GDPR PRIVACY STATEMENT

Last date of revision: 01.11.2018

  1. Who DOES this GDPR privacy statement apply to?

1.1          Biorigin group (“Biorigin” or “We”) is a multi-national company which produces natural ingredients for human and animal nutrition. Biorigin is a business unit of the Zilor group.

1.2          Biorigin operates and manages a network of offices in strategic locations across America and Europe. Our group consists of several companies (“the Biorigin Companies”) that may process personal data:

Açucareira Quatá S.A. (Rua XV de Novembro, 865 18680-900 Lencois Paulista – São Paulo, Brazil)

Usina Barra Grande de Lencois AS (Rua XV de Novembro, 865 18680-900 Lencois Paulista – São Paulo, Brazil)

            Acucareira Zillo Lorenzetti SA (Rua XV de Novembro, 865 18680-900 Lencois Paulista – São Paulo, Brazil)

            Companhia Agricola Quata (Rua XV de Novembro, 865 18680-900 Lencois Paulista – São Paulo, Brazil)

Biorigin Europe NV (Appelmansstraat 12, 2018 Antwerpen, Belgium)

PTX Food Corp (8340 Cane Run Road Louisville, KY 40258)

1.3          This GDPR Privacy Statement applies to the processing of personal data:

Ø  by all Biorigin companies established in the European Union, regardless of whether the processing takes place in the Union or not;

Ø  by all Biorigin companies established outside the European Union, insofar as they process personal data of data subjects who are in the Union in the framework of:

  • the offering of goods or services to such data subjects in the Union;

  • the monitoring of their behaviour as far as their behaviour takes place within the Union.

1.4          All Biorigin Companies are separate and independent legal entities. Depending on the processing activity in the context of which your personal data are processed, they may be qualified as a separate data controller, a processor or a joint controller with one or more of the other Biorigin Companies. None of the Biorigin companies have any liability for the other Biorigin Companies’ acts or omissions.

1.5          We want to be a great company. In order to achieve that goal we are committed to work in the right way. We are committed to protect your privacy and to process your personal data in an open and transparent manner, in particular with respect of the General Data Protection Regulation 2016/679 of 27 April 2016 (“GDPR”).

1.6          Please follow the links below for further information. Where relevant, we have made a distinction between:

-       website visitors;

-       (contact persons) of suppliers, customers and prospects, or any other individuals whose data are processed in the framework of our business activities.

What is covered by this GDPR Privacy Statement?

Why we use your data

  • I am a website visitor

  • I am (a contact person of) a supplier, a customer, a prospect or any other individual whose personal data are processed (e.g. a visitor, a business contact etc.)

The legal grounds for processing your data

  • I am a website visitor

  • I am (a contact person of) a supplier, a customer, a prospect or any other individual whose personal data are processed (e.g. a visitor, a business contact etc.)

Your rights

How we obtain data

  • I am a website visitor

  • I am (a contact person of) a supplier, a customer, a prospect or any other individual whose personal data are processed (e.g. a visitor, a business contact etc.)

Data we collect

  • I am a website visitor

  • I am (a contact person of) a supplier, a customer, a prospect or any other individual whose personal data are processed (e.g. a visitor, a business contact etc.)

Disclosures

Cookies

Security of your data

Data retention

  • I am a website visitor

  • I am (a contact person of) a supplier, a customer, a prospect or any other individual whose personal data are processed (e.g. a visitor, a business contact etc.)

Automated decision-making

How to contact us?

Changes to this policy

  1. What is covered by this GDPR Privacy STATEMENT?

2.1          With this GDPR Privacy Statement we would like to inform you about why and how we process your personal data when we perform our business activities or when you use our website (“the Site”) and any of the services we offer through the Sites, who we give that information to, what your rights are and who you can contact for more information or queries.

2.2          When we refer to “the Site”, we mean the webpages with a URL commencing https://www.biorigin.net/.

However, by way of derogation, this GDPR Privacy Statement does not apply to webpages on the “Work with us” section of the Site allowing you to apply for job openings (http://site.vagas.com.br/zilor_english). These webpages are subject to our separate Privacy Notice for job applicants: [link to the online Privacy Notice for job applicants].

2.3       The Sites may link to other sites provided by other affiliated companies entities or by third parties. Whilst we try to link only to sites that share our high standards and respect for privacy, we are not responsible for the content or the privacy practices of other websites.

            When linking to any such sites, we strongly recommend you to review the GDPR Privacy Statements on these sites, before disclosing any personal information.

  1. Why we use your data

3.1          I AM A WEBSITE VISITOR

3.1.1      We only process your personal data for legitimate business reasons. These purposes include, but are not limited to:

  • dealing with enquiries, requests and complaints;

  • gathering statistics about the use of the Site (“web audience measuring”);

  • improving the Site’s performance and design.

3.2          I AM (A CONTACT PERSON OF) A SUPPLIER, A CUSTOMER OR A PROSPECT OR ANY OTHER INDIVIDUAL WHOSE PERSONAL DATA ARE PROCESSED (E.G. A VISITOR, A BUSINESS CONTACT ETC.)

3.2.1      We only process your personal data for legitimate business reasons. These purposes include, but are not limited to:

  • respecting our legal obligations;

  • customer and supplier management;

  • visitor management;

  • order and supply management;

  • invoicing and accounting;

  • the provision of information on our company, services and activities;

  • the good organisation of our services (such as day-to-day business communication);

  • marketing and sales;

  • dealing with enquiries, requests and complaints;

  • dispute management;

  • public relations and press contacts;

  • statistics and market research;

  • access control;

  • security;

  • health and safety (QHSE).

  1. The legal grounds for processing your data

4.1          I AM A WEBSITE VISITOR

4.1.1      Before using Google Analytics cookies to gather statistics about the visits to the Site, we will always ask your explicit consent.

4.2          I AM (A CONTACT PERSON OF) A SUPPLIER, A CUSTOMER OR A PROSPECT OR ANY OTHER INDIVIDUAL WHOSE PERSONAL DATA ARE PROCESSED (E.G. A VISITOR, A BUSINESS CONTACT ETC.)

4.3          We process your personal data for the purposes mentioned above:

-  when necessary for the performance of contracts to which you are party or in order to take steps at your request prior to entering into a contract;

-  when necessary for compliance with our legal obligations;

-  for the purposes of the legitimate interests of the Company and/or of a third party, including (but not limited to) our business activities, customer and supplier management etc. In this respect, we will always determine case by case whether our interests are not overridden by your interests, fundamental rights and freedoms.

4.3.1      If we have the legal obligation to obtain your free, informed, specific and unambiguous consent to process your personal data for certain purposes (e.g. specific direct marketing or market research activities), we will only process your data for such purposes to the extent that we have obtained such consent from you.

  1. Your Rights

5.1          You have several rights concerning the information we hold about you. We would like to inform you that you have the right to:

  • obtain confirmation that we are processing your personal data and request a copy of the personal data we hold about you;

  • ask that we update the personal data we hold about you, or correct such personal data that you think is incorrect or incomplete;

  • ask that we delete personal data that we hold about you, or restrict the way in which we use such personal data if you believe that there is no (longer a) lawful ground for us to process it;

  • withdraw consent to our processing of your personal data (to the extent such processing is based on consent);

  • receive a copy of the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and to transmit such personal data to another party (to the extent the processing is based on consent or a contract);

  • object to our processing of your personal data for which we use legitimate interest as a legal basis, in which case we will cease the processing unless we have compelling legitimate grounds for the processing.

You have also the right to object at any time to the processing of personal data for direct marketing. If you do not want to continue receiving any direct marketing from us, you can contact us (see below) or click on the unsubscribe function in any such communication. In that event, the personal data shall no longer be processed for such purposes.

5.2          In order to exercise any of your rights, you can send us a request, indicating the right you wish to exercise:

This email address is being protected from spambots. You need JavaScript enabled to view it.

You may also use these contact details if you wish to make a complaint to us relating to your privacy.

5.3          If you are unhappy with the way we have handled your personal data or any privacy query or request that you have raised with us, you have a right to complain to the Data Protection Authority (“DPA”) in your jurisdiction. If you would like to be directed to the appropriate DPA, please contact us.

  1. How we obtain DATA

6.1          I AM A WEBSITE VISITOR

6.1.1      We may obtain your personal data when you use the Site and its services. This may be for instance the case when you fill in the contact form on the Site.

6.1.2      With your consent, this Sites also uses cookies to gather statistics about the visits to the Site in order to improve its performance and design. For more information about the cookies we use and how you can control them, please consult the cookie section.

6.2          I AM (A CONTACT PERSON OF) A SUPPLIER, A CUSTOMER OR A PROSPECT OR ANY OTHER INDIVIDUAL WHOSE PERSONAL DATA ARE PROCESSED (E.G. A VISITOR, A BUSINESS CONTACT ETC.)

6.2.1      We may obtain you personal data in the framework of the execution of our business activities.

6.2.2      We may obtain such personal data because you give them to us (e.g. by contacting us, by completing online forms, ...), because others give them to us (e.g. your employer or third party service providers that we use in the framework of our business activities) or because they are publicly available. 

6.3          When we obtain personal data from external parties, we make reasonable efforts to enter into contractual clauses with these parties obliging them to respect the data protection legislation. This can be done by obliging this party to provide you with all necessary information or - if necessary - to obtain your consent for processing the personal data as described in this GDPR Privacy Statement.

  1. Data we collect

7.1          I AM A WEBSITE VISITOR

7.1.1      With your consent, this Sites uses cookies to gather statistics about the visits to the Site in order to improve its performance and design. For more information about the cookies we use and how you can control them, please consult the cookie section.

7.2          I AM (A CONTACT PERSON OF) A SUPPLIER, A CUSTOMER OR A PROSPECT OR ANY OTHER INDIVIDUAL WHOSE PERSONAL DATA ARE PROCESSED (E.G. A VISITOR, A BUSINESS CONTACT ETC.)

7.2.1      The personal data that we collect or obtain may, among other things, include:

-       Identification data (e.g. name, address (private/work), phone number (private / work), e-mail address (private / work), country of residence), national identification number, passports etc.

-       electronic identification data (e.g. IP addresses, browser type, cookie identifiers, ...);

-       personal characteristics (e.g. age, gender, date of birth, place of birth, nationality, language, family composition, hobby’s etc.);

-       financial specifics (e.g. bank account number, creditworthiness...);

-       life style and social circumstances;

-       family circumstances (e.g. marital status);

-       employment and educational data (e.g. organization you work for, job title, current responsibilities, projects, qualifications, trainings, work scheme...);

-       data about which products and services you order;

-       camera surveillance records;

-       data about how you interact with us (e.g. when you contact us) and other similar information

  1. Disclosures

8.1          We may disclose your personal data to affiliated companies, third parties that provide services to us that reasonably require access to personal data relating to you for one or more of the purposes outlined in the “Why we use your data” section above. The following external parties may for instance be involved:

- external service providers we rely on for various business services;
- law enforcement authorities in accordance with the relevant legislation
- external professional advisors (e.g. attorneys or consultants of the company).

If our business enters into a joint venture with or is sold to or merged with another business entity, your information may be disclosed to our new business partners or owners.

Please note that some of the recipients of your personal data referenced above may be based in countries outside of the European Economic Area whose laws may not provide the same level of data protection. As Biorigin has entities seated in Brazil and the USA, your data may be accessible from these countries. For this purpose all Biorigin affiliates have concluded an intra-group agreement including standard contractual clauses in the sense of article 46 (c) of the GDPR.

8.2          In general, we will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this GDPR Privacy Statement.

We reserve the right to disclose your personal information as required by law, or when we believe that disclosure is necessary to protect our rights and/or comply with a judicial proceeding, court order, request from a regulator or any other legal process served on us.

9.            COOKIES

9.1          This Site uses Cookies. Cookies are small text files that are stored by your browser onto your computer or mobile device when you visit this Site.

They are used to provide you with a good experience when you browse this Site and allow us to improve this Site. With your consent, they can also be used to personalise the content of this Site based on your previous browsing behaviour and to gather statistics in order to improve this Site.

You can find more information about cookies by visiting the following website: www.allaboutcookies.org.  

9.2          Cookies can be categorized according to the following characteristics:

9.2.1      Whether they are “session cookies” or “persistent cookies”:

o        Session cookies

A session cookie is used each time you visit our website to give you a session ID.  We use this type of cookie to link your actions on our website and each session cookie will only last for a browser session, at the end of which it will expire.  Each browser session will start when you open your browser window and finish when you close your browser window.  After your visit to our website all session cookies are deleted.  Each time you visit our website you will have a different session ID.

o        Persistent cookies

A persistent cookie allows the preferences or actions of the user across a site (or across different sites) to be remembered.  It has a longer lifetime than a session cookie and lasts for the period of time specified in the cookie (this will vary from cookie to cookie).  This type of cookie will not be deleted when you close your browser window and will be stored on your computer or mobile device.  It will be activated every time you visit a website which created that particular persistent cookie.

9.2.2      Whether they are “first party cookies” or “third party cookies”:

  • First party cookies

A first party cookie is a cookie set by us or any of our processors.

  • Third party cookies

A third party cookie is a cookie set by a data controller that does not operate this site.

Please note that we do not have access or control over the cookies placed on this Site by third parties and use of their cookies is subject to their own privacy policies. 

9.3          Only the following category of cookies is used on our website:

o        Analytical cookies

-                      Why do we use analytical cookies?

These cookies are used to gather statistics about your visit to this Site in order to improve its performance and design (“web audience measuring”). For example, analytical cookies will show us which are the most frequently visited pages on our website, help us record any difficulties you have with our website and show us whether our advertising is effective or not.

-                      Does it concern first party or third party cookies?

9.3.1      The analytical cookies on this Sites are provided by a third-party analytics tool provider, namely Google Analytics of Google Inc, PHP Language and Microsoft ASP.NET. And the information obtained through these cookies will be disclosed to or collected directly by this provider. For more information about Google Analytic’s cookie practices, please click on this link: Google Analytics, about PHP cookie, please click on this link: PHP.net, and about Microsoft ASP.NET cookie, please click on this link: Microsoft ASP.NET. What analytical cookies do we use on this Site?

The table below explains the Google Analytics cookies we use and why we use them:

Cookie name

Expiry date

Description and function

_utma

2 years from set/update

This cookie is used to distinguish users and sessions. The cookie is updated every time data is sent to Google Analytics.

_utmb

30 mins from set/update

This cookie is used to determine new sessions/visits. The cookie is updated every time data is sent to Google Analytics.

_utmc

End of browser session

This cookie operates in conjunction with the __utmb cookie to determine whether the user is in a new session/visit.

_utmt

10 minutes after your visit

This cookie is used to throttle the request rate.

_utmv

2 years from set/update

This cookie is used to store visitor-level custom variable data. The cookie is updated every time data is sent to Google Analytics.

_utmz

6 months from set/update

This cookie stores the traffic source or campaign that explains how you reach our site. The cookie is updated every time data is sent to Google Analytics..

The table below explains the PHP.net cookies we use and why we use them:

Cookie name

Expiry date

Description and function

PHPSESSID

End of browser session

This cookie is used to distinguish users and sessions, distinguish the correct web page language and the correct page to be showed due to the user web browser.

The table below explains the Microsoft ASP.NET cookies we use and why we use them:

Cookie name

Expiry date

Description and function

ASPSESSIONID

End of browser session

This cookie is used to distinguish users and sessions, distinguish the correct web page language and the correct page to be showed due to the user web browser.

9.3.2      Acceptance and rejection of Google Analytics

When visiting this Site, you will be asked to accept the use of cookies for gathering statistics about your visit to this Site (i.e. analytical cookies provided by Google Analytics) via the cookie header banner. You can easily accept or reject these cookies by ticking the “Analytics” box or by leaving this box blank, and by clicking on “OK”.

You can easily opt-out and prevent your data from being used by Google Analytics. This can be done by installing the Google Analytics opt-out browser add-on. Alternatively, you can always adjust the corresponding settings in your browser software to prevent the use of Google Analytics cookies.

9.4          You can enable, disable and/or delete cookies as you wish. You can delete all cookies that are already on your device and you can set most browsers to prevent them from being placed.

The ability to enable, disable and/or delete cookies can be completed at browser level. These settings are usually found in the “options” or “preferences” menu of you internet browser. In order to understand these settings, the following links may be helpful. Otherwise you should use the “Help” option in your internet browser for more details:

10.1        Your data are stored on local Biorigin’ owned servers. We employ strict technical and organizational (security) measures to protect your information from access by unauthorised persons and against unlawful processing, accidental loss, destruction and damage both online and offline.

These measures include:

  • training to relevant staff to ensure they are aware of our privacy obligations when handling personal data;

  • administrative and technical controls to restrict access to personal data on a ‘need to know’ basis (passwords);

  • technological security measures, including fire walls, encryption and anti-virus software;

  • login access blocks in case of loss or theft of devices ;

  • physical security measures, such as staff security badges to access our premises.

10.2        Although we use appropriate security measures once we have received your personal data, the transmission of data - especially over the internet (including by e-mail) - is never completely secure. We endeavor to protect personal data, but we cannot guarantee the security of data transmitted to us or by us.

We limit access to your personal information to those who we believe reasonably need to come into contact with that information in order to carry out their jobs.

  1. data retention

11.1        I AM A WEBSITE VISITOR

11.1.1    Your personal data will not be retained longer than necessary for the purposes described above.

11.1.2    As a general rule, personal data obtained through the contact form on our website are stored for a period of 5 years.

Depending on the specific situation and the applicable national legislation, we may however retain your personal data for a longer period. This will in particular be the case if any of the following periods is longer : (i) as long as is necessary for our daily business; (ii) any retention period that is required by law; or (iii) the end of the period in which litigation or investigations might arise.

11.1.3    For more information about the expiry dates of the cookies used on this Site, please consult the cookie section.

11.2        I AM (A CONTACT PERSON OF) A SUPPLIER, A CUSTOMER OR A PROSPECT OR ANY OTHER INDIVIDUAL WHOSE PERSONAL DATA ARE PROCESSED (E.G. A VISITOR, A BUSINESS CONTACT ETC.)

11.2.1    Your personal data will not be retained longer than necessary for the purposes described above.

11.3        As a general rule, records in the framework of our business activities that may contain personal data (e.g. contracts, orders, correspondance etc.) are stored for a period of 10 years.


Personal data processed for direct marketing purposes, are however stored for a period of 7 years as from the last contact with the individual concerned. If you have become a customer during this period, we may however retain your personal data for a longer period, namely 10 years as from the delivery of the products or services, or as from the latest contact with Biorigin (if this contact would take place at a later date).

11.4        Depending on the specific situation and the applicable national legislation, we may however retain your personal data for a longer period. This will in particular be the case if any of the following periods is longer : (i) as long as is necessary for our daily business; (ii) any retention period that is required by law; or (iii) the end of the period in which litigation or investigations might arise.

  1. Automated Decision-making

12.1        Automated decisions are defined as decisions about individuals that are based solely on the automated processing of data and that produce legal effects that significantly affect the individuals involved.

12.2        As a rule, your personal data will not be used for automated decision-making. We do not base any decisions about you solely on automated processing of your personal data.

  1. How to contact us?

13.1        We hope that this GDPR Privacy Statement helps you understand, and feel more confident about, the way we process your data. If you have any further queries about this GDPR Privacy Statement and this Site in general, please contact us: 

This email address is being protected from spambots. You need JavaScript enabled to view it.

  1. CHANGES TO this GDPR PRIVACY STATEMENT

14.1        We may modify or amend this GDPR Privacy Statement from time to time. Any changes we may make to this GDPR Privacy Statement in the future will be posted on this page. To let you know when we make changes to this GDPR Privacy Statement, we will amend the revision date at the top of this page. The new modified or amended GDPR Privacy Statement will apply from that revision date. Please check back periodically to see changes and additions.

If we are in the possession of your e-mail address and we are still processing your personal data, we will also inform you electronically about all changes to this GDPR Privacy Statement.