Danone knows that you care how your personal data is used and we recognize the importance of protecting your privacy.
This Privacy Statement explains how Danone Research (“Danone”), acting as Data Controller, may collect and manage your personal data when you visit the Webpage. It contains information on what data we collect, how we use it, why we need it and how it can benefit you.
Contact us by email at firstname.lastname@example.org if you have any queries and comments, or if you want to make a request regarding any of your data subject rights.
This privacy statement was last updated on February 1st, 2021 and is meant for the SPLASH! webpage (“Webpage”). It is based on the Privacy Statement framework defined by Danone SA.
Basic principles and our privacy commitment
At Danone, we are committed to protecting your right to privacy. We aim to protect any personal data we hold, to manage your personal data in a responsible way and to be transparent in our practices. Your trust is important to us. We have therefore committed ourselves to the following basic principles:
● You have no obligation to provide any personal data requested by us. However, if you choose not to, we may not be able to provide you with some services or products;
● We only collect and process your data for the purposes set out in this Privacy Statement or for specific purposes that we share with you and/or that you have consented to;
● We aim to collect, process and use as little personal data as possible;
● When we do collect your personal data, we aim to keep it as accurate and up to date as possible.
● If the personal data we collect is no longer needed for any purposes and we are not required by law to retain it, we will do what we can to delete, destroy or permanently de-identify it.
● Your personal data will not be shared, sold, rented or disclosed other than as described in this Privacy Statement.
What personal data do we collect?
By personal data, we refer to any information about a person from which that person can be identified. This does not include data for which the identity has been deleted (anonymous data).
The personal data we collect varies depending upon the purpose of the collection and the product or service we are providing you.
Danone may collect the following personal data from you directly:
1. Browser history, such as pages accessed, date of access, location when accessed, and IP address;
2. Social media profiles;
We may also collect personal data about you indirectly when:
3. you share content on social media pages, websites or applications related to our services or in response to our promotional advertisement on social media; or
4. we read or collect personal data about you by reading information collected by other websites (for instance, we may place an ad on a third party website, and when you click on that ad, we may receive information about you and other website visitors in order to measure the reach and success of that ad).
Other data that does not qualify as personal data may also be collected.
Why do we collect and use your personal data?
We generally collect your personal data so we can provide you with the best online experience. In particular we may collect, hold, use and disclose your personal data for the following purposes, and based on the following legal basis:
To enable you to access and use the website
Legal basis: performance of an agreement with you we have in place (the Terms between Danone and you).
To develop and improve our services, communication methods and the functionality of our websites;
Legal basis: our legitimate interest to improve customer service management. We believe the risk to your data protection rights in connection with personal data that we process on the basis of our legitimate interests is not excessive or overly intrusive. We have also put in place protections for your rights by ensuring proper retention periods and security controls.
To improve the safety and security of our website and to verify your identity and prevent fraud or any other illegal or unauthorized activities.
Legal basis: the respect of a legal obligation to prevent fraud and illegal/immoral activities.
We may also need your personal data to comply with legal obligations or in the context of a contractual relationship that we have with you.
When we collect and use your personal data for purposes mentioned above or for other purposes, we will inform you before or at the time of collection.
Where appropriate, we will ask for your consent to process the personal data. Where you have given consent for processing activities, you have the right to withdraw your consent at any time.
How long do we keep your personal data?
Any collected personal data is kept for no longer than is necessary by Danone for the purposes for which it is processed. Such period shall in any case be reasonable and proportionate, and may be subject to reductions during its term if it was esteemed that the initial keeping period was not justified anymore.
To determine the appropriate retention period for personal data, we take into account the quantity, nature and sensitivity of personal data, the potential risk of harm resulting from the unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and the possibility of attaining those purposes by other means, as well as the applicable legal requirements.
After the established deadlines, the data is either deleted or retained after being anonymized, especially for statistical purposes. It may be retained in case of pre-litigation and litigation. It should be noted that deletion or anonymization are irreversible operations, and that Danone is no longer able, thereafter, to restore this data.
Where we process your personal data, according to applicable legislation, you are entitled to a number of rights and, when applicable you can exercise these rights at any point. We have provided an overview of these rights below together with what this entails for you. You can exercise your rights, when eligible to, by contacting us at email@example.com.
The right to access your personal data and correction
You have the right to access, correct or update your personal data at any time. We understand the importance of this and should you want to exercise your rights, please contact us.
The right to data portability
Your personal data is portable. This means it can be moved, copied or transmitted electronically. However, this right only applies where:
1. the processing is based on your consent;
2. the processing takes place for the performance of a contract;
3. the processing takes place by automated means;
If you wish to exercise your right to data portability of your personal data, for the transfer to another organization, please contact us.
The right to deletion of your personal data
You have right to request that we delete your data if:
1. your personal data is no longer necessary in relation to the purposes for which we collected it; or
2. you withdraw the consent that you had previously given us to process your personal data, and there is no other legal ground to process that personal data; or
3. you object to us processing your personal data for legitimate interests; or
4. the personal data is not being processed lawfully; or
5. your personal data needs to be deleted to comply with the law.
If you wish to delete the personal data we hold about you, please contact us and we will take reasonable steps to respond to your request in accordance with legal requirements.
If the personal data we collect is no longer needed for purposes and we are not required by law to retain it, we will do what we can to delete, destroy or permanently de-identify it.
The right to restriction of processing
You have the right to restrict the processing of your personal data if
1. you do not believe the personal data we have about you is accurate; or
2. the personal data is not being processed lawfully, but instead of deleting the personal data, you would prefer us to restrict processing instead; or
3. we no longer need your personal data for the purposes we collected it, but you require the data in order to establish, exercise or defend legal claims; or
4. you have objected to the processing of your personal data and are awaiting verification on whether your interests related to that objection outweigh the legitimate grounds for processing your data.
If you wish to restrict our processing of your personal data, please contact us and we will take reasonable steps to respond to your request in accordance with legal requirements.
The right to object
You may have the right to object to the processing of your personal data at any time. Please contact us if You wish to do so.
The right to withdraw your consent
When we process your personal data on the basis of your consent, you have the right to withdraw your consent at any time. However, such withdrawal does not affect the lawfulness of the processing that took place prior to this withdrawal.
The right to lodge a complaint with a supervisory authority
You have the right to lodge a complaint directly with supervisory authority about how we process personal data.
How we protect your personal data
We understand that the security of your personal data is important. We make our best efforts to protect your personal data from misuse, interference, loss, unauthorized access, modification or disclosure. We have implemented a number of security measures to help protect your personal data. For example, we implement access controls, use firewalls and secure servers, and we encrypt personal data. Please note however that where you are transmitting information to us over the internet this can never be guaranteed to be 100% secure.
Sharing of your personal data
When we share your personal data with affiliates and other organizations or trusted third parties, we make sure we only do so with organizations that safeguard and protect your personal data and comply with applicable privacy laws in the same or similar way that we do.
Trusted third parties may assist us in providing IT services, such as platform providers, hosting services, maintenance and support on our databases as well as on our software and applications that may contain data about you or to perform on our behalf the statistical analyses associated with the use of the Website.
Your personal data will not be shared, sold, rented or disclosed other than as described in this Privacy Statement. We may, however, share your data when required by law and/or government authorities.
Sharing data internationally
Personal data may be processed outside the European Economic Area (EEA). When processed outside the EEA, Danone will make sure that this cross-border data processing is protected by adequate safeguards.
Cookies and other technologies
1. information about your device browser and operating system;
2. the IP address of the device you are using;
3. web pages of ours that you view;
4. links that you click while interactive with our services.
How to contact us
If you have any questions, comments or complaints regarding this Privacy Statement or the processing of your personal data, please contact us at firstname.lastname@example.org
Changes to this Privacy Statement
Danone is free to modify this Privacy Statement periodically to reflect the evolution of our practices in this area. When we modify this Privacy Statement, we also change the “Last Updated” date at the top of the first page. We encourage you to periodically review this Privacy Statement to be updated on how Danone protects your data.