Privacy Policy
GENERAL
Scholle IPN / Bossar is committed to protecting your privacy. This Privacy Policy explains what personal data we collect about you when conducting business transactions, when you communicate with us, when you use our website (www.bossar.com), when you visit our premises, or when you apply for a job with us.
Scholle IPN / Bossar reserves the right to modify this Privacy Policy at any time. Please periodically review this privacy policy so that you know, among other things, what personal data we collect, how we use it, and with whom we may share it.
WHO IS THE DATA CONTROLLER?
Scholle IPN / Bossar is a global company with entities in the Americas, EMEA and Asia Pacific and forms part of the SIG Group. For information on the entities that form part of the SIG Group AG and their contact details, please visit our contact page https://www.sig.biz/gb/contact
Where this Privacy Policy refers to ‘we’, ‘us’ or ‘Scholle IPN / Bossar’, it refers to the Scholle IPN / Bossar entity that acts as data controller of your personal data under this Privacy Policy. The data controller is the entity who determines the purposes and the means of the data processing activity.
When you contact us, when you order or purchase goods and/or services from us or when you are our supplier the Scholle IPN / Bossar entity with whom you engage or with whom you had, have or will have a business relationship and – if relevant – Scholle IPN / Bossar entities that receive your personal data for the purposes set out in this Privacy Policy, in general, act as a data controller of your personal data.
The website www.bossar.com is controlled by Scholle IPN Corporation:
Scholle IPN Corporation
200 West North Avenue
Northlake, IL 60164
USA
Tel: +1.708.562.7290
Fax: +1.708.562.6569
Email: NorthAmerica@scholleipn.com
When you apply for a job at Scholle IPN / Bossar, the Scholle IPN entity mentioned in the vacancy acts as a data controller of your personal data.
WHICH TYPES OF PERSONAL DATA DO WE PROCESS?
Personal data is any information that directly or indirectly relates to an identified or identifiable living individual. Which (types of) personal data we process, depends on the relationship you have with Scholle IPN / Bossar. We may process the following personal data about you:
Personal data that you provide when you order or purchase goods and/or services from us:
When you are a (potential) customer and you (pre)order our goods and/or service, we may process the following types of personal data: Name, title, company name and address, email, telephone number, unique administration number, bank details of your company, information on your orders, prices and delivery status, your preferences, your payment history and other information you provide to us.
Personal data that you provide when you contact us:
When you contact us online, per e-mail, post or by phone, we may process the following types of personal data: Name, email address, name of the organization you work for, details about your question, request or complaint, and other information you provide to us when you contact us.
Personal data that we obtain when you visit our website:
When you visit our website or when you make use of platforms or apps provided by us, we may process the following types of personal data: IP address, information about your visit to the website, such as when you first visited the website, previous visit and current visit, the website you came from, your searches and the content you visited on our website. More information about the personal data we process when you visit the website can be found in our Cookie Statement (https://www.scholleipn.com/cookie-statement).
Personal data that we may process about you if you are a supplier:
When we work with you as a supplier we may process the following types of personal data: Name, title, company name and address, email address, telephone number, bank details of the company, unique administration number, supply and product information and other information you provide to us.
Personal data that we may process about you when you apply for a job at Scholle IPN / Bossar:
We regularly post our vacancies online. You will find this under ‘Career’ on our website. We offer a data base where you can search for relevant vacancies. If you create an account on our website, we will process your email address, password, your first name and surname. Once created an account, you may apply for a vacancy directly via our career website or via LinkedIn. Next to the online application process, we may also approach potential candidates by using other channels, such as external recruitment agencies and external job listing websites.
In order to process your application (via our website, LinkedIn, or otherwise), we may process the following types of personal data: Name, gender, nationality, date of birth, telephone number, email address, language(s), information included in your CV or resume (may include a photo), information included on your LinkedIn account, education, professional background, working experience, salary expectations/current salary, attachments to the application such as certificates and diplomas.
When in the application process, we may furthermore process notes taken during the interview(s), assessments and other test results, results of background checks and reference checks. In case of expenses, we may process your bank details and nature of expenses.
FOR WHICH PURPOSES DO WE PROCESS YOUR PERSONAL DATA?
We may process your personal data for the following purposes:
General
- To offer and improve our goods and services;
- Conducting satisfaction and market research surveys;
- Promoting our company and our goods and services;
- To ensure the continuity of our services;
- To handle questions, requests, complaints and claims;
- Internal control, protecting our assets and the security and integrity of our systems and data;
- To comply with our statutory obligations and requests of authorities, to avoid and settle claims.
(Potential) customers
- Facilitate a purchase / providing services, including making payment, or to otherwise conduct a business transaction, creating a customer account;
- Administrating and managing orders, executing and registration of agreements;
- Notify you when an order is being processed or is ready for delivery or pick-up;
- Identify product and service preferences;
- Send you informational or promotional communications, maintaining contact with you;
- Validate credentials, authenticate customers and prevent fraudulent transactions;
Users of our website
- Operate our website and applications;
- Improve our website and our online services.
Suppliers
- Administrating and managing supply chain;
- Administrating and managing purchases, executing and registration of agreements;
- Calculating costs and expenses;
- Maintaining contact with you.
Job applicants / candidates
- Administrating the recruitment process;
- Creating an account on our career website;
- Handling job applications;
- Assessment of suitability as a candidate, conducting background checks;
- Inviting candidates for an interview and giving follow-up to the interview;
- Handling expenses of candidates;
- Informing applicants and candidates on the outcome of the recruitment process.
WHAT IS THE LEGAL GROUND FOR THE PROCESSING OF YOUR PERSONAL DATA?
Based on the General Data Protection Regulation (GDPR), a data controller may only process personal data if one of the prescribed legal grounds apply. For the data processing activities of Scholle IPN that are subject to the GDPR, the following legal grounds are relevant:
- Performance of an agreement. We process your data to perform an agreement that we enter into or have entered into with you, when you have instructed us to provide goods and/or services or when we purchase products or services from you.
- Consent. We ask your permission for certain data processing operations, for example if we want to send you our newsletter or other commercial emails whilst you are not an existing customer. Consent may be withdrawn at any time without affecting the lawfulness of processing based on the consent before the withdrawal.
- Statutory obligation. We may process your data if and to the extent that this is necessary to comply with any of our statutory obligations.
- Legitimate interest. In some cases, we process personal data because we have a legitimate interest in doing so and because we do not disproportionately invade your privacy when doing so. This is the case, for example, if you are a customer and we want to make you an offer based on services you purchased previously. Also, we have a legitimate interest in maintaining a selection process for the recruitment of personnel and to check the capabilities of job applicants.
WITH WHOM CAN WE SHARE YOUR PERSONAL DATA?
Your personal data will be processed within the relevant department of the local Scholle IPN / Bossar entity. We may in certain cases share your personal data within our group and/or with third parties, as described below. We will only transfer your personal data if and to the extent this is necessary for the purposes as described in this Privacy Policy.
We may share your personal data with the Scholle IPN / Bossar group companies as listed on our website when this is necessary to fulfill your requests and to provide our services. If you are a job applicant, we will provide the information of your application to the Scholle IPN / Bossar entity mentioned in the vacancy.
We may share your personal data with suppliers and vendors that help us with our business activities including shipping vendors, billing and refund vendors, payment card processors and companies that help us improve our products and services such as suppliers who provide direct fulfillment services for certain products. Also, we may involve hosting providers and other service providers that may need to process personal data for us. When such third parties act as data processors on our behalf, we make appropriate arrangements about the security of your personal data in a data processing agreement.
We may transfer your personal data in the event that we merge with or are acquired by a third party or should any such transaction be proposed. If and insofar as we are legally obliged and/or permitted to do so, we may share your personal data with relevant authorities.
HOW DO WE PROTECT YOUR PERSONAL DATA?
The security of your personal data is important to us. We protect your personal data by maintaining physical, administrative and technological safeguards intended to help protect against unauthorized use, disclosure or access. We secure our systems and applications according to current information security standards, we apply an internal authorization process to ensure that only authorized staff have access to your personal data, and we back-up our database on a daily basis. We regularly assess and update our security measures.
Although we have taken reasonable physical, technical and administrative safeguards to help protect your personal data against unauthorized use, access, disclosure, misuse, alteration or destruction. We cannot ensure or warrant the absolute protection of any information you provide to us.
WHERE IS YOUR PERSONAL DATA BEING PROCESSED?
Some or all of the personal data we process may be stored or processed on servers located outside your jurisdiction of residence, where data protection laws may differ from the jurisdiction of the country where you live. As a result, this information may be subject to access requests from governments, courts, or law enforcement according to laws in those jurisdictions. Subject to applicable laws in such other jurisdictions, we will use reasonable efforts to ensure that appropriate protections are in place and that the transfer is legitimized. You may request more detailed information or a copy of the transfer agreement by contacting the Privacy Team in your region through the contact details set out below.
HOW LONG DO WE RETAIN YOUR PERSONAL DATA?
We do not retain your personal data longer than necessary for the purposes mentioned in this Privacy Policy. If you are a customer, we retain your personal data during our relationship and for a maximum period of two years after our relationship has ended, unless we are required to retain the data for a longer period of time, for example to comply with tax laws and regulations. In that case, we will retain the data for a period of at least seven years.
Personal data that we obtain within the context of a job application procedure for a period of four weeks from the end of the selection procedure, unless you have given us permission to retain it for a longer period of time. In that case, we will retain your personal data for a maximum period of one year starting at the end of the selection procedure.
YOUR ACCESS TO AND CONTROL OVER YOUR PERSONAL DATA
Subject to applicable law a data subject may have certain rights in respect of his or her personal data. For example, you may have the right to request a copy of all personal data that we keep about you, to request us to rectify your data if your data is not correct, to ask us to erase your personal data or have it removed, to object to the use of your personal data or to ask us to restrict this use. In certain cases, you can also ask us to transfer your personal data to a new service provider. Please note that your rights are not absolute.
The GDPR, if applicable and required, includes the following data subject rights:
- the right to request whether we process your personal data and if so, the right to access your personal data;
- the right to rectification of your personal data if these are incorrect or incomplete;
- the right to have your personal data deleted (‘right to be forgotten’) ;
- the right to object to the processing of your personal data or to limit the processing of your personal data;
- the right to receive or surrender your personal data to a third party appointed by you in a structured, customary and machine-readable form (‘right to data portability’).
If you are a resident of the State of California please also see the section below “ YOUR CALIFORNIA PRIVACY RIGHTS”.
When you want to exercise your rights, you can send your request to the relevant Privacy Team for your region:
Privacy Team – Americas:
By e-mail at privacy@scholleipn.com or by post:
Privacy Team – North America
p.a. Scholle IPN Corporation
200 West North Avenue
Northlake, IL 60164
USA
or
Privacy Team – Latin America
dataprivacybr@scholleipn.com
p.a. Scholle Ltda.
Av. Fernando Piccinini, 700
Distrito Industrial Vinhedo
SP-Brazil, 13288-009
Brazil
Privacy Team – EMEA:
By e-mail at EMEA@scholleipn.com or by post:
Privacy Team – EMEA
p.a. Scholle IPN Europe B.V.
Heieinde 15
5047 SX Tilburg
The Netherlands
Privacy Team – Asia Pacific:
By e-mail at AsiaPacific@scholleipn.com or by post:
Privacy Team – Asia Pacific
p.a. Scholle IPN Pty, Ltd
32 Hewittson Road
Edinburgh North, S.A., 5113
Australia
Please state clearly to which personal data the request pertains. We may ask for additional information to verify your identity.
THIRD-PARTY WEBSITES
Our websites, emails and platforms may contain links to third party websites. These other websites may have their own privacy policies and terms and conditions that are not governed by this Privacy Policy. We are not responsible for the privacy practices or the content of any website(s) owned and operated by any such third parties. Other websites may collect and treat information collected differently, so we encourage you to carefully read and review the privacy policy for each website you visit. Any links from our websites, emails and platforms to other websites, or references to products, services or publications other than those of Scholle IPN / Bossar, do not imply the endorsement or approval of such websites, products, services or publications by Scholle IPN / Bossar.
YOUR CALIFORNIA PRIVACY RIGHTS
If you are a resident of the State of California, the following applies to you. As provided by California Civil Code Section 1798.83, a California resident who has provided information to a business with whom they have established a business relationship for personal, family, or household purposes (“California customer”) is entitled to request information about whether the business has disclosed personal information to any third parties for the third parties’ direct marketing purposes. In general, if the business has made such a disclosure of such information, upon receipt of a request by a California customer, the business is required to provide a list of all third parties to whom personal information was disclosed in the preceding calendar year, as well as a list of the categories of personal information that were collected and/or disclosed. To request such information, please email us at NorthAmerica@scholleipn.com, or in writing to 200 West North Avenue, Northlake, IL 60164, Attn: Customer Care – California Shine the Light Inquiry. Please allow 30 days for a response. Please note that we are only required to respond to one request per customer each year and you will not be charged for this request.
If you would like to review and/or change your information retained by Scholle IPN / Bossar please see the section above “YOUR ACCESS TO AND CONTROL OVER YOUR PERSONAL DATA.” If you have questions regarding the process to review and/or change your personal information please contact the Privacy Team for the Americas.
California and other customers may request further information about our compliance with this law by contacting the Privacy Team for the Americas.
“DO NOT TRACK” SIGNALS
Some newer browsers have a Do Not Track (“DNT”) feature that lets you tell websites that you do not want your online activities tracked. When you choose to turn on the DNT setting in your browser, your browser sends a special signal to websites, ad networks, plug-in providers, and other web services you encounter while browsing to stop tracking your activity via cookies or other tracking technologies. Scholle IPN / Bossar does not track its website users over time and across third party websites and therefore does not respond to DNT signals. More information about third party tracking cookies that are used on our website can be found in our Cookie Statement (https://www.scholleipn.com/cookie-statement).
CHILDREN UNDER THE AGE OF 16
Our Site is not intended for or targeted to children under the age of 16. Scholle IPN / Bossar will never knowingly solicit or collect personally identifiable information from a child under the age of 16 through the Sites without verifiable parental consent. If we discover that a child under the age of 16 has submitted personally identifiable information without verifiable parental consent, we will delete that information.
HOW TO CONTACT US
If you have any questions regarding this Privacy Policy, any personal data you have submitted to us or if you would like to exercise your rights as described in this Privacy Policy, please contact the Privacy Team of your region, using the contact details in this Privacy Policy.
If you have any complaints about how we handle your personal data, you can contact us through the contact form or contact details set out on our contact page: http://www.scholleipn.com/contact/ or you can contact your region’s Privacy Team using the contact details included in this Privacy Policy. We will be happy to help you find a solution. Should this be unsuccessful, you may consider turning to the relevant data protection authority in your jurisdiction. A list data protection authorities in the European Union can be found here: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.
If you have other questions about our privacy policies and practices, please e-mail us at privacy@scholleipn.com.
Latest update: June 23, 2020