[Effective as of January 1, 2022]
How to Contact Us
Attention: Data Protection Manager
For inquiries related to the GDPR, please see Section 10 for GDPR-specific contact information.
What Information Do We Collect?
We collect Personal Information and other information as part of our general business operations, to provide you with services, to respond to requests and offer customer support, to fulfill legal and contractual obligations, and to provide and improve products. When we use the term “Personal Information”, we mean information that can help us directly or indirectly identify you. We collect some of this information when you provide it directly, some we collect automatically when you visit our website and use our products and services, and some we collect from other sources like service providers or publicly available resources.
How You Provide Information to Us
We collect any information that you provide to us when you:
- Visit our corporate websites.
- Make a purchase or request samples from us.
- Sell products or services to us.
- Choose to contact us, including by inputting information in a form or similar feature for contacting us (please note the information you input and share in this manner is sent to us via email).
- Order products or services.
- Make requests for literature or materials.
- Submit a resume.
- Submit an application to a job vacancy.
- Attend an interview or assessment.
Information You Provide to Us Directly
Depending on how you interact with us, we may collect the following Personal Information about you:
- Identifiers and Contact Information:Your title, names, addresses, email addresses, phone numbers, social security number, IP addresses, government identification numbers, or similar identifiers.
- Payment Information:Information to process payments, such as your bank account information, credit card number, expiration date, billing address, and security code.
- Characteristics Information:Your gender, marital status, disability, or other characteristic protected under U.S. federal or certain state laws.
- Commercial Information:Records of products or services purchases, obtained, or considered, including past orders.
- Employment, Education, and Background Information:If you are submitting a job application, you may also provide additional information about your academic and work history, qualifications, skills, projects and research that you are involved in, references, proof of your entitlement to work in the particular country you have applied to work in, your national security number, your passport or other identity document details, background checks, drug screening, and any other similar information that you may provide to us.
- Correspondence and Communications:Information contained in any correspondence between us. For example, if you contact us using a query button on our website or by email or telephone, we may keep a record of that correspondence.
- Sample Requests:We collect shipping and payment information to process Sample Requests.
- Interferences Drawn from Other Information:Certain information we collect from the above categories may be used to create a profile reflecting your preferences, tendencies, and the like, regarding, for example, your potential interest in certain products.
Information We Collect Automatically
When you interact with our website, use our products or services, and/or interact with us through online media and advertisements, we may automatically collect the following types of Personal Information about you:
- Cookies:Cookies are text files containing small amounts of information that are stored on your browser or your device when you visit our Website, online media, and advertisements. For additional information on cookies please review Section 5.
- Internet or Other Electronic Network Activity Information:Information about your interaction with our websites or app. This may include information such as login data; page views; searches; requests; orders and other actions on our websites; the device that you use to access our website, even where you have not created an account or logged in; device information such as your hardware model, mobile network information and unique device identifiers; the content of the request regarding the specific website; time zone settings; access status/HTTP status code; volume of data transmitted; browser type and version; language settings; time zone settings referral source; length of visit to the website; date and time of the request; operating system and interface; number of page views; the search queries you make on the website; and similar information. This information may be collected by third party website analytics service providers on our behalf and/or may be collected using cookies or similar technologies (for more information on cookies see Section 5).
Information We Collect About You from Other Sources
In certain circumstances, we receive Personal Information about you from other sources, including third parties, as permitted by law. For example:
- Service Providers:We may collect Personal Information from our website developer, IT support providers, payment services providers, and warehouse located in the EU.
- Employers, Recruitment Agencies and References:If you are a job applicant, we may contact your recruiter, current and former employers and/or references, to provide information about you and your application.
- Government Agencies or Law Enforcement
- Publicly Available Sources:We may obtain Personal Information from lawfully available government records or information otherwise lawfully available to the public.
- Website security:We collect information from our website security service providers about any misuse of the websites, for instance, the introduction of viruses or any other materials or actions that are malicious or harmful.
- Other Third Parties:We might also receive information about you from third parties if you have indicated to such third party that you would like to hear from us, for example our distributors or agents.
- How We Use the Information We Collect
We use your Personal Information for the purposes listed below on the basis of:
- Performance of your contract with us and the provision of our services to you.
- Your consent (where we request it).
- Where we need to comply with a legal or regulatory obligation.
- Our legitimate interests or those of a third party. Where we use your information for our legitimate interests, we make sure that we take into account any potential impact that such use may have on you. We believe your interests should override ours unless we have other grounds to use your Personal Information such as your consent or a legal obligation.
We Use Your Personal Information for the Following Purposes:
- To Process and Facilitate Transactions:To process transactions and payments, and to collect and recover money owed to us (on the basis of performing our contract with you and on the basis of our legitimate interest to recover debts due).
- To Conduct Business with You or Your Employer:To contact you and to manage and facilitate our business relationship with you and/or your employer (on the basis of performing our contract with you or your employer or on our legitimate business interests to conduct business).
- User and Customer Support:To provide customer service and support (on the basis of our contract with you or on the basis of our legitimate interests to provide you with customer service), process inquires or complaints and share your Personal Information with our regulators as needed to address the same, and coordinate with our testing labs and our payment services provider as necessary to provide customer support (on the basis of our legitimate interest in providing the correct products and services to our website users and to comply with our legal obligations).
- Recruitment:To process any job applications you submit to us, whether directly or via an agent or recruiter including sharing this with our third party recruitment agency (on the basis of our legitimate interest to recruit new employees or contractors).
- Advertising and Marketing:To keep in contact with you about our news, events, new website features, products, or services that we believe may interest you, provided that we have the requisite permission to do so (either on the basis of your consent where we have requested it or our legitimate interests to provide you with marketing communications where we may lawfully do so).
- Analytics:To use data analytics to improve our websites, products/services, marketing, customer relationships and experiences (on the basis of our legitimate interests in defining types of customers for our website and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy).
- To Register Your Account:When you or your employer sign up for an account, we use the details provided on your account registration form (on the basis of performing our contract with you), or when you create an account with our website (on the basis of our legitimate interest in providing the right kinds of products and services to our website users).
- Fraud and Unlawful Activity Detection:To protect, investigate, and deter against fraudulent, unauthorized, or illegal activity, including identity fraud (on the basis of our legitimate interests to operate a safe and lawful business or where we have a legal obligation to do so).
- Compliance with Policies, Procedures, and Laws:To enable us to comply with our policies and procedures; enforce our legal rights, or to protect our property; or to protect the rights, property, or safety of our employees; comply with legal obligations, including, but not limited to, regulatory inquiries and investigations; and share your information with our technical and legal advisors (on the basis of our legitimate interests to operate a safe and lawful business or where we have a legal obligation to do so).
How We Disclose the Information That We Collect
In connection with the purposes and on the lawful grounds described above, and in addition to the recipients of your information as described above, we share your Personal Information when relevant, and when permitted or required by law, with:
- Our Service Providers, Including Our Business Partners: Service providers we work with to provide our products and services, who are acting as processors and provide us with:
- Analytics services (including Google Analytics)
- Banking services worldwide
- Legal, accountancy, auditing and insurance services and other professional advisers
- Recruitment service providers
- Shipping facilitators
- Testing labs
- Subsidiaries and Affiliates: These are entities that are directly or indirectly controlled by or who share common control with Taian Risso Chemical Co., Ltd.
- Regulators and Governmental Bodies: Regulators, governmental bodies and other authorities acting as processors or joint controllers who require reporting of processing activities in certain circumstances.
- Other Entities as a Result of a Change of Control, Merger, or Acquisition: In the event that another company acquires a controlling interest in RISSO, or if we experience some other change of control event such as merger, insolvency, bankruptcy or receivership, we reserve the right to include any or all user-related information (including Personal Information) among the assets transferred to the acquiring company.
- Other Third Parties, Including Professional Advisers: Any other third parties (including legal or other advisors, regulatory authorities, courts, law enforcement agencies and government agencies) where such disclosure may be permitted or required by law.
- Automated Decision Making/Profiling: We do not use automated decision making/profiling.
If you do not wish for cookies to be installed on your device, you can change the settings on your browser or device to reject cookies. For more information about how to reject cookies using your Internet browser settings, please consult the “Help” section of your Internet browser (or alternatively visit http://www.aboutcookies.org). Please note that, if you set your Internet browser to reject cookies, you may not be able to access all of the functions of the website.
The names of the cookies used on our website and the purposes for which these cookies are used are set out in the table below:
|Google Analytics||To analyze the use and performance of our website.||Session|
|YouTube||To analyze the use and performance of our website.||Session|
RISSO does not knowingly solicit or collect Personal Information from or about children under age 18. If you are under the age of 18, please do not access our websites, or use our products or services, at any time or in any manner. If a parent or guardian becomes aware that a child under 18 has provided RISSO with Personal Information, the parent or guardian may contact us at firstname.lastname@example.org to request that such information be deleted. RISSO will delete such Personal Information from our files within a reasonable time.
How Long We Retain Your Personal Information
We retain your Personal Information for as long as it is necessary to perform a service that you have requested, or for as long as we reasonably require to retain the information for our lawful business purposes, such as for the purposes of exercising our legal rights or where we are permitted to do. Retention periods can vary based on the type of information, how it is used, and relevant legal requirements. We operate a data retention process and look to find ways to reduce the amount of information we hold about you and the length of time that we need to keep it.
We back our data up frequently and retain the back-ups. In the event of a system failure, we can still remain operational and abide by legal requirements.
RISSO implements and maintains reasonable security measures, appropriate to the nature of the information at issue, that comply with applicable laws to protect customers’ Personal Information, including protecting against unauthorized access and exfiltration, acquisition, theft, or disclosure. Given the nature of information security, there is no guarantee that such safeguards will always be successful.
We take precautions such as:
- Using sufficient software/hardware protection from malware (viruses, spyware, worms, Trojans, etc.) and internal/external intrusion (firewalls).
- Regularly updating and testing the security of our IT infrastructure.
- Using Secure Socket Layers (SSL) technology to help safeguard the confidentiality of Personal Information when collecting or transferring such information.
- Limiting access to Personal Information to those in our company who need to use it in the course of their work.
- Implementing physical, electronic, and organizational safeguards to protect Personal Information and other information that we have collected.
Information and Rights Applicable to Individuals in the European Union and the European Economic Area
Grounds for Processing Your Personal Information
The legal grounds for our processing of your Personal Information are:
- Performance of your contract with us and the provision of our services to you.
- Your consent (where we request it).
- Where we need to comply with a legal or regulatory obligation.
- Our legitimate interests or those of a third party.
International Transfers of Personal Information
Our company is located in the United States.
Whenever we transfer your Personal Information out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring that at least one of the following transfer solutions is implemented:
- We will only transfer your Personal Information to countries that have been deemed to provide an adequate level of protection for Personal Information by the European Commission. For further details, see European Commission: Adequacy of the protection of Personal Information in non-EU countries.
- Where we use certain service providers, we may use specific contracts approved by the European Commission, which give Personal Information the same protection it has in the EU.
- Where we use providers based in the U.S., we may transfer data to them if they take part in the Privacy Shield program, which requires them to provide similar protection to Personal Information shared between the EU and the U.S. For further details, see European Commission: EU-U.S. Privacy Shield.
Please contact us using the contact details in this section if you want further information on the specific mechanism used by us when transferring your Personal Information out of the EEA.
Your Rights Related to Your Personal Information
The GDPR provides you with certain rights related to the collection, processing, and transfer of your Personal Information.
Specifically, you have the following rights:
- The right to ask us not to process your Personal Information for marketing purposes.
- The right to request access to the information that we hold about you.
- The right to request that we correct or rectify any information that we hold about you which is out of date or incorrect.
- The right to object to our use of your information on the basis of our legitimate interests (refer to Section 3to see when we are relying on our legitimate interests or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground.
- The right to receive a copy of any information we hold about you (or request that we transfer this to another service provider) in a structured, commonly used, machine-readable format, in certain circumstances.
- In certain circumstances, the right to ask us to limit or cease processing or erase information we hold about you.
- The right to lodge a complaint about us to the UK Information Commissioner’s Office (https://ico.org.uk/) as well as a right to lodge a complaint with the relevant authority in your country of work or residence.
Please note that we may need to retain certain information for our own record keeping and research purposes. We also may need to send you service related communications about your App User account even when you have requested not to receive marketing communications.
You may contact us, as indicated below, if you wish to action any of these rights and we will comply with your requests unless we have a lawful reason not to do so.
What We Need from You to Process Your Requests
We may need to request specific information from you to help us confirm your identity and to enable you to access your Personal Information (or to exercise any of your other rights). This is a security measure to ensure that Personal Information is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information about your request to speed up our response.
You will not have to pay a fee to access your Personal Information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances. We will try to respond to all legitimate requests within one month. Occasionally, it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
Contact Information for Users Based in the EU or the EEA
Rights and Information Applicable to California Residents
If you are a California resident, please review the following information about your potential rights with regard to your Personal Information under the California Consumer Privacy Act (“CCPA”). The rights described herein are subject to exemptions and other limitations under applicable law.
Terms used in this section have the meaning given to them in the CCPA. Under the CCPA, RISSO is a business. For purposes of this section only and with regard to California residents only, Personal Information includes information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a California resident or a household. Personal Information does not include deidentified information, aggregate consumer information, or publicly available information, as those terms are defined in the CCPA.
Our Collection, Use, Disclosure, and Sharing of Personal Information:
- We do not sell or disclose your Personal Information except as permitted by the CCPA or other laws.
- In the preceding 12 months: (i) we may have collected all or some of the categories of Personal Information listed above in Section 2, and (ii) we may have disclosed all or some of the same categories listed in Section 2for a business purpose.
- We may collect Personal Information from all or some of the categories of sources listed in Section 2.
- We may collect and use Personal Information for the business or commercial purposes listed above in Section 3.
- We may share Personal Information with all or some of the categories of third parties listed above in Section 4.
- We may disclose your Personal Information to our service providers or other entities that have agreed to limitations on the use of your Personal Information or that fit within other exemptions or exceptions in or as otherwise permitted by the CCPA or other applicable laws.
California Residents’ Rights under the CCPA
If your Personal Information is subject to the CCPA, you may have certain rights with regard to such Personal Information, including the right to:
- Be informed, at or before the point of collection, of the categories of Personal Information to be collected and the purposes for which the categories of Personal Information shall be used.
- Request that we delete any Personal Information about you that we have collected or maintained, subject to certain exceptions (“request to delete”). We reserve the right to retain, and not to delete, certain Personal Information after receipt of a request to delete from you where permitted by the CCPA or where another law or regulation is applicable. We may retain your Personal Information if doing so is necessary for us or our service providers to, for example:
- Comply with a legal obligation.
- Enable solely internal uses that are reasonably aligned with your expectations based on your relationship with us.
- Complete a transaction for which we collect the Personal Information, provide a good or service requested by you or reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform a contract between us and you.
- Use your Personal Information, internally, in a lawful manner that is compatible with the context in which you provided the Personal Information.
- Request that we, as a business that collects Personal Information about you and that discloses your Personal Information for a business purpose, disclose to you (“request to know”):
- The categories of Personal Information we have collected about you.
- The categories of sources from which we collected the Personal Information.
- The business or commercial purpose for collecting or selling the Personal Information.
- The categories of third parties with whom we share Personal Information.
- The specific pieces of Personal Information we have collected about you.
- The categories of Personal Information we have disclosed about you for a business purpose.
- Not to be discriminated against because you exercised any of your rights under the CCPA.
The CCPA does not restrict our ability to do certain things like comply with other laws or comply with regulatory investigations. In addition, the CCPA does not apply to certain information, including, generally, personal information collected, processed, sold or disclosed pursuant to the Health Insurance Portability and Accountability Act of 1995 and its implementing rules and regulations. We also reserve the right to retain, and not to delete, certain Personal Information after receipt of a request to delete from you where permitted by the CCPA or another law or regulation.
How to Submit a Request Under the CCPA
You may submit requests to know or to delete your Personal Information through the following toll-free telephone number 1-800-243-6064 or via e-mail at email@example.com.
We are required to provide certain information or delete Personal Information only in response to verifiable requests made by you or your legally authorized agent. We may need to request specific information from you or your agent to help us confirm your identify or your agent’s authorization to act on your behalf and ensure your right to access the requested information. Any information gathered in this process will be used for verification purposes only.
We will deliver responses to verifiable consumer requests, free of charge, either through your online account with us, if you have such an account already, or, if you do not have a pre-existing online account, by mail or electronically, at your election.
We will try to respond to your requests to know or to delete within forty-five (45) days of receipt of the request. If we require more time, we will try to inform you of our need for an extension. Even with an extension, we will try to provide a response within ninety (90) days of initial receipt of the request.
Keep in mind that we are not required to provide information in response to requests to know more than twice in a 12-month period. Any response to a request to know will only cover the 12-month period preceding the verifiable request.