Ceva Animal Health company (hereafter referred to as “Ceva”) places great importance on protecting the privacy and data of the users of its sites.
In the context of its activities, Ceva collects and processes personal data in the capacity as data controller, and as a result, is subject to the applicable personal data protection rules, namely the European General Data Protection Regulation n°2016/679 of 27 April 2016 (known as the “GDPR”), as well as all national laws for the implementation thereof.
The purpose of this confidentiality policy (hereafter referred to as “the Policy”) is to clearly, simply, and fully inform you of the way in which Ceva collects and uses certain personal data concerning you, namely via or in relation with its sites or mobile applications, and the methods available to you to control this use or exercise your related rights.
1. WHEN IS YOUR PERSONAL DATA COLLECTED?
Ceva may be required to collect your personal data on various occasions (online or physically).
Occasionally, Ceva may collect your data through forms, in which the fields marked with an asterisk “*” are considered as mandatory and must be completed. Failing this, access to certain services and their use shall be impossible.
The data you provide to us when creating your account on our websites or mobile applications
If you wish to use certain sites, you must identify yourself by creating an account.
When creating an account on our websites or mobile applications, you will be requested to provide us with certain personal data, namely your identification data.
This data allows us to manage the creation of your profile and manage your account.
This processing is based on the pursuit of the legitimate interests of the data controller, in the context of article 6 of the GDPR.
The data we collect when you use our websites, mobile applications or other digital services
When you use our mobile applications, we may record your IP address, browser type, operating system, referring site and browsing or application usage behaviour.
With your permission, through the mobile application we may also ask for your location data for the following applications:
-Injector Manager application
-Farm Manager application
The application connects to the devices via Bluetooth.
In order to access the device by the Bluetooth functionality it may be required to access the location in the background.
This user location data is only used for this functionality.
No locations are stored in any persistent or non-persistent database or file system.
In addition, the user can choose not to share the location only when the application is in use.
The data you communicate to us to respond to a job offer or in an unsolicited application
In the context of recruitment management, Ceva collects the personal data of applicants, namely through their CVs and covering letters; interviews with Ceva; where applicable, the results of psycho-technical tests, as well as the responses to the questions asked in the form, are also intended for this use.
The data provided shall be used exclusively by Ceva and its subsidiaries in the context of the processing of your application.
The legal basis for the processing is based on the execution of precontractual measures and on the legitimate interest of Ceva who must manage the recruitment.
Data collected automatically when you visit our websites
When browsing our sites, cookies may be stored on your terminal (computer, smartphone, tablet), subject to the options you choose, which you may modify at any time.
A cookie is a small text file containing information relating to browsing on these sites, the main objective of which is to improve the browsing experience and allow personalised services to be offered.
When browsing our websites, Ceva has access to page view cookies. The page view cookies allow us to better understand the way in which the sites are used, analyse their ergonomics and detect and resolve technical problems.
These cookies are subject to the consent of the User.
The data you provide to us when signing up to our newsletters
Ceva has set up newsletters that allow you to be regularly updated on news regarding Ceva.
By providing your email address, you consent to receive these newsletters from Ceva.
You may withdraw your consent and unsubscribe from the Newsletter at any time, by following the unsubscribe link that appears at the bottom of the newsletter.
The data you provide to us when communicating through the contact forms
Ceva has set up contact forms.
The data to be provided through this form allows us to respond to your requests. This processing is based on our legitimate interest in order to answer to your request.
Your personal data is not used for any other purpose.
The data you provide to us to participate in a game
The processing of personal data implemented by Ceva is based on prior consent.
Your personal data is not used for any other purpose.
Legal or regulatory requirement
Ceva may be required to collect or communicate your personal data in order to comply with requests of a legal or regulatory nature, court decisions, summons, or legal proceedings, if so required by the legislation in force.
Data sent via social networks
If you have an account on a social network and you identify yourself on a Ceva site or mobile application using this functionality, without prior registration on the site or mobile application, Ceva may receive information from the social network.
This information allows you to be authenticated and your account to be created.
The conditions for the sharing and communication of this information are provided for within the social network registration conditions and, in any case, are subject to your prior consent.
Data collected in the context of commercial prospecting
Ceva may process your personal data in order to carry out commercial prospecting by e-mail or telephone based on our legitimate interest.
Data collected in the context of the commercial relationship
Ceva processes personal data provided by its customers in the context of the commercial relationship between the parties for the management of contracts (and in particular the management of orders, delivery, performance of services and supply of goods).
This processing is based on the legal basis of the performance of the contract between Ceva and its customer.
2. WHAT IS OUR POLICY REGARDING DATA CONCERNING MINORS?
Ceva places great importance on the protection of the personal data of minors.
Our websites are not intended for minors under 18 years of age, and we do not collect personal data from these persons. Minors under 18 years of age must have the authorisation of a parent or guardian before providing personal data.
If we see that personal data of minors under 18 years of age has been collected without the prior authorisation of parents, we shall immediately destroy this data.
3. WHAT IS THE DATA RETENTION PERIOD AND WHAT IS THE ERASURE PROCEDURE?
Ceva only retains personal data for the time necessary for the fulfilment of the intended purpose, subject to the legal possibilities of archiving, retention obligations for certain data and/or anonymisation.
These retention periods are defined based on the purpose of the processing and, in particular, take into account the applicable legal provisions that impose a specific retention period.As an example, please find below the applicable retention periods:
- Manage your registration for an account: your data shall be processed until the moment you decide to delete your account. You may delete your account at any time by accessing your account settings.
However, if you have not connected to our site for three years, we will delete your account.
- Contact form: we will process your data for the period required to process your request. In any case, your data shall be deleted at the end of a 2-year period from your date of last contact.
- Newsletter: we will process your personal data until you unsubscribe or cancel your subscription to the newsletter.
- Game: your data may be retained after the end of the game, for legal purposes.
- Application: your personal data shall be retained for a maximum period of 2 years from the date of last contact unless the applicant refuses this storage.
- Data necessary for commercial prospecting: the data is kept for 3 years from the last contact of the persons with Ceva.
- Customer data: the data collected in the context of the commercial relationship necessary for the management of contracts is kept for the duration of the commercial relationship.
4. TO WHOM CAN WE TRANSFER YOUR PERSONAL DATA?
As your personal data is confidential, only the persons duly authorised by Ceva due to their roles may access your personal data, without prejudice to the potential transfer thereof, as required by the applicable legislation.
Ceva undertakes to take all appropriate technical and organisational measures to preserve the security, integrity, and confidentiality of data.
We do not sell personal data to third parties.
Your personal data may be sent to companies belonging to the Ceva Group.
Our authorised service providers may also be required to process your personal data that is strictly necessary for the fulfilment of the services we entrust to them: more specifically, these are the service providers in charge of the management of customer relations, the organisation of games and competitions, the management of loyalty programmes, the sending of emails for marketing purposes, the storage of data, etc.
In certain circumstances, we may transfer your personal data outside the EU, to countries which do not offer sufficient protection for the processing of personal data under EU standards. In this case, we secure the transfer and processing with an appropriate legal framework to ensure a high level of data protection, regardless of the location in which your data is processed.
Similarly, we may be required to share this data with public administrations and bodies pursuant to the legal provisions.
5. HOW IS YOUR PERSONAL DATA KEPT SECURE?
Ceva undertakes to protect and secure your personal data in order to guarantee the confidentiality thereof and prevent it from being deformed, damaged, destroyed, or disclosed to unauthorised third parties.
When the disclosure of data to third parties is necessary and authorised, Ceva guarantees that these third parties shall grant the data concerned the same level of protection as that offered by Ceva, by demanding contractual guarantees that include the provision that data can only be processed for the authorised purposes, with all the required confidentiality and security.
Ceva implements technical and organisational measures to ensure that personal data is stored as securely as possible, for the period necessary to fulfil the intended purposes, in accordance with the applicable law.
Although Ceva takes all reasonable measurements to protect your personal data, no transfer or storage technology is completely infallible.
In accordance with the applicable law, in the event of proven breach to personal data regulation liable to create a significant risk to the rights and liberties of the persons concerned, Ceva undertakes to inform the competent supervisory authority of this violation and, when required by the aforementioned regulation, the persons concerned.
Without prejudice to the above, it is your responsibility to exercise prudence to prevent any unauthorised access to your personal data and your terminals (computer, smartphone, tablet, etc.), namely by choosing a strong password.
6. WHAT ARE YOUR RIGHTS?
Subject to the conditions provided for by the regulation in force, you have the following rights with regard to your personal data:
Right to information on the processing of your personal data
Ceva undertakes to offer you concise, transparent, comprehensible and easily accessible information, in clear and simple terms, on the conditions of the processing of your personal data.
Right to access, rectify, and erase (or “right to be forgotten”) your personal data
The right to access allows you to obtain confirmation from Ceva of whether or not we process your personal data and the conditions of this processing, as well as to receive a copy of your data (for any additional copies, Ceva is entitled to request the potential payment of reasonable costs based on the administrative costs incurred).
If this request is submitted electronically, the information is provided in a commonly used electronic format, unless you request otherwise.
You also have the right to obtain a correction of your inaccurate or incomplete personal data, as soon as possible.
Finally, subject to the exceptions provided for by the applicable law (e.g.: retention necessary to adhere to a legal obligation), you have the right to request the erasure of your personal data as soon as possible, when one of the following reasons applies:
- your personal data is no longer necessary with regard to the purposes for which it was collected or otherwise processed;
- you wish to withdraw your consent upon which the processing of your personal data was based, and there are no other grounds to justify this processing;
- you consider and can prove that your personal data was subject to unlawful processing;
- your personal data must be erased pursuant to a legal obligation.
Right to restrict the processing of your personal data
The applicable regulation provides that this right may be invoked in certain cases, in particular the following:
- if you contest the accuracy of your personal data, this data processing may be restricted during the period necessary to verify the accuracy of the data;
- if you consider and can prove that the processing of personal data is unlawful, but you oppose the erasure of personal data; in this situation, you may request a restriction of the processing;
- if Ceva no longer requires your personal data, you still require this data to establish, exercise, or defend your rights in court;
- if you oppose the processing based on the legitimate interest of the data controller, during the verification to establish whether the legitimate grounds of the data controller take precedence over yours.
Right to opposition, including marketing
You may oppose the processing of your personal data, including profiling, at any time, for reasons based on your specific situation. Your data will no longer be processed, unless there are legitimate and compelling reasons for this processing, which take precedence over your interests and rights and liberties, or reasons linked to the establishment, exercise, and defence of rights in court. If the processing is carried out for marketing purposes, you may oppose this at any time.
In this case, you will no longer receive personalised offers.
Right to personal data portability
If the processing is based on your consent or a contract, this portability right allows you to receive the personal data you have provided to Ceva in a structured, commonly used, and machine-readable format, and to transfer this personal data to another data controller, without Ceva preventing this.
When this is technically possible, you may request that this personal data is directly transferred to another data controller by Ceva.
Right to withdraw consent to the processing of personal data
If Ceva processes your personal data on the basis of your consent, this may be withdrawn at any time.
Conversely, and in accordance with the applicable law, the withdrawal of your consent is only valid for the future, and therefore shall not call into question the legality of the processing carried out prior to this withdrawal.
Right to lodge a complaint with a supervisory authority
If, despite Ceva’s efforts to preserve your personal data, you feel your rights have not been respected, you have the right to lodge a claim with a supervisory authority.
A list of supervisory authorities is available on the website of the European Commission.
Right to decide the fate of your personal data after your death
Finally, you have the right to organise the fate of your personal data after your death, through the adoption of general or specific directives. Ceva undertakes to comply with these directives.
In the absence of directives, Ceva shall acknowledge the rights of successors to exercise certain rights, in particular the access right, if this is necessary to settle the estate of the deceased, and the opposition right to close the deceased’s user accounts and oppose the processing of their data.
7. CONDITIONS OF EXERCISE OF YOUR RIGHTS
For any question relating to this Confidentiality policy and/or to exercise your rights as described above, please contact Ceva through the form.
Ceva undertakes to respond to you as soon as possible, and in any case, within one month of receiving your request.
If needed, this period may be extended to two months, based on the complexity and number of requests sent to Ceva. In this case, you will be informed of this extension and the reasons for this.
If your request is sent electronically, the information will also be provided to you electronically whenever possible, unless you expressly request otherwise.
If Ceva does not respond to your request, it will inform you of the reasons for its failure to take action, and you will have the possibility to submit a new claim to a supervisory authority and/or to institute court proceedings.
Ceva may collect information about you that may reasonably identify you or a member of your household, or may be linked, directly or indirectly, with you, a member of your household or devise that you or someone in your household uses. Within the past 12 months, Ceva may have collected the following categories of personal information:
A) Personal identifiers, including name, postal address, telephone number, unique personal identifier, online identifier, internet protocol (IP) address, email address, and similar identifiers;
B) Characteristics of protected classifications under California or federal law;
C) Commercial information, including records of personal property, information on your pets, products or services purchased, obtained or considered or other purchasing or consuming histories or tendencies;
D) Internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding interactions with internet websites, application or advertisements;
E) Professional or employment related information; and
F) Inferences drawn from any of the information identified above that may be used to create a profile about a person reflecting the person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities or aptitudes.
This personal information may have been received from you, from your authorized agent, from a member of your household, or as a result of your interaction with Ceva’s websites.
Ceva may use this personal information in order to provide you with targeted information about Ceva, its products or for other advertising purposes; fulfilling requests for newsletters or other requested information; providing additional information about the use or effects of Ceva’s products; analyzing marketing and sales trends; analyzing consumer uses of Ceva’s products; consolidating information and trends about consumer perception of Ceva’s products and their efficacy; recording and potentially reporting adverse events or reactions to Ceva’s products to relevant regulatory agencies; and fulfilling rewards, rebates, SPIFFs, free goods, or other promotional activities. Ceva will only disclose your personal information to our affiliates, service providers, and third parties to whom Ceva is legally obligated to disclose such information, including regulatory authorities; Ceva does not disclose your information to third parties other than those previously listed and does not sell personal information.
As a California consumer, the CCPA provides you certain rights regarding your personal information that Ceva holds. These rights include:
1. You have a right to know about personal information that Ceva collected about you or otherwise uses. This right includes the right to have Ceva disclose to you what personal information Ceva has about you. You may request that Ceva disclose to you personal information about you that Ceva has collected or used in the prior 12 month period. You may submit a verifiable request to obtain information that Ceva has about you to any of the Ceva Contacts listed below. Ceva may request reasonable information from you in order to verify that the requested personal information belongs to you. Ceva will endeavor to confirm receipt of your request for information within 10 days following Ceva’s receipt of the request and endeavor to fully respond to your verified request for information within 45 days.
2. You have a right to request that Ceva delete personal information that Ceva has about you. The process for requesting deletion of your information is the same as requesting to know what information Ceva collected about you. Ceva may only reject your request to delete your personal information if permitted by the CCPA.
3. While you have a right to opt-out of the sale of your personal information, Ceva does not sell personal information.
4. You have a right to not receive discriminatory treatment based upon your exercise of the privacy rights stated in the CCPA. If you chose to exercise your rights under the CCPA, Ceva will not provide you any diminished or lessened services.
5. You have the right to designate an authorized agent to make a CCPA request on your behalf.
Please note that Ceva cannot respond to your request for personal information or your request to delete your personal information if Ceva cannot verify your identity or the authority of your agent to make such request. Therefore, your assistance in reasonably verifying your identity is imperative in order for Ceva to process your request. Any information you provide in order to verify your identity will be used solely for such purpose.
California consumers may request disclosure and/or deletion of their personal information by contacting Ceva at any of the following:
Via Mail at: Ceva Animal Health, LLC
Attn: Legal Department
8735 Rosehill Road, Suite 300
Lenexa, KS 66215
Telephone: (800) 999-0297
When contacting Ceva, please provided, or be prepared to provide, your name and your contact information (address, phone number, email address) in order to enable Ceva to commence verifying your identity prior to processing your request.