Notice

Last updated: March 2026

Thank you for visiting Sun Chemical’s website. This privacy notice (“Privacy Notice”) explains how Sun Chemical collects, uses, shares, and protects your Personal Data (as defined below in Section 2) when you order, purchase, or use our products and services, visit our websites (each a “Site”), use our customer support, or otherwise interact with Sun Chemical (collectively, the “Services”).

Sun Chemical is committed to safeguarding the privacy of the Personal Data we collect about contact persons at our current, former, and prospective customers, suppliers, vendors, Site visitors, and partners of Sun Chemical Group Coöperatief U.A. and its subsidiaries and affiliated group companies (together, “Sun Chemical”, “we”, “us”, or “our”). In this Privacy Notice, we explain what Personal Data we collect, how we use it, and the rights and choices available to you. Therefore, we encourage you to read this Privacy Notice carefully.

  1. Who We Are
  2. What personal data and other information we collect
  3. How we use your personal data
  4. How we collect your personal data
  5. How we share information
  6. Security measures and data retention
  7. International transfers of personal data
  8. Your rights
  9. Updates to this Privacy Notice
  10. Contact details of our data protection officer
  11. Local notices
  12. Right to make a complaint under the UK GDPR

1. Who We Are

This Privacy Notice is issued on behalf of the Sun Chemical group and its subsidiaries and affiliated group companies. Your local Sun Chemical group company, together with Sun Chemical Group Coöperatief U.A., Leeuwenveldseweg 3-t, 1382 LV Weesp, the Netherlands, and Sun Chemical Corporation, 35 Waterview Boulevard, Parsippany, NJ 07054-1285, United States of America, are responsible for the collection and use of your Personal Data as described in this Privacy Notice. References in this Privacy Notice to “Sun Chemical”, “we,” “us,” or “our” refer, depending on the context, to one or more of these legal entities.

We have allocated our respective responsibilities for compliance with applicable data protection laws for our global processing activities through an internal arrangement. Sun Chemical Group Coöperatief U.A. acts as the primary contact point for data subjects for these global processing activities and coordinates the handling of requests with the relevant local Sun Chemical group company and/or Sun Chemical Corporation, as applicable. In summary, if you wish to exercise your data protection rights (such as the right to access, rectify, erase, restrict, object to, or port your Personal Data, or to withdraw your consent), or if you have any questions or complaints about the processing of your Personal Data, you may contact Sun Chemical’s group-wide data protection officer (hereafter “DPO”) in accordance with Section 10. The relevant Sun Chemical entities will cooperate as necessary to ensure your rights can be effectively exercise and that your questions and complaints are addressed.

2. What personal data and other information we collect

When you use our Site or Services, we may collect “Personal Data”, meaning information that identifies you or can reasonably be linked to you.

Personal Data you provide or that we collect in a business context

For example, when you interact with us for business purposes, we may collect and process the following categories of Personal Data:

  • Your name, the company you are associated with, and your function;
  • Your gender;
  • Your contact information, such as your company address, phone number, and email address;
  • Information about your participation in our trainings, symposia, congresses, or seminars;
  • Your professional interests; and
  • Our communication with you.

Technical and usage data

When you visit our Site (including if you use it only for information purposes and do not register or otherwise provide information), we may automatically collect certain technical data from your browser or device that is necessary to display the Site and to help ensure its stability and security. This technical data may include:

  • IP address;
  • Date and time of the request;
  • Time zone difference to Greenwich Mean Time (GMT);
  • Requested content (specific page);
  • Access status/HTTP status code;
  • Amount of data transferred;
  • Referring website;
  • Browser type, language, and version of the browser software; and
  • Operating system and its interface.

Under applicable laws, including in the European Union (“EU”) / European Economic Area (“EEA”), some of this technical data, especially IP address and other online identifiers, may constitute Personal Data. As they may be used, alone or in combination with other information, to identify an individual.

We may also collect information about how you interact with the Site and Services, such as:

  • The pages of our Site that you viewed during a visit;
  • What information, content, or advertisements you view or interact with using the Services;
  • Language preferences;
  • The city and state in which you are located (but not your precise geographic location); and
  • Other identifiers generated by your browser or device.

Where this information can identify you or can reasonably be linked to you (directly or indirectly), we treat it as Personal Data.

Aggregated and anonymised data

We may create and use aggregated and/or anonymised information (data that does not identify you and cannot reasonably be used to identify you). If we combine information that is aggregated or anonymised with information that identifies you, we will treat the combined information as Personal Data.

Cookies and similar technologies

We sometimes use cookies and other tracking technologies (such as local browser storage, web beacons, pixels, or tags) as described in this Privacy Notice and our Cookie Policy. For users in the EU/EEA, non-essential technologies (such as analytics and marketing technologies) are used only after you have provided your prior consent via our consent-management tool. Until you provide consent, non-essential technologies are blocked and will not be set or activated. Consent is not required only where the storage of, or access to, information on your device is strictly necessary to transmit a communication or to provide a digital service expressly requested by you (such as strictly necessary cookies). You can review and change your preferences at any time via the “Change your consent” button in the “Cookie Declaration” section of our Cookie Policy.

Information collected by the Sites or Services may be collected by us or one of our Service Providers or Online Tool Providers acting on our behalf (as both defined in Section 5 below).

3. How we use your personal data

We process your Personal Data for the following purposes:

  • Performing and managing the contracts with the company you are associated with;
  • Managing our relationship with you;
  • Communicating with you;
  • Sending newsletters, marketing communications, or surveys about our Services, where permitted by law. You may withdraw your consent (or for cases where legitimate interest is relied on: opt-out) to the processing of your Personal Data for direct marketing purposes any time by using the “unsubscribe” link provided in each communication or by contacting us at the e-mail address contained in the communication;
  • Performing statistical analyses and research into general trends regarding our Services and the behavior and interests of our customers, suppliers, vendors, and partners and the persons working for these organizations. To perform our research, we may merge and analyze the different types of data as described above. We will only use aggregated data and shall not use names, email addresses, or other directly identifying information; and/or
  • Complying with all legal, regulatory, and compliance obligations including disclosure obligations.

Please read the additional Sun Chemical MS Teams Notice to learn how we process Personal Data during online calls, meetings, conferences, and webinars in connection with the use of “Microsoft Teams” or any other similar or compatible technology for online communication and collaboration platform.

Legal basis for processing

We process your Personal Data on one or more of the following legal grounds:

  • Your consent (such as for marketing communications);
  • Compliance with legal obligations (such as tax, accounting, regulatory, and compliance requirements);
  • Performance of a contract to which you are a party to (such as processing and fulfilling your order); and/or
  • Our legitimate interests, or those of a third party, such as improving our Services, maintaining business relationships, and marketing our products, provided such interests are not overridden by your rights and interests. We will take reasonable measures to prevent unwarranted harm to you.

If we process your Personal Data on the basis of consent, you may withdraw your consent at any time by following the specific instructions in relation to the processing for which you provided your consent or by reaching us through the contact details in Section 10.

Where we process your Personal Data for a purpose other than that for which we collected it initially (and we rely on a legal basis other than consent or complying with legal obligations for this new purpose), we will ascertain whether processing for this new purpose is compatible with the purpose for which the Personal Data were initially collected. More information on this assessment is available upon request (please see Section 8. Your rights below).

4. How we collect your personal data

Most Personal Data we process is information that you knowingly provide to us. However, in some instances, we process Personal Data that we are able to infer about you based on other information you provide to us, from our interactions with you, or based on Personal Data about you that we receive from a third party.

We also use technology from our third-party service provider Qualified Conversation, Inc. to collect user chat data, which generates a transcript of your communication with us after our conversation has concluded. Data collected may also include technical and usage data. Our use of this data is limited to providing information you have requested, processing any transactions you have requested, helping us understand how users interact with our Services, and to design a better user experience for you.

5. How we share information

We may disclose Personal Data and other information as necessary to provide the Sites and Services, where you authorize or instruct us to do so, or where disclosure is otherwise permitted or required by applicable law.

Within the Sun Chemical group

Your local Sun Chemical group company may process some of your Personal Data locally. However, as a global organization, many of our business activities can also be carried out (and business efficiencies achieved) by processing or consolidating your Personal Data in specific or centralized databases and systems located at specific facilities worldwide. As a result, your Personal Data may be shared with other entities within the Sun Chemical group. However, each Sun Chemical group company, our systems, and our databases will only collect, receive, use, share, or otherwise process such Personal Data in accordance with applicable laws, this Privacy Notice, our Sun Chemical internal privacy policy, our Cookie Policy, any applicable specific local policy, and to support business purposes. Moreover, we maintain an internal strict access policy with regard to the processing of Personal Data. Only a limited group of authorized Sun Chemical staff with a need-to-know purpose (such as IT administrators, sales and marketing personnel, and account managers) will have access to your Personal Data.

Service Providers and Online Tool Providers

As a general rule, we do not share your Personal Data with anyone outside the Sun Chemical group. However, we may share information with trusted Service Providers to support our Sites and Services. By “Service Providers” we mean companies, agents, contractors, service providers, or others engaged to perform functions on our behalf. When we use a Service Provider, we require that the Service Provider (by contract or other appropriate terms) processes the Personal Data received from us only on our instructions, to use appropriate security measures, and to disclose Personal Data only as necessary to provide their services to us or as required by applicable law.

We may also use Online Tool Providers. By “Online Tool Provider” we mean a licensor of software that we include in, or use with, the Services, including an application programming interface (“API”) or software development kit (“SDK”), that perform specialized business functions or provide services to us. These Online Tool Providers may process Personal Data and/or technical data and online identifiers (such as IP address and device/browser information) and may collect usage information about how you interact with the Site and Services. Online Tool Providers, Cookies (as defined in the Cookie Policy) Tags (as defined in the Cookie Policy), and similar third party technologies are collectively referred to herein as “Tracking Technologies”. Please see our Cookie Policy for some of the key Tracking Technologies we use and for information on how you can manage your preferences. As mentioned in Section 2, for users in the EU/EEA, non-essential Tracking Technologies are used only after you have provided your prior consent via our consent-management tool and are blocked until consent is given, except where a technology is strictly necessary to transmit a communication or to provide a digital service expressly requested by you.

Global Privacy Control

Where applicable, we may recognize Global Privacy Control (“GPC”) signals (a browser setting or extension that can communicate certain privacy preferences) as an additional privacy preference signal. However, for users in the EU/EEA, GPC is not used as a substitute for our consent-management tool and does not replace the requirement for prior opt-in consent for non-essential cookies and similar technologies. In these jurisdictions, our consent-management tool remains the primary mechanism for providing, refusing, or withdrawing consent.

Legal and safety disclosures

We may also disclose your Personal Data to third parties where we believe, in good faith and in our sole discretion, that such disclosure is reasonably necessary to:

  • Enforce or apply the terms and conditions of the Services, including investigation of potential violations thereof;
  • Comply with legal or regulatory requirements or an enforceable governmental request;
  • Protect our rights, property ,or safety, or those of others;
  • Submit insurance claims, cooperate with insurance investigations, and fulfil insurance subrogation activities;
  • Prevent a crime or protect national security; or
  • Detect, prevent, or otherwise address fraud, security, or technical issues.

6. Security measures and data retention

We will secure your Personal Data properly in accordance with this Privacy Policy and our IT and security policies so that Personal Data is protected against unauthorized use, access, or wrongful modifications, loss, or destruction. Your Personal Data will be stored no longer than is necessary for the purpose(s) they were obtained or as required under applicable law, whichever is longer, including compliance with legal and fiscal obligations and for solving any disputes. Further details on applicable retention periods are available upon request.

7. International transfers of personal data

If you are based in the EU/EEA, your Personal Data may be transferred to countries outside the EU/EEA whose laws may not afford the same level of data protection. Where necessary, we will ensure that adequate safeguards are in place to comply with the requirements for the international transfer of Personal Data under applicable privacy laws. For transfers of Personal Data outside the EU/EEA, we will use EU Commission-approved Standard Contractual Clauses as safeguards, such as those under Decision (EU) 2021/914, in accordance with Article 46 of the General Data Protection Regulation (“GDPR”). If you wish to receive a copy of these safeguards, please contact us through the contact details in Section 10. The European Commission has determined that certain countries outside the EU/EEA offer an adequate level of data protection (see Article 45 of the GDPR). You can find an overview of these countries here.

8. Your rights

Subject to applicable data protection laws, you may exercise the following rights:

  • The right to access your Personal Data;

You may ask us whether or not we process any of your Personal Data and, if so, receive access to that data in the form of a copy. When complying with an access request, we will also provide you with additional information, such as the purposes of the processing, the categories of Personal Data concerned as well as any other information necessary for you to exercise the essence of this right.

  • The right to rectification;

You have the right to have your data rectified in case of inaccuracy or incompleteness. Upon request, we will correct inaccurate Personal Data about you and, taking into account the purposes of the processing, complete incomplete Personal Data, which may include the provision of a supplementary statement.

  • The right to erasure;

You also have the right to have your Personal Data erased, which means the deletion of your data by us and, where possible, any other controller to whom your data has previously been made public by us.  Erasure of your Personal Data only finds place in certain cases, prescribed by law and listed under Article 17 of the GDPR. This includes situations where your Personal Data is no longer necessary in relation to the initial purposes for which they were processed as well as situations where they were processed unlawfully. Due to the way we maintain certain Services, it may take some time before backup copies are erased.

  • The right to restriction of processing;

You have the right to obtain the restriction of the processing of your Personal Data, which means that we suspend the processing of your data for a certain period of time. Circumstances which may give rise to this right include situations where the accuracy of your Personal Data was contested but some time is needed for us to verify their (in)accuracy. This right does not prevent us from continuing to store your Personal Data. We will inform you before the restriction is lifted.

  • The right to data portability;

Your right to data portability entails that you may request us to provide you with your Personal Data in a structured, commonly used and machine-readable format, and to have such data transmitted directly to another controller, where technically feasible. Upon request and where this is technically feasible, we will transmit your Personal Data directly to the other controller.

  • The right to object to processing; and

You also have the right to object to the processing of your Personal Data, which means you may request us to no longer process your Personal Data. This only applies in case the ‘legitimate interests’ ground (including profiling) constitutes the legal basis for processing (see par. ‘Legal basis for processing’ above).

At any time and free of charge, you can object to direct marketing purposes in case your Personal Data is processed for such purposes, which includes profiling purposes to the extent that it is related to such direct marketing. In case you exercise this right, we will no longer process your Personal Data for such purposes.

  • The right to withdraw consent.

Where we process your Personal Data based on your consent, you have the right to withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal.

These rights will be limited in some situations. We will, for example, deny your request for access when necessary to protect the rights and freedoms of other individuals or refuse to delete your Personal Data in case the processing of such data is necessary for compliance with legal obligations. The right to data portability, for example, does not apply in case the Personal Data was not provided by you or if we process the Personal Data not on the basis of your consent or for the performance of a contract.

When you would like to exercise your rights, please send your request to the contact details in Section 10. Please note that we may need you to provide additional information to confirm your identity. You also have the right to lodge a complaint with your local supervisory authority. You can find the contact information of your local supervisory authority here.

9. Updates to this Privacy Notice

We have most recently updated this notice on the “Last Updated” date at the top of this Privacy Notice and it replaces earlier versions. We may update this Privacy Notice from time to time and notify you of any changes by posting the revised version on our Site.

10. Contact details of our data protection officer

If you have any questions or would like further information regarding this Privacy Notice or our privacy practices, or if you have any queries or complaints regarding your Personal Data, please contact our DPO by sending an email to: [email protected].

For our German entities, a local data protection officer has been appointed and can be contacted at: CAD-Institut für Compliance, Arbeitsrecht und Datenschutz, [email protected].

11. Local notices

You might be subject to local privacy laws, so please click below to access the privacy notice applicable to your jurisdiction and learn more about your privacy rights.

To the extent that there is a conflict between this Privacy Notice and any of the local privacy notices, the applicable local privacy notice will prevail, only if you are a data subject in that jurisdiction.

12. Right to make a complaint under the UK GDPR

If your personal data is processed in circumstances where the UK General Data Protection Regulation (UK GDPR) applies to us, you have the right to submit a data protection complaint directly to us or the UK’s supervisory authority, the Information Commission’s Office (ICO), if you consider that your personal data has been processed in breach of the UK GDPR.

You can submit your complaint to the following email address: [email protected] with the following email subject: “Enforcing my right to submit a complaint to the controller under UK GDPR”. Please mention your full name, your relationship with us (for instance: customer, supplier, employee, or former employee), and details of your complaint.

We will acknowledge receipt of your complaint within 30 days of receiving it. We shall take the appropriate steps to investigate and respond to your complaint without undue delay.

If you are dissatisfied with our response, you have the right to escalate the matter to the ICO.