Last modified: 22 May 2018.
Effective: 25 May 2018.
We respect your privacy. This page explains how Contamac Holdings Ltd and its subsidiaries (‘Contamac’, ‘us’ or ‘we’) use and process any personal data obtained from or about you via: our digital platforms; direct, electronic and telephone enquiries; exhibitions, forums, workshops and other events: and suppliers, customers and associated stakeholders.
It also provides information about the personal data we processes in relation to individuals who work for, or who apply to work for, our business, or who work on behalf of our business, our business (B2B) customers, product end-users (B2C consumers), suppliers, partners (including within non-Contamac-operated joint ventures), stakeholders and/or investors, including visitors to Contamac owned and operated websites and digital platforms.
This notice explains what personal data is processed, for which purposes, how long we hold that personal data for, how to access and update your personal data, and where to go for more information.
Consent for communication
Data processed for marketing communication by/for Contamac can only be used with the affirmative, specific and recorded consent of a ‘natural person’. The types of communication listed by us when asking for your consent will be clear and unambiguous. Communication efforts on other platforms (such as social media) are subject to consent being given to the relevant platform, not us. However, we will monitor these platforms for compliance with the GDPR.
What personal data do we process?
Contamac’s website and digital platform portfolio
We do not automatically collect personal information from visitors to websites within the Contamac portfolio.
If you use contact forms to get in touch with us, we will only use the information supplied by you to provide the information or services requested. We will not pass on your details to anyone else unless required to do so by law.
We do use session cookies on our websites. Session cookies do not record any personal information. They are used to remember any preferences you set for a site while visiting it. They may automatically collect non-personal information, such as the type of internet browsers you use or the website or other communication channel from which you linked to one of our websites. You cannot be identified from this information and it is only used to assist us in providing an effective service on our websites. We may from time to time supply third parties with this non-personal or aggregated data for use in connection with the website’s content.
Session cookies expire when you close your web browser.
When you first open this or our other website(s) you may see a message letting you know that we use session cookies, as outlined above. If you don’t want a session cookie to be set, you can disable cookies in your browser. Most browsers give you several options to do this.
We process personal data from and in relation to individuals who work for or on behalf of our business, or who apply to work for our business, or who work for or on behalf of our business customers (B2B), our customers’ product end-users (consumers), suppliers, partners (including within non-Contamac-operated joint ventures), stakeholders and/or investors. This information falls within the following categories:
Private contact information (such as name, postal or email address, and phone number) only if necessary; and
Business contact and other information (such as job title, department, name of organization and your dealings with Contamac;
Images of you, usually (but not exclusively) captured at exhibitions, workshops, forums and other events.
In addition, and to comply with legal and regulatory obligations, to protect Contamac’s assets and employees/contractors and specifically to ensure that Contamac can comply with trade control, anti-money laundering and/or bribery and corruption laws and other regulatory requirements, we may carry out screening on existing business counter-parties and potential business counter-parties pre-contract and on a periodic basis post-contract. This screening may include individuals such as directors, officers, sole traders, shareholders and key stakeholders of current and potential counter-parties, and takes place against publicly available and/or government-issued sanctions lists and media sources.
This data may include personal data regarding suspected and actual criminal behaviour, criminal records or proceedings regarding criminal or unlawful behaviour (but only for the purposes of ensuring Contamac’s compliance with legal and regulatory obligations and/or to the extent permitted or required by local law). Such screening does not result in any automated decision-making or communications in relation to counter-parties or potential counter-parties, however.
Who is responsible for any personal data collected?
Contamac Holdings Ltd, a company registered in England and Wales with the registered number 07038892 whose registered office is Carlton House, Shire Hill, Saffron Walden, Essex, CB11 3AU, in United Kingdom, is the collector.
How and where is my data stored?
We take the security of your data very seriously. We will take all reasonable steps to protect personal information from loss, misuse, and unauthorised access, disclosure, alteration, or destruction. This includes maintaining a ‘suppression’ list that records instances where you have specifically asked us not to contact you in particular circumstances.
Your data is stored in the United Kingdom and United States of America. The processing and transferring of your data will be in compliance with the GDPR and other countries’ - outside the EU and UK - data protection laws.
The laws of the UK, US and other countries governing data collection and use may not be as comprehensive or protective as the laws of the country where you live. In all instances, however, we will store your data in accordance with this policy.
Why do we need your personal data?
We process the personal data covered by this privacy notice for the following purposes:
Business execution, including researching, developing and improving our products and services; concluding and executing agreements with customers, suppliers and business partners; managing relationships and marketing activities such as maintaining and promoting contact with existing and prospective customers, account management, customer service, and development, execution and analysis of market surveys and marketing strategies.
Organisation and management of the business, including staff recruitment and retention, financial management, asset management, mergers, de mergers, implementation of controls, management reporting, analysis, internal audits and investigations.
Health, safety and security, including protection of individuals’ life and health, occupational health and safety, protection of Contamac companies and staff, authentication of individual status and access rights; or
Legal and/or regulatory compliance including compliance with legal or regulatory requirements including litigation and defence of claims.
…And for any secondary purposes that are closely related to the above, such as storing or deleting data.
Who do we share personal data with?
Other companies within the Contamac group of companies;
Authorised third-party agents, service providers and/or subcontractors of Contamac;
Competent public authorities, governments, regulatory or fiscal agencies where it is necessary to comply with a legal or regulatory obligation to which the relevant Contamac company/companies is subject to or as permitted by applicable local law.
How long do we hold personal data for?
Any personal data needed for the purposes of concluding and executing agreements with business customers, suppliers and business partners, or for considering bids or tenders, will be held during the duration of the contractual relationship and up to 15 years thereafter. For agreements which have a term of more than five years and for the purposes set out above, these agreements will be held for 35 years with effect from the commencement of the agreement.
In all other cases for the purposes set out above, including personal data gathered as part of any unsuccessful bids to Contamac or which relate to the screening against publicly available or government issued sanctions lists and media sources, such personal data is held for no longer than 15 years after it was first gathered.
In all cases information may be held for a) a longer period of time where there is a legal or regulatory reason to do so (in which case it will be deleted once no longer required for the legal or regulatory purpose) or b) a shorter period where the individual objects to the processing of their personal data and there is no longer a legitimate purpose to retain it.
How can you access your personal data?
We aim to keep all the personal information we store as accurate as possible. You may access your personal data, request correction(s), transfering of your data or deletion(s) of your personal data (but only where it is no longer required for a legitimate business purpose) and/or request that the processing of your personal data is restricted by emailing firstname.lastname@example.org.