In this privacy notice we explain how we collect and use your personal data. This privacy notice applies to all your personal data that we process when you order, purchase or use our products and services, visit our websites, use our customer support or otherwise interact with Sun Chemical.
Sun Chemical is committed to safeguarding the privacy of the personal information that we gather concerning the contact persons at our current, former, and prospective customers, suppliers, vendors, website visitors and partners of Sun Chemical Group Cooperatief U.A. and its group companies (hereafter “You” or “Your”). In this Privacy Notice, we explain which personal data we collect and how we use this data. Therefore, we encourage You to read this Notice carefully.
- Who We Are
- What Personal Data We Collect
- What We Do with Your Personal Data
- How We Collect Your Data
- Information Sharing
- Security Measures and Data Retention
- International Transfers of Personal Data
- Your Rights
- How we look after this policy
- Contact details for your privacy inquiries
1. Who We Are
We are the Sun Chemical group. Your local Sun Chemical group company, together with Sun Chemical Group Cooperatief U.A., Leeuwenveldseweg 3-t, 1382 LV Weesp, The Netherlands, and Sun Chemical Corporation, 35 Waterview Boulevard, Parsippany, NJ 07054-1285, United States of America, are responsible for the collection and use of Your personal data as described in this Privacy Notice. References to “Sun Chemical”, “we” and “our” throughout this notice, depending on the context, collectively refer to the aforementioned legal entities.
We have determined our respective responsibilities for compliance with the obligations under applicable privacy legislation for processing your personal data in relation to our global processing activities by means of an arrangement between us. In summary, we have arranged that if you want to exercise your rights, such as your right to access, correct, erase, restrict, object or port personal data or to withdraw your consent, or if you have any questions or complaints about the processing of your personal data, you can contact Sun Chemical in accordance with Section 10. Your local Sun Chemical group company, Sun Chemical Cooperatief U.A. and Sun Chemical Corporation will assist each other where necessary to ensure that you can exercise your rights and your questions and complaints will be handled.
2. What Personal Data We Collect
If you only use our website for information purposes, i.e. if you do not register or otherwise provide us with information, we collect the following personal data that your browser transmits to our server, which is technically necessary for us to display our website to you and to ensure its stability and security:
IP address, date and time of the request, time zone difference to Greenwich Mean Time (GMT), content of the request (specific page), access status/HTTP status code, amount of data transferred in each case, website from which the request came, browser, operating system and its interface, language and version of the browser software.
When You interact with us for business purposes, we may collect and process the following categories of personal data:
- Your name, the company You are associated with, and Your function;
- Your gender;
- Your contact information, such as Your company address, phone number, and email address;
- Your participation in our trainings, symposia, congresses, seminars;
- Your professional interests;
- Our communication with You.
3. What We Do with Your Personal Data
Your data may be processed for the following purposes
- Performing and managing the contract we have with the company You are associated with;
- Managing our relationship with You;
- Communicating with You;
- Sending You our newsletters about our products or services or promotions. You may withdraw Your consent to the processing of Your personal data for direct marketing purposes any time by using the “unsubscribe” link provided in each communication or by contacting us at the e-mail address contained in the newsletter.
- Performing statistics. We use automatic tools to perform statistical research into general trends regarding our services and products and the behavior and interests of our customers, suppliers, vendors, and partners and the persons working for these organizations. To perform our research, we may merge and analyze the different types of data as described above. We will only use aggregated data and do not use names, email addresses, or other directly identifying information.
- Complying with all legal obligations including disclosure obligations.
We process Your personal data on the basis of the following legal grounds: on the basis of Your consent, to comply with legal obligations we are subject to, and on the basis of our legitimate interests or the interests of a third party as described in this Policy. When we process Your personal data for our legitimate interests or the interests of a third party, we will take reasonable measures to prevent unwarranted harm to You. Our legitimate interests are, for example, marketing purposes, our interest of improving our products and services delivery by storing contact details, reducing costs, improving our websites. For more information on these interests, please see the purposes for which we process Your personal data above.
If we process Your personal data on the basis of consent, You may withdraw Your consent at any time by following the specific instructions in relation to the processing for which You provided Your consent or by reaching us through the contact details in Section 10.
Where we process your personal data for a purpose other than that for which we collected it initially (and we rely on a legal basis other than consent or complying with legal obligations for this new purpose), we will ascertain whether processing for this new purpose is compatible with the purpose for which the personal data were initially collected. More information on this assessment is available upon request (please see Section 8. Your rights below).
4. How We Collect Your Data
Most of the personal information we process is information that You knowingly provide to us. However, in some instances, we process personal information that we are able to infer about You based on other information You provide to us, from our interactions with You, or based on personal information about You that we receive from a third party.
5. Information Sharing
As a general rule, we do not share Your personal data with anyone outside Sun Chemical. However, we may share Your personal data with trusted third parties that perform business functions or provide services to us. All such third parties will be required to adequately safeguard Your personal data and will be subject to agreements that contain data protection requirements consistent with applicable laws. Your personal data may also be shared for investigations (e.g., disclosure to prevent crime or fraud, or to comply with a court order or legislation).
6. Security Measures and Data Retention
Sun Chemical will secure Your personal data properly in accordance with our IT and security policies so that personal data are protected against unauthorized use, unauthorized access, or wrongful modifications, loss, or destruction. Your personal data will be stored no longer than is necessary for the purpose they were obtained or as required under applicable law, whichever is longer, including compliance with legal and fiscal obligations and for solving any disputes.
7. International Transfers of Personal Data
If you are based in the European Union, Your personal information may be transferred to countries outside the European Economic Area whose laws may not afford the same level of protection of Your personal information. Where necessary, Sun Chemical will ensure that adequate safeguards are in place to comply with the requirements for the international transfer of personal data under applicable privacy laws. For transfers of personal data outside the European Economic Area, Sun Chemical will use EU Commission-approved Standard Contractual Clauses as safeguards, such as the “(EU-)controller to (Non-EU/EEA-) controller” Decision 2004/915//EC (see Article 46 GDPR). If you wish to receive a copy of these safeguards, please contact us through the contact details in Section 10. The European Commission has determined that certain countries outside the European Union offer an adequate level of data protection (see Article 45 GDPR). You can find an overview of these countries here.
8. Your Rights
You can contact us to exercise any of the rights you are granted under applicable data protection laws, which includes (1) the right to access your data, (2) to rectify them, (3) to erase them, (4) to restrict the processing of your data, (5) the right to receiving a file of your personal data and (6) or the right to object to the processing, and where we have asked for your consent, to withdraw this consent. These rights will be limited in some situations. We will, for example, deny your request for access when necessary to protect the rights and freedoms of other individuals or refuse to delete your personal data in case the processing of such data is necessary for compliance with legal obligations. The right to data portability, for example, does not apply in case the personal data was not provided by you or if we process the data not on the basis of your consent or for the performance of a contract.
When you would like to exercise your rights, please send your request to the contact details in Section 10. Please note that we may need you to provide additional information to confirm your identity. You also have the right to lodge a complaint with the local Supervisory Authority. You can find the contact information of your local Supervisory Authority here.
You can also contact us if you have any questions, remarks or complaints in relation to this privacy notice.
- Right to access
You may ask us whether or not we process any of your personal data and, if so, receive access to that data in the form of a copy. When complying with an access request, we will also provide you with additional information, such as the purposes of the processing, the categories of personal data concerned as well as any other information necessary for you to exercise the essence of this right.
- Right to rectification
You have the right to have your data rectified in case of inaccuracy or incompleteness. Upon request, we will correct inaccurate personal data about you and, taking into account the purposes of the processing, complete incomplete personal data, which may include the provision of a supplementary statement.
- Right to erasure
You also have the right to have your personal data erased, which means the deletion of your data by us and, where possible, any other controller to whom your data has previously been made public by us. Erasure of your personal data only finds place in certain cases, prescribed by law and listed under Article 17 GDPR. This includes situations where your personal data are no longer necessary in relation to the initial purposes for which they were processed as well as situations where they were processed unlawfully. Due to the way we maintain certain services, it may take some time before backup copies are erased.
- Right to restriction of processing
You have the right to obtain the restriction of the processing of your personal data, which means that we suspend the processing of your data for a certain period of time. Circumstances which may give rise to this right include situations where the accuracy of your personal data was contested but some time is needed for us to verify their (in)accuracy. This right does not prevent us from continuing to store your personal data. We will inform you before the restriction is lifted.
- Right to receive your file (data portability)
Your right to data portability entails that you may request us to provide you with your personal data in a structured, commonly used and machine-readable format and to have such data transmitted directly to another controller, where technically feasible. Upon request and where this is technically feasible we will transmit your personal data directly to the other controller.
- Right to object
You also have the right to object to the processing of your personal data, which means you may request us to no longer process your personal data. This only applies in case the ‘legitimate interests’ ground (including profiling) constitutes the legal basis for processing (see par. ‘Legal basis’ above).
At any time and free of charge you can object to direct marketing purposes in case your personal data are processed for such purposes, which includes profiling purposes to the extent that it is related to such direct marketing. In case you exercise this right, we will no longer process your personal data for such purposes.
9. How we look after this policy
We have most recently updated this notice on 16 December 2019 and it replaces earlier versions. We will update this privacy notice from time to time and notify you of any changes by posting the revised notice on our website and informing you, prior to these changes taking effect.
10. Contact details for your privacy inquiries