1. Home
  2. Data Privacy

Tata Steel Europe Ltd - PRIVACY STATEMENT

Introduction

The Tata Steel Europe Ltd Group of companies („Tata Steel“, „we“, „our“ oder „us“) hold and process data on various individuals, including our customers, prospective customers, people who have contacted us with queries or complaints, website visitors and those receiving our emails („you“ oder „your“). We take your data protection rights and our legal obligations seriously. Your Personal Information will be treated in a secure and confidential manner and only as set out below.

The following Fair Processing Notice describes the categories of Personal Information we may process, how your Personal Information may be processed and how your privacy is safeguarded in the course of our relationship with you. It is intended to comply with our obligations to provide you with information about Tata Steel's processing of your Personal Information under privacy laws. It does not form part of your contract with us.

Tata Steel Europe Limited ("TSE") will be the "controller" of your Personal Information. This means that TSE is responsible for deciding how your Personal Information is used, and for ensuring (in conjunction with other parties involved in the processing of your Personal Information, as explained in this Fair Processing Notice) that your Personal Information is handled in compliance with applicable data protection law.

If you have any questions regarding the processing of your Personal Information or if you believe your privacy rights have been violated, please see "How to Contact Us" to find out how to get in touch.

Personal Information we collect

We process various categories of Personal Information, including the following:

  1. Contact Information that you provide to us at events or exhibitions, for the purpose of making an enquiry or registering with us to access a download (including Name, Company, Job Title, Email, Address, Telephone & Mobile number);
  2. Contact Information and any other information that you choose to provide to us when submitting a query or complaint, for example, if you report an environmental concern;
  3. Information relating to any transactions carried out between you and us (whether on or in relation to our websites or otherwise), including information relating to any purchases you make of our goods or services;
  4. Information about your computer and about your visits to and use of our websites (including your IP address, geographical location, browser type, referral source, length of visit, entry & exit points and number of page views); and
  5. Contact Information that you provide to us for the purpose of subscribing to our website services, email notifications and/or newsletters (including opens, clicks, preference information, email and other contact information).

Certain additional information may be collected where this is necessary and permitted by local applicable laws.

Sensible personenbezogene Daten

Tata Steel does not currently process any Special Category Personal Information.

To the extent permitted by applicable laws Tata Steel may collect and process a limited amount of information regarding criminal offences and proceedings (including information relating to allegations and suspicions of criminal offences).

How does Tata Steel collect this data?

Tata Steel collects and records your Personal Information from a variety of sources, but mainly directly from you, i.e. information you specifically provide to us, for example when you buy a product from us, subscribe to an email newsletter, or give us your business card at an event or exhibition.

Some personal data may also be collected automatically from monitoring your visits to our websites or your interaction with our emails (in each case with your consent where required by applicable law), for example, information about your browser and location, the length of time you spent on the site, and referral source, or whether you open our emails and if so whether you follow any links contained therein.

In these situations, data may be collected by Tata Steel or by a third party acting on our behalf (for example, google analytics). For more information about this type of automated data collection, please see our Cookie Policy. Where we ask you to provide Personal Information to us on a mandatory basis, we will inform you of this at the time of collection and in the event that particular information is required by the contract or statute this will be indicated. We will also explain the consequences of any failure to provide any mandatory information: for example, failure to provide us with your contact details will mean that we cannot contact you, and failure to provide us with your payment details will mean that we cannot complete a transaction.

Apart from Personal Information relating to yourself, you may also provide Tata Steel with Personal Information of third parties, such as alternate contact points within your organisation. Before you provide such third party Personal Information to Tata Steel you must first inform these third parties of any such data which you intend to provide to Tata Steel and of the processing to be carried out by Tata Steel, as detailed in this Fair Processing Notice.

What is the purpose and lawful basis for which data is processed?

Your Personal Information is collected and processed for various business purposes, in accordance with applicable laws. Data may occasionally be used for purposes not obvious to you where the circumstances warrant such use (e.g. in investigations).

Where applicable data protection laws require us to process your Personal Information on the basis of a specific lawful justification, we generally process your Personal Information under one of the following bases:

  • the processing is necessary for the legitimate interests pursued by Tata Steel (being those purposes described in the section below), except where such interests are overridden by your interests or fundamental rights and freedoms which require protection of Personal Information;
  • the processing is necessary for compliance with a legal obligation to which Tata Steel is subject; or
  • the processing is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into such a contract

We may also rely on other bases (for example, where the processing is necessary in the performance of a task carried out in the public interest, or where the processing is necessary in order to protect your vital interests or those of another person, or where you have given your consent) on an exceptional basis, where none of the above are applicable.

We have identified the following purposes for processing Personal Information. These purposes each relate to a lawful basis for processing, as required under applicable law. These purposes include:

Nr. Zweck der Verarbeitung Rechtsgrundlage
a) To provide products or services which you have requested Where there is a contract in place between you (as an individual) and Tata Steel, this processing is necessary to perform the contract between you and Tata Steel.

Where there is no contract in place, or where there is a contract but this is between Tata Steel and your employer (for example), this processing is necessary for the legitimate interests pursued by Tata Steel.

Tata Steel considers that it has a legitimate interest in providing our customers with products and services which they have requested, as this is central to our business.
b) To conduct business with you (including obtaining and disclosing credit and billing information) Where there is a contract in place between you (as an individual) and Tata Steel, this processing is necessary to perform the contract between you and Tata Steel.

Where there is no contract in place, or where there is a contract but this is between Tata Steel and your employer (for example), this processing is necessary for the legitimate interests pursued by Tata Steel.

Tata Steel considers that it has a legitimate interest in conducting business with its customers, as this is central to our business: sales are what drives our revenues, helping us to preserve our business operations and grow our business.
c) To correspond with you regarding orders, process a credit card order, or deliver a product Where there is a contract in place between you (as an individual) and Tata Steel, this processing is necessary to perform the contract between you and Tata Steel.

Where there is no contract in place, or where there is a contract but this is between Tata Steel and your employer (for example), this processing is necessary for the legitimate interests pursued by Tata Steel.

Tata Steel considers that it has a legitimate interest in conducting business with its customers, as this is central to our business: sales are what drives our revenues, helping us to preserve our business operations and grow our business
d) To perform credit fraud screening services for transactions between you and us and/or others This processing is necessary for the legitimate interests pursued by Tata Steel.

Tata Steel considers that it has a legitimate interest in ensuring that it does not permit fraudulent transactions, to protect ourselves, our customers and third parties.
e) To provide you with information relating to our products and services which you have requested us to send to you, and to provide you with information on products and services which we think may be of interest to you or your organisation This processing is necessary for the legitimate interests pursued by Tata Steel.

Tata Steel considers that it has a legitimate interest in ensuring that our customers are kept up to date with information about our products and services, as this helps us to preserve our business operations and grow our business.

However, where we are required by law to obtain your consent before sending you such information, we will rely upon such consent as our basis for processing.

In any case, if you tell us that you do not wish to receive such communications from us, we will respect your wishes.
f) For market research purposes, to allow us to better understand our customers' needs and to provide you with better products and services This processing is necessary for the legitimate interests pursued by Tata Steel.

Tata Steel considers that it has a legitimate interest in ensuring that all of our customers receive the best possible experience, helping us to preserve our business operations and grow our business. Understanding our customers' needs is a vital part of ensuring a great customer experience.
g) To provide Customer Services, including responding to any queries we have received from you This processing is necessary for the legitimate interests pursued by Tata Steel.

Tata Steel considers that it has a legitimate interest in ensuring that all of our customers receive the best possible experience, helping us to preserve our business operations and grow our business. Understanding our customers' needs is a vital part of ensuring a great customer experience.
h) To help us make our website easier to use, and to make the content more useful to you This processing is necessary for the legitimate interests pursued by Tata Steel.

Tata Steel considers that it has a legitimate interest in continually improving our services in order to preserve our business operations and grow our business, and ensuring that you are provided with information of relevance to you.
i) To improve your browsing experience by remembering your preferences and otherwise personalising our websites This processing is necessary for the legitimate interests pursued by Tata Steel.

Tata Steel considers that it has a legitimate interest in ensuring that all visitors receive the best possible experience, helping us to preserve our business operations and grow our business. Personalising our visitors’ experience helps us with this goal.

However, where this activity is carried out using cookies which are not strictly necessary (see our cookie policy for further information) we will, where required by law, obtain your consent to such processing. Where such consent has been obtained, we will rely on this as our basis for processing.
j) To provide you with information about technical issues, or to notify you in the event of an incident such as a data breach This processing is necessary for the legitimate interests pursued by Tata Steel.

Tata Steel considers that it has a legitimate interest in updating its customers on any incidents that may affect them, in order to maintain a good relationship with our customers.

Tata Steel may also in certain situations have a legal obligation to provide you with such information.
k) Other purposes permitted by applicable laws, including legitimate interests pursued by Tata Steel where these are not overridden by the interests or fundamental rights and freedoms of staff

Processing data relating to criminal convictions and offences

Personal Information relating to criminal convictions and offences will only be processed where authorised by applicable laws.

For example, we may, to the extent permitted by applicable law, carry out fraud checks on your transactions with us, and information about an allegation of a criminal offence or conviction arising during your relationship with Tata Steel may be processed where required or authorised by applicable law, such as where we have a legal or regulatory requirement to report an offence.

Retention of Personal Information

Tata Steel endeavours to ensure that Personal Information is kept as current as possible and that irrelevant or excessive data is deleted or made anonymous as soon as reasonably practicable. However, some Personal Information may be retained for varying time periods in order to comply with legal and regulatory obligations and for other legitimate business reasons.

We will generally retain your Personal Information only so long as it is required for purposes for which it was collected. This will usually be the period of your relationship with us plus the length of any applicable statutory limitation period following the end of such relationship, although some data may need to be kept for longer. For example, we may keep some specific types of data such as transactional records and product guarantees for different periods of time, as required by applicable law.

We maintain a records retention policy which we apply to records in our care. Where your Personal Information is no longer required we will ensure it is either securely deleted or stored in a way which means it will no longer be used by the business.

Access to data

We will never sell or rent information about you, and we will ensure that our employees, suppliers and subcontractors will only be able to access information about you if and when it is part of their job, and only for the purposes set out in this privacy policy.

Within Tata Steel, your Personal Information can be accessed by or may be disclosed internally on a needto-know basis to:

  • local, regional and executive management responsible for managing or making decisions in connection with your relationship with Tata Steel (including, without limitation, staff from Legal and IT);
  • system administrators; and
  • where necessary for the performance of specific tasks, by staff in Tata Steel teams such as Finance, Marketing and IT, for example, marketing insight may be used to provide a more personalised customer experience.

Your Personal Information may also be accessed by third parties with whom we work together with their associated companies and sub-contractors for providing us with services, such as hosting, supporting and maintaining the framework of our information systems. Personal Information may also be shared with certain interconnecting systems such as website content management systems. Data contained in such systems may be accessible by providers of those systems, their associated companies and sub-contractors.

Further examples of third parties with whom your data will be shared include tax authorities, regulatory authorities, Tata Steel's insurers, IT administrators, lawyers, auditors, investors, consultants and other professional advisors, and service providers such as our email service providers and web analytics companies. Tata Steel expects such third parties to process any data disclosed to them in accordance with applicable law, including with respect to data confidentiality and security.

Where these third parties act as a "data processor" (for example, our email service provider ) they carry out their tasks on our behalf and upon our instructions for the above mentioned purposes. In this case your Personal Information will only be disclosed to these parties to the extent necessary to provide the required services.

In addition, we may share Personal Information about you:

  • to the extent that we are required to do so by law;
  • in connection with any legal proceedings or prospective legal proceedings, including in order to establish, exercise or defend our legal rights; and
  • to the purchaser (or prospective purchaser) and relevant professional advisers of any business or asset which we are (or are contemplating) selling.

Security of data

Tata Steel is committed to protecting the security of the Personal Information you share with us. In support of this commitment, we have implemented appropriate technical, physical and organisational measures to ensure a level of security appropriate to the risk. For example, amongst other measures, we maintain a security policy and store all of your Personal Information on our secure servers.

However, please do remember that information transmission over the internet is inherently insecure, and we cannot guarantee the security of information sent over the internet.

Transfer of Personal Information

To provide you with the best services possible, we work with companies around the world. This means that, from time to time your Personal Information will be transferred to associated companies of Tata Steel to process for the purposes described in this Fair Processing Notice, and may also be transferred to third parties, as set out above.

These associated companies and third parties may be located within the European Union and elsewhere in the world, including India, USA, Canada, the Middle East, China, South Africa, Mexico, Hong Kong, Japan, Singapore, Thailand, Turkey, UAE and Brazil, and other countries with more lenient data protection laws than those of the European Union. As there are a large number of such companies, we cannot list them all here, but whether they are based inside or outside of the European Union, we will only work with companies who we trust to keep your information safe.

Where required by applicable data protection laws, Tata Steel will ensure that appropriate or suitable safeguards are in place to protect your Personal Information and that transfer of your Personal Information is in compliance with applicable data protection laws. You can obtain a copy of the relevant data safeguard where this is documented by contacting us (please see "How to Contact Us") although some details may be redacted for confidentiality reasons.

Third Party Websites

We sometimes provide links to external websites: these sites may be industry related or may be sites which we believe the user may find helpful. Although we choose these links very carefully, they are selected for the user’s convenience only and do not constitute endorsement or approval by Tata Steel, or any other company in the Tata Steel Group of companies, of the content, privacy policies or practices of that site nor any products or services which may be offered through those sites.

Your rights

Right to access, correct and delete your Personal Information

Tata Steel aims to ensure that all Personal Information it holds is correct. If the Personal Information which we hold about you needs to be corrected or updated, please let us know. For details on how to contact us, please see "How to Contact Us".

You have the right to request access to any of your Personal Information that Tata Steel may hold, and to request correction of any inaccurate data relating to you. You furthermore have the right to request deletion of any irrelevant data we hold about you.

From 25 May 2018, you also have the following additional rights:

  • Data portability – where we are relying upon your consent or the fact that the processing is necessary for the performance of a contract to which you are party as the legal basis for processing, and that Personal Information is processed by automatic means, you have the right to receive all such Personal Information which you have provided to Tata Steel in a structured, commonly used and machine-readable format, and also to require us to transmit it to another controller where this is technically feasible.
  • Right to restriction of processing - you have the right to restrict our processing of your Personal Information where:
    • you contest the accuracy of the Personal Information until we have taken sufficient steps to correct or verify its accuracy;
    • where the processing is unlawful but you do not want us to erase the data;
    • where we no longer need the Personal Information for the purposes of the processing, but you require them for the establishment, exercise or defence of legal claims; or
    • where you have objected to processing justified on legitimate interest grounds (see below) pending verification as to whether Tata Steel has compelling legitimate grounds to continue processing.
    Where Personal Information is subjected to such restrictions we will only process it with your consent or for the establishment, exercise or defence of legal claims.
  • Right to withdraw consent - where we are relying on your consent to process data, you have the right to withdraw such consent at any time. You can do this by either contacting us (see "How to Contact Us"), or in some cases by using a specific withdrawal mechanism, such as deleting cookies (please see our Cookie Policy for further information).
  • Right to object to processing justified on legitimate interest grounds - where we are relying upon legitimate interest to process data, then you have the right to object to that processing. If you object, we must stop that processing unless we can either demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms or where we need to process the data for the establishment, exercise or defence of legal claims. Where we rely upon legitimate interest as a basis for processing we believe that we can demonstrate such compelling legitimate grounds, but we will consider each case on an individual basis

You also have the right to lodge a complaint with a supervisory authority, in particular in your country of residence, if you consider that the processing of your Personal Information infringes applicable law.

For further information regarding your rights, or to exercise any of your rights, please contact us using the details at "How to Contact Us".

Additional Fair Processing Notices

We may undertake certain processing of Personal Information which is subject to additional Fair Processing Notices and we shall bring these to your attention where they engage.

Notice of changes

Tata Steel may change or update this Fair Processing Notice at any time: we will post the new version on our website. Please check this page to ensure that you are up to date with any changes.

Should we make any material changes to this Fair Processing Notice, you will be informed of these changes or made aware that we have updated the Fair Processing Notice so that you always know which information we process and how we use this information.

This Fair Processing Notice was last updated and reviewed on 23 May 2018.

How to Contact Us

If you have any questions or complaints about this privacy policy or our treatment of your Personal Information, or would like to exercise any of your rights, please contact us.

You can get in touch with us by post, email, telephone, or by completing our online contact form.

Write to us
Head of Data Privacy
Tata Steel Europe Limited
30 Millbank
London SW1P 4WY
Vereinigtes Königreich

Email us
dataprivacy@tatasteeleurope.com

Phone us
+44 20 7717 4444

Contact us
 Complete our online contact form here.

Remember that you can unsubscribe from our marketing emails at any time by using the 'unsubscribe' link at the bottom of each email from us. However, if you believe you have received an unwanted, unsolicited email sent from TSE or which claims to be sent from us, please forward a copy of that email with your comments to feedback@tatasteeleurope.com.