Privacy Policy

Mitsubishi Chemical Group Data Privacy Notice for Trade Fairs and Events

Information to be provided where personal data are collected from the data subject acc. to Art. 13 GDPR

Protecting the security and privacy of your personal data is important for us. Therefore we process personal data in compliance with applicable data protection laws and put importance to high security standards. With the following statements we would like to inform you as an interested party or visitor of our trade fair/event about the processing of your personal data.

1. Contact details of controller:

2. Information about the processing of personal data related to your business relationship with MCG:

2.1 Purpose of the processing of your personal data and the legal basis for processing

We process personal data that we receive from you as a  contact person who may represent (prospective) customer, supplier, vendor and other partners (each as “Business Partner” or “you”) during the trade fair/event.

Personal data of MCG’s Business Partners is processed for the following purposes:

• Communicating with Business Partners about products, services and other projects of MCG e.g. by responding to inquiries or requests for quotations, or providing Business Partner with technical information about purchased products or product development activities;
• Planning, performing and managing the (contractual) relationship with Business Partners; e.g. by performing transactions and purchase orders of products or services, processing payments, performing accounting, arranging shipments and deliveries, facilitating repairs and providing support services;
• Administrating and performing satisfaction surveys, marketing campaigns, market analysis, or other direct marketing activities (e.g. trade show invitations) or events;
• Ensuring compliance with legal obligations (such as record keeping obligations), Business Partner compliance screening obligations (to prevent money laundering crimes), and MCG’s industry standards; and
• Creating audio-visual recordings and photographs in the events or trade fairs for the purposes of MCG internal and external promotion. These material might be published at the following locations: MCG Intranet, online and print media, internet and social media (e.g. Facebook, LinkedIn, etc.).

The legal basis for processing of your personal data in order to achieve MCG’s purposes:

• Insofar as you have given us consent to process personal data for specific purposes, the lawfulness of this processing is given on the basis of your consent (Art. 6 (1) lit. a, Art.7 GDPR). You may withdraw your consent at any time with effect for the future by providing us written notice or e-mail (DPO e-mail address). Where you have a user account, you may also withdraw consent or contact us also through the relevant website or other service, as applicable. Once MCG has received notification of withdrawal of consent, MCG will no longer process your information for the purpose(s) you consented to, unless MCG has another legal basis to do so. Withdrawal of consent does not, however, affect the lawfulness of the processing based on the consent prior to withdrawal.
• As the processing takes place for the purpose of initiating or executing a contract with you (or the legal entity you represent), is Art. 6 (1) lit. b GDPR. If this is not the case, the processing of your personal data is carried out to protect legitimate interests according to Art. 6 (1) lit. f GDPR or to fulfil legal obligations according to Art. 6 (1) lit. c GDPR.

3. The following categories of data are being processed:

• Contact information, such as full name, work address, work telephone number, work mobile phone number, work fax number and work email address;
• Further information necessarily processed in a project or contractual relationship with MCG or voluntarily provided by the Business Partner, such as personal data relating to orders placed, payments made, requests, and project management;
• Photographs and video-recordings of visitors or Business Partners;
• Any other data you provide to us during your visit (for example, by handing us a business card or filling out a form).

4. Recipients or categories of recipients of the data:

Within MCG, access to your data is granted to those departments that need it to fulfil our contractual and legal obligations as well as for legitimate interest. Processors used by us (Art. 28 GDPR) may also receive data for these purposes. These processors are companies in the categories which represent e.g. other MCG Group Companies, marketing service providers or suppliers in connection with MCG’s business relationship with you, service providers which provide IT services to MCG (e.g., hosting or IT maintenance and other support services); third parties in connection with complying with legal obligations or establishing, exercising or defending rights or claims.

We will only disclose your data to third parties for their own use if and insofar as consent has been given or contractual and/or legal regulations provide for this.

5. Data transfers

MCG discloses data to other parties which might not be located only in European Economic Area (“EEA”). If a recipient is located in a country without adequate statutory data protection, we require the recipient to undertake to comply with data protection (for this purpose, we use the revised European Commission’s standard contractual clauses, which can be accessed here: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32021D0915&locale-en, unless the recipient is subject to a legally accepted set of rules to ensure data protection and unless we cannot rely on an exemption. An exception may apply for example in case of legal proceedings abroad, but also in cases of overriding public interest or if the performance of a contract requires disclosure, if you have consented or if data has been made available generally by you and you have not objected against the processing.

6. Duration of data processing

Insofar as necessary, we process and store your personal data for subsequent contact. For this purpose, it may be necessary to digitize the personal data provided to us by you (e.g., from business cards).

The personal data collected by us in the course of the trade fair/event will be stored for the duration of the business relationship (Art. 6 para. 1 lit. b GDPR) and deleted thereafter, unless we are required to store and document such data pursuant to Art. 6 para. 1 lit. c GDPR on the basis of statutory retention and documentation obligations or if there is a legitimate interest in storing the data in accordance with Article 6 (1) (f) GDPR, e.g. during the current statute of limitations, which is usually three years, but in certain cases can be up to 30 years, or you have consented to additional storage in accordance with Article 6 (1) (a) GDPR.

As soon as the storage of the data is no longer necessary for the implementation of the aforementioned storage purposes or you object to this, your data will be deleted immediately.

7. Your Rights:

As a data subject of this data processing, you have the following rights, which you can exercise against us and/or our service providers:

– Right of access,

– Right to rectification or erasure,

– Right to restriction of processing,

– Right to object to processing,

– right to data portability.

You are welcome to contact DPO’s  e-mail address datenschutz@firma.com to exercise your data subject rights. MCG will always use best efforts to address and settle any requests or complaints you bring to our attention. Besides contacting the MCG contact related to data protection matters, you always have the right to approach the competent data protection authority with your request or complaint.

A list and contact details of local data protection authorities is available here: https://competition-policy.ec.europa.eu/system/files/2021-07/list_of_authorities.pdf

8.  Notice

This letter is for your information only. You do not have to take any action. If you have any questions, comments or suggestions regarding this information letter or our handling of data protection, please contact our data protection officer (see above).