Chemonics EU Data Protection Policy
Chemonics abides by the provisions of the European Union General Data Protection Regulation (GDPR). To earn and maintain your trust, we are committed to protecting the privacy and security of the personal data we have about users of our website, our clients, and our clients’ accounts. This notice is intended to help you understand our practices for collecting, using, maintaining, and disclosing your personal data.
A. Collection and Processing of Information
I. We are processing personal data. Personal data are any information relating to an identified or identifiable natural person (‘data subject’). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. However, information which cannot be directly tied to an individual, such as aggregated information, or anonymized information, is not considered personal data.
II. The legal basis for the collecting and the processing of personal data depends on the purpose for which we use the personal data. In some instances, the basis for processing is your consent. However, in many cases, the legal basis for processing will be Chemonics’ legitimate interest specifically relating to the administration of our website. Note that should you believe that your interest outweighs Chemonics’ interests, you may object to such processing as described in this Policy. Finally, Chemonics may process personal data pursuant to the performance of a contract.
III. We limit the collection and processing of personally identifiable information to that which is necessary to deliver services to our clients. We collect personal data in a number of ways. This can be done directly from you or your custodians, either via telephone, Web form or email, or via automated tools which are embedded in our technology platform (e.g. this website). Some of the automatically collected information is personal data, some of it is not.
IV. The information we generally automatically collect is technically related to the use of our website. This information is gathered through our servers’ log files. These log files record information such as:
- number of visits our website receives
- the types of browsers and operating systems used
- time zone difference to Greenwich Mean Time (GMT)
- requested site or file
- date and time of your request
- web page where the request originated
- status of this request (file transferred, file not found etc.)
- amount of data transferred
This log file information allows us to improve out website, created better content, and deliver a more personalized service. To this end, the legal basis for this kind of processing is our legitimate interest as described by GDPR Article 6(1)(f).
V. You may be required to register in order to be granted access to certain information, services and/or products on this website. At the time of registration, you may be prompted by one of our online forms to provide certain personal data to us, including your name, company name, email address, company address, company size, and job title.
- Some of our pages may use a feature of your browser called a cookie. A cookie is a small text file that is placed on your hard disk by a Web page server. Cookies contain information that can later be read by a Web server in the domain that issued the cookie to you. Cookies can contain personal data, depending on the configuration of the cookie. This cookie automatically identifies your computer to our servers when you visit our site. First party cookies are cookies that Chemonics uses related to the functionality of the website or platform. Third party cookies are those that someone else other than Chemonics sets on your browser. Chemonics does not use third party cookies on its platform unless the third party is contracted to Chemonics to provide a specific service. Chemonics does not generally collect personal data via cookies, however, we may connect cookie information to other personal data you provide to us for the purposes described in this Policy.
- Most Web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. You have the ability to accept or decline cookies. However, if you decline cookies you might not be able to use all functions offered on our website. If you choose to accept cookies, you also have the ability to later delete cookies.
- This website is using transient cookies and persistent cookies. Transient cookies, especially session-cookies, are automatically deleted when terminating your session on our website, e.g. when closing the browser window. Persistent cookies, however, remain stored even after you have left our website but they remain valid only for a specific period of time specified by the web server.
- This website may use flash-cookies via your flash-plug-in. Flash cookies are created if certain Flash objects are used on the website: things like Flash videos and Flash animations hosted on our servers. If we do not use such objects on our website, Flash cookies do not apply. Furthermore, we use HTML5 storage objects that will be stored on your end devices. These objects store necessary data independent from the browser you are using. They do not have automatic expiry date.
- If you do not wish the processing of flash-cookies you have to install an add-on-tool, e.g. “Better Privacy” for Mozilla FireFox or the adobe-flash-killer-cookie for Google Chrome.
- You can prevent the use of HTML5 storage objects by activating the private mode of your browser.
VII. Use of web analysis tools
1. Google Analytics
The information generated by such a cookie is transmitted and stored by Google to servers in the United States of America (US). If IP-anonymization is activated on our website, your IP-address will be abridged by Google within the EU territory and the European economic area. Google will use this information for the purpose of evaluating your use of our website, and will compile reports relating to website activity.
b) Google will not associate your IP address with any other data held by Google.
c) You can modify your browser setting to decline cookies. However, if you decline cookies you will not be able to use all functions offered on our website. Additionally, you can prevent Google from collecting and processing your data by downloading and installing: http://tools.google.com/dlpage/gaoptout?hl=de.
d) This website uses Google Analytics with the extension “_anonymizeIp()” so that IP-addresses are processed only for the specific purpose of optimizing your experience in using our website.
e) Chemonics’ use of Google cookies, is in our legitimate interest to process personal data by Google in the manner and for the purposes set out herein.
Once cookies are deleted, you will be presented a cookie usage message each time you visit Chemonics web pages and convenience features will no longer be available.
VIII. Chemonics International obtains contact details and other personal information regarding media contacts and influencers from a variety of sources including Cision. If you wish to know more about how such information is collected and used, please refer to Cision’s privacy notice at www.cision.com/us/legal/privacy-policy/.”
B. Use of Personal Data
I. Chemonics uses your personal data generally for the following purposes:
- Establishing and maintaining communications with you;
- Where you have requested a service from Chemonics, assisting you in the completion of your application, the assessment of your eligibility for any such requested service, the processing and maintenance of the service, as well as any applicable renewal of such service;
- Responding to your inquiries about applications, accounts and other services;
- Protecting against fraud, suspicious or other illegal activities; and
- Compiling statistics for analysis of our sites and our business.
II. Any information you submit through Chemonics’ websites will be processed in accordance with this Policy. Chemonics generally does not disclose individually identifiable information about its customers to any third party without first receiving that customer’s permission, or as otherwise permitted by this Policy. In no way will your personal data be used without a legal basis for such use Chemonics
III. In our normal course of business, we do not sell your personal data to anyone, nor do we use any information about you for market research or any other research that is shared outside of Chemonics. However, under certain circumstances outlined in this Policy, we may provide personal data to a third party as part of a business transaction.
IV. All marketing forms on our websites, targeted at GDPR-regulated countries, that send information to a database that may be used for future marketing or related efforts, e.g. mailing lists, webinar or event registration, etc., have check boxes where you specify whether or not you would like to receive information from us in the future. Information collected by such forms is deleted within 7 days unless the user consents to receive marketing emails from Chemonics.
If you are in the EU, you have the right to:
- access the personal data we hold about you, as required by Art.15 (1) GDPR
- have any inaccurate personal data about you rectified, as required by Art.16 GDPR
- confirmation as to whether or not we process your personal data in accordance with the purposes for which personal data is collected
- obtain a copy, in a commonly machine-readable format, of any personal data you provide to us, which e process under the legal basis of consent, Art.20 (1) GDPR
- object to processing of personal data when the processing is based on Chemonics’ legitimate interest pursuant to Article 6(1)(f) GDPR.
- where we have used consent as a basis for processing, withdraw your consent at any time and as easy as you gave your consent as required by Art.7 (3) GDPR
- have your personal data deleted from our files and data stores and those of third controllers involved (the right to be forgotten) where required by law.
- lodge a complaint with a supervisory authority, as required by Art.77
- to an effective judicial remedy against a legally binding decision of a supervisory authority concerning the data subject, as required by Art.78
Note that some of these rights are limited by other’s rights to data protection. For example, where access to your personal data would implicate another individuals personal data, or Chemonics’ proprietary trade secrets, we may deny your request. Should Chemonics deny your request to exercise any right, we will provide you our justification within 30 days of receipt of your request. In the event that you disagree with out reasons, you may contact the relevant supervisor authority as noted above.
D. Data Retention
Chemonics will not retain your personal data longer than is necessary to fulfill the purpose for which it was collected or as required by applicable laws, regulations, or applicable data retention policies. Note that should you feel that your personal data is being retained outside the scope of this Policy, you may request deletion of your personal data. Where we are required by law, we will delete your personal data after such a request.
E. Safeguarding of Information
Our employees, or anyone acting on our behalf, are required to protect the confidentiality of information and to comply with our written procedures, and are subject to disciplinary action if they fail to follow these procedures. We have established policies to maintain physical, electronic, and procedural safeguards to maintain the security and privacy of all client data and information. Our employees access information you store with us only upon your request to service and manage your account data and to monitor the information as it relates to your interaction with Chemonics.
Chemonics will release personal data to a non-affiliated third party where we are required to by law, or in the good-faith belief that such action is necessary in order to conform to the edicts of the law or comply with an official investigation by a law enforcement organization, including judicial and governmental agencies. Chemonics may provide transaction-related information to Government or private auditors for the purpose of inspecting or validating our business practices, accounting records or financial reports.
F. Local and International Transfer of Personal data
You should be aware that by using this and other Chemonics websites, and by using services and products provided by Chemonics, your personal data may be acquired into, processed in, or transferred to computer systems residing in the United States of America. By using this website, you agree that any of your personal data that is collected by this website may be managed in this way.
G. Former Clients
H. In the Event of Merger, Sale or Bankruptcy
In the event that Chemonics is acquired by or merged with a third party entity, we reserve the right, in any of these circumstances, to transfer or assign the information we have collected from our users as part of such merger, acquisition, sale, or other change of control. In the event that Chemonics experiences bankruptcy, insolvency, reorganization, receivership, or assignment for the benefit of creditors, or the application of laws or equitable principles affecting creditors’ rights generally, Chemonics may not be able to control how your personal data is treated, transferred, or used.
I. Policy Changes
When we post changes to this Statement, we will revise the “last updated” date at the bottom of this statement. If there are material changes to this Statement, or in how Chemonics will use your personal data, we will notify you either by posting a prominent notice on our website or by directly sending you a notification. If the change involves the use of your personally identifiable information, the notice will contain instructions on how you can opt-out of such use. We encourage you to periodically review this statement to be informed of how Chemonics is protecting your information.
J. Communication Preferences
You can stop the delivery of email communications from Chemonics by notifying us of your wish to do so, or by selecting the “unsubscribe” link that is provided. You may also proactively communicate your preferences regarding the receipt of email and phone calls by contacting Chemonics. These choices do not apply to the receipt of mandatory service communications, which you may receive periodically.
N. How to Contact Us
To access the information that we store about you or your organization, or for more information about Chemonics’ information practices and/or privacy statement, please contact us via any of the channels below:
Chemonics International Inc.
1717 H. St NW, Washington DC, 20006
You can also contact other controllers as applicable.
O. Legal Remedies
I. If you are an EU resident, and If you consider that the processing of personal data relating to you infringes your rights under GDPR, you have the right to lodge a complaint with the relevant supervisory authority without prejudice to any other administrative or non-judicial remedy, are required by GDPR Article 77.
You can approach any supervisory authority located in the Member State of your habitual residence, in the Member State of your place of work or place of the alleged infringement. The complaint is informal and without notice.
II. If you are an EU resident, without prejudice to any other administrative or non-judicial remedy, you have the right to an effective judicial remedy against a legally binding decision of a supervisory authority concerning you, GDPR Article 78. Proceedings against a supervisory authority shall be brought before the courts of the EU Member State where the supervisory authority is established. Furthermore, you have the right to an effective judicial remedy where the supervisory authority which is competent pursuant to Articles 55 and 56 GDPR does not handle a complaint or does not inform you within three months on the progress or outcome of the complaint lodged pursuant to GDPR Article 77.
III. If you are an EU resident, You have the right to an effective judicial remedy against a controller or a processor where you consider that your rights under GDPR have been infringed as a result of the processing of your personal data in non-compliance with GDPR. Proceedings shall be brought before the courts of the EU Member State where the controller or processor has an establishment. Alternatively, such proceedings may be brought before the courts of the Member State where you have your habitual residence.
The complaining party’s representative will notify the other party’s representative in writing of the Dispute, and the non-complaining party will exercise good faith efforts to resolve the matter as expeditiously as possible. In the event that such matter remains unresolved fourteen (14) days after the delivery of the complaining party’s written notice, the parties will confer in an effort to resolve the Dispute. If they are unable to reach a resolution of the Dispute, it will be resolved by binding arbitration in accordance with the terms of this dispute resolution section, except as otherwise set forth below. A party who fails or refuses to submit to arbitration following a lawful demand by any other party will bear all costs and expenses incurred in compelling arbitration of any Dispute. Arbitration proceedings will be administered by the American Arbitration Association (“AAA”). Arbitration will be conducted in accordance with the AAA Commercial Arbitration Rules. If there is any inconsistency between the terms hereof and any such rules, the terms herein will control. Arbitrators must be active members of the State Bar in the District of Columbia with expertise in the substantive laws applicable to the subject matter of the Dispute. The arbitration shall be in Washington, D.C.