Effective Date: January 1, 2020
Information We Collect
We may collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular Worker or device ("Personal Information"). In particular, we may have collected the following categories of Personal Information from those Workers who are subject to this privacy Notice within the last twelve (12) months:
Categories of Personal Information which are collected
Identifiers and demographic data. This includes data like name, address, email, marital status, birth date, gender, educational data, etc.
Sensitive Data. This includes data like financial account numbers, SSN, medical data, biometric data, performance reviews, etc.
Transactional Data. This includes data you may share with us when you are acting in your capacity as a consumer instead of a worker. For example, when you buy our products or services.
Biometric information. This includes information like ID badge photos, fingerprints used with time keeping systems, or security camera video footage of you.
Internet or other similar network activity. You use thyssenkrupp systems every day for your work. All the activity you have on these systems, from email to web browsing, is collected and used. This includes log-in details, software application usage, VoIP phone usage, and file share access.
Geolocation data. This can include location data we may collect as part of your use of a or thyssenkrupp Supply Chain Services NA, Inc., issued smart phone, or GPS data collected when you use one of our fleet vehicles.
Sensory data. This is data which may or may not be related to you directly, as it is usually data coming from devices like security motion detectors or similar devices. However, if it is tied to other data, like key card access logs, it can become personal information.
Professional or employment-related information. This is all the data related to your employment with or thyssenkrupp Supply Chain Services NA, Inc., including but not limited to Personal Information related to individuals who receive benefits from or thyssenkrupp Supply Chain Services NA, Inc., as a result of your status as a Worker with one of these entities. For example, it can include “right to work” documents, payroll and benefits data, medical leave data, or other kinds of information necessary for or thyssenkrupp Supply Chain Services NA, Inc., to acquire, manage, and retain talent in its workforce.
Non-public education information. This is information related to your academic credentials such as what school you went to, what your GPA was, what activities or sports you did in school, or other data on your school transcripts.
Inferences or thyssenkrupp Supply Chain Services NA, Inc., based on Personal Information. This includes information in performance reviews, any testing you may have undertaken, information related to succession planning, as well as predictive analytics related to your use of thyssenkrupp IT systems and networks.
Personal Information does not include:
· Publicly available information from government records.
· Deidentified or aggregated information.
· Information excluded from the CCPA's scope
thyssenkrupp Supply Chain Services NA, Inc. obtains the categories of Personal Information listed above from the following categories of sources:
· Directly from you. For example, from forms you complete or products and services you purchase (if any).
· Indirectly from you. For example, from observing your actions as a Worker, from records of your use of thyssenkrupp information technology, or from location-tracking enabled devices connected to thyssenkrupp assets you may use as part of your regular employment related activities with or thyssenkrupp Supply Chain Services NA, Inc.
· From independent third parties related to your eligibility for employment, or our ongoing management of our business.
· Other Workers, as part of thyssenkrupp Supply Chain Services NA, Inc.’s management, evaluation, training, and discipline processes
Use of Personal Information
We may process or disclose the Personal Information we collect for one or more of the following business purposes:
· To fulfill or meet the reason you provided the information. For example, if you share your name and contact information to apply for a job at or thyssenkrupp Supply Chain Services NA, Inc., or, request vacation time, or, in order to administer benefits, or to process payroll.
· To provide, support, personalize, and develop our Worker population.
· To provide you with support and to respond to your inquiries.
· To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
· As described to you when collecting your Personal Information.
· Disclosures made in an effort to prevent or halt violations of thyssenkrupp Supply Chain Services NA, Inc.’s policies, illegal activities, or as required by law.
· Disclosures that we reasonably believe are necessary to defend against or prevent us from incurring liability to third parties.
· To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding.
We will not collect additional categories of Personal Information or use the Personal Information we collected for materially different, unrelated, or incompatible purposes without providing you notice.
Sharing Personal Information
thyssenkrupp Supply Chain Services NA, Inc., is part of an international group of companies where certain services are provided centralized by one or more affiliates for the entire group or a part of it. We, therefore, reserve the right to share personal information with our direct and indirect affiliates for all purposes described above. Whenever we share Personal Data with affiliates, we request from them that they commit themselves to process Personal Data in line with this Privacy Notice only.
We may disclose your Personal Information to a third party for a business purpose. When we disclose Personal Information for a business purpose, we enter into a contract that describes the purpose and requires the recipient to both keep that Personal Information confidential and not use it for any purpose except performing the contract. These third parties are “Service Providers” as defined by applicable law. We do not share Personal Information with any third parties, who are not Service Providers, where thyssenkrupp Supply Chain Services NA, Inc., may receive a financial benefit from such sharing.
We may also disclose your Personal Information to another company as part of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets to that company; or where required by thyssenkrupp Supply Chain Services NA, Inc., policy, law, or in response to valid legal process compelling disclosure.
Disclosures of Personal Information
In the preceding twelve (12) months thyssenkrupp Supply Chain Services NA, Inc., has disclosed all of the categories of Personal Information as noted above, for the business purposes described above
We disclose your Personal Information for a business purpose only to Service Providers, or, where required by law, or in response to valid legal process compelling disclosure.
Sales of Personal Information
In the preceding twelve (12) months, Company has not sold Personal Information. The Company does not and will not sell Personal Information of Workers.
Changes to Our Privacy Notice
thyssenkrupp Supply Chain Services NA, Inc., reserves the right to amend this Privacy Notice at our discretion and at any time. When we make changes to this Privacy Notice, we will post the updated notice on the Website and update the Notice's effective date.
If you have any questions or comments about this notice, the ways in which and thyssenkrupp Supply Chain Services NA, Inc., collects and uses your information, please do not hesitate to contact either your HR representative or the tkMNA Human Resources Director - Compliance: Cheryl Dooley at firstname.lastname@example.org