Brenntag has established a set of binding corporate principles for Personal Data Protection commitment regardless of where your Personal Data is processed, to observe your privacy in line with the General Data Protection Regulation (GDPR), valid since 25th of May 2018.
This policy is Brenntag’s global privacy standard for all Brenntag and across all Brenntag’s affiliated entities.
PURPOSE OF PRIVACY NOTICE
NAME AND CONTACT DETAILS OF CONTROLLER
You will find the respective Controller in the Imprint.
Brenntag's web servers track of the pages visited on Brenntag's website, the amount of time spent on those pages and the types of searches done on them. This automatically captures and stores the following information (which is transmitted by the visitor’s internet browser or browsing activity), depending on the selection of privacy settings upon visiting Brenntag's website.
Additional personal data processing may take place following your preferences such as
- Date and time of the server request
- Type/version of Operating System
- Type/version of Browser
- Data transfer volume
- Screen resolution
- Accessed links and their status
As a result, Brenntag also records the Internet Protocol (IP) addresses of visitors which is a unique number assigned dynamically assigned by Internet Service Providers (ISP) to every computer on the internet. This IP address, that Brenntag collects, may contain information that could be deemed identifiable.
Brenntag uses the information to prevent potentially illegal activities and to enforce our terms and conditions. Brenntag also uses a variety of technological systems to detect and address anomalous activity and to screen content to prevent abuse, such as spam. These efforts may, on occasion, result in a temporary or permanent suspension or termination of some functions for some users. Brenntag uses this information for statistical purposes, to find out which pages users visit and what products and services are of interest or could be of value to Brenntag web servers’ visitors. We collect and process this data for the purpose of ensuring the security of this website, which is a legitimate interest in terms of GDPR. We delete or anonymise this kind of personal data automatically after 14 days.
Cookies are used by the Brenntag website to keep track of user sessions. A Cookie (also called web cookie, Internet cookie, browser cookie, or simply cookie) is a small piece of data sent from a website and stored on the user's computer by the user's web browser while the user is browsing to store often store your settings for a website, such as your preferred language or location, and/or information to help you enter a site without having to login. In effect, cookies tell the website that your browser has been to the site before.
Depending on your Browser Cookie consent selection of settings upon first visiting Brenntag website(s), Brenntag uses tracking cookies, third-party cookies and other technologies (e.g. web beacons) to process additional information, enable noncore functionalities on the Brenntag website and enable referenced third-party functions (such as a social media "share" link).
If you do not want a cookie placed on your computer in general or as a result of using a Brenntag website, you can disable cookies altogether by modifying the preferences section of your web browser. Note that, if you do so, some aspects of Brenntag website may be unavailable to you. If you choose to accept cookies on your hard drive, but wish to be informed of cookies usage on your visited sites, you may turn on a warning prompt by modifying the cookie-warning section also located in the preferences section of your web browser. In most cases Browser Cookies used by Brenntag are session-based and therefore last only for the duration of the user's session, however in some cases Brenntag uses persistent Browser Cookie that remains on your hard drive and provides information about the session you are in and waits for the next time you use that site again.
This provides useful information to Brenntag to recognise frequent users, facilitate the user's access to and use of the site, and allow a site to track usage behavior, which assists Brenntag in content improvements. Such cookies are used only for this purpose, and they are not used to identify users or to track their usage of other web sites.
The following cookies will only start, after you had given your consent via the cookie-banner.
- _ga Purpose: distinguish users. Erasure after 2 years
- _gid / Purpose: distinguish users. Erasure: after 24 hours
- _gat Purpose: throttle request rate. Erasure after 1 minute
Brenntag may use "web beacons" technology on Brenntag’s websites or in marketing emails to track pages viewed or messages opened, the date and time you visited our site, the website you came from, the type of browser you are using, the type of operating system you are using, and the domain name and address of your internet service provider.
Web beacon is the use of various techniques used on web pages or email, to unobtrusively (usually invisibly) allow checking that a user has accessed the content. Common uses are email tracking and page tagging for web analytics. Alternative names are web bug, tracking bug, tag, pixel tag, single-pixel GIF’s or page tag.
DO NOT TRACK (DNT)
Brenntag web servers will respect your decision to opt out of our and third-party tracking services, including behavior advertising. This opt out shall be subject to your use of the DNT (do not track) setting in your web browser, however due to technology limitation, websites do not respond to DNT consumer browser settings. Currently there is no solid mechanism to guarantee DNT consumer browser settings effect on commercial websites.
Only in exceptional cases, the full IP address is sent to and shortened by Google servers in the United States. On behalf of the website operator Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage to the website operator.
Google will not associate your IP address with any other data held by Google. You may refuse the use of Google cookies by selecting the appropriate settings on your browser, see also Item 6 above. However, please note that if you do this, you may not be able to use the full functionality of this website. Furthermore you can prevent Google’s collection and use of data (cookies and IP address) by downloading and installing the browser plug-in available underhttps://tools.google.com/dlpage/gaoptout?hl=en-GB.
You can prevent the capturing by Google Analytics by clicking on the following link. An opt-out cookie is set which prevents future collection of your data when you visit this website: https://tools.google.com/dlpage/gaoptout?hl=en-GB
Google Analytics is further explained under the following Link https://marketingplatform.google.com/about/analytics/. Please note that this website initializes Google Analytics with the setting “gat._anonymizeIp();” to ensure anonymized capturing by masking the last part of your IP addresses (IP masking).
GOOGLE TAG MANAGER
This website uses the Google Tag Manager. Google Tag Manager is a solution that allows marketers to manage website tags from applications such as Google Analytics through a single surface/interface. The Tool Tag Manager itself (which implements the tags) is a cookie-free domain and does not collect any personal data.
The tool triggers other tags, which in turn may collect data under certain circumstances. Google Tag Manager does not access this data. If deactivation has been made at domain or cookie level, such deactivation remains in effect for all tracking tags that are implemented with Google Tag Manager.
LINKEDIN CONVERSION TRACKING AND INSIGHT TAG
- This website uses LinkedIn Conversion Tracking (LinkedIn Insight Tag), an analytics and behavioral targeting service provided by LinkedIn Corporation that connects data from the LinkedIn advertising network with actions performed on our website.
- The LinkedIn Insight Tag enables the collection of metadata such as IP address information, timestamp, and events such as page views. All data is encrypted.
- The LinkedIn browser cookie is stored in a visitor's browser until they delete the cookie, or the cookie expires (there’s a rolling 180 days expiration from the last time the visitor’s browser loaded the Insight Tag).
When we do business with you or the company you work for, we collect and use your information as follows. If not mentioned otherwise, we have received your data from you personally, your employer, or from publicly available sources.
We have set out below, in a table format, a description of all the ways we use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.
Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us if you need details about the specific legal ground we are relying on to process your personal data where more than one ground has been set out in the table below.
- To register you as a new customer
- To process and deliver your order including: (a) Manage payments, fees and charges (b) Collect and recover money owed to us
- To enable you to partake in a prize draw, competition or complete a survey
- Type of data
- (a) prename, surname (b) business contact details like e-mail and business address
- (a) prename, surname (b) business contact details like e-mail and business address (c) Financial, company bankaccount (d) Transaction
- (a) prename, surname (b) business contact details like e-mail and business address
- (a) prename, surname (b) business contact details like e-mail and business address
- Lawful basis for processing including basis of legitimate interest
- Performance of a contract with you
- (a) Performance of a contract with you (b) Necessary for our legitimate interests (to recover debts due to us)
- (a) Performance of a contract with you (b) Necessary to comply with a legal obligation (c) Necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services)
- (a) Performance of a contract with you (b) Necessary for our legitimate interests (to study how customers use our products/services, to develop them and grow our business)
NEWSLETTER AND OTHER MARKETING COMMUNICATION
If you receive a newsletter from us, then we originally added you to the mailing list in compliance with the law applicable at the time of inclusion.
The newsletter is subscribed by and with the help of a double opt-in, so that we can make sure that you are the right recipient. Double opt-in means that after filling in our form for signing in for our newsletter we will send you an e-mail to the mail-address you filled in. You need to follow the link to complete your subscription. We need to store the time and IP address of your confirmation in order to prove that you did subscribe to the newsletter.
To serve personalised advertising to you — Brenntag doesn´t share your information with advertisers without your consent. Brenntag allows advertisers to choose the characteristics of users who will see their advertisements, and Brenntag may use any of the non-personally-identifiable attributes Brenntag has collected to select the appropriate audience for those advertisements. When you click on or otherwise interact with an advertisement, there is a possibility that the advertiser may place a cookie in your browser and that your attributes meet the criteria the advertiser selected.
RIGHT TO WITHDRAW YOUR CONSENT
If the use of your data is based on your explicit consent, like ordering a Newsletter, you may at any time withdraw your consent for future processing for that purpose. For all other subject rights please see below.
RECIPIENTS OF PERSONAL DATA
Brenntag may share the information collected with third parties for further processing to provide a safe, efficient and customized experience. Here are the details on how Brenntag does that:
To provide products: Each entity of the affiliated Group of Brenntag may share your Personal Data within the affiliated Group, but also with agents, contractors or partners of Brenntag in connection with services that these individuals or entities perform for or with Brenntag.
These agents, contractors or partners are restricted from using this data in any way other than to provide services for Brenntag, or for the collaboration in which they and Brenntag are engaged (for example, some of our products are developed and marketed through joint agreements with other companies). Brenntag may, for example, provide your information to agents, contractors or partners for hosting our databases, data processing or mailing you information that you requested.
Where processing is to be carried out by agents, contractors or partners on behalf of Brenntag, the contractors provide sufficient guarantees to implement appropriate technical and organizational measures in such a manner that processing will meet the requirements of the data protection law. Processing by an agent, contractor or partner shall be governed by a written contract.
To respond to legal requests and prevent harm:Brenntag reserves the right to share your data to respond to duly authorised data requests of governmental authorities, or where required by law Brenntag shall never sell your Personal Data to third parties, such as marketers, without your explicit consent. Brenntag do not provide any Personal Data to "people finder," "public directory" or "white pages" sites.
SENDING AND STORING INFORMATION OVERSEAS:
Brenntag may disclose Personal Data about an individual to overseas recipients after obtaining the consent of the individual; or otherwise complying with applicable privacy legislation. Brenntag may also store Personal Data in the 'cloud' which may mean that it resides on servers which are situated outside EU. In cases when Brenntag needs to transmit your Personal Data, Brenntag shall preferably transmit your personal data only within countries of the European Economic Area (EEA) and to or from countries that provide adequate protection, as confirmed by the European Commission. For more information, see European Commission, "Commission Decisions on the Adequacy of the Protection of Personal Data in Third Countries."
In other cases, the transmission will be done preferably according to the requirements of applicable regulations with appropriate safeguards, and on condition that enforceable data subject rights and effective legal remedies for data subjects are available or, by using of binding corporate rules. Finally, if these options were not possible, the data transfers we have to make will be in accordance to the provisions of Article 49 GDPR, for example with the explicit consent of the data subject.
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal accounting or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from an authoriseduse or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means and the applicable legal requirements.
TREATING SPECIAL CATEGORIES OF PERSONAL DATA
Brenntag shall use and/or disclose special categories of Personal Data only for the purpose for which it was provided either based on your consent, or if the use or disclosure of the sensitive information is permitted by law.
COLLABORATION WITH AUTHORITIES
If you get in contact with Brenntag regarding open positions or in the case of a speculative application, we will process your data as follows:
We process personal data you provide to us only for respective purposes, i.e. the respective position you apply for. You can see the categories of personal data we store directly in the relevant application form before you submit it to us.
Parallel to the human resources department, only the corresponding manager has access to your personal data. In the case of a negative decision by the manager, this access will be revoked and only the respective person in the human resources department has access your data.
Obtaining and storing applicants’ personal data is necessary in order to carry out the application process, initiated by the applicant, and to make decisions about the potential working relationship. Brenntag deletes personal data when the application process has been completed. However, access to personal data will be restricted if there are any legal obligations to keep it.
YOUR DATA SUBJECT’S RIGHTS
Brenntag shall honour your data subject’s right in accordance with legal obligations and subject to the exemptions defined in applicable laws and regulations.
These rights are
- 1. Your right to access your Personal Data;
- 2. Your right to correct or amend or update your Personal Data;
- 3. Your right to be forgotten (right to erasure);
- 4. Your right to obtain Personal Data in a portable form (right to data portability);
- 5. Your right to restriction of processing, according to the regulation;
- 6. Your right to object of processing of personal data concerning you, according to the regulation, and;
- 7. Your right not to be subject to a decision based solely on automated processing, including profiling.
If you wish to exercise any of these rights, please contact the Group Data Protection Officer. For contact details see below. You will not have to pay a fee to access your personal data. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
YOUR RIGHT “TO BE FORGOTTEN”
If you wish to remove your Personal Data from our systems as indicated in the "Deletion Process" section, please contact us.
Brenntag implements reasonable physical, technical and administrative security controls to protect your Personal Data against loss, misuse, unauthorised access, disclosure, alteration or destruction. Your data will be stored in a secure operating environment.
However, Brenntag cannot guarantee the security of information on or transmitted via the internet as it relies on the security of the system you have used in communication with Brenntag systems. Brenntag uses measures to enhance security, such as analysing account behaviour for fraudulent or otherwise anomalous behaviour and Brenntag attempts to encrypt that information to protect against eavesdropping.
CONTACT DETAILS OF THE DATA PROTECTION OFFICER
Brenntag has appointed a Group Data Protection Officer who is located at the Headquarters in Germany together with an international Team of Local Data Protection Coordinators, thus you can get in contact in the language of the respective region. We remain available for your questions and remarks at any time.
If you have any questions regarding the processing of your personal data and possible related rights, you may contact the Group Data Protection Officer directly as per the below:
Group Data Protection Officer,
RIGHT TO CONTACT THE SUPERVISORY AUTHORITY
Without prejudice to any other administrative or judicial remedy, every data subject shall have the right to lodge a complaint with a supervisory authority, in particular in the Member State of his or her habitual residence, place of work or place of the alleged infringement if the data subject considers that the processing of personal data relating to him or her infringes this Regulation.
EXTERNAL REFERENCES & LINKS
Brenntag’s websites may have links to other sites that are owned and maintained by other organisations. These links are outside Brenntag scope yet are being provided as a convenience and for informational purposes only; they do not constitute any matter related to or sponsored by Brenntag services or opinions or organisation or individual. Please contact the external site for answers to questions regarding its content and their privacy settings & policy.