Last modified: 22 May 2018.
Effective: 25 May 2018.
We respect your privacy. This page explains how Contamac Ltd and its subsidiaries (‘Contamac’, ‘us’ or ‘we’) use and process any personal data obtained from or about you via: our digital platforms; direct, electronic and telephone enquiries; exhibitions, forums, workshops and other events: and suppliers, customers and associated stakeholders.
It also provides information about the personal data we processes in relation to individuals who work for, or who apply to work for, our business, or who work on behalf of our business, our business (B2B) customers, product end-users (B2C consumers), suppliers, partners (including within non-Contamac-operated joint ventures), stakeholders and/or investors, including visitors to Contamac owned and operated websites and digital platforms.
This notice explains what personal data is processed, for which purposes, how long we hold that personal data for, how to access and update your personal data, and where to go for more information.
We process personal data from and in relation to individuals who work for or on behalf of our business, or who apply to work for our business, or who work for or on behalf of our business customers (B2B), our customers’ product end-users (consumers), suppliers, partners (including within non-Contamac-operated joint ventures), stakeholders and/or investors. This information falls within the following categories:
In addition, and to comply with legal and regulatory obligations, to protect Contamac’s assets and employees/contractors and specifically to ensure that Contamac can comply with trade control, anti-money laundering and/or bribery and corruption laws and other regulatory requirements, we may carry out screening on existing business counter-parties and potential business counter-parties pre-contract and on a periodic basis post-contract. This screening may include individuals such as directors, officers, sole traders, shareholders and key stakeholders of current and potential counter-parties, and takes place against publicly available and/or government-issued sanctions lists and media sources.
This data may include personal data regarding suspected and actual criminal behaviour, criminal records or proceedings regarding criminal or unlawful behaviour (but only for the purposes of ensuring Contamac’s compliance with legal and regulatory obligations and/or to the extent permitted or required by local law). Such screening does not result in any automated decision-making or communications in relation to counter-parties or potential counter-parties, however.
We process the personal data covered by this privacy notice for the following purposes:
Any personal data needed for the purposes of concluding and executing agreements with business customers, suppliers and business partners, or for considering bids or tenders, will be held during the duration of the contractual relationship and up to 15 years thereafter. For agreements which have a term of more than five years and for the purposes set out above, these agreements will be held for 35 years with effect from the commencement of the agreement.
In all other cases for the purposes set out above, including personal data gathered as part of any unsuccessful bids to Contamac or which relate to the screening against publicly available or government issued sanctions lists and media sources, such personal data is held for no longer than 15 years after it was first gathered.
In all cases information may be held for a) a longer period of time where there is a legal or regulatory reason to do so (in which case it will be deleted once no longer required for the legal or regulatory purpose) or b) a shorter period where the individual objects to the processing of their personal data and there is no longer a legitimate purpose to retain it.
Data processed for marketing communication by/for Contamac can only be used with the affirmative, specific and recorded consent of a ‘natural person’. The types of communication listed by us when asking for your consent will be clear and unambiguous. Communication efforts on other platforms (such as social media) are subject to consent being given to the relevant platform, not us. However, we will monitor these platforms for compliance with the GDPR.
Contamac’s website and digital platform portfolio
We do not automatically collect personal information from visitors to websites within the Contamac portfolio.
If you use contact forms to get in touch with us, we will only use the information supplied by you to provide the information or services requested. We will not pass on your details to anyone else unless required to do so by law.
We do use session cookies on our websites. Session cookies do not record any personal information. They are used to remember any preferences you set for a site while visiting it. They may automatically collect non-personal information, such as the type of internet browsers you use or the website or other communication channel from which you linked to one of our websites. You cannot be identified from this information and it is only used to assist us in providing an effective service on our websites. We may from time to time supply third parties with this non-personal or aggregated data for use in connection with the website’s content.
Session cookies expire when you close your web browser.
When you first open this or our other website(s) you may see a message letting you know that we use session cookies, as outlined above. If you don’t want a session cookie to be set, you can disable cookies in your browser. Most browsers give you several options to do this.
Contamac Ltd, a company registered in England and Wales with the registered number 07038892 whose registered office is Carlton House, Shire Hill, Saffron Walden, Essex, CB11 3AU, in United Kingdom, is the collector.
We take the security of your data very seriously. We will take all reasonable steps to protect personal information from loss, misuse, and unauthorised access, disclosure, alteration, or destruction. This includes maintaining a ‘suppression’ list that records instances where you have specifically asked us not to contact you in particular circumstances.
Your data is stored in the United Kingdom and United States of America. The processing and transferring of your data will be in compliance with the GDPR and other countries’ – outside the EU and UK – data protection laws.
The laws of the UK, US and other countries governing data collection and use may not be as comprehensive or protective as the laws of the country where you live. In all instances, however, we will store your data in accordance with this policy.
We aim to keep all the personal information we store as accurate as possible. You may access your personal data, request correction(s), transfering of your data or deletion(s) of your personal data (but only where it is no longer required for a legitimate business purpose) and/or request that the processing of your personal data is restricted by emailing email@example.com.