Devro respects your privacy and is committed to protecting your personal data. This privacy notice will inform you as to how we look after your personal data when you apply to work for us and tell you about your privacy rights and how the law protects you.
This privacy notice is provided in a layered format so you can click through to the specific areas set out below. Alternatively you can download a pdf version of the policy. Please also use the Glossary to understand the meaning of some of the terms used in this privacy notice.
We are committed to protecting the privacy and security of visitors’ personal information. For the purposes of applicable data protection legislation the relevant national Devro entity which you are engaged with is the “data controller. detailed in Appendix 1
This privacy notice describes how we collect and use personal information about you during and after your visit to our site(s).
Throughout this privacy notice, we use a number of defined terms – a full list of these along with a definition of each can be found at Appendix 2.
We will protect the security and privacy of your data, which means it will be:
In connection with your visit to our site(s), we may collect, store, and use the following categories of personal information about you:
We collect personal information from you and/or our staff members when you are visiting our site(s).
We will use the personal information we collect about you in the following ways:
this means information that we use to contact you (for example, your name, address, email address and telephone number).
means information about your job title, role and/or the organisation that you work for which may be provided to us when you give us your business card and /or tell about your role within your business.
means information about you captured on our CCTV systems.
means information about your vehicle on site, including registration number, car make and model (including colour).
means information about your clothing or shoe size to allow us to issue protective clothing and footwear on site.
We use the above information for our legitimate interests – to understand who is on our sites and/or premises and to ensure the health and safety of all staff and visitors.
We will use your sensitive (or special category) personal information in the following ways:
means information about your health, including recent travel to countries outside of the country of the site you are visiting, temperature testing and declarations about symptoms of illnesses/viruses.
means information about your identity, for example a copy of your passport and/or driving licence to allow us to verify your identity. This may also reveal information about your nationality and/or ethnic origin.
We use the above information to comply with legal obligations in relation to health and safety on our sites – to understand who is on our sites and/or premises and to ensure the health and safety of all staff and visitors.
You are under no obligation to provide data during your visit however we may not be able to allow entry to our site(s) without such information.
We do not make any decisions based solely on automated decision-making. In the event that we do ever use automated decision-making that could have a significant impact on you, we will let you know in advance.
We will only share your personal information with the following third parties for the purposes of ensuring safety on our site(s) during your visit:
We do not allow our third-party service providers to use your personal information for their own purposes. We only permit them to process your personal information for specified purposes and in accordance with our instructions and all relevant privacy laws.
All our third-party service providers and other entities in the group are required to take appropriate security measures to protect your personal information in line with our policies and we have in place data processing agreements with such third party service providers to protect your personal information where they are conducting processing operations on behalf of Devro.
We may transfer data cross borders where our service providers host, process, or store data in other countries and/or where we transfer your personal information as part of our group structure when required (for group transfers we have an intra-group data sharing and processing agreement in place which incorporates the European Union’s Standard Contractual Clauses (“SCC’s”) as an adequacy measure and the countries to which we transfer intra-group are outlined in Appendix 3).
Where we do this, we will ensure that the transfer is to a country covered by a decision of the European Commission or is otherwise made in circumstances where we have put appropriate safeguards in place to protect your data in accordance with data protection legislation.
We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need-to-know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable authorities of a suspected breach where we are required to do so.
We will not hold your personal information for any longer than is necessary for the uses outlined above, unless we are required to keep your personal information longer to comply with the law and/or any regulatory requirements.
Generally we retain visitor data for twelve (12) months. After this period, we will securely destroy your personal information in accordance with, our Data Retention Policy.
Under certain circumstances, by law you have the right to:
If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal information, or request that we transfer a copy of your personal information to another party or with draw consent, please contact our Data Protection Support Team.
We have a Data Protection Support Team to oversee data protection compliance. The team comprises of;
If you have any questions about this document or how we handle your personal information, please contact the Data Protection Support Team on firstname.lastname@example.org.
If you believe that a breach of your privacy has occurred, we encourage you to contact the Data Protection Support Team using the contact details in section 13 above to discuss your concerns.
Your complaint will be considered and dealt with by our nominated representative, who may escalate the complaint internally within Devro if the matter is serious or if necessary to resolve it.
Depending on the data protection law applicable to you, you may have the right to make a complaint at any time to the relevant supervisory authority for data protection issues. Details of the relevant authorities can be found in Appendix 3.
|Australia and New Zealand||Devro Pty Limited (No. ACN 050 095 755) Registered Address: 139 Sydney Road, Kelso, NSW, 2795, Australia|
|China||Devro (Nantong) Technology Co., Limited (913 206 910 850 779 46T) Registered Address: No 329, Xinxing East Road, Nantong Economic and Technological Development Area, Nantong, Jiangsu, People’s Republic of China|
|Czech Republic||Devro s.r.o. (No, C19560) Registered Address: Víchovská 830, 514 19 Jilemnice, Czech Republic|
|Hong Kong||Devro Asia Limited Devro Asia Limited Registered Address: 7/F C K K, Commercial Centre, Wanchai, 289 Hennessey Road, Hong Kong|
|Japan||Devro KK (No: 0100-01-051259) Registered Address: Yasuda Shibaura Building, No 2, 3-2-12, Kaigan Minato-ku, Tokyo, 108-0022 Japan|
|Netherlands||Devro B.V. (No. 10041845) Registered Address: Willem Alexanderstraat 9, 6691 EE Gendt, Netherlands|
|United Kingdom||Devro plc (No. SC129785) Registered Address: Moodiesburn, Chryston, Scotland, G69 0JE or Devro (Scotland) Limited (No. SC129787) Registered Address: Moodiesburn, Chryston, Scotland G69 0JE|
|USA||Devro, Inc (State ID Number: 0763710) Registered Address: 2711 Centerville Road, Suite 400, City of Wilmington 19808, County of New Castle, United States|
|Data Controller||the person or organisation that determines when, why and how to Process Personal information|
|Data Retention Policy||explains how we classify and manage the retention and disposal of information. Time periods for retention are set out in the retention schedule attached to the Data Retention Policy.|
|Data Subject||a living, identified or identifiable individual about whom we hold Personal information. Data Subjects may be nationals or residents of any country and may have legal rights regarding their Personal information.|
|Personal Information||any information identifying a Data Subject or information relating to a Data Subject that we can identify (directly or indirectly) from that data alone or in combination with other identifiers we possess or can reasonably possess. Personal Information includes Special Categories of Personal Information|
|Privacy Notice||a separate notice setting out information that may be provided to Data Subjects when the organisation collects information about them.|
|Processing or Process||any activity that involves the use of Personal information. It includes obtaining, recording or holding the data, or carrying out any operation or set of operations on the data including organising, amending, retrieving, using, disclosing, erasing or destroying it. Processing also includes transmitting or transferring Personal information to third parties|
|Sensitive Data or Special Categories of Personal Information||information revealing racial or ethnic origin, political opinions, religious or similar beliefs, trade union membership, physical or mental health conditions, sexual life, sexual orientation, biometric or genetic data.|
Data Protection Authorities
|Australia||Office of the Australian Information Commissioner||www.oaic.gov.au|
|China||China Ministry of Industry and Information Technology||www.miit.gov.cn|
|Czech Republic||Czech office for personal data protection (Úřad pro ochranu osobních údajů)||www.uoou.cz|
|Hong Kong||Office of the Privacy Commissioner for Personal Information, Hong Kong||www.pcpd.org.hk|
|Ireland||The Data Protection Commission||https://www.dataprotection.ie/|
|Japan||Japanese Ministry of Public Management, Home Affairs, Posts and Telecommunication||www.soumu.go.jp/english/index.html|
|New Zealand||The Office of the Privacy Commissioner, New Zealand||www.privacy.org.nz|
|Netherlands||Dutch Data Protection Authority (Autoriteit Persoonsgegevens)||www.autoriteitpersoonsgegevens.nl|
|UK||The Information Commissioner’s Office (“ICO”)||www.ico.gov.uk|
|USA||Federal Trade Commission||http://www.ftc.gov/|