GDPR - Privacy Statement For Danone Employees

 Privacy Statement for Danone Employees

1. Introduction

Our commitment to data protection

At Danone (“Danone” or “we” or “us”) we are committed to protecting your personal data. We manage your personal data in a responsible way and aim to be transparent in our personal data processing. Detailed information regarding our practices can be found in this Privacy Statement for Danone Employees (“Privacy Statement”).

This Privacy Statement

This Privacy Statement is relevant for you when you join Danone and describes the processing of personal data during the internal application process, onboarding process and during the term of your employment at Danone (“Employee”). You are considered an Employee from the moment you have signed an employment agreement with us.

2. Basic principles and our data protection commitment

With respect to the protection of your data, we have committed ourselves to the following basic principles:

• We only collect and process your data for the purposes set out in this Privacy Statement or for specific purposes that we share with you and/or that you have consented to. Your data will not be processed in a manner incompatible with those purposes.
• We only collect, process and use the minimum required data and not more than is required for the purposes as described in this Privacy Statement.
• When we process your data, we take adequate measures to keep it as accurate and up to date as possible.
• We make our best efforts to protect your data from misuse, interference, loss, unauthorized access, modification or disclosure. To that end, we have implemented a number of security measures to help protect your data.
• As a rule, we keep the data we collect for the time period necessary for processing purposes. We do not keep personal data for an unlimited duration, unless otherwise expressly required by law. For employees, we retain the personal data after termination of the employment contract for the period of time set forth in this Privacy Statement. The purpose for retention could be a legal obligation such as tax law or another legitimate reason, for example to prove our rights and obligations. If this data is no longer needed for any of the purposes as described in this Privacy Statement and we are not required by law to retain it, we will do what we can to delete, destroy or permanently de-identify it.

 

3. What kind of data do we process

Employee data

• Collected directly from you and generated by Danone: Danone collects your personal data directly from you during the hiring process, the internal application process for a new position and during your employment. Danone, for example, collects your personal contact details as well as bank details to pay your salary. In addition, we also generate data relating to you during your employment. Danone, for example, collects information relating to your work performance, work, leave and/or absence records as well as information relating to your compensation and benefits.
• Collected from third parties: we might also be provided with personal data about you (which can include your education & professional background information) from other sources, such as third-party vendors (e.g. recruitment agencies, former employer or talent mapping agencies).

Sensitive data

• Danone & your sensitive data: sensitive data includes your data revealing racial or ethnic origin, biometric data, data concerning health, data relating to criminal convictions and offences and government issued identification numbers (passport number, ID number, social security number, etc).

• In principle, Danone does not process sensitive data relating to you unless the nature of your job requires the processing of such information and only when allowed under applicable data protection or other applicable laws as provided in this Privacy Statement. For example, it might be relevant to share information on allergies when it regards staffing in certain production areas or to use biometric data for the purposes of authentication and security purposes in sensitive areas in our factories. Danone will also process sensitive data on you if this is prescribed by local law. If that is the case, we will let you know in advance as per local law requirements.

 

4. Why we collect and use your data

We will only process your personal data for specified and lawful purposes, described in this Privacy Statement which can include any of the following:

• Legitimate business interest: the processing of your Employee information is necessary for the purposes of Danone’s legitimate interest. For example: managing our business, compliance with our policies and the security of our systems and premises;
• Contract: the processing is necessary for the performance of the employment contract we have with you. For example: in fulfilling your employment contract we will process your bank details for payroll purposes; and
• Legal obligation: the processing is necessary for us to comply with our legal obligations (not including contractual obligations). For example: compliance with labor and employment laws.

We process the following personal data for the following purposes:

Talent Acquisition & Onboarding Candidate selection and assessment, tracking of candidates, including pre-employment screening for validation of identity, the preparation of a job offer and/or your employment contract, assessment of the application procedure and background and reference checks.[1]
Data	Lawful grounds	Categories of recipients with whom your data may be shared
Personal data incl. name, first name, gender, age, nationality, contact details, home address, home country, photo (if available), image (in video - if available), languages Education (incl. certifications) Work experience (history, years of experience, current employer, current job title, team management experience) Skills and competencies Interview notes (if any) Career interests and work preferences Readiness for a career move Geographical mobility Current compensation and expected compensation Previous applications at Danone and / or current employment status	Contract: necessary to enter into an employment contract with you or to modify your employment contract; Legal obligation: necessary to comply with a legal obligation (social security and social protection laws, tax laws, labor and employment laws); Legitimate interest: necessary for the purposes of the legitimate interests pursued by Danone or a third party.	Outside of Danone: IT providers and suppliers; Cloud service providers; External advisors and consultants; Public Authorities; External Recruiters.   Within Danone: Danone corporate team and HR of the different Danone’s affiliates and subsidiaries; Danone Recruiters Administrators/IT support

 

HR services Providing HR Support in order to manage all aspects of your employment relationship, including performance appraisal, administering termination of employment, complying with legal or regulatory obligations including in relation to any pending or threatened litigation, establishing, exercising or defending legal rights, administering data subject requests, providing any underlying (IT) support and HR reporting as well as for monitoring purposes.
Data	Lawful grounds	Categories of recipients with whom your data may be shared
Personal contact details; Personal financial; information; Compensation information; Employment information; Leave administration; Performance information; Marital status; Information on family members (e.g. emergency contact details); Pictures and image (e.g. badges) Sensitive Personal Data Government issued identification numbers; Sick leave information (in certain countries according to applicable law); Biometric Data; Gender	Contract: necessary to perform the obligations under your employment contract; Legal obligation: necessary to comply with a legal obligation (social security and social protection laws, tax laws, right to work laws); Legitimate interest: necessary for the purposes of the legitimate interests pursued by Danone or a third party.	Outside of Danone: IT providers and suppliers; Cloud service providers; External advisors and consultants; Public Authorities Within Danone: Danone corporate team and HR of the different Danone’s affiliates and subsidiaries Administrators/IT support

 

Compensation and benefits Execution and administration of benefits and compensation.
Data	Lawful grounds	Categories of recipients with whom your data may be shared
Personal contact details; Personal financial information; Compensation and benefits information; Employment information; Right to work information; Expenses; Leave administration; Performance information; Records for tax purposes or answering compelling orders to provide information to public authorities.   Sensitive Personal Data: National or government issued identification numbers;	Contract:  necessary to perform the obligations under your employment contract; Legal obligation: necessary to comply with a legal obligation (social security and social protection laws, tax laws,); Legitimate interest: necessary for the purposes of the legitimate interests pursued by Danone or a third party.	Outside of Danone: IT providers and suppliers; Cloud service providers; External advisors and consultants; Public Authorities Within Danone: Danone corporate team and HR of the different Danone’s affiliates and subsidiaries Finance Administrators/IT support

 

 

 

 

 

 

 

 

International mobility Cost estimation, package definition, international contract preparation and other support measures to execute international mobility and reporting (for data analysis and cost estimation at corporate level
Data	Lawful grounds	Categories of recipients with whom your data may be shared
Personal contact details; Compensation and benefits information; Employment information; Performance information; Gender; Marital status; Information on family members e.g. family connections. Sensitive Personal Data Government issued identification numbers	Contract: to fulfill all obligations under your employment contract; to draft and amend your home and host country contracts accordingly; Legitimate interest: necessary for the purposes of the legitimate interests pursued by Danone or a third party.	Outside of Danone: IT providers and suppliers; External advisors and consultants; Public Authorities Within Danone: HR population, including payroll and International Mobility HR Teams; Administrators IT support (GTI)

 

Learning Execution and administration of internal and external learnings.
Data	Lawful grounds	Categories of recipients with whom your data may be shared
Personal contact details; Employment information; Birth date and gender; Trainings and learning plan action steps.	Contract: necessary to enter into an employment contract with you or in order to take steps prior to enter into an employment contract with you; Legal obligation: necessary to comply with a legal obligation (health and safety regulations); Legitimate interest: necessary for the purposes of the legitimate interests pursued by Danone or a third party (e.g. well-being initiatives for employees as part of the Wise2 program or other similar programs).	Outside of Danone: IT providers and suppliers; Suppliers of Learning content; Software editors. Within Danone: Danone corporate team and HR of the different Danone’s affiliates and subsidiaries. Administrator and IT teams

 

*Additional categories of personal data: In some situations, we might request and process additional information if this is necessary for specific purposes and always in accordance with applicable laws. For example, if a you are eligible to a company car, we might check whether or not you have a driver’s license or ask our external providers to do so.

 

**Monitoring: You are advised that Danone may, subject to applicable laws, monitor your use of the Danone mobile devices and computer systems to ensure the correct functioning and security of our systems. For example, Next – Generation Firewalls and Unified Threat Management systems, which can provide a variety of monitoring technologies, security applications and measures that involve logging employee access to the employer’s systems, eDiscovery technology, the use in the workplace of office applications provided as a cloud service and device usage via unseen software. These monitoring activities will be legitimate and reasonable and conducted in fulfillment of Danone’s legitimate interests or legal obligations. 

 

5. How long do we keep your data?

We keep your personal data for the time necessary to enable us to satisfy the purpose for which your data was collected, as indicated in this Policy, and in any event as required or permitted according to laws and regulations applicable and the corresponding limitation periods.

Personal data is kept throughout the employment relationship and for at least 2 years (for the Netherlands) and 5 years (for Belgium) from the end of the employment relationship.

6. Transfer of your data to Third Parties and/or outside of the European Economic Area

• Sharing your data with third parties: Your data will not be shared, sold, rented or disclosed other than as described in this Privacy Statement. We may, however, share your data when required by law and/or government authorities. 

When we share your data with affiliates and other organizations, we make sure we only do so with organizations that safeguard and protect your data and comply with applicable data protection laws in the same or similar way that we do.

• International data transfer: When we process your data outside the European Economic Area (“EEA”), Danone will make sure that this cross-border data processing is protected by adequate safeguards.

 

7. Your rights

When we process your data and according to applicable legislation, you might be entitled to exercise certain rights. When eligible, you can exercise your rights via Clio by clicking on the following link:

https://clio.itrp.com/self-service/requests/new/provide_description?from=search&requested_for_id=197290&search_id=2149925&template_id=63997&position=1.
 

According to the applicable legislation, you have the right to:

•        ask us for access to information about you that we hold

•        have your personal data rectified, if it is inaccurate or incomplete

•        request the deletion or removal of personal data where there is no compelling reason for its continued processing

•        restrict our processing of your personal data (i.e. permitting its storage but no further processing)

•        object to: direct marketing (including profiling) and processing activities based on legitimate interest and processing activities

•        not to be subject to decisions based purely on automated processing where it produces a legal or similarly significant effect on you

•        ask for your data portability (when eligible).

•        Lodge a complaint with the supervisory authority of your country.

Please keep in mind that these rights are not absolute.

 

8. Contact us

Contact us via privacyHR.benelux@danone.com if you have any queries and/or comments regarding this Privacy Statement, or if you want to make a request regarding any of your data subject rights.

You can also contact our Data Protection Officer using the following contact details:

dpo.groupe@danone.com

Data Protection officer

Danone

17 boulevard Haussmann

75009 Paris

 

 

---

[1] As required by internal rules or local laws.