Introduction
SILICA 14 and its subsidiaries around the world (collectively “Silica 14 ”) are committed to respecting and protecting the privacy of those from whom they collect personal information.
Policy
This policy establishes and communicates the key principles SILICA 14 follows in protecting the personal information that it collects. Please note that some privacy rights and obligations may differ in certain locations based on local law, in which case SILICA 14 will comply with the local legal requirements.
Definitions
Data Subject is any individual about whom SILICA 14 holds personal data.
Personal data is any information that allows an individual to be identified directly or indirectly (e.g., name, date of birth, title, address, telephone number and email address).
Sensitive personal data is that which, in cases of misuse, may cause unlawful or arbitrary discrimination or other serious risk to a data subject (e.g., racial or ethnic origin, nationality, political opinion, religious and philosophical beliefs, and physical or mental health conditions). Collectively, personal data and sensitive personal data are referred to as “personal information”.
Collecting and Processing Personal Information
SILICA 14 collects and processes personal information that is necessary for legitimate business purposes, which will be disclosed to the data subject at the time of collection. SILICA 14 will use and process this information only for the purposes for which it was collected, retaining the personal information only for so long as is required for the specific purpose for which the information was collected.
SILICA 14 will not collect sensitive personal data except when permitted or required to do so by law, and will do so only for legitimate business purposes. If in any other instance a need arises to collect sensitive personal data, SILICA 14 will do so only with the data subject’s express consent, which can be withdrawn at any time. SILICA 14 will not sell or rent personal information for direct marketing purposes.
Colleague Obligations
When part of their job responsibilities, colleagues who collect and process personal information must comply with this policy and any applicable data protection procedures. In particular, they must: Ensure the personal information is collected and processed in accordance with this policy; Check that the personal information provided is accurate and up to date; Ensure timely updates to related internal company files; Check the information SILICA 14 distributes and provide details regarding processing notices on relevant communications; and take reasonable precautions to protect the personal information from unauthorized disclosure, loss, or destruction.
Transferring Personal Information
SILICA 14 may transfer the personal information outside the data subject’s home country when: (i) it has the consent of the data subject; (ii) it is necessary or appropriate as permitted by law to do so because it is relevant to Silica 14’s dealings with the data subject; or (iii) it is required by law. SILICA 14 will comply with notification, registration or approval requirements imposed under local law regarding the cross border transfer of personal information. SILICA 14 will implement reasonable measures to protect the security and confidentiality of personal information and provide an adequate level of protection in each SILICA 14 location where the information is transferred.
Onward Transfer
In limited circumstances, SILICA 14 may disclose personal information to a third party who is providing a service to Silica 14 . SILICA 14 will only disclose personal information if the third party has provided satisfactory assurances to SILICA 14 of its ability to provide appropriate and sufficient data privacy and security safeguards to protect the personal information from unauthorized disclosure, use or loss. Where SILICA 14 learns that a third party is using or disclosing personal information in a manner contrary to this policy, SILICA 14 will take reasonable steps to discontinue such use or disclosure. Disclosures to third parties will be only for the purposes described in this policy, for a compatible purpose, or for a purpose authorized by the data subject.
Choice
SILICA 14 gives data subjects the opportunity to choose not to have his or her personal information transferred to third parties for use in a manner incompatible with the purpose for which it was originally collected. An employee may not opt out of the transfer of his or her personal information to a third party if it is being conducted for the purpose of: (1) meeting applicable legal requirements, or (2) furthering the legitimate employment relationship with Silica 14. Prior to transferring sensitive personal data for use in a manner incompatible with the purpose for which it was originally collected, explicit (opt in) choice will be sought.
Security of Personal Information
SILICA 14 has organizational, physical, administrative and technical measures in place to protect the personal information the company collects and maintains. SILICA 14 monitors to ensure that its information security program is operating in a manner to reasonably protect the personal information it collects and processes and upgrades information safeguards as necessary to limit risks of unauthorized disclosure or use. Only authorized colleagues with a valid, work-related need may access a data subject’s personal information. In the event of a data breach, SILICA 14 will issue breach notifications as may be required under applicable law.
Data Subject Rights
While personal information is maintained by SILICA 14, a data subject may access the information pertaining to him/her to the extent required by local law to review, update and correct inaccuracies. To do so, the data subject should contact the SILICA 14 Global Privacy Officer or the Privacy Officer in the data subject’s home country (if one has been appointed). Additionally, a data subject may ask SILICA 14 to correct, update, supplement or delete personal information held on him/her.
SILICA 14 may, in its discretion, charge a reasonable, cost-based fee for access or photocopying of this information. For security purposes, SILICA 14 may require verification of identity before providing access to personal information.
Responsibility
If a data subject has a question about this policy or a complaint about the way SILICA 14 has collected, processed, used or disclosed his/her personal information and is located in Germany, the data subject should contact his or her local Privacy Officer. Data subjects located in any other country should contact the SILICA 14 Global Privacy Officer. Both individuals will promptly and courteously address any complaints or disputes regarding personal information. Silica 14’s Privacy Officers have the responsibility to ensure that each SILICA 14 office complies with this policy around the world. It is also the responsibility of these persons to deal with and respond to all inquiries from governmental authorities. Any finding of misuse of personal information by SILICA 14 or a breach of this policy shall be remedied as soon as reasonably possible.
Verification
To verify its compliance SILICA 14 will periodically conduct a self-assessment to ensure that: (a) this policy is accurate, comprehensive, prominently displayed, completely implemented and accessible, and conforms to the Safe Harbor Principles; (b) employees are informed of the internal arrangements for handling complaints and the independent mechanisms through which they may pursue complaints; and (c) SILICA 14 has in place procedures for training the appropriate employees on the implementation of this policy and disciplining those who fail to comply.
Changes to this Policy
SILICA 14 may revise this policy at any time and will post any revised Personal Information Privacy Policy to www. Silica14.com. Contact information for the Silica 14’s Privacy Officer is as follows:
SILICA 14
Attn: Privacy Officer