Effective Date: March 20, 2019
Notification of changes to this Policy
Collection of Personal Data including e-mail addresses
We collect information you give to us when you use our Website. You may use this Website to register to receive additional information on products and services, or support from us. If you register, we may ask you for Personal Data like your name, job title, company details, telephone number and e-mail address. We may supplement the information you provide with information that is received from a third party.
We also collect information, such as email addresses from prospect lists of other companies or organisations. We sometimes use rented email lists but only if the list is specifically an opt-in list, that is, lists of users who have explicitly agreed to receive email messages from third parties. We also collect email addresses and related Personal Data via marketing events such as trade shows and exhibitions.
Our website also automatically collects other data, as described below, which may comprise Personal Data.
Use of Personal Data
We process your Personal Data for the following purposes;
- To contact you to inform you of new products or services we will be providing, or special offers, events or articles we think will be of interest to you.
- To send you regular updates by e-mail or by post on events organized or otherwise related to Chase Corporation.
- To send you requested product information and promotional materials.
- For marketing purposes and market research.
- To help us improve our products and services and to help resolve any problems
- To prevent fraud
- To otherwise manage our relationship with you.
- To protect our business from attack and safeguard the operation of our website and network.
The legal basis on which we process your Personal Data under GDPR, depending on the purpose of the processing as described above, is one of the following:
- performance of a contract – we may need to process your Personal Data to perform a contract we have with you or an organisation you work for or represent.
- legitimate interest – in most cases, the purposes we have described represent our legitimate business interests (as so described), and the processing is proportionate and reasonable to achieve them and does not override your interests, fundamental rights or freedoms.
- In certain circumstances, we may need to process Personal Data to comply with a legal obligation to which we are subject, such as ensuring data security
- Consent – in certain specific situations, we may process your Personal Data with your specific freely given “opt-in” consent. When doing so, we will inform you of the purpose of the processing and you can withdraw consent at any time.
If you do not wish to receive information from us and want to be removed from our standard mailing list, please e-mail us at firstname.lastname@example.org.
Other data collected automatically through this Website
In addition to the information, we collect as described above, we may use a variety of tracking technologies to automatically collect information about the use of our Website, such as cookies, web beacons, embedded scripts, browser fingerprinting, GPS, iBeacons, and ETags (or “entity tags”). A cookie (or “locally shared object”) is a data file placed on your device when you visit our site. Your browser, or other software (including Adobe Flash), may allow you to reject or remove cookies, but if you do so, some features of our sites may not work properly, and we may not be able to remember your preferences the next time that you visit.
We use technology to track which pages of our Website our visitors view. We also use technology to determine which web browsers our visitors use. This technology does not directly identify you personally; it simply enables us to compile statistics about our visitors and their use of our Website.
Our Website contains hyperlinks to other pages on our Website. We use technology to track how often these links are used and which pages on our Website our visitors choose to view. Again, this technology does not identify you personally – it simply enables us to compile statistics about the use of these hyperlinks.
We automatically collect your IP address when you visit the Website because our server needs to recognise it. We may also use your IP address to help diagnose problems with our server and to administer our Website. An IP address is a numeric code that identifies your computer on a network, or in this case, the Internet. Your IP address is also used to gather broad demographic information, such as determining how many of our visitors are from outside of the USA. We do not identify users in this type of research.
The data described above does not directly identify you. However, it may leave traces which indirectly identifies you when combined with unique identifiers and other information received by our servers. To that extent it is Personal Data. We use this data to improve the content and functionality of this Website and our e-mail updates, to better understand our customers and markets, and to improve our products and services.
Third-Party Tracking and Do Not Track
Disclosure of your Personal Data and Recipients
We do not share, sell or distribute your Personal Data with unrelated third parties, except under these limited circumstances:
- Personal Data may be transferred to third parties who act for or on behalf of Chase Corporation, or in connection with the business of Chase Corporation for further processing in accordance with the purposes for which the data was originally collected or for purposes to which you have subsequently consented [can we describe these people more precisely, by category, e.g. service providers?].
- We may share or transfer the information in our databases to [relevant authorities, legal, IT and other relevant professionals and counterparties] to comply with a legal requirement, for the administration of justice, to protect your vital interests, to protect the security or integrity of our databases or this Website, to take precautions against legal liability, or in the event of a corporate sale, merger, reorganization, dissolution or similar event.
- Where appropriate, before disclosing Personal Data to a third party, we contractually require the third party to take reasonable precautions to protect that data.
Data Integrity and Security
We strive to maintain the reliability, accuracy, completeness and currency of Personal Data in our databases and to protect the privacy and security of our databases.
We keep your Personal Data only for as long as reasonably necessary for the purposes for which it was collected or to comply with any applicable legal or ethical reporting or document retention requirements, in accordance with our applicable data retention period(s). Our general record retention period is Ten 10 years. This is subject to any legal or regulatory requirement to retain the information for a minimum period.
Our servers and our databases are protected by industry standard security technology, such as password protection [anti-virus software] [firewalls] [encryption]. The employees who have access to Personal Data are instructed to act in accordance with our security protocols and strict standards of confidentiality. Although we cannot guarantee against any loss, misuse, unauthorized disclosure, alteration or destruction of data, we try to prevent such unfortunate occurrences.
Upon receipt of your written request and enough information to permit us to identify you, we will disclose to you the Personal Data we hold about you. Upon such request, we will also correct, amend or delete any Personal Data that is inaccurate and notify any third-party recipients of the necessary changes.
You also have the right to:
- obtain confirmation as to whether we process your Personal Data;
- request that we delete your Personal Data, or stop processing it or collecting it, even where it is accurate, in some circumstances;
- request transfer of your Personal Data from us to certain other data controllers;
- lodge a complaint to an appropriate data protection supervisory authority in the EU in respect of our processing of your Personal Data; and
- withdraw your consent to our processing your Personal Data at any time.
Please be aware that any withdrawal of consent will not affect the lawfulness of processing of Personal Data prior to the date of withdrawal.
We do not knowingly collect Personal Data from users under the age of 18. If you are a child or minor, please do not give us any Personal Data. If you have reason to believe that a child has provided us with their Personal Data, please contact us at the address given below and we will endeavor to delete that information from our databases.
Links to other websites
Transfer of Data Abroad
Chase Corporation has facilities and databases in different countries. We may, from time to time, transfer your Personal Data to one of our databases in another country. If the level of privacy protection in a country does not comply with recognized international standards, we will ensure that data transferred to our databases in that country are adequately protected and that the transfer of data to third parties in such countries is made pursuant to a contract or other measures providing adequate protection. On request, we will provide you with details of such measures.