‘Personal data’ is any information or set of information that can identify you as an individual whether directly or indirectly such as your name, address, telephone number, email address as well as any other information about you that Givaudan may obtain from you directly or indirectly.
We are committed to being transparent in the way we collect and use your personal data and how we protect it. We also recognise your need for reasonable control of your personal data.
This is why this Notice explains you in details:
● Who is responsible
● Application of this Notice
● What personal data we collect and how we use it
● How we protect it
● Your rights
● Other important information you need to know
When appropriate we will provide adjust-in-time notice to cover any additional processing activities not mentioned in this Privacy Notice. In addition, we may inform you about the processing of your data separately, for example in consent forms, terms and conditions, additional privacy notices, forms and other notices.
If you disclose data to us or share data with us about other individuals such as family members, co-workers, etc., we assume you are authorised to do so and that the relevant data is accurate. When you share data about others with us, you confirm that. Please make sure that these individuals have been informed about this Privacy Notice.
The Data Controller is the legal entity which is responsible for the personal data collected from you. It determines the means and the purposes of the processing of your personal data, that is how, when and why it collects and uses your personal data. Givaudan is a multinational company operating around the globe. The Data Controller for your personal data will depend on who you are:
If you are a visitor of this website or an investor, the Data Controller is Givaudan International SA, Chemin de la Parfumerie 5, 1214 Vernier, Switzerland.
If you are a customer or a supplier, the Data Controller is the legal entity that manages your business relationship with Givaudan. This information can be found on the invoice or purchase order you receive or in the agreement you have entered into with Givaudan.
For any other individuals, with the exception of employees and contractors working on Givaudan sites, the Data Controller is the legal entity that manages your relationship with Givaudan. This information can be found in the agreement you have entered into with Givaudan or can be obtained from your contact person at Givaudan.
The list of Givaudan legal entities and their details is available in our latest annual report. For any questions with respect of this Notice, please contact our Group Data Protection Officer.
This Notice applies to you when you interact with Givaudan in the course of a prospective or ongoing business relationship, when you visit our websites, when you use the technology we make available to you (e.g. when you visit a Givaudan site) or when you connect to certain platforms, applications or other solutions under our control or when you join any offline or online events organized by us. This Notice does not apply to Givaudan employees or other individuals working on Givaudan sites nor to job applicants who may refer to the privacy notice on Givaudan job portal and on Givaudan intranet. For any other individuals, the collection and use of your personal data may be subject to a specific privacy notice. Please reach out to your Givaudan contact person for more details or contact us.
We collect personal data in two ways:
● Directly from you
● Indirectly, through other sources
We may collect and use personal data that you provide us when you interact with us.
For example, your business contact details, including your full name, contact details, your role within your company and your work experience, the country where you work, the products and services that are of interest to you and your company, your opinion and preferences about a product, your communication preferences, your feedback about our services or our organisation.
We also collect the information that you provide to us when you use the contact forms on our website or when you contact our media relations or on paper forms that we ask you to fill during events such as fairs or other marketing events you participate in.
In some cases we may have (video) conferences being recorded for quality assurance purposes and trainings. Such recordings may only be made and used in accordance with our relevant internal policies. You will be informed if and when such recordings take place, including by an indication during the video conference in question. If you do not wish to be recorded, please notify us or leave the (video) conference. If you simply do not want your image to be recorded, please turn off your camera.
We also collect information about you indirectly, for example when you browse Givaudan websites, subscribe to our feeds on social media, or otherwise use our network infrastructure and the technology we make available to you. We collect logs about your use of the network, our website (e.g. your view or click on specific content or links or when you click on social media plugins) or the platforms, applications or other solutions we ask you to connect to. We may also collect information such as your IP address, device browser and operating system when you connect to our network infrastructure. We also use cookies to enhance your browsing experience on our websites. Please visit our Cookies policy for more information about how to manage your online privacy.
We also collect information about you from third parties when we acquire other companies for example or from publicly available sources such as information about you made available on your company’s website, or from public registries such as Commercial Registry if such is required to ensure compliance with applicable laws.
When your company wishes to enter into a business relationship with Givaudan, we may perform a third party due diligence during which your company may provide us with information about you such as general background information, your business experience and qualifications,your curriculum vitae, financial interests you may have as a director or officer of your company, any relationship with public officials you may have as well as information about actual criminal convictions, if any, and subject to any restrictions under applicable data protection law.
We collect and use your personal data for our legitimate interest to:
We collect and use your personal data once we obtain your consent to:
You can object to such contacts at any time or refuse or withdraw consent to be contacted for marketing purposes.
You are advised to avoid sharing your private email address/phone number/home address with us as we are not capable of recognizing the nature of such data.
We may also share your personal data with:
Givaudan affiliates in order to deliver you better services which may be provided within or outside of your country. As a global company, our employees in various sites may need access to your personal data in order to deliver you better services through streamlined processes.
Third party service providers that provide solutions and services for our organisation to help us delivering with excellence. For example, these services providers may help us to (i) deliver emails or other communications, (ii) develop and host some of our solutions (iii) provide customer services or payment services or (iv) assist us in background checks,fraud prevention and risk assessment, (v) enable your subscription to our newsletter, face-to-face or online events or other marketing channels, (vi)provide CRM solutions to facilitate contact and to support you in your choice of our products and services (delivering product samples)
We may also share your personal data:
– in connection or in the course of a merger or a sale or acquisition of a business
– when we are legally required to do so by a competent authority. We may disclose personal data to agencies,courts and other authorities in Switzerland and abroad if we are legally obliged or entitled to make such disclosures or if it appears necessary to protect our interests. This may include health data. These authorities act as separate controllers.
We do not sell your personal data to third parties.
Where we ask for your consent for certain processing activities, we will inform you separately about the relevant processing purposes. You may withdraw your consent at any time with effect for the future. Where you have a user account, you may also withdraw consent or contact us also through the relevant website or other service, as applicable.
Where we do not ask for consent for processing, the processing of your personal data relies on the requirement of the processing for initiating or performing a contract with you (or the entity you represent) or on our or a third-party legitimate interest in the particular processing. Our legitimate interests also include compliance with legal regulations, insofar as this is not already recognized as a legal basis by applicable data protection law (for example in the case of the GDPR, the laws in the EEA and in the case of the DPA, Swiss law).
Where we receive sensitive personal data(for example health data, data about political opinions, religious or philosophical beliefs, and biometric data for identification purposes), we may process your data on other legal basis, for example, in the event of a dispute,as required in relation to a potential litigation or for the enforcement or defence of legal claims. In some cases, other legal basis may apply, which we will communicate to you separately as necessary.
We may automatically evaluate personal aspects relating to you («profiling»), where we wish to determine preference data, but also in order to detect misuse and security risks, to perform statistical analysis or for operational planning. We may also create profiles for these purposes, i.e. we may combine different categories of data relating to you in order to better understand you as a person with your various interests and other characteristics. We may also create anonymous and – with your consent – personalised motion profiles of you.
If you are our customer, we may, for example, use «profiling» to determine which other products are likely to be of interest to you based on your purchases. Profiles may also be used for marketing, for example, or for security purposes.
In both cases, we pay attention to the proportionality and reliability of the results and take measures against misuse of these profiles or profiling. Where these can produce legal effects concerning you or similarly significantly affect you, we generally ensure human review.
We consider your personal data as confidential information. We deploy technical and organisational measures to secure your personal data and ensure that it is protected from unlawful access,alteration and loss. Organisational measures mean for example that we ensure that only the persons who need to do so for business purposes, have access to your personal data. Technical measures mean that we perform regular checks on our infrastructures but also on our service providers to ensure that they comply with Givaudan security policies.
You are in control of your personal data.
Right to access and to correct. You have the right to request a copy of the personal data we hold about you by contacting us. We make regular checks to ensure we keep your personal data up-to-date. However, we need your help in doing this, so please contact us if you want to correct personal data that you have provided us with.
Right to object and to restrict. You have the right at any time to object to the processing of your personal data (e.g. when you do not wish to receive direct marketing communications or newsletters from us).Under certain circumstances, you also have the right to obtain the restriction of the processing of your personal data (e.g. until an inaccuracy in your personal data is corrected by us following your request).
Right to erasure. If you no longer wish us to process your personal data, you may contact us. We may however retain certain of your personal data for compliance with applicable laws and regulations and in accordance with our data retention rules.
Right to lodge a complaint. We make our best to be transparent, protect your personal data and offer you as much control as we can. If, however, you deem that we did not do it in compliance with applicable privacy and data protection laws, you can contact us. You also have the right to lodge a complaint with the data protection supervisory authority in your country or in the country where your Data Controller is located.
Right to control Cookies and other technologies on our websites. When you first visit our websites, you are asked to consent to the use of cookies and other technologies. You can manage your choice at any time.Please visit our Cookies policy to learn how to keep control of your online activity.
You also have these rights in relation to other parties that cooperate with us as separate controllers – please contact them directly if you wish to exercise your rights in relation to their processing.
We retain your personal data for as long as it is necessary for each of the purposes outlined above. We may however retain certain of your personal data for compliance with applicable laws and regulations (e.g. for tax and audit purposes) and in accordance with our data retention rules. Where it is no longer required to retain data that can still identify you, we will either erase, anonymise or aggregate it so that you may no longer be identifiable as a single individual.
We operate as a global company and rely on service providers to support our global solutions. Your personal data may be transferred to another country other than the one you reside in. We ensure,however, that such international data transfer is made in compliance with applicable data protection laws.
The most recent version of this Notice is on this page. We may modify this Notice at any time without notice, except if such modifications contain substantial changes that may affect individuals’rights under applicable privacy and data protection laws, in which case you will be notified of such changes at the beginning of this page.
In case you have further questions about this Notice, please get in touch with our Group Data Protection Officer. You can also write to us at:
Givaudan International SA
Attn: Group Data Protection Officer
Chemin de la Parfumerie 5
1214 Vernier
Switzerland
* Does not apply to employees or candidates
Approved: 27 November 2017
Last updated: 25 May 2018
The LGPD (Brazilian General Data Protection Law) and consequently this Annex applies to those who are subject to any processing activity described below:
Processing activity:
I – that is carried out in the Brazilian national territory;
II – in which the personal data being processed were collected in the Brazilian national territory.
Defined by the LGPD, your rights are the following:
Art. 18. The data subject, regarding the data subject’s data being processed by the controller, at any time and by means of request, has the right to obtain the following from the controller:
I – confirmation of the existence of the processing;
II – access to the data;
III – correction of incomplete, inaccurate or out-of-date data;
IV – anonymization, blocking or deletion of unnecessary or excessive data or data processed in noncompliance with the provisions of this Law;
V – portability of the data to another service provider or product provider, by the means
of an express request, pursuant with the regulations of the national authority, and subject to commercial and industrial secrets; (New Wording Given by Law No. 13,853/2019)
VI – deletion of personal data processed with the consent of the data subject, except in
the situations provided in Art. 16 of this Law;
VII – information about public and private entities with which the controller has shared
data;
VIII – information about the possibility of denying consent and the consequences of
such denial;
IX – revocation of consent as provided in§5 of Art. 8 of this Law
If you are residing in Thailand, the following country-specific provisions will be applicable to you.
If you are a Thai national holding a Thai national identification card, we may collect your sensitive personal data, i.e.religion and/or blood type, when collecting a copy of said identification document from you for management of our contractual relationship. If required by applicable data protection laws, we will collect this sensitive personal data with your explicit consent.
During the due diligence process, we may collect sensitive personal data, in that case we will seek your explicit consent to the extent required by applicable law.
In addition to the rights stated above, you are also entitled to the following right:
Right to Data Portability. You have the right to request a copy of your personal data, in a machine-readable format, for the purpose of transferring it to another data controller.
Right to Withdraw Consent. If you have given your consent to anything we do with your personal data, you have the right to withdraw your consent at any time (although if you do so, it does not mean that anything we have done with your personal data with your consent up to that point is unlawful). Please note that where your personal data is required for the purpose of contractual necessity, we may not be able to perform our contractual obligation or proceed with your request to enter into a contract with us if you withdraw your consent laws which are as strict as the ones required by your local personal data protection law and regulant.
Your personal data may be transferred to our group companies, affiliates, and service providers which are located outside of Thailand. While we try our best to ensure that the person who receives your personal data is located in a country that has data protection laws, there could be an instance where your personal data will be transferred to other countries which do not implement adequate personal data protection standards.
Nevertheless, we ensure that any and all such international data transfers are made in compliance with the applicable data protection laws in Thailand.
In case you have further questions about the Privacy Notice, or would like to exercise any of your rights, please contact our Group Data Protection Officer at global.dataprotection@givaudan.com.
You can also write to us at:
Givaudan(Thailand) Limited
Attn: Group Data Protection Officer
719 KPN Tower, 16 & 25th Floor
Rama 9 Road, Bangkapi Sub-district,
Huaykwang District,
Bangkok 10110