General Data Protection Regulation Policy
Issued on: June2018, EERSEL
The General Data Protection Regulation (GDPR) policy of SNBC Europe B.V. (“SNBC,” “we,” or “us”) is designed to inform you about the use of information that you provide to SNBC and the service and products we offer.
This General Data Protection Regulation (GDPR) policy covers the treatment of personally directly or indirectly identifiable information (“Personal Data”) gathered when you are using our services and products. This General Data Protection Regulation (GDPR) policy is meant to help you understand what Personal Data we collect, why we collect it and what we do with it. This General Data Protection Regulation (GDPR) policy should be read carefully prior to using our services and products as it is important. It may be printed or downloaded at any time. The General Data Protection Regulation (GDPR) policy will be stored at: www.snbc.com.cn
Our General Data Protection Regulation (GDPR) policy explains:
•How we comply with the GDPR.
•What information we collect and why we collect it.
•How your information is used.
•How you can access and update your information.
We have tried to keep the wording of theGeneral Data Protection Regulation (GDPR) policy as simple as possible.
How we comply with the GDPR
The GDPR has entered into force on 25 May 2018. SNBC appreciates the implementation of the GDPR and deeply values compliance with the GDPR. SNBC is therefore taking all appropriate and necessary steps and actions to ensure compliance with the GDPR and to safeguard your Personal Data.
As always, we will collect and use your Personal Data with the greatest care.
Collection and use of Personal Data
We collect Personal Data from you when you voluntarily choose to provide us with such information, most importantly when you purchase one of our products. The Personal Data that we may collect contains information such as your name, email address, telephone number,and any other information that is submitted to us to complete your purchase. We collect this Personal Data to ensure that you can complete your purchase with SNBC.
If you indicate to SNBC that you are interested in the SNBC products by leaving behind an email address on the website or via an email, we may email you about products and services that we believe may be of interest to you. If you wish to opt-out of receiving these marketing emails from us, please follow the instructions contained in each email you receive from us which will allow you to opt-out of receiving further email marketing communications from us. Please note that this opt-out does not apply to mails that are pertinent to products and services that you have requested or participate in or where we are required to provide you with notifications.
If you contact SNBC, we keep a record of your communication to help solve any issues you might be facing. We may use your email address to inform you about our services, such as letting you know about upcoming changes or improvements to our products and services.
We will ask for your explicit and informed consent before using information for a purpose other than those set out in this General Data Protection Regulation (GDPR) policy.
SNBC processes Personal Data on servers in the People’s Republic of China.
SNBC does not store or keep the Personal Data stored longer than necessary for the purposes for which the Personal Data was processed. Even though we may retain the Personal Data we collect from you as long as this is necessary or required, at any time you have the right to change how we use/collect your Personal Data (see how to opt-out) unless we are required to retain this Personal Data by law or to comply with our regulatory obligations.
Legal Basis for the Processing of Personal Data from EEA Residents
If you reside within the European Economic Area (EEA), our processing of your Personal Data will be legitimized as follows:
1.Whenever we require your consent for the processing of your Personal Data such processing will be justified pursuant to Article 6(1) lit. (a) of the GDPR. This article in the GDPR describes when processing can be done lawfully.
2.If the processing of your Personal Data is necessary for the performance of a contract between you and us or for taking any pre-contractual steps upon your request, such processing will be based on GDPR Article 6(1) lit. (b). If this Personal Data is not processed, we will not be able to execute the contract with you (e.g. your purchase of our products).
3.Where the processing is necessary for us to comply with a legal obligation, we will process your information on basis of GDPR Article 6(1) lit. (c), for example complying with product safety.
4.And where the processing is necessary for the purposes of our legitimate interests, such processing will be made in accordance with GDPR Article 6(1) lit. (f), for example to detect fraud.
Disclosure of Personal Data
As a general matter, we do not sell, trade, or otherwise transfer to third parties your Personal Data. We will only share your Personal Data with companies, organizations or individuals outside of SNBC with your explicit and informed consent to do so.
This does not apply to trusted third parties so designated by SNBC, who assist us in operating the website, conducting our business, or servicing you (“Trusted Third Parties”). Rather, we may transmit your Personal Data to Trusted Third Parties. We will only transmit your Personal Data to Trusted Third Parties following their agreement and commitment to keep all Personal Data confidential. This Personal Data is given to Trusted Third Parties based on our instructions and in compliance with our General Data Protection Regulation (GDPR) policy and any other confidentiality and security measures.
We may also release your Personal Data when we believe such release is necessary to comply with applicable laws, enforce our policies, or protect SNBC’s legal rights, property, or safety, or those of third parties.
Transfer of Personal Data outside the EU
Your Personal Data may be transferred to and stored in servers located in the People’s Republic of China. We transfer this Personal Data to our servers in the People’s Republic of China in order to execute our contract with you, including pre-contractual steps. Please note that the People’s Republic of China does not offer the same amount of data protection as the EU.
When we share your Personal Data with our service providers, your Personal Data may be transferred to and/or made accessible from countries out of the European Economic Area (EEA). In such circumstances, we will enter into model contractual clauses as adopted by the European Commission. These model contractual clauses were adopted by the European Commission to transfer Personal Data to non-EEA countries that do not provide an adequate level of data protection according to the European Commission. These model contractual clauses offer adequate safeguards for such a transfer. Otherwise, we rely on alternative legal bases such as the Privacy Shield. This EU-US Privacy Shield is a framework for transfers of Personal Data for commercial purposes between the EEA and the United States to provide companies with a mechanism to comply with data protection requirements. Where applicable, we rely on binding corporate rules where our service providers have adopted such internal policies approved by European data protection authorities. These binding corporate rules are a code for the transfer of data within our organizations and companies and provides for safeguards of your Personal Data.
We use a variety of security measures to maintain the safety of your Personal Data. We take great care to ensure that your Personal Data is stored securely on our servers, and we follow standards generally accepted in the industry to protect Personal Data submitted to us.
It is important to note, however, that no method of transmission or storage via the internet is 100% secure, and thus we cannot absolutely guarantee the security of your Personal Data.
You may revoke any consent given to us with regard to the collection, processing and use of your Personal Data at any time for the future and also generally request SNBC to stop using and collecting your Personal Data. A withdrawal should be sent to SNBC at the contact information set out below. SNBC will respond to your request in a reasonable timeframe, and in any event in less than 30 days.
SNBC will be glad to honor such a request, unless we are required to retain this Personal Data by law or to comply with our regulatory obligations.
The rights of users
Users have the right at any time, to know whether their Personal Data has been stored and can consult SNBC to learn about their contents and origin, to verify their accuracy or to ask for them to be supplemented, cancelled, updated or corrected, or for their transformation into anonymous format or to block any data held in violation of the law, as well as to oppose their treatment for any and all legitimate reasons. Requests should be sent to SNBC at the contact information set out below.
Users have the right to request to obtain and reuse their Personal Data for their own purposes across different services. Requests should be sent to SNBC at the contact information set out below.
SNBC will respond to your request in a reasonable timeframe, and in any event in less than 30 days. SNBC will be glad to honor such a request, unless we are required to retain this Personal Data by law or to comply with our regulatory obligations.
Users have the right to lodge a complaint against SNBC with a supervisory authority.
More details concerning the collection or processing of Personal Data may be requested from SNBC at any time. Please see the contact information at the end of this General Data Protection Regulation (GDPR) policy.
Changes to our General Data Protection Regulation (GDPR) policy
We may need to amend or update our General Data Protection Regulation (GDPR) policy from time to time. Should we make any material changes to our General Data Protection Regulation (GDPR) policy, we will notify you accordingly by posting them to the website, and to other places that we deem appropriate. We also encourage you to read our General Data Protection Regulation (GDPR) policy regularly in order to stay updated.
Should you object to any of the changes to this General Data Protection Regulation (GDPR) policy, this would mean that you must cease using our services and can ask us to erase your Personal Data. Unless stated otherwise, the then-applicable General Data Protection Regulation (GDPR) policy applies to all your Personal Data that is collected by SNBC.
All prior versions of this General Data Protection Regulation (GDPR) policy will be kept in an archive for your review upon request.
SNBC Europe bv
Meerheide 115, 5521DX, EERSEL
SNBC is responsible for this General Data Protection Regulation (GDPR) policy
Updated on [12 June,2018]