WEBSITE PRIVACY POLICY
This Website Privacy Policy explains how: (i) Moy Park Limited; (ii) Kitchen Range Foods Limited; (iii) Moy Park France SAS; (iv) Moy Park Beef Orleans Sarl; and (v) Albert Van Zoonen B.V (‘we’, ‘us’, ‘our’), as the data controller, handle and use your personal data.
This policy (together with our website terms of use and any other documents referred to) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us.
Please read the following carefully to understand our use of, and procedures, regarding your personal data and how we treat it. This website is not intended for children and we do not knowingly collect data relating to children.
We comply with our obligations under applicable data protection laws, including the: (i) EU General Data Protection Regulation ((EU) 2016/679) (‘EU GDPR’; (ii) UK General Data Protection Regulation (as defined in The Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019) (‘UK GDPR’); and (iii) Data Protection Act 2018, and any subsequent legislation when handling your personal data (the ‘Data Protection Law’).
Overall responsibility for this Website Privacy Policy is delegated at board level to our Group Privacy Officer who can be contacted at gpo@pilgrimssharedservices.com
Information we collect about you
We may collect, store and process the following data about you when you use our website, contact us or enter into any contractual arrangement with us:
- Identity and contact data- may include title, name, address, delivery address, telephone numbers, business and personal email addresses, financial information, personal description, job title, organisation details, photographs and any relevant business information;
- Profile information- this is information about you that you give to us by filling in forms on our website or by corresponding with us by phone, email or otherwise (including through our pages on Facebook, Twitter and any other social media networks). It includes information you provide when you register to use our site, subscribe to our services, enter into a contract with us, search for a product, place an order, participate in discussion boards or other social media functions on our site or our Facebook and Twitter pages, enter a competition, prize draw, promotion or survey, or when you report a problem with our site or our products or services.
- Financial and Transaction data –includes payments to and from us and other information relating to any payments or invoices in connection with any contract with us or your purchase of any products from us and where necessary your bank account details and information in relation to your credit and financial status. This may include bank account details and an invoice address.
- Technical data- each time you visit our website we will automatically collect technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, subscription details, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform. We will also collect other information about your visit, including the full Uniform Resource Locators (URL), clickstream to, through and from our site (including date and time), page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page.
- Communications data- information relating to any correspondence or interaction from you with us.
- Special Category Data – on rare occasions we may hold details about your health or medical conditions where you have provided this information to us to enable us to meet any special needs you may have, in connection to a complaint or to ensure we meet our equality obligations.
Our websites may contain links to other sites on the internet that are owned and operated by other parties. We are not responsible for the availability, or content of any external website. These external websites have their own policies and terms of use which you should familiarise yourself with, we do not accept any liability whatsoever in respect of any external website.
The list of data we collect is not exhaustive and we may sometimes need to collect additional data to achieve the purposes we set out in this policy, or to fulfil our obligations to you.
How do we gather the data we hold about you?
Directly from you- the majority of the data we hold about you will have been provided to us by you during your interactions and communications with us and with our website.
Automatic Collection - as you use our website we may automatically collect Technical Data as stated above by using server logs and cookies.
Cookies - our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site. For detailed information on the cookies we use and the purposes for which we use them see our Cookie Policy www.moypark.com/footer/cookie-policy.
Third Parties and Publicly available sources - this is the information we receive about you if you use any of the other websites we operate or the other services we provide (including, without limitation, our pages on Facebook and Twitter and any other social media services from time to time). We work closely with third parties (including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies). We will receive personal data about you from various third parties and public sources as set out below:
- analytics and search information providers such as Google based outside the UK and EEA;
- Contact, Financial and Transaction Data from providers of technical, payment and delivery services such as Dun & Bradstreet based inside the UK.
- Identity and Contact Data from publicly available sources such as Companies House and the Electoral Register based inside the UK.
- Providers of third party due diligence screening such as E Spear based outside the UK and EEA to ensure compliance with our legislative responsibilities and compliance programmes.
Use and lawful basis of processing of the information
Generally we will use the information we gather about you in accordance with the following lawful bases of processing:
- to perform a contract that we have entered with you or are about to enter with you;
- to register you as a new customer;
- to register you as a new supplier or business partner;
- to provide goods and services to our customers;
- where applicable, to arrange payment for both goods and services provided and received;
- to give suppliers’ details to retail customers (and third parties dealing with traceability) for the purposes of maintaining supply chain visibility and ensuring the provenance and traceability of food products;
- to carry out credit checks (if you are a customer). We will supply your personal information to Credit Reference Agencies (CRAs) and they will give us information about you, such as your financial history and we do this to assess your suitability, check your identity, manage your account, trace and recover debts and prevent criminal activity. We will also continue to exchange information about you with CRAs on an ongoing basis, including about your settled accounts and any debts not fully repaid on time;
- to interrupt the potential for worker exploitation and/or prevent modern slavery or to detect unlawful acts to safeguard and protect victims or potential victims of modern slavery or worker exploitation;
- complying with our legal obligations including due diligence checks where required;
- where it is necessary for our legitimate business interests (or those of a third party), providing your interests and fundamental rights do not override those interests. including-
- to provide you with the information, products and services that you request from us (including, for example, in order to process deliveries and to respond to any complaint or query you raise or that is raised in connection with the provision of those goods and services);
- to notify you about changes to our services;
- to invite you to business related functions and events that we might hold from time to time which we believe will be of interest to you;
- to ensure that content from our site is presented in the most effective manner for you and for your computer;
- to communicate with you and provide you with information that you require or request from us including handling complaints and disputes;
- to maintain the health, safety and welfare of our employees or business partners and suppliers;
- Improving and developing new products and services;
- Handling any legal or insurance claims or any regulatory enforcement action;
- managing corporate transactions including the acquiring, transferring or selling of companies;
- Preventing, investigating, or detecting any criminal activity including working with law-enforcement agencies;
- Responding to and investigating any complaint or ethics concern raised by you or in relation to you.
Processing of Special Category Data
In the rare circumstances that you have provided us with special category data for example relating to your health or medical conditions, we will use this information to ensure we comply with our health and safety obligations or where it is required in relation to any legal or insurance claims relating to you.
Information that may be shared with third-parties.
Your personal data will be accessed by authorised staff who need to have access to that information in order to pursue the above purposes. Your personal data may be made available to recipients providing relevant services to us, such as IT software and service providers, logistics providers, insurers, bankers, accountants and legal advisers (who only process your personal data in accordance with our instructions)or government authorities as required by law.
We utilise the services of Pilgrim’s Shared Services Ltd (PSSL) to provide IT, accounts and payments and other key function services which means that we may share your information with PSSL who are bound by terms of confidentiality and must meet our standards in regards data protection. PSSL act as the data processor for the us in this respect. We will also share your information as necessary with our UK based sister companies including Pilgrim’s Pride Limited, Pilgrim’s Food Masters UK Limited and Pilgrim’s Food Masters Ireland Limited and their affiliates.
We may also disclose your personal data to third parties if we are under a duty to disclose or share your personal data in order to comply with any legal obligation; or in order to defend or make any legal claim; or to protect the rights, property or safety of the business, employees, customers or others. Personal data may also be disclosed to external parties in connection with any external third party regulatory or customer audits, sale or purchase of the business or assets, as well as to parties you authorise us to disclose your personal data to. We do not sell your personal data to any third party.
We require all our third parties service providers to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our lawful instructions.
In addition, we may give information about you (‘Debtor Information’) to our bank (‘The Bank’) to allow them to provide services to us and to manage our account. The Debtor Information may also identify the names or other personal information (such as address information) of your owners, partners or directors. The Debtor Information may include details of account balances, historical payment experiences and other information regarding the conduct of your account such as disputes, defaults, etc.
The Bank may store and process the Debtor Information on their computer system(s) and in any other way. Such information may be used by them and other companies within their Group for training purposes, credit or financial assessments, market and product analysis, making and receiving payments, recovering monies and preparing statistics. They may also use such information to prevent frauds, bad debts and money laundering.
The Bank may also give information about your account and its indebtedness to: their insurers or re-insurers so they can quote for and issue any policy or deal with any claim; any guarantor or indemnifier of our obligations to them (if any); and Group company of them or any advisor acting on our or their behalf.
Certain personal data may also be reported to government authorities such as HMRC, where required by law.
International transfers
We may transfer your personal data outside of the UK or EEA to a country that may have privacy protections less stringent than in the EEA or UK. For instance, we may transfer your personal data to our parent company, Pilgrim’s Pride Corporation (‘PPC’), and its majority shareholder, JBS USA, (both based in the United States of America) in order to: (i) perform our contract with you including processing invoices and making payments and contract administration: (ii) as part of our regular reporting activities on company performance; (iii) for system maintenance support and hosting of data; (iv) IT and website support. Whenever we transfer your personal data out of the UK or EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is in place:
- You have given your explicit Consent.
- The transfer is necessary for one of the reasons set out in the Data Protection Legislation, including the performance of a contract between us and you, or to protect your vital interests.
- In the absence of an adequacy decision from the EU Commission or UK Parliament, we will implement measures to ensure that your personal data receives an adequate level of protection, such as EU standard contractual clauses or UK International Data Transfer Agreement, together with technical and organizational safeguards to ensure that your personal data is treated in a way that is in compliance with and which respects the EU and UK laws on data protection.
Please contact us using the details at the bottom of this policy if you want further information, or copies, on the specific mechanism used by us when transferring your personal data outside of the UK or EEA.
We provide access to an ethical helpline which offers an outlet for any concerns you might have in relation to our operations that you cannot or do not feel able to raise in other ways. In order to provide an element of confidentiality, this ethics line is operated by a third-party processor. The third-party processor providing the ethics line is currently based in the EEA but the helpline is administered by PPC and JBS USA acts as the Data Controller. If you choose to use this service you will be provided with privacy information relating to the use of that service when logging your concern.
You will appreciate that in order to investigate and deal with some matters it will be necessary for the information you provide, which may include personal data, to be provided to us or other companies in our group. We will use the data in the investigation of the matters to which it relates and will handle your data during such investigations in accordance with this privacy policy.
How long we store your data
Data will be retained only as long as is necessary and in accordance with the personal data retention periods set out in our Retention Guidelines. Please contact us using the details at the bottom of this policy if you would like further information on how we retain data.
In some circumstances we may anonymise your personal data (so it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
Automated decision making
Automated decision-making takes place when an electronic system uses personal data to make a decision without human intervention. You will not be subject to decisions that will have a significant impact on you based solely on automated decision-making unless we have a lawful basis for doing so. Where your data is subjected to automated processing, we will inform you in advance.
Your rights
Under certain circumstances, by law you have the right to:
- Request access to your personal data (commonly known as a “data subject access request”).
- Request correction of the personal data that we hold about you.
- Request the erasure of your personal data.
- Request the restriction of and objection to processing of your personal data in certain circumstances.
- Request the transfer of your personal data to a third party.
You will not have to pay a fee to access any of the rights set out above, including the right of access to your personal data.
In addition, in the limited circumstances where you may have provided your consent to the processing of your personal data, you have the right to withdraw your consent at any time. This will not affect your contractual relationship with us.
Some of these rights are not automatic, we reserve the right to discuss with you why we might not comply with a request. If you want to exercise one of the above rights, please contact us using the details at the bottom of this policy.
To comply with any request you make we may require evidence to prove your identity to ensure we are complying with your request.
Complaints
You retain the right to lodge a complaint about our management of your personal data to the relevant supervisory authority, including:
- The Information Commissioner’s Office in the UK - https://ico.org.uk/concerns/
- CNIL in France – https://www.cnil.fr/en/contact-us
- Autoriteit Persoonsgegevens in the Netherlands - https://autoriteitpersoonsgegevens.nl/en/contact-dutch-dpa/contact-us
Changes to our privacy policy
Any changes we make to this website privacy policy will be posted on this page. Please check back frequently to see any updates or changes.
Contact us
Questions, comments, concerns and requests regarding this website privacy policy or our collection or use of your information are welcomed and should be addressed to the Group Privacy Officer at gpo@pilgrimssharedservices.com
or by post to Seton House, Warwick Technology Park, Gallows Hill, Warwick, CV34 6DA.