DOMO Chemicals Code of Conduct

Page 44

The DOMO Code of Conduct

Schedule 9

DATA PROTECTION AND PRIVACY POLICY Introduction The basic principles of GDPR (i.e. the European General Data Protection Regulation of 27 April 2016 which entered into application on 25 May 2018), the personal data of our employees that we process and our general rules of conduct regarding data protection are set out in this Schedule.

Where there are more specific or deviating local privacy laws and regulations applicable in the country of your employment, this policy will be adapted to the local legal requirements and a copy of the locally applicable data protection policy will be provided to you. This Schedule 9 only applies to our employees working in the European Union. For DOMO employees whose country of employment is outside the European Union, substantially similar data protection and privacy principles apply: any deviations or further specifications are set out in your locally applicable data protection policy. As a company we attach a great deal of importance to the privacy of our customers, suppliers and business partners but also to the privacy of our own employees.

Considering the importance of this subject we have drawn up this document so that any employee would be informed of: • • •

the major principles in data protection (see part 1); the personal data that we process from him/her (see part 2); the way he/she is to handle the personal data of others in a correct and safe manner in the execution of his/ her function within our company (see part 3).

1.

BASIC PRINCIPLES IN DATA PROTECTION. 1.1

What are personal data? Personal data are all the information relating to a natural person (“the person concerned”) that directly or indirectly is or can be identified. A few examples of personal data are: name, telephone number, photo, bank account number, etc. When it is possible to identify a natural person thanks to the combination of different information (such as: age, gender, diploma, marital status, town, salary, nationality, religious belief, health situation, etc.), such information is also considered as personal data. In certain circumstances data can also be considered ‘sensitive’. This is the case when the data relate to race or ethnical origin, political opinions, religious or philosophical beliefs, trade union membership, genetics, biometrics, health, sexual behavior and criminal convictions and facts. The collecting and processing of these data is prohibited in principle and/or is only exceptionally permitted under very strict conditions.

44

Turn static files into dynamic content formats.

Create a flipbook

Articles inside

Schedule 8. ANTI-BRIBERY AND CORRUPTION POLICY

13min
pages 38-43

Schedule 9. DATA PROTECTION AND PRIVACY POLICY

14min
pages 44-52

Schedule 6. RISK MANAGEMENT

1min
page 34

Schedule 7. SOCIAL MEDIA POLICY

5min
pages 35-37

Schedule 5. DIVERSITY POLICY

2min
pages 32-33

Schedule 2. SPEAKING UP POLICY

9min
pages 25-28

Schedule 3. COMPETITION LAW COMPLIANCE POLICY

2min
page 29

Schedule 4. HEALTH AND SAFETY POLICY

3min
pages 30-31

Audit and compliance sign-off 17

4min
pages 14-22

Data protection and privacy 16

1min
page 12

Schedule 1. CORPORATE SOCIAL RESPONSIBILITY POLICY

3min
pages 23-24

Social media 17

1min
page 13

Risk management 15

1min
page 11

Human Rights 13

1min
page 8

Anti-bribery and corruption 14

1min
page 9

Suppliers 14

1min
page 10

Competition 10

1min
page 6

Corporate Social Responsibility 7

1min
page 3

Implementation 7

1min
page 2

Environmental risk management 9

1min
page 5

Our People 11

1min
page 7
Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.