PRIVACY STATEMENT (22ND OCTOBER 2018)

CONTENTS

i. Introduction
a. Data controllers
b. Our lawful basis for processing your data
ii. Information we may collect from you
a. IP addresses and cookies
iii. Where we store your personal data
iv. Uses made of the information
v. Retention of your personal data
vi. Disclosure of your information
vii. Your rights / User access and choice
a. Making a complaint
viii. Changes to our privacy policy
ix. Contact

I. INTRODUCTION

Shrieve Chemical Company and its subsidiaries, including but not limited to Shrieve Products International, (collectively referred to herein as “Shrieve” or “we”) are committed to protecting and respecting your privacy.

This Privacy Statement (together with our terms of use and any other pages referred to on it) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. It does not apply to any website, service or product that does not display or link to this privacy statement or that has its own privacy statement. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

Shrieve participates in and has certified its compliance with the EU-US Privacy Shield Framework. We are committed to subjecting all personal data received from European Union (EU) member countries, respectively, in reliance on each Privacy Shield Framework, to the Framework's applicable Principles. Shrieve also complies with The General Data Protection Regulation (GDPR) governing companies based in the European Union and The United Kingdom.

We are responsible for the processing of personal data we receive, under the principles of Privacy Shield and the requirements of the GDPR. In both instances, Shrieve has satisfied itself that it abides by applicable international, national and local law in relation to processing your personal data, including but not limited to the statements made herein.

A. DATA CONTROLLERS

Shrieve is the Data Controller.

To find our more information, please visit privacyshield.gov. Our registered address and contact information can be found in section ix. Contact

Shrieve Products International Limited is registered with the Information Commissioner’s Office (ICO) as a Data Controller for the personal data that we hold and process. Our registration number is ZA421752. Our registered address and contact information can be found in section ix. Contact

B. OUR LAWFUL BASIS FOR PROCESSING YOUR PERSONAL DATA (BRIEFED)

On what basis do we use your personal data?

Shrieve processes your personal data lawfully. We use your personal data in order to enter into or maintain a business relationship with you, and for the purposes of performing all obligations associated with the business relationship. Your personal data is processed in the legitimate interests of Shrieve, including:

  • Where the data subject is a client or in the service of the controller;
  • Transmission within a group of undertakings for internal administrative purposes;
  • Processing necessary to ensure network and information security, including preventing unauthorised access; and
  • Processing for direct marketing purposes, or to prevent fraud.

We may also use your personal data to comply with certain legal and regulatory obligations.

II. INFORMATION WE MAY COLLECT FROM YOU

We may collect and process the following data about you:

  • Information that you provide by filling in forms on our site or contacting us by email shrieve.com(our site).
  • If you contact us, we may keep a record of that correspondence.
  • We may also ask you to complete surveys that we use for research purposes, although you do not have to respond to them.
  • Details of your visits to our site including, but not limited to, traffic data, location data, weblogs, IP addresses and other communication data, whether this is required for your own purposes or otherwise and the resources that you access.
  • Information about your computer, including where available your IP address, operating system and browser type, for system administration, to report aggregate information to our advertisers, or for any other reason we deem appropriate for the business purposes of the Shrieve Group.

A. IP ADDRESSES AND COOKIES 

As noted above, we may collect information about your computer, including where available your IP address, operating system and browser type, for system administration, to report aggregate information to our advertisers, or for any other reason we deem appropriate for the business purposes of the Shrieve Group. This is statistical data about our users' browsing actions and patterns, and does not identify any individual. 

For the same reason, we may obtain information about your general internet usage by using a cookie file which is stored on the hard drive of your computer. Cookies contain information that is transferred to your computer's hard drive. Our cookies may be in the form of a “text file,” “single-pixel GIFs,” “clear GIFs,” “frames,” server log analysis and other technology. A cookie is a piece of data that is sent to your browser, which will store the cookie on your computer if your browser is enabled to accept cookies. They help us to improve our site and to deliver a better and more personalized service. Among other things, they enable us:

  • To estimate our audience size and usage pattern.
  • To store information about your preferences, and so allow us to customize out site according to your individual interests.
  • To speed up your searches.
  • To recognize you when you return to our site.

You may refuse to accept cookies by activating the setting on your browser which allows you to refuse the setting of cookies. However, if you select this setting you may be unable to access certain parts of our site or, for that matter, to access our site at all. Unless you have adjusted your browser setting so that it will refuse cookies, our system(s) may provide cookies when you use our site.

III. WHERE WE STORE YOUR PERSONAL DATA

We currently store data on a server that may be located overseas, including within the USA or UK. We may create a back-up and securely store that back-up offsite.

Where such transfer occurs, we have satisfied ourselves that the personal data is adequately protected in line with GDPR requirements & Privacy Shield principles.

TRANSFERS TO THIRD COUNTRIES AND INTERNATIONAL ORGANISATIONS

We do not normally transfer any personal data to third countries or international organisations. However, some data is [backed up at our US headquarters}. We have satisfied ourselves that such transferred data is fully protected and safeguarded as required by the General Data Protection Regulation. 

In the event of an onward transfer, Shrieve is responsible for the processing of personal information it receives under the Privacy Shield and subsequently transfers to a third party acting as an agent on its behalf. Shrieve shall remain liable if its agent processes such personal information in a manner inconsistent with Shrieve’s, unless Shrieve proves that it is not responsible for the event giving rise to the damage.

IV. USES MADE OF THE INFORMATION

Shrieve may obtain, process, and use certain personal information in connection with/to:

  • Providing our products and services;
  • Processing business transactions and related activities;
  • Managing customer and vendor relationships;
  • Use of our sites; To help ensure that content from our site is presented in an effective manner for you and for your computer.
  • Sending information to a person’s contacts if he or she has asked us to do so;
  • Enforcing contractual terms and conditions;
  • Operating, evaluating, and improving our business (including but not limited to, developing new products, enhancing and improving our current products, managing our communications, analysing our products, and performing accounting, auditing, financial and economic analyses, and other internal functions;
  • Protecting against, identifying and preventing fraud and other unlawful activity, claims and other liabilities; and
  • Complying with and enforcing applicable legal requirements, relevant industry standards and our policies.
  • Any other reason we deem appropriate for the business purposes of the Shrieve Group.

In addition, Shrieve may obtain personal information directly for job applicants as part of the recruitment process or otherwise in connection with potential employment. Shrieve uses this information for purposes such as processing job applications and considering job applicants for employment.

We do not use automated decision-making in the processing of your personal data.

V. RETENTION OF YOUR PERSONAL DATA

We retain your personal data while you remain in a business relationship with us or if you are an employee, unless you ask us to delete it. Our Retention and Disposal Policy (copy available on request) details how long we hold data for and how we dispose of it when it no longer needs to be held. We will delete or anonymise your information at your request unless:

  • There is an unresolved issue, such as a claim or dispute;
  • We are legally required to; or
  • There are overriding legitimate business interests, including but not limited to fraud prevention and protecting customers' safety and security.

VI. DISCLOSURE OF YOUR INFORMATION

We may disclose your personal information to any member of the Shrieve group of companies. We may also disclose your personal information to third parties:

  • In order to carry out our obligations arising from any contracts entered into between you and us (e.g. to third party suppliers and other contractors).
  • Who provide hosting services to us or maintain our computer systems.
  • In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
  • If all of our assets or substantially all of our assets are acquired by a third party, in which case personal data held by us about you will be one of the transferred assets.
  • In order to enforce or apply our terms of use and other agreements, or to protect the rights, property, or safety of the Shrieve Group, its customers or others.  This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.
  • If we are under a duty to disclose or share your personal data in order to comply with any legal obligation.
  • For any other reason we deem appropriate for the business purposes of Shrieve.

VII. YOUR RIGHTS

As a citizen of the United States of America, the European Union or the United Kingdom, the Privacy Shield Framework and the General Data Protection Regulation (GDPR) gives you specific rights around your personal data.

For example, you have the right to be informed about the information we hold and what we use it for, you can ask for a copy of the personal information we hold about you, you can ask us to correct any inaccuracies with the personal data we hold, you can ask us to stop sending you direct mail, or emails, in some circumstances you may have an opportunity to opt-out from having your information disclosed to a third-party or if the information is to be used for a different purpose, or in some circumstances ask us to stop processing your details.If your personal information changes, or if you no longer desire our service, you may, if provided by law, correct, update, amend, delete/remove, ask to have it removed from a public forum, directory or testimonial on our site or deactivate it by sending an email to privacy@shrieve.com or by contacting us by telephone or postal mail at the contact information listed below. We will respond to your request to access within 30 days.

Our site may, from time to time, contain links to and from other third party websites. If you follow a link to any of these websites, please note that these websites may or may not have their own privacy policies. We do not accept any responsibility or liability for these policies or the absence of them. Please check carefully before you submit any personal data to these websites.

Shrieve has established procedures for periodically verifying implementation of and compliance with the Privacy Shield principles & GDPR requirements. We conduct an annual self-assessment / internal audits of our Personal Data practices to verify that the attestations and assertions we make about our privacy practices are true and that our privacy practices have been implemented as represented.

A. MAKING A COMPLAINT

You may file a complaint concerning our processing of their Personal Data with the Company’s Privacy Officer, whose contact information is below. We will take steps to investigate and to promptly respond within thirty (30) days to issues arising out of a failure to comply with the Privacy Shield principles / GDPR requirements.

You may request access to, correction of, or a copy of your information &/or make a complaint by contacting us. You can find our contact information in Section IX. Contact Information.

If your complaint cannot be resolved or remedied through our internal processes, we will cooperate with The Department of Commerce (DoC), an independent recourse mechanism based in the U.S., whose website and dispute resolution process can be found below and/or with the Information Commissioner’s Office (ICO) or their local data protection authority (DPA) to the U.S. Federal Trade Commission, which has Privacy Shield investigatory and enforcement jurisdiction over Shrieve and can hear claims regarding possible unfair or deceptive practices and violations of privacy laws. You can find contact information for these organisations at the end of this notice in Section IX. Contact Information.

There is a possibility under the complaint process that you may be able to invoke binding arbitration. If applicable, this option is entirely voluntary and once invoked may preclude you from seeking relief in another forum.

VIII. CHANGES TO OUR PRIVACY STATEMENT

This Notice may be amended consistent with the requirement of the EU-U.S Privacy Shield Frameworks & the GDPR. When we update this Notice, we will revise the date listed on this Notice. Any changes we may make to our Privacy Notice in the future may be posted on this page, and the Shrieve Group reserves the right to change this Privacy Statement at any time as well as to change the uniform resource locator (URL) reference at which this Privacy Statement (or its successor) is posted. We may choose to notify you via email, if we have such information about you, of the existence of a new Privacy Statement and/or posting the new Privacy Statement on the Internet.

IX. CONTACT

Questions, comments and requests regarding this Privacy Statement are welcomed and should be addressed to privacy@shrieve.com. You may also get in touch using the addresses below.

In the USA

In the EU / UK

Data Protection Officer 

Shrieve Chemical Company
1755 Woodstead Court
The Woodlands
Texas 77380. USA

T:  +1-281-367-4226
E:  privacy@shrieve.com

Data Protection Officer 

Shrieve Products International Limited
Suite 39, 40 Churchill Square
Kings Hill, West Malling
ME19 4YU. UK

T:  +44 (0)1732 520 600
E:  privacy@shrieve.com 

To find out more or, if you are unhappy with how we deal with you, you can visit / contact the following organisations to make a complaint:

In the USA

In the EU / UK

The Department of Commerce
1401 Constitution Ave., NW
Washington, DC 20230

T:  +1-202-482-2000
E:  TheSec@doc.gov
W:  www.commerce.gov

Information Commissioners Office
Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF

T:  +44 (0)303 123 1113
W:  ico.org.uk