Privacy statement

This Privacy Policy describes our practices in connection with information that we collect through: 

·      The customer portal operated by us and from which you are accessing this Privacy Policy, which allows you to find invoices and order related information, access product information and/or place orders (the “My Nobian Portal”); and

Collectively, we refer to the My Nobian Portal as the “Services.”

Personal Information

“Personal Information” is information that identifies you as an individual or relates to an identifiable individual.  The Services collect Personal Information, including:  

Name
Company
Postal address (including billing and shipping addresses)
Company email address 
Order and purchase details
IP address (we may also derive your approximate location from your IP address)
User ID

Collection of Personal Information 

We and our service providers collect Personal Information in a variety of ways, including:  

Through the Services.  
-      We collect Personal Information through the Services, for example, when you sign up for the Distributor App, register an account to access the My Nobian Portal, place an order, or contact us through our online contact form. 

From Other Sources.  
-      We receive your Personal Information from other sources, for example: 

o   our CRM databases, when we already have a business relationship with you and register your access to the Services; 

o   your employer, when your employer registers your access to the Services.

We need to collect Personal Information in order to enable your use of the Services. If you do not provide the information requested, you may not be able to use the Services. If you disclose any Personal Information relating to other people to us or to our service providers in connection with the Services, you represent that you have the authority to do so and to permit us to use the information in accordance with this Privacy Policy.  

Use of Personal Information 

We and our service providers use Personal Information for the following purposes: 

Providing the functionality of the Services and fulfilling your requests. 
-      To provide the Services’ functionality to you, such as allowing you to place orders, view order status and invoices, and obtain additional product information; 

-      To arrange access to your registered account and providing you with related service.

-      To respond to your inquiries and fulfill your requests, for example, when you send us questions, suggestions, compliments or complaints, or when you request information about our Services.

-      To complete your orders, verify your information, and provide you with related service.

-      To send administrative information to you, such as changes to our terms, conditions, and policies. 

We will engage in these activities to manage our contractual relationship with you and/or to comply with a legal obligation. 

Providing you with our newsletter and/or other marketing materials.
-      To send you marketing related emails, with information about our services, new products and other news about our company. 

We will engage in this activity with your consent or where we have a legitimate interest.

Analyzing Personal Information for business reporting and providing personalized services. 
-      To analyze or predict our users’ preferences in order to prepare aggregated trend reports on how our digital content is used, so we can improve our Services. 

-      To better understand your interests and preferences, so that we can personalize our interactions with you and provide you with information and/or offers tailored to your interests.

-      To better understand your preferences so that we can deliver content via our Services that we believe will be relevant and interesting to you.

We will provide personalized services based on our legitimate interests, and with your consent to the extent required by applicable law. 

Aggregating and/or anonymizing Personal Information.
-      We may aggregate and/or anonymize Personal Information so that it will no longer be considered Personal Information. We do so to generate other data for our use, which we may use and disclose for any purpose, as it no longer identifies you or any other individual. 

Accomplishing our business purposes. 
-      For data analysis, for example, to improve the efficiency of our Services; 

-      For audits, to verify that our internal processes function as intended and to address legal, regulatory, or contractual requirements; 

-      For fraud and security monitoring purposes, for example, to detect and prevent cyberattacks or attempts to commit identity theft; 

-      For developing new products and services; 

-      For enhancing, improving, repairing, maintaining, or modifying our current products and services, as well as undertaking quality and safety assurance measures; 

-      For identifying usage trends, for example, understanding which parts of our Services are of most interest to users; and 

-      For operating and expanding our business activities, for example, understanding which parts of our Services are of most interest to our users so we can focus our energies on meeting our users’ interests.  

We engage in these activities to manage our contractual relationship with you, to comply with a legal obligation, and/or based on our legitimate interest.

Disclosure of Personal Information  

We disclose Personal Information: 

·       To our affiliates for the purposes described in this Privacy Policy. 

-      You can consult the list and location of our affiliates here. Nobian Industrial Chemicals B.V. is the party responsible for the management of the jointly used Personal Information.

·       To our third-party service providers, to facilitate services they provide to us.

-      These can include providers of services such as website hosting, data analysis, payment processing, order fulfillment, information technology and related infrastructure provision, customer service, email delivery, auditing, and other services. 

Other Uses and Disclosures

We also use and disclose your Personal Information as necessary or appropriate, in particular when we have a legal obligation or legitimate interest to do so:

·       To comply with applicable law and regulations.

-      This may include laws outside your country of residence. 

·       To cooperate with public and government authorities.

-      To respond to a request or to provide information we believe is necessary or appropriate.

-      These can include authorities outside your country of residence.

·       To cooperate with law enforcement.

-      For example, when we respond to law enforcement requests and orders or provide information we believe is important.

·       For other legal reasons. 

-      To enforce our terms and conditions; and

-      To protect our rights, privacy, safety or property, and/or that of our affiliates, you or others. 

·       In connection with a sale or business transaction.

-      We have a legitimate interest in disclosing or transferring your Personal Information to a third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer, or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings). 

OTHER Information

Other Information” is any information that does not reveal your specific identity or does not directly relate to an identifiable individual. The Services collect Other Information such as:

Browser and device information
App usage data
Information collected through cookies, pixel tags and other technologies
Demographic information and other information provided by you that does not reveal your specific identity 
Information that has been aggregated in a manner such that it no longer reveals your specific identity

Collection of Other Information 

We and our service providers may collect Other Information in a variety of ways, including:  

·       Your browser or device.  

-      Certain information is collected by most browsers or automatically through your device, such as your Media Access Control (MAC) address, computer type (Windows or Mac), screen resolution, operating system name and version, device manufacturer and model, language, Internet browser type and version and the name and version of the Services (such as the App) you are using.  We use this information to ensure that the Services function properly.  

·       Your use of the App.  

-      When you download and use the App, we and our service providers may track and collect App usage data, such as the date and time the App on your device accesses our servers and what information and files have been downloaded to the App based on your device number.

·       Cookies.  

-      Cookies are pieces of information stored directly on the computer that you are using.  Cookies allow us to collect information such as browser type, time spent on the Services, pages visited, language preferences, and other traffic data.  For more information about our use of cookies and similar technologies, please refer to our Cookie Policy. 

·       Pixel tags and other similar technologies.  

-      Pixel tags. Pixel tags (also known as web beacons and clear GIFs) may be used to, among other things, track the actions of users of the Services (including email recipients), measure the success of our marketing campaigns, and compile statistics about usage of the Services and response rates. The Portal includes a Twitter pixel and a LinkedIn tag.

-      Analytics. We use Google Analytics, which uses cookies and similar technologies to collect and analyze information about use of the Services and report on activities and trends.  This service may also collect information regarding the use of other websites, apps and online resources.  You can learn about Google’s practices by going to www.google.com/policies/privacy/‌partners/, and exercise the opt-out provided by Google by downloading the Google Analytics opt-out browser add-on, available at https://tools.google.com/dlpage/gaoptout.

·       Physical Location.  

-      We may collect the physical location of your device by, for example, using your IP address, or satellite, cell phone tower or WiFi signals.  We may use your device’s physical location to analyze the traffic to and use of our Services. In some instances, you may be permitted to allow or deny such uses and/or sharing of your device’s location (e.g., through your App settings).

Uses and Disclosures of Other Information 

We may use and disclose Other Information for any purpose, except where we are required to do otherwise under applicable law.  If we are required to treat Other Information as Personal Information under applicable law, we may use and disclose it for the purposes for which we use and disclose Personal Information as detailed in this Policy.  In some instances, we may combine Other Information with Personal Information.  If we do, we will treat the combined information as Personal Information as long as it is combined.

Security

We seek to use reasonable organizational, technical and administrative measures to protect Personal Information within our organization.  Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure.  If you have reason to believe that your interaction with us is no longer secure, please immediately notify us in accordance with the “Contacting Us” section below.

CHOICES AND ACCESS  

How you can access, change, or delete your Personal Information  

If you would like to request to access, correct, update, suppress, restrict, or delete Personal Information, object to or opt out of the processing of Personal Information, or if you would like to request to receive a copy of your Personal Information for purposes of transmitting it to another company (to the extent these rights are provided to you by applicable law), you may contact us in accordance with the “Contacting Us” section below.  We will respond to your request consistent with applicable law.

In your request, please make clear what Personal Information you would like to have changed or whether you would like to have your Personal Information suppressed from our database.  For your protection, we may only implement requests with respect to the Personal Information associated with the particular email address that you use to send us your request, and we may need to verify your identity before implementing your request.  We will try to comply with your request as soon as reasonably practicable.  

Please note that we may need to retain certain information for recordkeeping purposes and/or to complete any transactions that you began prior to requesting a change or deletion (e.g., when you place an order, you may not be able to change or delete the Personal Information provided until after the completion of such order).  

RETENTION PERIOD

We retain Personal Information for as long as needed or permitted in light of the purpose(s) for which it was obtained and consistent with applicable law.  

The criteria used to determine our retention periods include:  

·      The length of time we have an ongoing relationship with you and provide the Services to you (for example, some of your Personal Information will be deleted from our systems after two years have passed since your last use of the Distributor App);

·      Whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them); or

·      Whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations).  

Use of Services by MINORS

The Services are not directed to individuals under the age of eighteen (18), and we do not knowingly collect Personal Information from individuals under 18.

Jurisdiction and CROSS-BORDER TRANSFER

Your Personal Information may be stored and processed in any country where we have facilities or in which we engage service providers, and by using the Services you understand that your information will be transferred to countries outside of your country of residence, including the United States, which may have data protection rules that are different from those of your country.  In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities in those other countries may be entitled to access your Personal Information.

ADDITIONAL INFORMATION REGARDING THE EEA: Some non-EEA countries are recognized by the European Commission as providing an adequate level of data protection according to EEA standards (the full list of these countries is available here. For transfers from the EEA to countries not considered adequate by the European Commission, we have put in place adequate measures, such as standard contractual clauses adopted by the European Commission to protect your Personal Information. You may obtain a copy of these measures by contacting us in accordance with the “Contact Us” section below. 

SENSITIVE INFORMATION

Unless we request it, we ask that you not send us, and you not disclose, any sensitive Personal Information (e.g., social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background, or trade union membership) on or through the Services or otherwise to us.

THIRD PARTY PAYMENT SERVICE

We may use a third-party payment service to process payments made through the Services. If you wish to make a payment through the Services, your Personal Information will be collected by such third party and not by us, and will be subject to the third party’s privacy policy, rather than this Privacy Policy.  We have no control over, and are not responsible for, this third party’s collection, use, and disclosure of your Personal Information. 

PROFESSIONAL PARTNERS PRIVACY NOTICE

Nobian values the trust of our existing and prospective business relations, which include Nobian’s business customers, investors, business partners, resellers, suppliers and other relevant stakeholders (“Professional Partners”). 

This Privacy Notice describes how we collect and process Personal Information from our Professional Partners.     

For more information regarding Personal Information we collect through our My Nobian Portal, please see the My Nobian section of the Privacy Policy. For information regarding Personal Information that we collect through your use of our website or social media pages, please see our Privacy Statement, above.

What Personal Information is involved?

Personal Information” is data that identifies you as an individual or relates to an identifiable individual.  

Personal Information that we collect includes:

Personal Details and Contact Information:  Name; address; e-mail; telephone and fax details and other contact information; signature and electronic signature; nationality; photograph; voice recordings and video; CVs received from vendors/subcontractor specialists for projects;
Professional Affiliations: Business name, title, and address;
Financial Information: Payment card number; bank account number and account details; assets and income; personal bankruptcy; credit history and credit score;
Marketing Preferences and Customer Service Interactions: Marketing preferences; entry in contests or promotions; responses to voluntary surveys; recordings of telephone calls with Nobian representatives; 
Operational Data: Transactions, sales, purchases, uses, supplier information, credentials to online services and platforms. 
 

How do we collect Personal Information?

We collect Personal Information in various ways, such as:

·      when you enter into a transaction or contractual arrangement with us; 

·      when you participate in our programs or activities; 

·      when you provide data at industry events and trade shows; 

·      when you visit our facilities or we visit you at your offices; 

·      when you contact our customer services; or 

·      in connection with your inquiries and communications with us.  

We also collect Personal Information from other sources, including your employer, data companies, joint marketing partners and publicly-accessible databases. 

When you are asked to provide Personal Information, you may decline. But if you choose not to provide data that is necessary for us to provide requested services, we may not be able to provide you certain services or you might not qualify to provide us certain services.  

Unless we request it, we ask that you do not send us, and you do not disclose, any sensitive Personal Information (e.g., social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics, or genetic characteristics, criminal background, or trade union membership) to us.

We do not knowingly collect Personal Information from individuals under 16. 

For what purposes do we use Personal Information?

We use Personal Information in order to: 

Communicate with you for the purpose of our contractual relationship or legitimate interest. This includes:
Tracking and responding to your inquiries, reports, reviews or correspondence regarding products, projects and services.
Administering your account(s) with us.
Providing and improving our customer service.
Facilitating communications generally in the context of our business activities.
Sending administrative information to you, such as changes to our terms, conditions and policies.
Enforcing the contractual terms and conditions that govern our relationship with you.
 

Operate our business for the purpose of our contractual relationship or legitimate interest. This includes:
Providing you with our products, projects and services.
Assisting you to provide us with your products, projects and services.
Paying you for any goods or services that you provide us. 
Managing product and service development.
Monitoring performance to review compliance with quality, health, safety, environment and security (QHSES) requirements
Managing and allocating company assets and resources.
Carrying out strategic planning and project management.
Compiling audit trails and other reporting tools.
Financial management, budgeting and reporting.
Managing our disaster recovery and business continuity plans and procedures.
Maintaining our records relating to manufacturing and other business activities.
Operating and managing our IT and communications systems.
Carrying out data analysis, audits, and identifying usage trends.
 

Provide personalized services and information of interest to you with your consent, or where we have a legitimate interest. This includes: 
Better understanding you and personalizing our interactions with you.
Marketing our products, projects and services.
Analyzing and predicting your preferences in order to improve our interactions with you, and to deliver information that we believe will be relevant to your professional interests.
 

Engage with you as a Professional Partner with your consent, when we have a contractual relationship or a legitimate interest. This includes:
Involving you in programs/panels of professionals.
Reaching out to you for your professional expertise, for example, in the context of surveys relating to our products, projects or services.
Collaborating with you on events, publications, or advisory meetings.
Seeking your views on products, projects and services promoted by Nobian, and our business partners for development and improvement purposes.
Inviting you to participate in special programs, activities, contests, events, or promotions. Some of these may have additional rules containing information about how we will use and disclose your Personal Information. 
 

Manage our business to comply with our legal obligations, or when we have a legitimate interest. This includes:
Meeting our regulatory monitoring, recordkeeping and reporting obligations.
Conducting audits.
Detecting, preventing and investigating fraud, including carrying out background checks, due diligence and know your customer checks.
Identifying potential conflicts of interest.
Complying with sanction rules and anti-corruption, anti-bribery, and transparency obligations.
Responding to legal processes such as subpoenas, pursuing legal rights and remedies, and defending litigation.
Conducting internal investigations, managing internal complaints or claims, and complying with internal policies or procedures.
 

We may aggregate the Personal Information that you and other Professional Partners provide us.  If we do, we may use and disclose such aggregated data for any purpose.  Aggregated data does not personally identify you or any other individual.

Who do we disclose Personal Information to?

We disclose Personal Information as follows:   

·       To other Nobian entities for the purposes described in this Privacy Notice. 

·       To authorized personnel in our Sales, Global Sourcing & Procurement, Compliance, Marketing, IT, HR, Legal, Finance and Audit departments, as may be required based on their job responsibilities/business need. All personnel within Nobian will generally have access to business contact information such as name, position, workplace telephone numbers, addresses and email addresses.

·       To our third party service providers, to provide services such as data analysis, website hosting, data technology and related infrastructure provision, customer service, email delivery, auditing and other services.

·       To other companies with which we collaborate regarding particular products, projects or services. These may include our co-promotional partners for products, projects or services that we jointly develop and/or market. 

We also use and disclose your Personal Information as we believe to be necessary or appropriate: 

To comply with applicable law and our regulatory monitoring and reporting obligations (which may include laws outside your country of residence), to respond to requests from public and government authorities (which may include authorities outside your country of residence), to cooperate with law enforcement, or for other legal reasons.
To enforce our terms and conditions. 
To protect our rights, privacy, safety or property, and/or that of our affiliates, you or others. 

In addition, we may use, disclose or transfer Personal Information to a third party in connection with any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings).

What are your rights with regard to your Personal Information?

If you would like to request to access, correct, update, suppress, restrict, or delete Personal Information, object to or opt out of the processing of Personal Information, or if you would like to request to receive a copy of your Personal Information for purposes of transmitting it to another company (to the extent these rights are provided to you by applicable law), you may contact us in accordance with the “How to contact us?” section below.  We will respond to your request consistent with applicable law. 

In your request, please make clear what Personal Information you would like to have changed or whether you would like to have your Personal Information suppressed from our database.  For your protection, we may only implement requests with respect to the Personal Information associated with the particular email address that you use to send us your request, and we may need to verify your identity before implementing your request.  We will try to comply with your request as soon as reasonably practicable.  

Please note that we may need to retain certain information for recordkeeping purposes and/or to complete any transactions that you began prior to requesting a change or deletion (e.g., when you make a purchase or enter a promotion, you may not be able to change or delete the Personal Information provided until after the completion of such purchase or promotion).

What are your choices regarding our use and disclosure of your Personal Information?

We give you choices regarding our use and disclosure of your Personal Information for marketing purposes. You may opt out from:  

(1)   Receiving marketing-related communications from us.  If you no longer want to receive marketing related messages from us on a going-forward basis, you may opt out by clicking on the “Unsubscribe” link that is included in our messages.

We will try to comply with your request(s) as soon as reasonably practicable.  Please note that if you opt out of receiving marketing related emails from us, we may still send you important administrative messages, from which you cannot opt out.

What about security?

We seek to use reasonable organizational, technical and administrative measures to protect Personal Information within our organization.  Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure.  If you have reason to believe that your interaction with us is no longer secure, please immediately notify us in accordance with the “How to contact us?” section below.

How long do we retain Personal Information?

We retain Personal Information for as long as needed or permitted in light of the purpose(s) for which it was obtained and consistent with applicable law.  

The criteria used to determine our retention periods include:  

-      The length of time we have an ongoing relationship with you (for example, for as long as we have a business relationship with you); 

-      Whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them); or 

-      Whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations).  

Where is your Personal Information processed?

Your Personal Information may be stored and processed in any country where we have facilities or in which we engage service providers, and by engaging with us you understand that your information will be transferred to countries outside of your country of residence, including the United States, which may have data protection rules that are different from those of your country.  In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities in those other countries may be entitled to access your Personal Information.

Additional Information Regarding the EEA: Some non-EEA countries are recognized by the European Commission as providing an adequate level of data protection according to EEA standards (the full list of these countries is available here. For transfers from the EEA to countries not considered adequate by the European Commission, we have put in place adequate measures, such as standard contractual clauses adopted by the European Commission to protect your Personal Information. You may obtain a copy of these measures by contacting us in accordance with the “How to contact us?” section below. 

UPDATES TO THIS PRIVACY POLICY

The “Last Updated” legend at the top of this Privacy Policy indicates when this Privacy Policy was last revised.  Any changes will become effective when we post the revised Privacy Policy on the Services.  

CONTACTING US

Nobian Industrial Chemicals B.V., located at Van Asch van Wijckstraat 53, 3811 LP Amersfoort, The Netherlands, is the company responsible for collection, use, and disclosure of your Personal Information under this Privacy Policy.  

If you have any questions about this Privacy Policy, please contact our Chief Compliance Officer via Nobiancompliance@Nobian.com,  or:

Because email communications are not always secure, please do not include credit card or other sensitive information in your emails to us.  

ADDITIONAL INFORMATION REGARDING THE EEA

You may also:

·       Contact our German Data Protection Officer (DPO) via:

TÜV Informationstechnik GmbH 
Unternehmensgruppe TÜV NORD 
IT Security, Business Security & Privacy 
Langemarckstraße 20  
45141 Essen

·       Lodge a complaint with an EU/EEA data protection authority for your country or region where you have your habitual residence or place of work or where an alleged infringement of applicable data protection law occurs.