Last updated on May 2018
Scope of this notice
Please read this privacy notice (“Notice”) carefully to understand our policies and practices regarding your Personal Data and how we will treat it. This Notice applies to individuals who interact with MHP SE and its affiliated companies (“you”). This Notice explains how your Personal Data is collected, used, and disclosed by MHP SE and its affiliated companies (“We”, “Us”). It also tells you how you can access and update your Personal Data and make certain choices about how your Personal Data is used.
This Notice covers both our online and offline data collection activities, including Personal Data that We collect through our websites, social media, and during establishing business relations with You. Please note that We might aggregate personal data from different sources (website, offline event) and across different devices.
If you do not provide necessary Personal Data to us (We will indicate to you when this is the case), We may not be able to provide you with our goods and/or services andor establish business relations with You. This Notice can change from time to time.
1. Sources of personal data
This Notice applies to Personal Data that We collect from or about you, through the methods described below from the following sources:
Websites. Our websites (“Websites”).
E-mail, text and other electronic messages. Interactions with electronic communications between you and Us.
Offline registration forms and other forms. Printed or digital registration and similar forms that We collect via, for example, postal mail, in-store demos, contests and other promotions, or events or during compliance procedure.
Advertising interactions. Interactions with our advertisements (e.g., if you interact with on one of our ads on a third party website, we may receive information about that interaction).
Data from other sources. Third party social networks (e.g. such as Facebook, Google), market research (if feedback not provided on an anonymous basis), third party data aggregators, public sources and data received when we acquire other companies.
2. Personal data that we collect about you and how we collect it
Depending on how you interact with Us (online, offline, over the phone, etc.), We collect various types of information from you, as described below.
Personal contact information. This includes any information you provide to Us that would allow Us to contact you, such as your name, postal address, e-mail address, social network details, or phone number.
Account login information. Any information that is required to give you access to your specific account profile. Examples include your login ID/email address, screen name, password in unrecoverable form, and/or security question and answer.
Demographic information & interests. Any information that describes your demographic or behavioural characteristics. Examples include your date of birth, age or age range, gender, geographic location (e.g. postcode/zip code), favourite products, hobbies and interests, and household or lifestyle information.
Information from computer/mobile device. Any information about the computer system or other technological device that you use to access one of our Websites, such as the Internet protocol (IP) address used to connect your computer or device to the Internet, operating system type, and web browser type and version.
Market research & consumer feedback. Any information that you voluntarily share with Us about your experience of using our products and services.
Third party social network information. Any information that you share publicly on a third party social network or information that is part of your profile on a third party social network (such as Facebook) and that you allow the third party social network to share with Us. Examples include your basic account information (e.g. name, email address, gender, birthday, current city, profile picture, user ID, list of friends, etc.) and any other additional information or activities that you permit the third party social network to share.
Sensitive Personal Data. We do not seek to collect or otherwise process sensitive personal data in the ordinary course of our business. Where it becomes necessary to process your sensitive personal data for any reason, we rely on your prior express consent for any processing which is voluntary. If we process your sensitive personal data for other purposes, we rely on the following legal bases: (i) detection and prevention of crime (including the prevention of fraud); and (ii) compliance with applicable law.
Other information provided by You during our compliance procedure and establishing legal relations.
3. Cookies/similar technologies, log files
Cookies/Similar Technologies. Please see our Cookies Notice to learn how you can manage your cookie settings and for detailed information on the cookies We use and the purposes for which We use them.
Log Files. We might collect information in the form of log files that record website activity and gather statistics about your browsing habits. These entries are generated automatically, and help Us to troubleshoot errors, improve performance and maintain the security of our Websites.
4. Uses made of your personal data
The process Your Personal data for different purposes, and the different types of Personal Data that are collected for each purpose. Please note that not all of the uses below will be relevant to every individual.
We might use Your Personal data for the following purposes:
• Fulfillment of the compliance procedure and due diligence process of potential counterparty;
• Fulfillment of our contractual obligations with You;
• Consumer service purposes, including responding to your enquiries;
• Security purposes to provide You the possibility to visit our premises if required;
• Relationship of employment;
• Other general business purposes, such as conducting internal or market research and measuring the effectiveness of advertising campaigns etc.
5. Disclosure of your personal data
We might share your Personal Data with the following types of third party organizations:
Service providers. These are external companies that We use to help Us run our business (e.g. payment processing, fraud detection and identity verification, website operation, market research companies, support services, promotions, website development, data analysis, accounting etc.). Service providers, and their selected staff, are only allowed to access and use your Personal Data on Our behalf for the specific tasks that they have been requested to carry out, based on our instructions, and are required to keep your Personal Data confidential and secure.
Credit reporting agencies/debt collectors. To the extent permitted by applicable law, credit reporting agencies and debt collectors are external companies that We use to help Us to verify your creditworthiness (in particular for orders with invoice) or to collect outstanding invoices.
Third party recipients using Personal Data for legal reasons or due to merger/acquisition. We will disclose your Personal Data to third parties for legal reasons or in the context of an acquisition or a merger.
6. Retention of personal data
We take every reasonable step to ensure that your personal data is only processed for the minimum period necessary for the purposes set out in this Privacy Notice. The criteria for determining the retention period for your Personal Data is:
(a) We will retain copies of your Personal Data in a form that allows for identification only for as long as:
• (i) We maintain an ongoing relationship with you (e.g. where you are included in our mailing list and have not unsubscribed);
• (ii) Your Personal Data is necessary in connection with the purposes set out in this Privacy Notice and we have a valid legal basis,
(b) The duration of: (i) any applicable limitation period (i.e. any period during which a person could bring a legal claim against us), and (ii) an additional 2 months following the end of the applicable limitation period (so we are able to identify any personal data of a person who may bring a claim at the end of the applicable period),
(c) In addition, if any relevant legal claims are brought, we may continue to process your Personal Data for such additional time necessary in connection with that claim and (d) in addition any additional term as required by applicable legislation.
During the periods noted in paragraphs b(i) and b(ii) above, we will restrict our processing of your Personal Data to storage or, and maintaining the security of, those data, except to the extent the data need to be reviewed in connection with any claim, or any obligation under applicable law.
7. Storage and/or transfer of your personal data
We use appropriate measures (described below) to keep your Personal Data confidential and secure. Please note, however, that these protections do not apply to information you choose to share in public areas such as third party social networks.
People who can access your Personal Data. Your Personal Data will be processed by our authorized staff or agents, on a need to know basis, depending on the specific purposes for which your Personal Data have been collected (e.g. our staff in charge of consumer care matters will have access to your consumer record).
Measures taken in operating environments. We store your Personal Data in operating environments that use reasonable security measures to prevent unauthorized access. We follow reasonable standards to protect Personal Data. The transmission of information via the Internet is, unfortunately, not completely secure and although We will do our best to protect your Personal Data, We cannot guarantee the security of the data during transmission through our Websites/apps.
Transfer of your Personal Data. The storage as well as the processing of your Personal Data as described above may require that your Personal Data are ultimately transferred/transmitted to, and/or stored at, a destination outside of your country of residence, notably Ukraine etc. We may also transfer your Personal Data to countries outside EU including to countries which have different data protection standards to those which apply in EU. We (i) will ensure that European Commission approved standard contractual clauses or other similar are included to protect your Personal Data and/or (ii) the applicable security standards will be used.
8. Your rights
Access to Personal Data. You have the right to access, review and request a physical or electronic copy of information held about you. You also have the right to request information on the source of your Personal Data.
9. Changes to our notice
If We change the way We handle your Personal Data, We will update this Notice. We reserve the right to make changes to our practices and this Notice at any time, please check back frequently to see any updates or changes to our Notice.
10. Data controllers & contact
To ask questions or make comments on this Notice and our privacy practices or to make a complaint about our compliance with applicable privacy laws, write to us at Zinas Kanther, 16-18, Agia Triada, P.C. 3035.
We will acknowledge and investigate any complaint about the way We manage Personal Data (including a complaint that We have breached your rights under applicable privacy laws).