Data Protection Privacy Notice

This notice is intended to make record of specific personal data Diversey will process for a customer via the MoonBeam Application (“the Purpose”). The Company is required to notify you of this information under data protection legislation. Please ensure that you read this notice (sometimes referred to as a ‘privacy notice’) and any other similar notice the Company may provide to you when the Company collects or processes personal information about you.

This privacy notice

As set out in the Diversey Data Privacy Policy, Diversey is a ‘data controller’ and gathers and uses certain information about you. This information may also be used by the Company’s affiliated entities and group companies (the Company’s ‘group companies’) and so, in this notice, references to ‘the Company’ mean Diversey and their group companies.

What information the Company will Collect about you

The Company will collect the following information about you:

  • First Name
  • Last Name
  • Email Address
  • Work Address
  • Phone Number
  • Device Location

Why the Company collect the information about you, and how the Company use it

The Company will typically collect and use this information for the following purpose:

  • To enable you to log in to the MoonBeam application and track your equipment usage;
  • To allow for the collation of reports in relation to the MoonBeam device and its usage.

The Company seeks to ensure that their information collection and processing is always proportionate. The Company will notify you of any changes to information the Company collects or to the purposes for which the Company collects and process it.

How the Company may share the information

The information collected about you, as noted above, will be shared with other employees at your work premises for the purpose of tracking equipment usage. The information will also be accessible to select Diversey employees and the third party software developer, SancSoft, for troubleshooting and customer assistance purposes.

Where information may be held

The information is held at a United States data centre in Texas.

There are security measures in place to seek to ensure that there is appropriate security for information the Company holds.

The recipient of the information will be bound by confidentiality obligations.

How long the Company keep your information

We keep your information for no longer than is necessary for the purposes for which the personal information is processed.

The retention period for personal data specific to the purpose is 5 years. At this point the personal data is anonymised and the rest of the data is retained.

Your right to object to the Company processing your information

Where the Company’s processing of your information is based solely on the Company’s legitimate interests, you have the right to object to that processing if you give the Company specific reasons why you are objecting, which are based on your particular situation. If you object, the Company can no longer process your information unless the Company can demonstrate legitimate grounds for the processing, which override your interests, rights and freedoms, or the processing is for the establishment, exercise or defence of legal claims.

Please contact the Company’s Data Protection Officer (DPO), who can be contacted via email privacy@diversey.com if you wish to object in this way.

Your rights to correct and access your information and to ask for it to be erased

Please contact Diversey’s Data Protection Officer (DPO) (in accordance with applicable law) if you would like to correct or request access to information that the Company holds relating to you or if you have any questions about this notice. You also have the right to ask for some but not all of the information the Company holds and processes to be erased (the ‘right to be forgotten’) in certain circumstances. The Company’s Data Protection Officer will provide you with further information about the right to be forgotten, if you ask for it.

Keeping your personal information secure

The Company has appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. The Company limits access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorized manner and are subject to a duty of confidentiality.

The Company also has procedures in place to deal with any suspected data security breach. The Company will notify you and any applicable regulator of a suspected data security breach where the Company is legally required to do so.

Registering concerns beyond the Data Protection Officer

The Company hopes that the Data Protection Officer can resolve any query or concern you raise about The Company’s use of your information. If not, contact the relevant Supervisory Authority of your Country for further information about your rights and how to make a formal complaint.