WEBSITE PRIVACY POLICY

 

Pilgrim’s Food Masters UK Limited and/or Pilgrim’s Food Masters Ireland Limited (“We”) are committed to protecting and respecting your privacy.

 

This policy (together with our website terms of use and any other documents referred to in it) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us.

 

Please read the following carefully to understand our use of, and procedures, regarding your personal data and how we treat it.  This website is not intended for children and we do not knowingly collect data relating to children.

 

We comply with our obligations as Data Controller under applicable data protection laws, including: (i) EU General Data Protection Regulation ((EU) 2016/679) (‘EU GDPR’); (ii) UK General Data Protection Regulation (as defined in The Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019)  (‘UK GDPR’); and (iii) Data Protection Act 2018, and any subsequent legislation when handling your personal data (the ‘Data Protection Law’).

 

Overall responsibility for this Website Privacy Policy is delegated at board level to our Group Privacy Officer who can be contacted at gpo@pilgrimssharedservices.com.

 

Information we collect from you

 

We may collect, store and process the following data about you when you use our website or enter into any contractual arrangement with us:

 

Information you give us. This is information about you that you give us by filling in forms on our site https://www.pilgrimsfoodmasters.com (“our site”) or by corresponding with us by phone, e-mail or otherwise (including through our pages on LinkedIn, Facebook, Twitter and any other social media networks). It includes information you provide when you register to use our site, subscribe to our services, apply for a job with us, submit a general, careers media or purchasing enquiry with us, enter into a contract with us, search for a product, place an order, participate in discussion boards or other social media functions on our site or our LinkedIn, Facebook and Twitter pages, enter a competition, promotion or survey, or when you report a problem with our site or our products or services. The information you give us may include your name, address, delivery address, e-mail address and phone number, financial information, personal description, job title, organisation details, photograph and any other business information you provide in connection with any contract or business relationship we have with you.

 

Information we collect about you. Each time you visit our site we will automatically collect the following information:

 

  • technical data, which includes the Internet protocol (IP) address used to connect your computer to the Internet, your login information, subscription details, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform;
  • information about your visit, including the full Uniform Resource Locators (URL), clickstream to, through and from our site (including date and time), page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page.

 

Information we receive from other sources. This is the information we receive about you if you use any of the other websites we operate or the other services we provide (including, without limitation, our pages on Facebook and Twitter and any other social media services from time to time). We are working closely with third parties (including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies). We will receive personal data about you from various third parties and public sources as set out below:

 

  • analytics and search information providers such as Google based outside the UK and EEA;
  • Contact, Financial and Transaction Data from providers of technical, payment and delivery services such as Dun & Bradstreet based in the UK;
  • Identity and Contact Data from publicly available sources such as Companies House and the Electoral Register based in the UK;
  • Providers of third party due diligence screening such as E Spear based outside the UK and EEA to ensure compliance with our legislative responsibilities and compliance programmes.

 

Cookies

 

Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site. For detailed information on the cookies we use and the purposes for which we use them see our Cookie policy (https://www.pilgrimsfoodmasters.com/cookies-policy/).

 

Uses and lawful basis of processing of the information

 

Generally, we will use the information we gather about you in accordance with the following lawful bases of processing:

  • to perform a contract that we have entered with you or are about to enter with you;
  • to register you as a new customer;
  • to register you as a new supplier or business partner;
  • to provide goods and services to our customers;
  • where applicable, to arrange payment for both goods and services provided and received;
  • to give suppliers’ details to retail customers (and third parties dealing with traceability) for the purposes of maintaining supply chain visibility and ensuring the provenance and traceability of food products;
  • to carry out credit checks (if you are a customer). We will supply your personal information to Credit Reference Agencies (CRAs) and they will give us information about you, such as your financial history and we use this to assess your suitability, check your identity, manage your account, trace and recover debts and prevent criminal activity. We will also continue to exchange information about you with CRAs on an ongoing basis, including about your settled accounts and any debts not fully repaid on time;
  • to interrupt the potential for worker exploitation and/or prevent modern slavery or to detect unlawful acts to safeguard and protect victims or potential victims of modern slavery or worker exploitation;
  • where we need to comply with our legal obligations including due diligence checks where required;
  • where it is necessary for our legitimate business interests (or those of a third party), providing your interests and fundamental rights do not override those interests including-
    • to provide you with the information, products and services that you request from us (including, for example, in order to process deliveries and to respond to any complaint or query you raise or that is raised in connection with the provision of those goods and services);
    • to notify you about changes to our services;
    • to invite you to business related functions and events that we might hold from time to time which we believe will be of interest to you;
    • to ensure that content from our site is presented in the most effective manner for you and for your computer;
    • to communicate with you and provide you with information that you require or request from us, including handling complaints and disputes;
    • to maintain the health, safety and welfare of our employees or business partners and suppliers;
    • to keep our site secure;
    • improving and developing new products and services;
    • handling any legal or insurance claims or any regulatory enforcement action;
    • managing corporate transactions including the acquiring, transferring or selling of companies;
    • responding to and investigating any complaint or ethics concern raised by you or in relation to you;
    • preventing, investigating, or detecting any criminal activity including working with law-enforcement agencies.

 

Information that may be shared with third parties

 

Your personal data will be accessed by authorised staff who need to have access to that information in order to pursue the above purposes. Your personal data may be made available to recipients providing relevant services to us, such as IT software providers, insurers and legal advisers (who only process your personal data in accordance with our instructions) or government authorities as required by law.

 

We utilise the services of Pilgrim’s Shared Services Ltd (PSSL) to provide IT, accounts and payments and other key function services which means that we may share your information with PSSL who are bound by terms of confidentiality and must meet our standards in regards data protection. PSSL act as the data processor for the us in this respect.  We will also share your information as necessary with our other UK based sister companies including Moy Park Limited, Pilgrim’s Pride Limited and their affiliates.

 

We may also disclose your personal data to third parties if we are under a duty to disclose or share your personal data in order to comply with any legal obligation; or in order to defend or make any legal claim; or to protect the rights, property or safety of the business, employees, customers or others.  Personal data may also be disclosed to external parties in connection with any external third party regulatory or customer audits, sale or purchase of the business or assets, as well as to parties you authorise us to disclose your personal data to. We do not sell your personal data to any third party.

 

We provide access to an ethical helpline which offers an outlet for any concerns you might have in relation to our operations that you cannot or do not feel able to raise in other ways.  In order to provide an element of confidentiality, this hotline is operated by a third-party processor.  The third-party processor providing the ethics line is currently based in the EEA, but the helpline is administered by our parent company Pilgrim’s Pride Corporation (‘PPC’) and its majority shareholder, JBS USA, acts as the Data Controller. Both of these companies are based in the United States of America.  If you choose to use this service, you will be provided with privacy information relating to the use of that service when logging your concern.

 

You will appreciate that in order to investigate and deal with some cases it will be necessary for the information you provide, which may include personal data, to be provided to us or other companies in our group. We will use the data in the investigation of the matters to which it relates and will handle your data during such investigations in accordance with this privacy policy.

 

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our lawful instructions.

 

In addition, we may give information about you (‘Debtor Information’) to our bank (‘The Bank’) to allow them to provide services to us and to manage our account. The Debtor Information may also identify the names or other personal information (such as address information) of your owners, partners or directors. The Debtor Information may include details of account balances, historical payment experiences and other information regarding the conduct of your account such as disputes, defaults, etc.

 

The Bank may store and process the Debtor Information on their computer system(s) and in any other way. Such information may be used by them and other companies within their Group for training purposes, credit or financial assessments, market and product analysis, making and receiving payments, recovering monies and preparing statistics. They may also use such information to prevent frauds, bad debts and money laundering.

 

The Bank may also give information about your account and its indebtedness to: their insurers or re-insurers so they can quote for and issue any policy or deal with any claim; any guarantor or indemnifier of our obligations to them (if any); and Group company of them or any advisor acting on our or their behalf.

 

Certain personal data may also be reported to government authorities such as HMRC, where required by law.

 

International transfers

 

We may transfer your personal data outside of the UK or EEA to a country that may have privacy protections less stringent than in the EEA or UK. For instance, we may transfer your personal data to PPC and JBS USA in order to: (i) perform our contract with you including processing invoices and making payments and contract administration: (ii) as part of our regular reporting activities on company performance; (iii) for system maintenance support and hosting of data; (iv) IT and website support. Whenever we transfer your personal data out of the UK or EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

 

  • You have given your explicit consent.
  • The transfer is necessary for one of the reasons set out in the Data Protection Legislation, including the performance of a contract between us and you, or to protect your vital interests.
  • In the absence of an adequacy decision from the EU Commission or UK Parliament, we will implement measures to ensure that your personal data receives an adequate level of protection, such as EU standard contractual clauses or UK International Data Transfer Agreement, together with technical and organizational safeguards to ensure that your personal data is treated in a way that is in compliance with and which respects the EU and UK laws on data protection.

 

Please contact us using the details at the bottom of this Policy if you want further information on the specific mechanism used by us when transferring your personal data outside of the UK or EEA.

 

How long we store your data

 

Data will be retained only as long as is necessary and in accordance with the personal data retention periods set out in our Retention Guidelines. Please contact us using the details at the bottom of this Policy if you would like further information on how we retain data.

 

In some circumstances we may anonymise your personal data (so it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.

 

Automated decision making

 

Automated decision-making takes place when an electronic system uses personal data to make a decision without human intervention. You will not be subject to decisions that will have a significant impact on you based solely on automated decision-making unless we have a lawful basis for doing so. Where your data is subjected to automated processing, we will inform you in advance.

 

Your rights

 

Under certain circumstances, by law you have the right to:

 

  • Request access to your personal data (commonly known as a “data subject access request”).
  • Request correction of the personal data that we hold about you.
  • Request the erasure of your personal data.
  • Request the restriction of and objection to processing of your personal data in certain circumstances.
  • Request the transfer of your personal data to a third party.

 

You will not have to pay a fee to access any of the rights set out above, including the right of access to your personal data.

 

In addition, in the limited circumstances where you may have provided your consent to the processing of your personal data, you have the right to withdraw your consent at any time. This will not affect your contractual relationship with us.

 

Some of these rights are not automatic, we reserve the right to discuss with you why we might not comply with a request. If you want to exercise one of the above rights, please contact us using the details at the bottom of this policy.

 

To comply with any request, you make we may require evidence to prove your identity to ensure we are complying with your request.

 

Complaints

 

You retain the right to lodge a complaint about our management of your personal data to the relevant supervisory authority: The Information Commissioner’s Office in the UK – https://ico.org.uk/concerns/

 

Changes to our privacy policy

 

Any changes we make to our privacy policy in the future will be posted on this page. Please check back frequently to see any updates or changes to our privacy policy.

 

Contact us

 

Questions, comments, concerns and requests regarding this website privacy policy or our collection or use of your information are welcomed and should be addressed to the Group Privacy Officer at gpo@pilgrimssharedservices.com or by post to Seton House, Warwick Technology Park, Gallows Hill, Warwick, CV34 6DA.

 

Privacy Notice – Potential Customer and Suppliers

As part of our customer and supplier due diligence , you may be asked to complete a Supplier Completion Form- Compliance, a Business Intermediary Due Diligence Request Form or a Due Diligence Questionnaire and provide associated information as a potential customer or supplier (“ Due Diligence Information”) to a company in the Moy Park and Pilgrims Group including Moy Park Limited, Kitchen Range Foods Limited, Pilgrim’s Pride Ltd, Pilgrim’s UK Lamb Limited, Pilgrim’s Shared Services Ltd, Pilgrim’s Food Master’s UK Limited, Pilgrim’s Food Masters Ireland Limited, Oakhouse Foods Limited, Rollover Limited, Albert Van Zoonen BV, Moy Park France SAS and Moy Park Beef Orleans SARL and their affiliated companies (each described as “ we/ the Company” individually and collectively as “the Group”).

The particular Group company that you are establishing a business relationship with will be the “Data Controller” and you will be the “Data Subject” as defined under EU and UK GDPR of any personal data you provide in response to the Due Diligence Information and in response to any other information provided to us as part of the Company customer and supplier set up process.

The Company will comply with our obligations under the relevant data protection laws, including the: (i) EU General Data Protection Regulation ((EU) 2016/679) (‘EU GDPR’; (ii) UK General Data Protection Regulation (as defined in The Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019) (‘UK GDPR’); and (iii) Data Protection Act 2018, and any subsequent legislation (together the ‘Data Protection Law’) when handling your personal data ( as defined by the Data Protection Law).

Overall responsibility for monitoring compliance with data protection sits with the Privacy Steering Group, the main contact of which is the Group Privacy Officer (who can be contacted at gpo@pilgrimssharedservices.com).

1.        What information is being gathered and held?

Due Diligence Information that you have provided to the Company by completing the due diligence forms or as part of any associated tender or other pre-contract processes, communication, correspondence, or enquiries. We may also gather information about you from other third parties such as credit refence agencies and third party agencies that we use as part of our due diligence and compliance processes for example to screen against international sanctions lists and to complete appropriate due diligence in compliance with our Anti-Bribery and Anti-Corruption Policy and all applicable anti-bribery and anti-corruption laws and guidance. Occasionally we may sometimes collect additional information from publicly available sources, such as Companies House or publicly available internet and social media sites. To the extent that the information gathered falls into the category of personal data, this is collectively referred to as your personal data in the notice.

2.        On what basis do we process your information?

The Due Diligence Information will be used by the Company to help achieve compliance with anti-corruption laws including the UK Bribery Act 2010 and the United States Foreign Corrupt Practices Act. The questions have been tailored to seek only information that is relevant to the Group’s anti-corruption compliance efforts. The lawful basis for processing this data is to comply with our legal obligations and for our legitimate business interests of the Company which include ensuring that we complete appropriate due diligence on customers and suppliers to ensure we comply with our internal compliance processes and policies, and we believe that these legitimate business interests are not incompatible with your rights and freedoms.

We will not normally process Special Category Personal Data or data relating to criminal offences save for in the following circumstances:

  • you have provided us with the information with your explicit consent;
  • where it is necessary to comply with our obligations under the law; or
  • to enable us to meet our regulatory requirements relating to unlawful acts and

We will use information about you to determine your suitability to become an approved customer or supplier to the Company in compliance with our legal obligations and internal compliance processes.

3.        What happens if you fail to provide personal data?

The provision of any personal data as part of the Due Diligence Information is required for us to complete our customer and supplier due diligence processes prior to entering into a contract with you as a customer or supplier. You do not have to supply the information but a refusal to provide this personal data may prevent us from being able to process your enrollment onto our systems as a customer or supplier which may prevent us from entering into a contract with you.

4.        Will you be subject to automated decision making?

Automated decision-making takes place when an electronic system uses personal data to make a decision without human intervention. You will not be subject to decisions that will have a significant impact on you based solely on automated decision-making unless we have a lawful basis for doing so. Where your data is subjected to automated processing, we will inform you in advance.

5.        Who will your personal data be disclosed to?

Your personal data will be accessed by authorised staff at the Company who need to have access to that information to complete customer and supplier due diligence checks which will include relevant members of the supply chain, finance, commercial, legal and compliance teams.

The Company utilises the services of Pilgrim’s Shared Services Ltd (PSSL) to provide IT, finance, supply chain and legal and compliance support and other key function services which means the Company shares your information with PSSL who are bound by terms of confidentiality and must meet the Company standards in regards data protection. PSSL will be acting as the data processor for the Company in this respect. We will also share your information as necessary with our UK based sister companies.

We may also have to share your data with third parties, including third-party service providers and other entities in the group or where required by law, where it is necessary to administer the working relationship with you or where we have another legitimate interest in doing so. The following activities are carried out by third-party service providers:

  • IT services;
  • auditing;
  • whistleblowing/ ethics helpline;
  • lawyers in law firms in the course of obtaining legal advice and other professional advisors;
  • company reference agencies and other background checks;
  • responding to data subject access requests and data breaches; and
  • with a regulator or to otherwise comply with the

We require third parties to respect the security of your data, to take appropriate security measures and to treat it in accordance with the law. We only permit third parties to process your personal data for specified purposes and in accordance with our instructions.

6.        Will your personal data be transferred to third parties outside of the European Economic Area (EEA) or UK?

We may transfer the personal data we collect about you outside of the UK or EEA to a country that may have privacy protections less stringent than in the EEA or UK. For instance, we may transfer your personal data to our parent company, Pilgrim’s Pride Corporation (‘PPC’), and its majority shareholder, JBS USA, (both based in the United States of America) in order to complete due diligence checks on you and to report on our compliance with Anti-Bribery and Anti-Corruption laws or any related audit. We also use third-party processors to carry out due diligence and profile checks on potential customers and suppliers who are based in the United States of America.

In the absence of an adequacy decision from the EU Commission or UK Parliament, we will implement measures to ensure that your personal data receives an adequate level of protection, such as EU standard contractual clauses or UK International Data Transfer Agreement, together with technical and organizational safeguards to ensure that your personal data is treated in a way that is in compliance with and which respects the EU and UK laws on data protection. For further information, or to request copies, about the data transfer agreement or the safeguards in place please contact the Group Privacy Officer.

7.        How long will we use your information for?

We will only retain your personal data for as long as necessary to fulfil the purposes we collected the personal data for, including for the purposes of satisfying any legal, accounting, or reporting requirements. For further information, please see our Retention Guidelines available from the Group Privacy Officer.

For further information on how the Company uses, handles and stores your data and your rights as a data subject please see the Company general Privacy Notice available on the Company internet site, copies of which are available from the Group Privacy Officer.

If you have any concerns or queries about our use of your personal data, please contact the Group Privacy Officer at gpo@pilgrimssharedservices.com.