UK Data Privacy Policy

https://uk.cofcointernational.com/

1/ Overview

At COFCO International, its subsidiaries, affiliates, and related entities (collectively CIL, “we” “our” or “us”), we are committed to protecting the confidentiality, accuracy and integrity of any Personal Data you provide to us. We always strive to safeguard such data from misappropriation, loss, misuse, unauthorized access, disclosure and/or alteration. We only collect Personal Data that is relevant for our described purposes, as described herein.

Our website is hosted in the United Kingdom and COFCO International UK, Ltd, company number 00165772, with registered office address at 15 The Havens, Ransomes Europark, Ipswich, England, IP3 9SJ will be the data controller of your Personal Data.
COFCOINTL II Services Portugal, Unipessoal, Lda., having its registered offices at R. da Lionesa – Espaço D2, 4465-671 Leça do Balio, Matosinhos, Portugal, is our EU representative and CIL member with delegated data protection responsibilities, and it will be a controller of your Personal Data as well. In some cases, COFCOINTL II Services Portugal, Unipessoal, Lda. may also act as a processor on behalf of other CIL entities.

CIL has also appointed a Data Protection Officer who can be reached at dataprivacy@cofcointernational.com.

Prior to providing any Personal Data to CIL, you must read and agree to the terms and conditions of this Privacy Policy.

2/ Scope

This Data Privacy Policy explains what personal information we gather and collect when you use our website and/or visit our offices, or otherwise provide Personal Data to us, how this information is used and with whom it is shared.
This Policy describes which Personal Data CIL collects, the purpose of the processing of such data as well as the rights that data subjects have regarding the use of Personal Data. This Policy also describes how you can contact us about our Personal Data protection practices.

3/ Which Personal Data We Collect

CIL processes Personal Data in accordance with the applicable data protection laws, namely the UK General Data Protection Regulation and the Data Protection Act 2018 and only for limited, explicit and legitimate purposes and to the extent needed to perform its business.

We will not use Personal Data for any purpose that is incompatible with the purpose for which it was initially collected unless you provide your prior explicit consent for further use.

Examples of types of Personal Data that we may collect from CIL’s customers, business partners, suppliers, contractors and other stakeholders include the following:

a) Contact Data, which includes information such as job title, first and last names, e-mail address, mailing address, zip code, phone numbers, company, address, country, personal ID, passports or others;

b) Economical and Transactional data, which includes information such as data related to company shareholders and legal representatives, banking information such as account and routing numbers, payment and other invoice information such as tax identification number;

c) Commercial Relationship data, which includes information about products or services that are of interest to you;

d) Job Applicant data, which includes information such as your Contact Data and all information available in your resumé as well as the information filled in CIL’s website, i.e., country, residence, work permit, languages, years of experience, current company, current/previous positions, current/previous functions, current/previous professional areas, CV or cover letter, all in accordance with our Candidate Privacy Policy.

e) IT and Communication Information, which may include information such as usernames and email addresses, network and system access logs, , as well you IP address, browser or device as described in our Cookie Policy.

f) Details of the interactions with us, such as correspondence received, meetings we have held, feedback you have provided as well inquiries about our products and services.

g) Images from customers, employees, contractors, visitors and other stakeholders entering the monitored space within and around some of our buildings and facilities through the use of Closed-Circuit TV (“CCTV”) devices. In such cases, a CCTV signage will be placed to alert you that a CCTV installation is in use.

CIL will not collect Personal Data if such collection is prohibited under the applicable data protection laws. We will always indicate whether the information requested is mandatory or optional. If you fail to provide mandatory information, in some circumstances this may mean CIL will be unable to process your request or enter into an agreement with you.

4/ How We Collect Your Personal Data

CIL may collect Personal Data from multiple sources, namely:

• Personal Data that we receive directly from you, in one of the situations listed above, when you voluntarily submit it to us or that we ask you for when you interact with us;

• Personal Data that we receive from other sources also involved in commercial transactions, such as our business partners and affiliates or third parties (if and to the extent permitted by applicable law);

• Personal Data that we collect when you interact with us online, according to our Cookie Policy.

5/ How We Use Your Personal Data

We process the personal information that we collect about you for the following purposes:

a) To communicate and manage our contractual and/or commercial relationship with you, for example, to contact you to successfully resolve your request; to respond to your inquiries about our products, services or to provide you with information that you have requested; to fulfill an order, manage payment and invoice for goods and services; to ship and deliver our products or services to you and bill you for them; when applicable, to record the phone calls with you to monitor the quality of our services;

b) To comply with legal obligations and/or regulatory requirements, for example, to comply with applicable laws and regulations; to respond to judicial, regulatory and supervisory bodies; to respond to requests from public and government authorities, which might include those outside of your country of residence;

c) To protect our rights and property, for example, to protect us against injury, theft, legal liability, fraud abuse, cyber-attacks or other misconducts; to conduct Know Your Client (KYC) procedures; to protect our facilities by using video surveillance systems among other physical security measures;

d) To manage litigation, complaints and others, for example, to assist in the context of any litigation or arbitration, including but not limited to employment court proceedings, to manage and respond to complaints, to manage and follow-up any reported concerns in our integrity hotline;

e) To improve your online user experience, for example, to provide you with a good user experience when you use any of our websites; to improve the content, functionality and usability of any of our websites;

f) To improve our products and services, for example, based on our legitimate interests in developing and improving our products and services, to collect Personal Data for research and analytics purposes as well for possible market and other research studies.
CIL will only process your Personal Data where it has a legal basis for doing so. Most of the time, we will be processing your Personal Data in order to fulfil your requests or to fulfil our contractual obligations with you or because it is necessary to comply with a legal obligation. In some cases, we will also be processing your Personal Data because you have given us your consent to do so. In such case, your consent can be withdrawn at any given time. Our legitimate interests can also be used as a basis to process your Personal Data when they are not overridden by your data protection interests or fundamental rights and freedoms.

6/ How And Why We Share Your Personal Data

CIL does not sell, share, or otherwise distribute your Personal Data to third parties for promotional purposes.

CIL will only share your Personal Data with third parties in strict compliance with this policy, your preferences and applicable laws and regulations.

We may disclose personal information collected and contained in your applicant data to the following categories of recipients:

a) Within CIL

CIL operates globally, which means your information may be stored and processed outside of the United Kingdom in order to carry out the activities specified in this Policy.

We restrict information to people within our company based on a “need to know” principle. Because of this we may share your Personal Data with our companies that provide shared services within CIL, for example, in connection with HR, procurement, financial or IT services.

If your data has to be shared to a country where you may have fewer rights in respect of your information than you do in the United Kingdom, we will make sure that there is a legal basis for such transfer and that your personal information is adequately protected as required by applicable law, for example, by using standard agreements approved by relevant authorities and by requiring the use of other appropriate technical and organizational measures to protect your personal information or by implementing “Binding Corporate Rules” within our company.

Regardless of where your information is processed, we apply the same protections described in this Policy.

b) Outside CIL

We may also share your Personal Data with our third-party services providers that may need your data for the purposes described in this policy. For example, these third parties provide services such as website hosting, data analysis, payment processing, order fulfilment, product distribution, infrastructure provision, IT services, customer service, email delivery services, auditing services, distributors, agents and similar.

These third-party service providers act on our behalf and are bound by law or contract to protect your Personal Data and only use your Personal Data in accordance with our instructions.

We may also only disclose your Personal Data outside CIL:

• When legally needed to comply with legal obligations, investigate legal issues, enforce our rights, protect our property or as needed for any other legal or regulatory investigation or proceeding;

• When you give us your explicit consent to disclose your Personal Data.

You should also be aware that, when you use features such as message boards, chats, or other social media channels to interact with CIL, any information you submit, including your name, location and email address, may be publicly available to others. We are not responsible for any information you choose to submit through these features, and we strongly discourage you from disclosing any sensitive Personal Data (such as health or credit card information) through these features. If you use these features, your Personal Data may remain on the Site or App even after you cease use of the Site or App.

Finally, and where permitted by applicable law, Personal Data may be disclosed in connection with corporate restructuring, sale, or assignment of assets, merger or other changes of control or financial status of CIL.

7/ How Long We Keep Your Information

Unless otherwise required by law, CIL will keep your information for as long as it is necessary for the purposes for which it is collected and processed in accordance with our Data Retention Policy and respective procedures.

When we are no longer able to retain your Personal Data in accordance with this Policy, we will anonymise your information and may retain those records for statistical and analytics purposes.

8/ How And Where We Store Your Personal Data

We store your Personal Data carefully. We follow industry standard measures to protect them against unauthorized access to, and unlawful interception or processing of Personal Data. Once we have received your Personal Data, we will use strict procedures and security features to prevent unauthorized access.

9/ Your Rights

You have certain rights regarding the Personal Data we hold about you. These rights may include the following:

Right of Access
You have the right to access and receive a copy of your Personal Data held by us.

Right to Rectification
You have the right to demand that we correct incorrect Personal Data we might hold about you.

Right to Erasure
You have the right to request the erasure of your Personal Data at any time if you consider that we do not have the right to hold it. We may retain certain information about you as required by law and for legitimate business purposes permitted by law.

Right to Restrict Processing
You can ask us to suspend the processing of your Personal Data in several scenarios, including if you want us to verify the accuracy of the data, and if you believe our use of your data is unlawful but you do not want us to erase it.

Right to Data Portability
You can request the transfer of your Personal Data to you or to a third party. We will provide you, or the third party you have chosen, with your Personal Data in a structured, commonly used, machine-readable format. This right only applies to information which you initially provided us with, where we used the information to perform a contract with you or where the processing of your Personal Data is carried out by automated means.

Right to Object
You have the right to object to your Personal Data being processed for a particular purpose or to request that we stop using your Personal Data.

Right to Withdraw Consent
Where our processing of your Personal Data is based on your consent, you have the right to withdraw your consent at any time. If you do so we will stop processing your Personal Data unless there is another lawful basis we can rely on, in which case we will inform you of this.

Right to Reject Automated Individual Decision-Making
You can request not to be subject to a decision based on automated processing and to have safeguards put in place if you are being profiled based on your Personal Data.

These rights can be exercised by contacting our Data Privacy Team and Data Protection Officer at dataprivacy@cofcointernational.com. However, please note that we may, if and to the extent permitted by applicable law, need to retain or continue processing certain information.

You also have the right to lodge a complaint regarding the processing of your data with the Information Commissioner’s Office at https://ico.org.uk/make-a-complaint/.

When required, we may ask for proof of your identity to help us prevent unauthorized individuals from accessing, changing or deleting your Personal Data.

We will respond to your request as soon as practically possible and always within the timeframes set forth by applicable law.

10/ Changes to this Policy

CIL may, at any time, revise this Privacy Policy by updating this document. If we make revisions to this Privacy Policy, we will update the date of this Privacy Policy. We will continue to use and/or disclose Personal Data in accordance with the version of this Policy that was in effect at the time the Personal Data was collected, unless you have agreed to have an updated version of the Privacy Policy apply to the Personal Data collected while a prior version of our Privacy Policy was in force.

11/ How You Can Contact Us

Please contact us if you have any complaints, questions or comments about our privacy practices, your privacy choices, or this Policy. You can always reach us by e-mail at dataprivacy@cofcointernational.com.

You may also contact us to exercise any of the rights mentioned in this Policy.

12/ Relevant Definitions

In the context of this document:

Personal Data
“Personal Data” means any information relating to you that would allow a party to identify you as an individual or to contact you, including, for example, your full name, address, telephone number, document number, birthdate or email address.

Company, CIL, COFCO
COFCO International Limited and its affiliated companies

Data Subjects
A data subject is any person whose Personal Data is being collected, held or processed

Want to know more?