WHO IS THE DATA CONTROLLER?
Scholle IPN / Bossar is a global company with entities in the Americas, EMEA and Asia Pacific and forms part of the SIG Group. For information on the entities that form part of the SIG Group AG and their contact details, please visit our contact page https://www.sig.biz/gb/contact
The website www.bossar.com is controlled by Scholle IPN Corporation:
Scholle IPN Corporation
200 West North Avenue
Northlake, IL 60164
When you apply for a job at Scholle IPN / Bossar, the Scholle IPN entity mentioned in the vacancy acts as a data controller of your personal data.
WHICH TYPES OF PERSONAL DATA DO WE PROCESS?
Personal data is any information that directly or indirectly relates to an identified or identifiable living individual. Which (types of) personal data we process, depends on the relationship you have with Scholle IPN / Bossar. We may process the following personal data about you:
Personal data that you provide when you order or purchase goods and/or services from us:
When you are a (potential) customer and you (pre)order our goods and/or service, we may process the following types of personal data: Name, title, company name and address, email, telephone number, unique administration number, bank details of your company, information on your orders, prices and delivery status, your preferences, your payment history and other information you provide to us.
Personal data that you provide when you contact us:
When you contact us online, per e-mail, post or by phone, we may process the following types of personal data: Name, email address, name of the organization you work for, details about your question, request or complaint, and other information you provide to us when you contact us.
Personal data that we obtain when you visit our website:
When you visit our website or when you make use of platforms or apps provided by us, we may process the following types of personal data: IP address, information about your visit to the website, such as when you first visited the website, previous visit and current visit, the website you came from, your searches and the content you visited on our website. More information about the personal data we process when you visit the website can be found in our Cookie Statement (https://www.scholleipn.com/cookie-statement).
Personal data that we may process about you if you are a supplier:
When we work with you as a supplier we may process the following types of personal data: Name, title, company name and address, email address, telephone number, bank details of the company, unique administration number, supply and product information and other information you provide to us.
Personal data that we may process about you when you apply for a job at Scholle IPN / Bossar:
We regularly post our vacancies online. You will find this under ‘Career’ on our website. We offer a data base where you can search for relevant vacancies. If you create an account on our website, we will process your email address, password, your first name and surname. Once created an account, you may apply for a vacancy directly via our career website or via LinkedIn. Next to the online application process, we may also approach potential candidates by using other channels, such as external recruitment agencies and external job listing websites.
In order to process your application (via our website, LinkedIn, or otherwise), we may process the following types of personal data: Name, gender, nationality, date of birth, telephone number, email address, language(s), information included in your CV or resume (may include a photo), information included on your LinkedIn account, education, professional background, working experience, salary expectations/current salary, attachments to the application such as certificates and diplomas.
When in the application process, we may furthermore process notes taken during the interview(s), assessments and other test results, results of background checks and reference checks. In case of expenses, we may process your bank details and nature of expenses.
FOR WHICH PURPOSES DO WE PROCESS YOUR PERSONAL DATA?
We may process your personal data for the following purposes:
- To offer and improve our goods and services;
- Conducting satisfaction and market research surveys;
- Promoting our company and our goods and services;
- To ensure the continuity of our services;
- To handle questions, requests, complaints and claims;
- Internal control, protecting our assets and the security and integrity of our systems and data;
- To comply with our statutory obligations and requests of authorities, to avoid and settle claims.
- Facilitate a purchase / providing services, including making payment, or to otherwise conduct a business transaction, creating a customer account;
- Administrating and managing orders, executing and registration of agreements;
- Notify you when an order is being processed or is ready for delivery or pick-up;
- Identify product and service preferences;
- Send you informational or promotional communications, maintaining contact with you;
- Validate credentials, authenticate customers and prevent fraudulent transactions;
Users of our website
- Operate our website and applications;
- Improve our website and our online services.
- Administrating and managing supply chain;
- Administrating and managing purchases, executing and registration of agreements;
- Calculating costs and expenses;
- Maintaining contact with you.
Job applicants / candidates
- Administrating the recruitment process;
- Creating an account on our career website;
- Handling job applications;
- Assessment of suitability as a candidate, conducting background checks;
- Inviting candidates for an interview and giving follow-up to the interview;
- Handling expenses of candidates;
- Informing applicants and candidates on the outcome of the recruitment process.
WHAT IS THE LEGAL GROUND FOR THE PROCESSING OF YOUR PERSONAL DATA?
Based on the General Data Protection Regulation (GDPR), a data controller may only process personal data if one of the prescribed legal grounds apply. For the data processing activities of Scholle IPN that are subject to the GDPR, the following legal grounds are relevant:
- Performance of an agreement. We process your data to perform an agreement that we enter into or have entered into with you, when you have instructed us to provide goods and/or services or when we purchase products or services from you.
- Consent. We ask your permission for certain data processing operations, for example if we want to send you our newsletter or other commercial emails whilst you are not an existing customer. Consent may be withdrawn at any time without affecting the lawfulness of processing based on the consent before the withdrawal.
- Statutory obligation. We may process your data if and to the extent that this is necessary to comply with any of our statutory obligations.
- Legitimate interest. In some cases, we process personal data because we have a legitimate interest in doing so and because we do not disproportionately invade your privacy when doing so. This is the case, for example, if you are a customer and we want to make you an offer based on services you purchased previously. Also, we have a legitimate interest in maintaining a selection process for the recruitment of personnel and to check the capabilities of job applicants.
WITH WHOM CAN WE SHARE YOUR PERSONAL DATA?
We may share your personal data with the Scholle IPN / Bossar group companies as listed on our website when this is necessary to fulfill your requests and to provide our services. If you are a job applicant, we will provide the information of your application to the Scholle IPN / Bossar entity mentioned in the vacancy.
We may share your personal data with suppliers and vendors that help us with our business activities including shipping vendors, billing and refund vendors, payment card processors and companies that help us improve our products and services such as suppliers who provide direct fulfillment services for certain products. Also, we may involve hosting providers and other service providers that may need to process personal data for us. When such third parties act as data processors on our behalf, we make appropriate arrangements about the security of your personal data in a data processing agreement.
We may transfer your personal data in the event that we merge with or are acquired by a third party or should any such transaction be proposed. If and insofar as we are legally obliged and/or permitted to do so, we may share your personal data with relevant authorities.
HOW DO WE PROTECT YOUR PERSONAL DATA?
The security of your personal data is important to us. We protect your personal data by maintaining physical, administrative and technological safeguards intended to help protect against unauthorized use, disclosure or access. We secure our systems and applications according to current information security standards, we apply an internal authorization process to ensure that only authorized staff have access to your personal data, and we back-up our database on a daily basis. We regularly assess and update our security measures.
Although we have taken reasonable physical, technical and administrative safeguards to help protect your personal data against unauthorized use, access, disclosure, misuse, alteration or destruction. We cannot ensure or warrant the absolute protection of any information you provide to us.
WHERE IS YOUR PERSONAL DATA BEING PROCESSED?
Some or all of the personal data we process may be stored or processed on servers located outside your jurisdiction of residence, where data protection laws may differ from the jurisdiction of the country where you live. As a result, this information may be subject to access requests from governments, courts, or law enforcement according to laws in those jurisdictions. Subject to applicable laws in such other jurisdictions, we will use reasonable efforts to ensure that appropriate protections are in place and that the transfer is legitimized. You may request more detailed information or a copy of the transfer agreement by contacting the Privacy Team in your region through the contact details set out below.
HOW LONG DO WE RETAIN YOUR PERSONAL DATA?
Personal data that we obtain within the context of a job application procedure for a period of four weeks from the end of the selection procedure, unless you have given us permission to retain it for a longer period of time. In that case, we will retain your personal data for a maximum period of one year starting at the end of the selection procedure.
YOUR ACCESS TO AND CONTROL OVER YOUR PERSONAL DATA
Subject to applicable law a data subject may have certain rights in respect of his or her personal data. For example, you may have the right to request a copy of all personal data that we keep about you, to request us to rectify your data if your data is not correct, to ask us to erase your personal data or have it removed, to object to the use of your personal data or to ask us to restrict this use. In certain cases, you can also ask us to transfer your personal data to a new service provider. Please note that your rights are not absolute.
The GDPR, if applicable and required, includes the following data subject rights:
- the right to request whether we process your personal data and if so, the right to access your personal data;
- the right to rectification of your personal data if these are incorrect or incomplete;
- the right to have your personal data deleted (‘right to be forgotten’) ;
- the right to object to the processing of your personal data or to limit the processing of your personal data;
- the right to receive or surrender your personal data to a third party appointed by you in a structured, customary and machine-readable form (‘right to data portability’).
If you are a resident of the State of California please also see the section below “ YOUR CALIFORNIA PRIVACY RIGHTS”.
When you want to exercise your rights, you can send your request to the relevant Privacy Team for your region:
Privacy Team – Americas:
By e-mail at email@example.com or by post:
Privacy Team – North America
p.a. Scholle IPN Corporation
200 West North Avenue
Northlake, IL 60164
Privacy Team – Latin America
p.a. Scholle Ltda.
Av. Fernando Piccinini, 700
Distrito Industrial Vinhedo
Privacy Team – EMEA:
By e-mail at EMEA@scholleipn.com or by post:
Privacy Team – EMEA
p.a. Scholle IPN Europe B.V.
5047 SX Tilburg
Privacy Team – Asia Pacific:
By e-mail at AsiaPacific@scholleipn.com or by post:
Privacy Team – Asia Pacific
p.a. Scholle IPN Pty, Ltd
32 Hewittson Road
Edinburgh North, S.A., 5113
Please state clearly to which personal data the request pertains. We may ask for additional information to verify your identity.
YOUR CALIFORNIA PRIVACY RIGHTS
If you are a resident of the State of California, the following applies to you. As provided by California Civil Code Section 1798.83, a California resident who has provided information to a business with whom they have established a business relationship for personal, family, or household purposes (“California customer”) is entitled to request information about whether the business has disclosed personal information to any third parties for the third parties’ direct marketing purposes. In general, if the business has made such a disclosure of such information, upon receipt of a request by a California customer, the business is required to provide a list of all third parties to whom personal information was disclosed in the preceding calendar year, as well as a list of the categories of personal information that were collected and/or disclosed. To request such information, please email us at NorthAmerica@scholleipn.com, or in writing to 200 West North Avenue, Northlake, IL 60164, Attn: Customer Care – California Shine the Light Inquiry. Please allow 30 days for a response. Please note that we are only required to respond to one request per customer each year and you will not be charged for this request.
If you would like to review and/or change your information retained by Scholle IPN / Bossar please see the section above “YOUR ACCESS TO AND CONTROL OVER YOUR PERSONAL DATA.” If you have questions regarding the process to review and/or change your personal information please contact the Privacy Team for the Americas.
California and other customers may request further information about our compliance with this law by contacting the Privacy Team for the Americas.
“DO NOT TRACK” SIGNALS
Some newer browsers have a Do Not Track (“DNT”) feature that lets you tell websites that you do not want your online activities tracked. When you choose to turn on the DNT setting in your browser, your browser sends a special signal to websites, ad networks, plug-in providers, and other web services you encounter while browsing to stop tracking your activity via cookies or other tracking technologies. Scholle IPN / Bossar does not track its website users over time and across third party websites and therefore does not respond to DNT signals. More information about third party tracking cookies that are used on our website can be found in our Cookie Statement (https://www.scholleipn.com/cookie-statement).
CHILDREN UNDER THE AGE OF 16
Our Site is not intended for or targeted to children under the age of 16. Scholle IPN / Bossar will never knowingly solicit or collect personally identifiable information from a child under the age of 16 through the Sites without verifiable parental consent. If we discover that a child under the age of 16 has submitted personally identifiable information without verifiable parental consent, we will delete that information.
HOW TO CONTACT US
If you have other questions about our privacy policies and practices, please e-mail us at firstname.lastname@example.org.
Latest update: June 23, 2020