Privacy Statement

Most recent revision date: June 6, 2018

This website collects personal information only if it is specific to the visitor’s purpose and voluntarily provided by the visitor. Such information may consist of, but is not limited to, your name, current job title, company address, and contact details such as email address, telephone numbers, organization’s website address and physical address. The website may collect other elements of personal information not listed here that will be described on the website at the time of collection.

As a visitor, you do not have to submit any personal information in order to use the website. However, you could be required to provide personal information if you choose to use certain features of the website, for example if you register interest in particular areas, attempt to gain access to specific content, register to attend a hosted event, and respond to a survey or request communications about specific areas of interest. In such cases, the information you submit may be used to manage your request; to manage our relationship with you; or to customise or improve this website.

In addition to personal information, we may collect other information from visitors using the following technologies:

  • Cookies. "Cookies" are small bits of information that the website places on the hard drive of your computer. Cookies remember information about a visitor’s activities on the website to make the visitor’s experience on the website more enjoyable and valuable by providing a customized experience and recognizing the visitor’s preferences. If you've chosen to disable cookies on your browser, some of the functionality of the website may be lost. Certain web pages or services provided by Kerry, require that cookies be enabled in your browser and cannot be used when you have disabled cookies in your browser.
  • Web beacons or clear pixels. Web beacons are small graphic images on a web page or in an email that can be used for such things as recording the pages and advertisements that you select, or tracking the performance of email marketing campaigns.
  • Web server logs. Web server logs are records of activity created by the computer that delivers the web pages you request to your browser. For example, a web server log may record the search term you entered or the link you clicked to bring you to the web page. The web server log also may record information about your browser, such as your IP address and the cookies set on your browser by the server.

Note that you can set your browser to refuse all or some cookies, or to alert you when cookies are being sent. To learn how you can manage your cookie settings, visit the Flash player settings page on Adobe’s website. To learn more about how Kerry uses cookies, please visit our Cookies Policy.

We do not collect sensitive information (e.g. data relating to race or ethnic origin, religious beliefs or sexual orientation) from visitors. The information that we gather is only used for the purposes of enhancing the information and services that we provide to you. Any new information you provide to us may be used to update existing records that we hold for you.

How Kerry Group plc uses your information

We use the information we receive from you, together with information we have obtained in the course of our relationship with you (e.g. site browsing, user account registration, online seminar attendance, etc.) to provide information, goods and/or services that you request, to communicate with you, and to personalise information sent to you and for other purposes specified in this Privacy Statement. We may use your personal information for marketing purposes, or to send you promotional materials or communications regarding products or services provided by us that we believe may be of interest to you. Examples of how we may personalise information include using your information in newsletter distribution, special offer notifications or product updates that you have registered interest in.

We may use your information (and contact details) for market research and analysis in order to evaluate, assess and improve the products and services we provide, and to identify trends and popular products and services. This may include contacting you to take part in customer satisfaction and feedback surveys. We may also use the information we collect to occasionally notify you about important functionality changes to the website.

Kerry also participates in behavioral based advertising. This means that a third party may use technology (e.g., a cookie) to collect information about your use of the website so that they can provide advertising about products and services tailored to your interests. This advertising may appear either on the website, or on other sites.

How Kerry Group plc shares your information

Kerry may disclose personal information collected from visitors to its parent, subsidiary, and other related companies, and its trusted affiliates. In limited circumstances, Kerry may share your personal information with our suppliers, contractors, and agents who perform functions on our behalf, or in connection with services offered by Kerry or to meet a request made by you. There may be instances when Kerry may disclose personal information without providing you with a choice in order to protect the legal rights of Kerry; to protect the safety and security of other visitors of the website; to protect against fraud or for risk management purposes; or to comply with legal or regulatory obligations or requests. In addition, if Kerry sells all or part of its business or makes a sale or transfer of assets or is otherwise involved in a merger or business transfer, you agree that Kerry may transfer your personal information to a third party as part of that transaction.

In addition, Kerry may disclose personal information to third parties to market their products or services to you if you have consented to/not opted out of these disclosures. Kerry contractually requires these third parties to keep personal information confidential and use it only for the purposes for which Kerry discloses it to them.

Opt-Out

You may at any time request that we discontinue sending you promotional emails generated in response to your registration on this website.

You can opt-out of receiving promotional updates or marketing information from us by submitting a request to data.protection@kerry.com.

Additionally each time you receive a promotional message or email information from us you have the option to ‘unsubscribe’ from our contact lists. This will ensure that your contact details are deactivated on our mailing lists.

Access to your information

Visitors who would like to request a copy of their personal information stored by Kerry Group plc should request access by submitting a request to data.protection@kerry.com. We will treat requests to access information or change information in accordance with applicable legal requirements.

Changes to our Privacy Statement

We may modify or amend this Privacy Statement from time to time at our discretion. When we make changes to this statement, we will amend the revision date at the top of this page. We encourage you to periodically review this Privacy Statement to be informed about how we are protecting your information.

Security

We use reasonable measures to help prevent personal information from becoming disclosed to individuals who are not described in this Privacy Statement. While Kerry attempts to protect the information in our possession, no security system is perfect and Kerry cannot promise that information about you will remain secure in all circumstances.

Additional Information

Children. The website is not directed at children under the 13 years of age. Kerry does not knowingly collect personally identifiable information from children under 13 years of age.

International Operations. Kerry is based, and this website is hosted, in the United States of America. If you are from a country outside of the United States of America with laws governing data collection and use that may differ from U.S. law and you provide personal information to Kerry, please note that any personal information that you provide to Kerry may be transferred to the United States of America. By providing your personal information, you hereby specifically and expressly consent to such transfer and processing and the uses and disclosures set forth herein or in the Kerry Terms of Service related to the use of and access to the website.

Other Websites. This Privacy Statement does not apply to sites or applications offered by other companies or individuals, including third party products and services, that may be displayed as content in a search on the website. Kerry encourages you to read the privacy policy of any third party site or applications before transmitting personal information.

Other Contractual Relationships. If you enter into a separate contractual relationship with Kerry which requires, or contemplates, collecting, using, or sharing information about you in a manner that is different than that which is described in this Privacy Statement, the terms of that agreement will apply.

Notice to California Residents. Under California Civil Code sections 1798.83-1798.84, California residents who have an established business relationship with Kerry are entitled to ask Kerry for a notice describing what categories of personal customer information we share with third parties for their direct marketing purposes. This notice will identify the categories of information shared with and will include a list of the third parties with which it is shared, along with their names and addresses. If you are a California resident and would like a copy of this notice, please submit a written request to data.protection@kerry.com.

Do Not Track. Some browsers and devices permit you to broadcast a preference that you not be “tracked” online. At this time Kerry does not modify your experience based upon whether such a signal is broadcast.

Kerry Group Data Protection Policy

Information on who we are

Kerry Group plc is committed to protecting the privacy and security of your personal data.

Kerry Group plc (“Kerry Group”), a public company incorporated in Ireland with a registered office address at Prince’s Street, Tralee, County Kerry, is responsible for any personal data collected when anyone avails of services from and purchasing the products of Kerry Group (including online).

The Kerry Group website is one of our primary channels of communication providing information on our programmes and services.

Kerry Group is a data controller. This means that we are responsible for deciding how we hold and use personal data about you.

This Data Protection Policy describes how we collect and use personal data about you in accordance with Data Protection Law.

Data Protection Law means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (referred to as “GDPR”) and any applicable national legislation implementing the GDPR or otherwise related to the processing of personal data, which may be amended or replaced from time to time.

From 25 May 2018 existing data protection law will be amended and we will have enhanced accountability and transparency obligations concerning your personal data.

It is important that you read this Data Protection Policy so that you are aware of how and why we are using your information.

Data Protection Officer

We have appointed a data protection officer to oversee compliance with this Data Protection Policy. If you have any questions about this Data Protection Policy or how we handle your personal information, please contact Data Protection Officer at Kerry Global Technology & Innovation Centre, Millennium Park, Naas, Co. Kildare, Ireland or by emailing to data.protection@kerry.com.

The kind of information we hold about you

Personal data means any information about an individual from which that person can be identified. It does not include anonymous data i.e. data from which you cannot be identified.

There are special categories of more sensitive personal data which require a higher level of protection.

When you avail of our services or purchase products from Kerry Group, we may collect, store, and use the following categories of personal data about you:

  • Identity Data – details such as first name, maiden name, last name, username or similar identifier, marital status, title, date of birth and gender.
  • Contact Data – name, title, addresses, telephone numbers, and business and personal email addresses.
  • Profile Data – your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses.
  • Financial Data – where you make payments to Kerry Group, we will collect the IBAN, BIC and the name of your bank/building society or your credit card details where relevant.
  • Transaction Data – details about payments to and from you and other details of products and services you have purchased from us.
  • Marketing and Communications Data – data on your preferences in receiving marketing from us and our third parties and your communication preferences.
  • Interaction and Usage Data – when you interact with us we will record details of those interactions (for example, phone calls, e-mail correspondence and hard copy correspondence as well as information on how you use our website, products and services). If you make a complaint we will process details concerning that complaint.
  • Mandatory Data – data that is mandatory for us to collect to comply with certain legal and regulatory obligations that apply to our business such as our health and safety obligations
  • Sensitive Data – information about your health, including any medical condition, where you disclose those details to us so that we can accommodate any special needs you may have when you avail of our services including to comply with our obligations under the equality legislation.
  • Technical Data – such data would include internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
  • CCTV Data – personal data on CCTV footage recorded for security and health and safety purposes.

How is your personal information collected?

We collect personal data through our interactions with you, when you avail of our services or purchase our products and when you complete our administrative forms in hard copy or on-line for our services and products.

We use different methods to collect data from and about you including through:

  • Direct interactions. You may give us your Identity, Contact, Financial, Interaction and Usage Data by filling in forms, using our website or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:
  • apply for our products or services;
  • reate an account on our website;
  • subscribe to our service or publications;
  • request marketing to be sent to you;
  • enter a competition, promotion or survey; or
  • give us feedback.
  • Contact, Financial and Transaction Data from providers of technical, payment and delivery services based inside or outside the EU.
  • Identity and Contact Data from data brokers or aggregators based inside or outside the EU.
  • Identity and Contact Data from publicly availably sources such as the Companies Registration Office.
  • Automated technologies or interactions. As you interact with our website, we may automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, server logs and other similar technologies. Please see ourcookie policy for further details.
  • Third parties or publicly available sources. We may receive personal data about you from various third parties and public sources as set out below:

Technical Data from the following parties:

- analytics providers such as Google based inside or outside the EU;

- advertising networks based inside or outside the EU; and

- search information providers based inside or outside the EU.

How we use your personal information

We will only use your personal data when the law allows us to.

We need to process your personal data primarily to allow us to perform our contract with you and to enable us to comply with our legal obligations. In some cases we may use your personal data to pursue legitimate interests of our own or those of third parties, provided your interests and fundamental rights do not override those interests.

We may also use your personal information where we need to protect your interests (or someone else's interests) or where it is needed in the public interest.

Purpose/Activity

Possible Lawful basis for processing including basis of legitimate interest

To register you as a new customer

Performance of a contract with you

To process and deliver your order including:

(a) Manage payments, fees and charges

(b) Collect and recover money owed to us

(a) Performance of a contract with you

(b) Necessary for our legitimate interests (to recover debts due to us)

To manage our relationship with you which will include:

(a) Notifying you about changes to our terms or privacy policy

(b) Asking you to leave a review or take a survey

(a) Performance of a contract with you

(b) Necessary to comply with a legal obligation

(c) Necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services)

To enable you to partake in a prize draw, competition or complete a survey

(a) Performance of a contract with you

(b) Necessary for our legitimate interests (to study how customers use our products/services, to develop them and grow our business)

To administer and protect our business and website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)

(a) Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise)

(b) Necessary to comply with a legal obligation

To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you

Necessary for our legitimate interests (to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy)

To market and make suggestions and recommendations to you about goods or services that may be of interest to you

(a) Where you have consented to receive such marketing communications

(b) Necessary for our legitimate interests (to develop our products/services and grow our business)

To use data analytics to improve our website, products/services, marketing, customer relationships and experiences

Necessary for our legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy)

If you fail to provide personal information

If you fail to provide certain data when requested, we may not be able to enter into or perform our contract with you or provide you with our services.

Where we require your personal data to enter into a contract and to provide you with our services, we will make this clear.

Change of purpose

If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so unless this is otherwise required or permitted by law (in which case we may process your personal data without your knowledge or consent).

How we use particularly sensitive personal information

Special categories of particularly sensitive personal data require higher levels of protection.

We may process special categories of personal data where we need to carry out our legal obligations or where it is needed in the public interest

Less commonly, we may process this type of data where it is needed in relation to legal claims or where it is needed to protect your interests (or someone else's interests) and you are not capable of giving your consent, or where you have already made the information public.

We will use information about your physical or mental health, or disability status, to ensure your health and safety when you are availing of our services and to ensure that we comply with the equality legislation.

Automated decision-making

Automated decision-making takes place when an electronic system uses personal information to make a decision without human intervention.

You will not be subject to decisions that will have a significant impact on you based solely on automated decision-making, unless we have a lawful basis for doing so and we have notified you.

Marketing

We may contact you by mail, email and telephone and social media about our products and services and other events which might be of interest to you.

You may receive marketing communications from us if:

a. you have requested to receive or consented to the receipt of information from us; or

b. purchased goods or services from us (and our marketing communications will only be in relation to similar goods or services); or

c. it is in our legitimate interest,

and, in each case, you have not opted out of receiving the marketing communications.

You will only receive electronic marketing communications under (b) above where such products or services were purchased by you prior to the receipt of the communication.

You have the right to ask us to stop processing your personal data for direct marketing purposes. If you wish to exercise this right, please send us an email to data.protection@kerry.com.

Data sharing

We will share your personal data with third parties where required by law, where it is necessary to perform our contract with you or where we have another legitimate interest in doing so.

We will share your data with trusted third-party service providers. We may also share your personal data with other third parties, for example, in the context of a transfer of our statutory functions or with a regulator or to otherwise comply with the law.

We require third parties to respect the security of your data and to treat it in accordance with the law.

All our third-party service providers are required to take appropriate security measures to protect your personal data. We do not allow our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions.

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

We have also put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

Transferring information outside the EU

We may transfer the personal data we collect about you outside the European Economic Area (EEA) where a trusted service provider is based outside of the EEA. We will always take steps to ensure that any transfer of your information outside of the EEA is carefully managed to protect your privacy rights.

Data retention

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

In some circumstances we may anonymise your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you.

Rights of access, correction, erasure, and restriction

Your duty to inform us of changes

It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes.

Your rights in connection with personal information

Under certain circumstances, by law you have the right to:

• Request access to your personal information.

• Request correction of the personal information that we hold about you.

• Request erasure of your personal information.

• Object to processing of your personal information.

• Request the restriction of processing of your personal information.

• Request the transfer of your personal information to another party.

If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal data, or request that we transfer a copy of your personal information to another party, please contact Data Protection Officer in writing at Kerry Global Technology & Innovation Centre, Millennium Park, Naas, Co. Kildare, Ireland or by emailing to data.protection@kerry.com.

You will not have to pay a fee to access your personal information (or to exercise any of the other rights).

However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.

We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.

Right to withdraw consent

In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please contact Data Protection Officer at Kerry Global Technology & Innovation Centre, Millennium Park, Naas, Co. Kildare, Ireland or by emailing to data.protection@kerry.com. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.

Complaints

You have the right to make a complaint at any time to the Data Protection Commission, the Irish supervisory authority for data protection issues. The Data Protection Commission can be contacted at the Office of the Data Protection Commissioner. Canal House, Station Road, Portarlington, Co. Laois, R32 AP23, Ireland or by e-mailing info@dataprotection.ie.

Changes to this Data Protection Policy

We reserve the right to update this Data Protection Policy at any time. We may also notify you in other ways from time to time about the processing of your personal information.

If you have any questions about this Data Protection Policy, please contact Data Protection Officer at Kerry Global Technology & Innovation Centre, Millennium Park, Naas, Co. Kildare, Ireland or by emailing to data.protection@kerry.com.

Further Information

If you have any questions or concerns regarding your privacy while using this website, please contact Kerry Group plc by sending an email to data.protection@kerry.com. If Kerry needs, or is required, to contact you concerning any event that involves information about you we may do so by email, telephone, or mail.