JINDAL FILMS DATA PRIVACY POLICY

Last updated: 25 August 2022

 

1.POLICY STATEMENT

Jindal Films Europe (“JFE”) is an expert in the development and manufacture of specialty films for flexible packaging and labeling markets. JFE is committed to protecting your privacy. We conduct our business in compliance with the Regulation (EU) 2016/679 of the European Parliament and Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (the “GDPR”).

This privacy policy explains how JFE, as a Data Controller under the GDPR, processes and shares Personal Data (as defined below) about its clients, prospects, contacts, suppliers, vendors, and any co-contractors in the framework of running its activities.

This privacy policy also provides information about the Data Subjects’ rights in relation to the processing of their Personal Data.

JFE has implemented appropriate technical and organizational measures to ensure and to be able to demonstrate that any Personal Data processing is performed in accordance with the GDPR.

JFE’s storage of information is treated as confidential and only accessed by authorized personnel. JFE is dedicated to protect Personal Data against unauthorized/unlawful processing and use by implementing appropriate data protection policies.

2.TERMS AND DEFINITIONS

General Data Protection Regulation (GDPR): The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a regulation by which the European Parliament, the Council of the European Union and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU).

Data Breach: A breach in security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Data transmitted, stored or otherwise processed.

Data Controller: A natural or legal person, public authority or other body which, alone or jointly with others, determines the purposes, conditions and means of the processing of Personal Data.

Data Protection Officer (DPO): An expert on data privacy who works independently to ensure that an entity is adhering to the policies and procedures set forth in the GDPR.

Data Subject: A natural, living person who can be identified or is identifiable; and for the purpose of this privacy policy, any clients, prospects, contacts, suppliers, vendors, and any co-contractors of JFE.

Personal Data: Any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified directly or indirectly, in particular by reference to an identifier such as name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identify of that natural person.

Processing: Any operation or set of operations performed upon Personal Data or sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Supervisory Authority: National authority tasked with the protection of Personal Data and privacy as well as monitoring and enforcement of the data protection regulations within the European Union.

3.INFORMATION COLLECTION AND USE

3.1 Type of Personal Data that is processed

JFE receives and stores Personal Data whenever you interact with us. Some data is communicated voluntarily (like any information you enter on our website or give us voluntarily in any other way), while other data is collected automatically (e.g. when visiting our website).

JFE may process the following Personal Data:

  • Contact details (e.g. email address, first name, last name, office address, phone number)
  • Administrative data (e.g. date and place of birth, copy of ID card or passport, social security number)
  • Professional data (e.g. job function/title, identity of your employer)
  • Financial information (e.g. bank and account details)
  • Any other Personal Data provided to, or collected by, JFE when entering in contact with us for whatever reason

3.2 Cookies

JFE collects information about your computer and assigns a “cookie” (a small, unique identifier text file). You do not provide this information; it is collected automatically as a means of supporting visits to our website and this cookie identifies your computer. As a visitor of this site, you may be assigned a permanent cookie file on your computer’s hard drive.

Cookies are stored only for the period during which your internet browser remains active (session cookies) and others for a longer predetermined period of time (permanent cookies). Session cookies are sent between your computer and the server to collect information. Permanent cookies can be used to customize this website based on the user’s choices and interests.

JFE web servers automatically gather information from website visitors so the site can communicate with the visitor’s computer during the visits. JFE also track information like number of visits to the site, which part of the site visitors selects, IP address, domain type, browser type, date and time of the day. This information is used for statistical purpose to help us design and administer the site.

As at the date of this privacy policy, all cookies in place are strictly necessary. We use the following types of cookies:

  1. WORDPRESS** (https://fr.wordpress.org/about/privacy/cookies/):
    Name : wordpress_sec_-{hash}
    Time: Session
    Purpose: To stock cookie authentication (id) information.- Name : wordpress_logged_in_{hash}
    Time: Session
    Purpose: To remember the session (id).

    Name: wordpress_test_cookie
    Time: Session
    Purpose: To check that the browser accepts cookies.

  2. PHP:
    Name: PHPSESSID
    Time: Session
    Purpose: Allows to establish the communication between the web server (php) and the browser, and temporarily stocks information on your session.
  3. PLUGINS WORDPRESS:
    Name: cookie_consent_user_accepted
    Time: 1 an.
    Purpose: Used when a visitor clicks on OK for the usage of cookies.- Name: cookie_consent_level
    Time: 1 an.
    Purpose: Memorizes parameters and accepted cookies by a visitor.

    Name: jindalfilms_com_geo_choice
    Time: 1 heure.
    Purpose: Mémorizes the selected geographic region as a visitor enters the website

    Name: JPSOM
    Time: 30 jours.
    Purpose: Memorizes the selected metric unit for data sheets (documents).

    Name: wp-wpml_current_language **
    Time: 1 an.
    Purpose: Memorizes the actual language used by the wpml plugin (multilingual pages) for the front-end.

    ** = when the visitor is connected to this area of the website to access documentation.

You remain free to disable or choose to not receive a cookie file by enabling your web browser to refuse cookies or prompt you before accepting a cookie. Please note that by ‘switching off’ these cookies, you may be unable to access or receive certain services available on our website. JFE shall not be responsible for the malfunction or disruption of this website due to the rejection or deletion of cookies necessary for its proper functioning.

3.3 Links to other sites

Please be aware that while visiting our site, visitors can follow links to other sites that are beyond our sphere of influence. JFE is not responsible for the content or privacy policy of these other sites.

3.4 Collection of customer data

JFE collects and processes Personal Data about you that you specifically and voluntarily provide, notably when you sign up as a new login account (such as your first name, last name, company name, email address, position). You will receive a login confirmation email. This email contains your email address and password.

If you contact us, we may keep a record of that correspondence.

JFE’s customers can at any time access and edit, update or delete their contact details by logging in with their username and password to JFE’s platform.

3.5 Survey Participation

JFE may (from time to time) offer our customer and website visitors an opportunity to participate in customer surveys on the website regarding their experience in using our website or service. For JFE existing customers, we may also send these surveys periodically to them email. You are under no obligation to respond to any survey, and may unsubscribe from receiving further email surveys by following the ‘unsubscribe’ instructions in any such communication. Information collected by JFE when you participate in either of the above survey types may include your full name and contact details. Such Personal Data collected through our surveys is used for internal business purposes only, to monitor the quality of and improve our website and customer services.

4.PURPOSE OF THE PROCESSING OF PERSONAL DATA

The Processing of Personal Data must be justified by one of the legal grounds specified in the GDPR.

JFE uses the Personal Data collected for the following general purposes:

(i) To provide the Data Subjects with the services requested, manage JFE relationships with clients and contacts, maintain and update JFE’s list of contacts, and/or provide information about JFE and its range of services.
✓ Processing is necessary for the performance of a contract to which the Data Subject is a party, Art. 6 Para. 1 clause 1 lit. b GDPR. This also applies to Processing operations that are necessary for carrying out pre-contractual measures.
✓ Processing may also be necessary for the purposes of the legitimate interests pursued by the Data Controller, Art. 6 Para. 1 clause 1 lit. f GDPR.

(ii) To safeguard JFE’s legitimate interest or that of a third party, in case your interests, fundamental rights and freedoms do not outweigh the former.
✓ Processing is necessary for the purposes of the legitimate interests pursued by the Data Controller, Art. 6 Para. 1 clause 1 lit. f GDPR.

(iii) Insofar as we obtain your consent for the Processing of your Personal Data, Art. 6 Para. 1 clause 1 lit. a GDPR is the legal basis for its Processing.

(iv) Insofar as the Processing of Personal Data is necessary to fulfill a legal obligation to which JFE is subject, Art. 6 Para. 1 clause 1 lit. c GDPR is the legal basis.

Should we Process your Personal Data for any other reason than for which we originally collected it, we will inform you of this new purpose to the extent permitted by law.

5.PROTECTION OF YOUR PERSONAL DATA

JFE has implemented appropriate administrative, technical and physical security programs to keep information that is stored in JFE systems protected from unauthorized access or disclosure and accidental loss or destruction. Our systems are configured with data encryption, or scrambling technologies and industry standard firewalls.

6.SHARING PERSONAL DATA

6.1.Types of recipients

JFE may share your Personal Data:

  • With JFE employees or JFE affiliated entities (e.g. subsidiaries, parent companies, sister companies, etc.) as far as this is necessary for the respective purposes.
  • With any service provider to the extent necessary for such service provider to provide services to JFE and to assist JFE in providing services to the Data Subjects, or with any other co-contractor. JFE shall enter into a contract with such service providers/co-contractors which have implemented safeguards with a view to comply with GDPR requirements, and in particular which commit not to further transfer to any non-authorized third party the Personal Data received from JFE and not to use the Personal Data received from JFE for any other purpose than the predefined purpose.
  • With certain authorities or similar institutions (government, tax authorities, banks or insurance companies) to the extent that it is necessary for the performance of the contract or because it is required by law.
  • With any public authorities or court as might be required by law, court orders or any other valid legal process brought against JFE, in order for JFE to protect and defend its rights, property or safety.

6.2 Geographical location

The recipients may be located inside or outside the European Union but the Personal Data will not be transferred to any country outside the European Union which does not ensure an adequate level of protection unless if such transfer is based on an adequacy decision, or if appropriate safeguards have been put in place (binding corporate rules or standard data protection contractual clauses), including Data Subjects’ consent, where required.

7.RETENTION AND DELETION

JFE applies different retention periods for different categories of Personal Data.
In general, Personal Data will be retained for a period deemed necessary for the purpose for which it was intended, for the purpose for JFE to perform their obligations under a contract with their clients, and for as long as required or permitted by law.

When the Processing of the Personal Data is no longer necessary for the purpose for which it was collected, JFE will erase the Personal Data.

8.YOUR RIGHTS

The Data Subjects have a right to ask JFE for access to their Personal Data, the correction or deletion of their Personal Data, a limitation of data Processing, the right to oppose the Processing and the right to data portability. Furthermore, Data Subjects have the right not to be subject to a decision based exclusively on automated Processing (including profiling) that has legal effect against them or significantly impairs them in a similar manner. The Data Subjects can exercise these rights by sending a request to DPO@jindalfilms.com. In such event, JFE has the right to ask for verification of your identity as appropriate. JFE will endeavor to respond within an appropriate timeframe and in any event within any timescales required by the GDPR.

Furthermore, on JFE’s website you can access your Personal Data and information in the ‘Login Account’. You can manage your account in changing your password and profile information. For the closure of your account, you have the possibility to do so in the “My account” page through “Delete my account’’ and JFE will send you an email confirming your account closure.

9.SUPERVISORY AUTHORITY

You have the right to file a complaint with the Supervisory Authority which is responsible for our company at any time. The contact information is:
Commission Nationale pour la Protection des Données (CNPD)

15, Boulevard du Jazz,
L-4370 Belvaux
Tél. : (+352) 26 10 60 – 1
Fax. : (+352) 26 10 60 – 6099
Internet: https://cnpd.public.lu/

10.NOTIFICATION OF DATA BREACH

JFE will notify the Supervisory Authority Commission Nationale pour la Protection des Données (CNPD) in case of a Personal Data Breach no later than 72 hours after detecting the breach.

Pursuant to the provisions of the GDPR, clients and contacts will be notified of a Personal Data Breach, without undue delay, only when the Personal Data Breach is likely to result in a high risk to their rights and freedoms.

11.CHANGES TO THIS POLICY

JFE may decide, at its own discretion, to change this privacy policy to ensure it is accurate, complete and up-to-date.

You are encouraged to review this privacy policy periodically to remain informed about your rights and how we are Processing your Personal Data.

12.JFE’s DATA PROTECTION OFFICER

JFE has a Data Protection Officer who is responsible for matters relating to privacy and data protection. This Data Protection Officer can be reached at the following address:

JFE S.A.R.L
Attn: Data Protection Officer
11 rue de l’Industrie
L-8399 Windhof
Luxembourg
DPO@jindalfilms.com

13.FOR FURTHER INFORMATION/CONTACT DATA OF THE DATA CONTROLLER

If you have any further questions regarding JFE’s data protection policy then please feel free to contact us by email at: DPO@jindalfilms.com, or in writing at:

JFE S.A.R.L
Legal Dept
11 rue de l’Industrie
L-8399 Windhof
Luxembourg