Policy for the protection of the personal data of the tereos group’s btob customers and prospects

TEREOS STARCH & SWEETENERS EUROPE is a part of Tereos Group which is very committed to the protection of personal data and to your privacy, which are two principles protected by the Charter of Fundamental Rights of the European Union.
The processing of personal data carried out within the framework of Tereos Group's activities complies with the rules on privacy, particularly the General Data Protection Regulation (EU Regulation 2016/679) known as the “GDPR” and the amended Act of 6 January 1978 relating to data processing, records and privacy known as the “French Data Protection Act”.
Therefore, within the exercise of its activities, the Tereos Group may be required to collect and process your personal data, whatever the type of contract that binds us.
The Tereos Group acts as a data controller in the context of operating the trademarks that it holds.
The Tereos Group has set up a department dedicated to the protection of personal data, which ensures the effective implementation of specific procedures and processes, in order to raise awareness among its employees, involve its partners and sub-contractors in the protection of personal data and ensure the compliance of the personal data processing for which it is responsible.
This policy (hereinafter “the Policy”) aims to inform you of the reasons why the Tereos Group may process your personal data, the way in which the Tereos Group does this and your rights in this matter.

The tereos group’s commitments for the protection of personal data

In order to ensure the best level of protection of your personal data, the Tereos Group undertakes, in its capacity as data controller, to comply with the GDPR by setting a number of basic principles for the processing of personal data and in particular:

Internal procedures are planned to comply with the guiding principles of the regulations on the protection of personal data from its design and by default. If necessary, our relationships with external service providers are secured through contracts that meet a real level of security of your personal data.

The majority of our services, service providers, remote applications and servers required for the processing of your personal data are located in the territory of the European Union. When your personal data needs to be transferred outside the European Union, we adopt the appropriate guarantees provided by the applicable regulations. If necessary, you can have access to relevant documents (i.e.: standard contract clauses of the European Commission).

Rights of data subjects

In terms of the processing of personal data, you enjoy a number of rights in accordance with the applicable regulations:

ou also have the right to lodge a complaint with the Commission Nationale Informatique et Libertés (CNIL - the French Data Protection Authority). For more information, please visit the website of the https://www.cnil.fr/fr/cnil-direct/question/adresser-une-reclamation-plainte-la-cnil-quelles-conditions-et-comment

Any request, whether relating to the exercise of your rights or relating to this Policy, must be sent by email or registered letter with acknowledgement of receipt for the attention of the GDPR contact person. The GDPR contact person will review your request and get back to you as soon as possible. He/she can be contacted at the following address:

To process your request, please:

If the request is made by a representative:

Pprocessing carried out by the tereos group

1. Identity and contact details of the data controller

2. Purpose of the processing of personal data

We process your data for the following purposes:

Incidentally, the data can also be used to:

3. Categories of data

For each purpose identified, the categories of personal data collected, processed and stored by the Tereos Group are as follows:

4. Categories of persons

5. Recipients

Legal bases

The legal justifications on the basis of which we can process your personal data are:

Rentention period

Your personal data is retained for the time necessary to achieve the purposes described in this Policy. It is then archived in accordance with the legal and/or regulatory requirements, and/or to enable the Tereos Group to establish proof of a right or contract (deadlines applicable to prescription).

Computer security

Security of processing of personal data is one of the Tereos Group’s priorities. We make every effort to implement technical and organisational measures adapted to the issues and risks associated with the protection of personal data. Training sessions on personal data protection are offered to our employees. Our employees are subject to a confidentiality obligation. Our websites are subject to technical protection and communications with your computer are encrypted by an HTTPS (TLS) stream.

Changes to this policy

This Policy was published on May 25th, 2018. In case of changes to this Policy implemented by Tereos, such changes will be identified by Tereos on this webpage.