PRIVACY STATEMENT (22ND OCTOBER 2018)
a. Data controllers
b. Our lawful basis for processing your data
ii. Information we may collect from you
a. IP addresses and cookies
iii. Where we store your personal data
iv. Uses made of the information
v. Retention of your personal data
vi. Disclosure of your information
vii. Your rights / User access and choice
a. Making a complaint
Shrieve Chemical Company and its subsidiaries, including but not limited to Shrieve Products International, (collectively referred to herein as “Shrieve” or “we”) are committed to protecting and respecting your privacy.
Shrieve participates in and has certified its compliance with the EU-US Privacy Shield Framework. We are committed to subjecting all personal data received from European Union (EU) member countries, respectively, in reliance on each Privacy Shield Framework, to the Framework's applicable Principles. Shrieve also complies with The General Data Protection Regulation (GDPR) governing companies based in the European Union and The United Kingdom.
We are responsible for the processing of personal data we receive, under the principles of Privacy Shield and the requirements of the GDPR. In both instances, Shrieve has satisfied itself that it abides by applicable international, national and local law in relation to processing your personal data, including but not limited to the statements made herein.
A. DATA CONTROLLERS
Shrieve is the Data Controller.
To find our more information, please visit privacyshield.gov. Our registered address and contact information can be found in section ix. Contact
Shrieve Products International Limited is registered with the Information Commissioner’s Office (ICO) as a Data Controller for the personal data that we hold and process. Our registration number is ZA421752. Our registered address and contact information can be found in section ix. Contact
B. OUR LAWFUL BASIS FOR PROCESSING YOUR PERSONAL DATA (BRIEFED)
On what basis do we use your personal data?
Shrieve processes your personal data lawfully. We use your personal data in order to enter into or maintain a business relationship with you, and for the purposes of performing all obligations associated with the business relationship. Your personal data is processed in the legitimate interests of Shrieve, including:
- Where the data subject is a client or in the service of the controller;
- Transmission within a group of undertakings for internal administrative purposes;
- Processing necessary to ensure network and information security, including preventing unauthorised access; and
- Processing for direct marketing purposes, or to prevent fraud.
We may also use your personal data to comply with certain legal and regulatory obligations.
II. INFORMATION WE MAY COLLECT FROM YOU
We may collect and process the following data about you:
- Information that you provide by filling in forms on our site or contacting us by email shrieve.com(our site).
- If you contact us, we may keep a record of that correspondence.
- We may also ask you to complete surveys that we use for research purposes, although you do not have to respond to them.
- Details of your visits to our site including, but not limited to, traffic data, location data, weblogs, IP addresses and other communication data, whether this is required for your own purposes or otherwise and the resources that you access.
- Information about your computer, including where available your IP address, operating system and browser type, for system administration, to report aggregate information to our advertisers, or for any other reason we deem appropriate for the business purposes of the Shrieve Group.
A. IP ADDRESSES AND COOKIES
As noted above, we may collect information about your computer, including where available your IP address, operating system and browser type, for system administration, to report aggregate information to our advertisers, or for any other reason we deem appropriate for the business purposes of the Shrieve Group. This is statistical data about our users' browsing actions and patterns, and does not identify any individual.
For the same reason, we may obtain information about your general internet usage by using a cookie file which is stored on the hard drive of your computer. Cookies contain information that is transferred to your computer's hard drive. Our cookies may be in the form of a “text file,” “single-pixel GIFs,” “clear GIFs,” “frames,” server log analysis and other technology. A cookie is a piece of data that is sent to your browser, which will store the cookie on your computer if your browser is enabled to accept cookies. They help us to improve our site and to deliver a better and more personalized service. Among other things, they enable us:
- To estimate our audience size and usage pattern.
- To store information about your preferences, and so allow us to customize out site according to your individual interests.
- To speed up your searches.
- To recognize you when you return to our site.
III. WHERE WE STORE YOUR PERSONAL DATA
We currently store data on a server that may be located overseas, including within the USA or UK. We may create a back-up and securely store that back-up offsite.
Where such transfer occurs, we have satisfied ourselves that the personal data is adequately protected in line with GDPR requirements & Privacy Shield principles.
TRANSFERS TO THIRD COUNTRIES AND INTERNATIONAL ORGANISATIONS
We do not normally transfer any personal data to third countries or international organisations. However, some data is [backed up at our US headquarters}. We have satisfied ourselves that such transferred data is fully protected and safeguarded as required by the General Data Protection Regulation.
In the event of an onward transfer, Shrieve is responsible for the processing of personal information it receives under the Privacy Shield and subsequently transfers to a third party acting as an agent on its behalf. Shrieve shall remain liable if its agent processes such personal information in a manner inconsistent with Shrieve’s, unless Shrieve proves that it is not responsible for the event giving rise to the damage.
IV. USES MADE OF THE INFORMATION
Shrieve may obtain, process, and use certain personal information in connection with/to:
- Providing our products and services;
- Processing business transactions and related activities;
- Managing customer and vendor relationships;
- Use of our sites; To help ensure that content from our site is presented in an effective manner for you and for your computer.
- Sending information to a person’s contacts if he or she has asked us to do so;
- Enforcing contractual terms and conditions;
- Operating, evaluating, and improving our business (including but not limited to, developing new products, enhancing and improving our current products, managing our communications, analysing our products, and performing accounting, auditing, financial and economic analyses, and other internal functions;
- Protecting against, identifying and preventing fraud and other unlawful activity, claims and other liabilities; and
- Complying with and enforcing applicable legal requirements, relevant industry standards and our policies.
- Any other reason we deem appropriate for the business purposes of the Shrieve Group.
In addition, Shrieve may obtain personal information directly for job applicants as part of the recruitment process or otherwise in connection with potential employment. Shrieve uses this information for purposes such as processing job applications and considering job applicants for employment.
We do not use automated decision-making in the processing of your personal data.
V. RETENTION OF YOUR PERSONAL DATA
We retain your personal data while you remain in a business relationship with us or if you are an employee, unless you ask us to delete it. Our Retention and Disposal Policy (copy available on request) details how long we hold data for and how we dispose of it when it no longer needs to be held. We will delete or anonymise your information at your request unless:
- There is an unresolved issue, such as a claim or dispute;
- We are legally required to; or
- There are overriding legitimate business interests, including but not limited to fraud prevention and protecting customers' safety and security.
VI. DISCLOSURE OF YOUR INFORMATION
We may disclose your personal information to any member of the Shrieve group of companies. We may also disclose your personal information to third parties:
- In order to carry out our obligations arising from any contracts entered into between you and us (e.g. to third party suppliers and other contractors).
- Who provide hosting services to us or maintain our computer systems.
- In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
- If all of our assets or substantially all of our assets are acquired by a third party, in which case personal data held by us about you will be one of the transferred assets.
- If we are under a duty to disclose or share your personal data in order to comply with any legal obligation.
- For any other reason we deem appropriate for the business purposes of Shrieve.
VII. YOUR RIGHTS
As a citizen of the United States of America, the European Union or the United Kingdom, the Privacy Shield Framework and the General Data Protection Regulation (GDPR) gives you specific rights around your personal data.
For example, you have the right to be informed about the information we hold and what we use it for, you can ask for a copy of the personal information we hold about you, you can ask us to correct any inaccuracies with the personal data we hold, you can ask us to stop sending you direct mail, or emails, in some circumstances you may have an opportunity to opt-out from having your information disclosed to a third-party or if the information is to be used for a different purpose, or in some circumstances ask us to stop processing your details.If your personal information changes, or if you no longer desire our service, you may, if provided by law, correct, update, amend, delete/remove, ask to have it removed from a public forum, directory or testimonial on our site or deactivate it by sending an email to email@example.com or by contacting us by telephone or postal mail at the contact information listed below. We will respond to your request to access within 30 days.
Our site may, from time to time, contain links to and from other third party websites. If you follow a link to any of these websites, please note that these websites may or may not have their own privacy policies. We do not accept any responsibility or liability for these policies or the absence of them. Please check carefully before you submit any personal data to these websites.
Shrieve has established procedures for periodically verifying implementation of and compliance with the Privacy Shield principles & GDPR requirements. We conduct an annual self-assessment / internal audits of our Personal Data practices to verify that the attestations and assertions we make about our privacy practices are true and that our privacy practices have been implemented as represented.
A. MAKING A COMPLAINT
You may file a complaint concerning our processing of their Personal Data with the Company’s Privacy Officer, whose contact information is below. We will take steps to investigate and to promptly respond within thirty (30) days to issues arising out of a failure to comply with the Privacy Shield principles / GDPR requirements.
You may request access to, correction of, or a copy of your information &/or make a complaint by contacting us. You can find our contact information in Section IX. Contact Information.
If your complaint cannot be resolved or remedied through our internal processes, we will cooperate with The Department of Commerce (DoC), an independent recourse mechanism based in the U.S., whose website and dispute resolution process can be found below and/or with the Information Commissioner’s Office (ICO) or their local data protection authority (DPA) to the U.S. Federal Trade Commission, which has Privacy Shield investigatory and enforcement jurisdiction over Shrieve and can hear claims regarding possible unfair or deceptive practices and violations of privacy laws. You can find contact information for these organisations at the end of this notice in Section IX. Contact Information.
There is a possibility under the complaint process that you may be able to invoke binding arbitration. If applicable, this option is entirely voluntary and once invoked may preclude you from seeking relief in another forum.
VIII. CHANGES TO OUR PRIVACY STATEMENT
This Notice may be amended consistent with the requirement of the EU-U.S Privacy Shield Frameworks & the GDPR. When we update this Notice, we will revise the date listed on this Notice. Any changes we may make to our Privacy Notice in the future may be posted on this page, and the Shrieve Group reserves the right to change this Privacy Statement at any time as well as to change the uniform resource locator (URL) reference at which this Privacy Statement (or its successor) is posted. We may choose to notify you via email, if we have such information about you, of the existence of a new Privacy Statement and/or posting the new Privacy Statement on the Internet.
Questions, comments and requests regarding this Privacy Statement are welcomed and should be addressed to firstname.lastname@example.org. You may also get in touch using the addresses below.
In the USA
In the EU / UK
Data Protection Officer
Data Protection Officer
To find out more or, if you are unhappy with how we deal with you, you can visit / contact the following organisations to make a complaint:
In the USA
In the EU / UK