loading ...

Privacy Policy

1. General and mandatory information

Hempel Special Metals Ltd is a public limited company. References in this Privacy Policy to "we", "us" or "Hempel" refer to all Hempel companies worldwide.

When this Privacy Policy refers to "personal data", this means any information that identifies a natural person (hereinafter "data subject") or could reasonably be used to identify them, either alone or in conjunction with other information.

Hempel is committed to protecting and respecting your personal data and your privacy. Please read this privacy policy carefully to understand our handling of your personal data.

2. Responsible person

The Hempel Group's data protection officer is Daniel Blum with Volker Bohn as deputy (IT and technical matters).

The General Manager is responsible for the individual company.

Hempel Special Metals Ltd., 404 Bretton Park Ind Est, GB-WF12 9BS Dewsbury / West Yorkshire, uk@hempel-metals.com

Any requests, questions or comments about this policy or our handling of your personal data can be directed to our data protection team:

privacy@hempel-metals.com

 

3. Your rights in relation to your personal data


As a data subject affected by data processing, you have the following rights vis-à-vis the controller:

Evocation of your consent
In accordance with Art. 7 para. 3 GDPR, you can revoke your consent to the processing of your personal data at any time. As a result, we may no longer continue the data processing that was based on this consent in the future.

Right to information
In accordance with Art. 15 GDPR, you have the right to request information about your personal data processed by us (possibly with restrictions in accordance with § 34 BDSG).

Right to rectification
At your request, we will correct or complete the data stored about you in accordance with Art. 16 GDPR if it is inaccurate or incorrect.

Right to cancellation
If you wish, we will delete your data in accordance with the principles of Art. 17 GDPR, provided that other legal regulations (e.g. statutory retention obligations or the restrictions according to § 35 BDSG) or an overriding interest on our part (e.g. for the defence of our rights and claims) do not conflict with this.

Right to restriction of processing
Taking into account the requirements of Art. 18 GDPR, you can request us to restrict the processing of your data.

Right to data portability
You also have the right to receive your data in a structured, commonly used and machine-readable format or to transmit it to a third party in accordance with the requirements of Art. 20 GDPR.

Right to object to the processing
You have the right to object at any time to the processing of your data on the basis of Art. 6 para. 1 sentence 1 lit. f) GDPR (data processing on the basis of legitimate interest) in accordance with Art. 21 GDPR. However, this right to object only applies if there are very special circumstances relating to your personal situation, whereby our rights may conflict with your right to object. If you lodge an objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the establishment, exercise or defence of legal claims.

Right to lodge a complaint with a supervisory authority
You also have the right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR).

Except in the cases mentioned below, we do not use your data for automated decision-making or profiling. We will not send you any marketing material without your express consent and will comply with any request to stop sending you such communications.

4. Collection and processing of personal data when using our website

Provision of our website

You can use our website without disclosing your identity. Each time our website is accessed, our system automatically collects data and information from the computer system of the accessing computer. This information is automatically recorded when our website is accessed and temporarily stored in a log file. The following information is collected without any action on your part and stored until it is automatically deleted:

- IP address of the requesting computer
- Date and time of access
- Name and URL of the retrieved file
- Website from which the access was made (referrer URL)
- Browser used and, if applicable, the operating system of your computer as well as the
- the name of your access provider.

We process the aforementioned data for the following purposes:

- Ensuring a smooth connection to the website
- Ensuring convenient use of the aforementioned website
- Ensuring system security and stability
- for other administrative purposes.

The storage of the aforementioned access data is necessary for technical reasons in order to provide a functioning website and to ensure system security. This also applies to the storage of your IP address, which is necessary and, under further conditions, can at least theoretically enable an assignment to your person.

Beyond the aforementioned purposes, we use server log files exclusively for the needs-based design and optimisation of our website, purely statistically and without drawing any conclusions about your person. This data is not merged with other data sources, nor is it analysed for marketing purposes.

The access data collected as part of the use of our website is only stored for the period for which this data is required to fulfil the aforementioned purposes. Your IP address is stored on our web server for a maximum of 3 months for IT security purposes.

The legal basis for the processing described above is our legitimate interest pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest here is to be able to provide you with a technically functioning and user-friendly website and to ensure the security of our systems.

Use of cookies
Our website uses cookies. Cookies are text files that are stored in the Internet browser or by the Internet browser on the user's computer system. When a user accesses a website, a cookie may be stored on the user's operating system. This cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the website is called up again. Some of the cookies we use are deleted after the end of the browser session, i.e. after you close your browser (so-called session cookies). Other cookies remain on your end device and enable us to recognise your browser the next time you visit our website (so-called persistent cookies).

Strictly necessary cookies help to make a website usable by enabling basic functions such as page navigation and access to secure areas of the website. The website cannot function properly without these cookies. Strictly necessary cookies cannot be deactivated. However, you can generally deactivate these cookies in your browser at any time. In this case, the functionality of our website may be limited. The legal basis for this processing of your data for strictly necessary cookies is Art. 6 para. 1 lit. f GDPR our legitimate interest in the provision of our website.

For functions that are not absolutely necessary, the storage of information in your terminal device or access to information that is already stored in your terminal device requires your consent as the legal basis for data processing (Art. 6 para. 1 lit. a GDPR). We would like to point out that if you do not give your consent, parts of the website may not be fully usable. Information on whether consent is required for the use of cookies can be found in the following overview of the cookies used on this website. When you visit our website, we display a "cookie banner". By clicking on the button, you can declare your consent to the use of non-essential cookies on this website. You have the option to revoke your consent at any time for the future.

We also store your consent in the form of a cookie ("opt-in cookie") on your end device in order to determine whether you have already given your consent when you visit the website again. The opt-in cookie has a limited validity period of 3 months. If you have given us your consent to the use of certain cookies, this is the legal basis for the processing of your data (Art. 6 para. 1 lit. b GDPR).  
The following types of cookies are used (possibly with your consent):
Web analysis services

Google Tag Manager

We use the Google Tag Manager. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Google Tag Manager is a tool that enables us to integrate tracking or statistical tools and other technologies on our website. The Google Tag Manager itself does not create any user profiles, does not store any cookies and does not carry out any independent analyses. It is only used to manage and display the tools integrated via it. However, Google Tag Manager records your IP address, which may also be transmitted to Google's parent company in the United States.

The Google Tag Manager is used on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the fast and uncomplicated integration and management of various tools on its website. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time.

The company is certified in accordance with the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: www.dataprivacyframework.gov/s/participant-search/participant-detail


Google Analytics

This website uses functions of the web analysis service Google Analytics. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

Google Analytics enables the website operator to analyse the behaviour of website visitors. In doing so, the website operator receives various usage data, such as page views, length of visit, operating systems used and origin of the user. This data is assigned to the user's end device. It is not assigned to a user ID.

We can also use Google Analytics to record your mouse and scroll movements and clicks, among other things. Google Analytics also uses various modelling approaches to supplement the recorded data records and uses machine learning technologies for data analysis.

Google Analytics uses technologies that enable the recognition of the user for the purpose of analysing user behaviour (e.g. cookies or device fingerprinting). The information collected by Google about the use of this website is generally transmitted to a Google server in the USA and stored there.

The use of this service is based on your consent in accordance with Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG. Consent can be revoked at any time.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details here: privacy.google.com/businesses/controllerterms/mccs/.

The company is certified in accordance with the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: www.dataprivacyframework.gov/s/participant-search/participant-detail

Browser Plugin

You can prevent the collection and processing of your data by Google by downloading and installing the browser plug-in available at the following link: tools.google.com/dlpage/gaoptout.

You can find more information on how Google Analytics handles user data in Google's privacy policy: support.google.com/analytics/answer/6004245.
Order processing

We have concluded an order processing contract with Google and fully implement the strict requirements of the German data protection authorities when using Google Analytics.

Plugins and Tools

YouTube with extended data protection
This website embeds videos from the YouTube website. The operator of the pages is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

We use YouTube in extended data protection mode. According to YouTube, this mode means that YouTube does not store any information about visitors to this website before they watch the video. However, the transfer of data to YouTube partners is not necessarily excluded by the extended data protection mode. For example, YouTube establishes a connection to the Google Marketing Network regardless of whether you watch a video.

As soon as you start a YouTube video on this website, a connection to the YouTube servers is established. This tells the YouTube server which of our pages you have visited. If you are logged into your YouTube account, you enable YouTube to assign your surfing behaviour directly to your personal profile. You can prevent this by logging out of your YouTube account.
Furthermore, YouTube can store various cookies on your end device after starting a video or use comparable recognition technologies (e.g. device fingerprinting). In this way, YouTube can obtain information about visitors to this website. This information is used, among other things, to record video statistics, improve user-friendliness and prevent attempts at fraud.
After the start of a YouTube video, further data processing operations may be triggered over which we have no influence.
The use of YouTube is in the interest of an appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time.

Further information about data protection at YouTube can be found in their privacy policy at: policies.google.com/privacy.

The company is certified in accordance with the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: www.dataprivacyframework.gov/s/participant-search/participant-detail

Google Maps
This site uses the map service Google Maps. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
To use the functions of Google Maps, it is necessary to save your IP address. This information is usually transmitted to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer. If Google Maps is activated, Google may use Google Fonts for the purpose of standardising the display of fonts. When you call up Google Maps, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly.
The use of Google Maps is in the interest of an appealing presentation of our online offers and to make it easy to find the places we have indicated on the website. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: privacy.google.com/businesses/gdprcontrollerterms/ and privacy.google.com/businesses/gdprcontrollerterms/sccs/.
You can find more information on the handling of user data in Google's privacy policy: policies.google.com/privacy.
The company is certified in accordance with the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider at the following link: www.dataprivacyframework.gov/s/participant-search/participant-detail


5. Collection and processing of personal data that we collect and process when you contact us and/or in the context of a business relationship

How we collect your personal data

We regularly receive and process personal data as part of our business activities. We may process your personal data:

•    As part of our onboarding process for clients and companies;
•    When you or your organisation seeks advice or employment from us;
•    When you or your organisation offer or provide services to us as a vendor or partner;
•    For example, when you contact us by email, request information about or attend an event sponsored by us, or when you use the alumni or career portal,
•    When you or the company you work for initiate or maintain a business relationship with us,

The personal data that we collect and process may include

•    Basic information, such as your name, employer, title or professional position;
•    Your contact information, such as your address, e-mail address and telephone number(s);
•    Relevant financial information, such as bank details (if applicable);
•    Current technical information, such as your IP address and other information collected during your visits to our website or applications or in connection with materials and communications we send to you electronically;
•    Any information you provide to us for the purpose of attending meetings and events;
•    Identification and background information that you provide to us or that we collect as part of our customer or company onboarding process;
•    Your personal data provided to us by or on behalf of our clients or employees or generated by us in the course of providing legal services and employment, which may include special categories of data;
•    Any details of your visits to our offices; and
•    Any other information that you may provide to us.
Generally, you will have provided such data to us. However, in some cases we may collect information about you from a third party source, such as a government or credit reference agency, an information or service provider or public records.

If you contact us, we will only process the data we receive from you in order to process your contact enquiry. This also constitutes our legitimate interest in the processing of the data, which is the legal basis for the processing of the data (Art. 6 para. 1 lit. f GDPR).

If the contact is aimed at the conclusion of a contract or if there is a business relationship between you or the company you are acting for, the legal basis for the processing is Art. 6 para. 1 lit. b GDPR, which permits the processing of data for the performance or termination of a contract or for the implementation of pre-contractual measures.


How we use your personal data

We assure you that we will only use your personal data in connection with our business activities (including the fulfilment of our legal or regulatory obligations). These "Authorised Uses" may include:

•    Providing business advice or other services to our clients;
•    Managing our business relationship with you or your organisation, whether in connection with the provision or procurement of goods and services or as your employer or former employer, including processing payments, accounting, auditing, invoicing and collections and related support services;
•    Managing and securing access to our offices, systems and online platforms;
•    Compliance with court orders and other legal and regulatory requirements;
•    Processing necessary for the purposes of the legitimate interests pursued by the Company or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms; and
•    For any purpose related to the above or for any purpose for which you have provided the personal data to Hempel.

If you have given us your express consent, we may process your personal data for other purposes. You can withdraw your consent at any time. The additional purposes for which we may process your personal data include

•    Communicating with you regarding business developments, legal announcements, events and products and services that may be of interest to you;
•    Distributing surveys or marketing materials;
•    Gathering information about your preferences to improve the quality of our communications and interactions with you, such as through website analytics or tracking our customer publications; and
•    Any other purpose for which you have given your consent.

How we share your personal data

Regardless of how we receive your personal data, it may be exchanged between and among all Hempel subsidiaries. All our subsidiaries ensure at all times a level of data protection that is at least as high as that required by Swiss and EU law. For a list of all our subsidiaries, please click on the link below:


www.hempel-metals.com/en/company/locations/


We may need to disclose personal data to third parties, including third parties based outside Switzerland or the EU, such as (but not limited to) subcontractors, lawyers, accountants and third parties involved in your affairs. If we disclose or transfer your personal data to service providers of ours (banks, legal advisors, insurance companies, etc.), other business partners, customers, domestic and foreign authorities, official bodies or courts, acquirers or parties interested in acquiring our company, business divisions or assets as well as other parties in potential or actual legal proceedings or other persons involved in official or legal proceedings, we always do so in accordance with the applicable Swiss and European data protection laws and take appropriate protection and security measures to ensure their integrity and protection.

6. The security of your personal data

Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, we will at all times implement appropriate technical and organisational measures to protect your personal data against unauthorised or unlawful processing and against accidental loss or destruction of, or damage to, your personal data in accordance with our internal security procedures for storage, access and destruction. Personal data may be stored on our own technical systems or those of our suppliers or in paper files.

7. Storage of your personal data

We may store your personal data for as long as is necessary for the respective purpose or - if the processing is based on your consent - until you withdraw your consent, unless we are legally obliged or otherwise authorised to continue storing this data. This may be the case for the fulfilment of statutory retention obligations or for the preservation of evidence, taking into account the statute of limitations. In particular, we may retain your personal data for an additional period if deletion would require us to overwrite our automated backup systems for disaster recovery or if we deem it necessary to assert or defend legal claims during a corresponding retention period.

8. Updates to this privacy policy

This privacy policy is the most current version. Hempel reserves the right to amend it from time to time in order to adapt it to changes in legal requirements or our processing practices. Any changes will be incorporated into a new version of this Privacy Policy, published on our website and will take effect upon publication.

 

9. Contact person

For questions regarding the collection, processing, storage or use of your personal data, for information, blocking, correction or deletion of personal data as well as for the revocation of consents granted under data protection law, please contact our data protection team, which can be reached at privacy@hempel-metals.com.