Privacy policy
Mercuria operates in a number of countries around the globe and is committed to protecting your data, respecting your privacy and dealing with your information in a fair and lawful way. Mercuria`s Privacy Policy describes the types of information that we collect and also how we collect, use and disclose that information.
Privacy notice
By conducting business with us, you agree that your information will be handled as described in the Mercuria Privacy Policy. This privacy notice explains how and why Mercuria uses personal data when you visit our website, purchase goods or services from us or otherwise communicate or engage with us Mercuria holds information in accordance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”).
Mercuria`s Privacy Policy sets out how Mercuria:
- collects and creates Personal Data
- categorizes the Personal Data that it processes
- discloses Personal Data
- transfers Personal Data internationally
- applies security measures to protect Personal Data
Additionally the Mercuria Privacy Policy describes:
- the lawful basis for Mercuria processing Personal Data
- the purpose of such processing
- Mercuria`s principles of data accuracy, data retention and data minimization
- The rights of data subjects; and
- Contact details for enquiries and the exercise of data protection rights.
The objective of the Mercuria Privacy Policy is to provide you with a transparent and clear description of what we do with your personal data. We encourage you to familiarize yourself with our Policy.
In relation to the business that you do with Mercuria and in accordance with our obligations under GDPR, we hereby notify you that Mercuria, acting as a data controller, may process information about you, your directors, officers and employees, and affiliates and agents, which may constitute personal data under the GDPR and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (“Personal Data”).
Mercuria’s Privacy Policy may be updated or revised from time to time and as such you are encouraged to review it periodically. If you have any questions relating to Mercuria’s Privacy Policy or its implementation please contact us at: information@mercuria.com
Privacy policy
Mercuria is committed to protecting personal information and therefore all personal data is collected, processed, stored and shared in compliance with this policy.
Definitions
“Personal Information” means any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier. This definition provides for a wide range of personal identifiers to constitute personal data, including name, identification number, location data or online identifier.
“Sensitive Personal Data” means personal information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data concerning a natural person’s sex life or sexual orientation.
What personal information do we collect about you and why?
We may collect and generate information about you including your name, contact details and date of birth.
We process your personal information to fulfil our contractual obligations with you and to be able to conduct various business activities with you. We also process your personal data to comply with all relevant international laws, to conduct due diligence to ensure we perform our business activities in an appropriate and ethical manner and to meet the requirements put on us by a number of third party stakeholders. Additionally, we may use your information to comply with legal, regulatory and other requirements necessary to operate our business, including for internal purposes such as audit, data analysis, statistical and research purposes and troubleshooting and to monitor activities as permitted and/or required by local law and/or regulation
When We Disclose Your Information
We do not share your information with non-affiliated entities for marketing purposes. We do, however, share your information as follows:
- With Our Affiliates. As permitted by law we may share your information with our affiliated entities. These entities may market their business, products and services to you, and their use of your personal information will be governed by this policy.
- Partners and Financiers. We may provide your information to carefully screened entities that work on our behalf and with us in our business activities. Only trusted companies who require the use of your information for business purposes are given access to it.
- Service Providers. We may share your information with other third party service providers in order to enable them to assist us in conducting our business with you. These third parties will process your personal data on our behalf (as our processor). We will disclose your personal data to these parties so that they can perform those functions. Before we disclose your personal data to other people, we will ensure that they have appropriate security standards in place to protect your personal data. When contracting with such third party Service Providers, we will enter into a written contract imposing appropriate security standards on them, particularly with respect to managing your personal data.
The types of third parties we may share your information with include:
- consultants and professional advisors including legal advisors and accountants;
- banks and payment processors in relation to business you conduct with us;
- IT support, website and data hosting providers and administrators;
- analytics and search engine providers;
- courts, court-appointed persons/entities, receivers and liquidators;
- business partners and joint ventures;
- insurers; and
- governmental departments, statutory and regulatory bodies.
In the following circumstances we may also share your information:
- Business Transfers. If we are acquired by or merged with another company, if substantially all of our assets are transferred to another company, if we sell or re-organise some or all of our business or as part of a bankruptcy proceeding, we may transfer the information we collected from you to the reorganized or other company. We may also transfer our rights under any customer agreement we have with you.
- To Protect Us and Others. We may also disclose the information that we collect from you where we believe it is necessary to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the safety of any person, violations of an agreement or this policy, or as evidence in litigation in which we are involved.
- In Response To Legal Process. We may also disclose the information that we collected from you in order to comply with the law, a judicial proceeding, court order or other legal or regulatory processes, such as in response to a court order or a subpoena.
- Aggregate and Anonymous Information. We may share aggregate or anonymous information about users with third parties for research or similar purposes.
- Legal Purposes. To enforce our Terms and Conditions; for example to protect the security of our services, as required by law or when we believe that disclosure is necessary to protects our rights.
Information Sharing Within the Mercuria Group
As a Global company, Mercuria has affiliates and group companies around the world and we may need to share your information with them. Circumstances under which we may share your personal information in this way include:
- where support and functions are provided by other group companies, such as in relation to our website hosting and operation, IT systems and support and maintenance;
- to meet our customer needs by providing services across offices/locations;
- for authorisations /approvals with relevant decision makers;
- for reporting purposes and/or
- where systems and services are provided on a shared basis, such as compliance and for the arrangement of visas.
Access rights between members of the Mercuria Group are limited and are granted only on a need-to-know basis, depending on job functions and roles.
Where any Mercuria Group company processes your personal data on our behalf (as our processor), we will make sure that each company that is a part of the Mercuria Group has appropriate security standards in place to protect your personal data. In addition, we will enter into a written contract imposing appropriate security standards on them.
Legal basis for processing
We have legal basis to collect, use and share your information. We will only collect and process information when we have legal basis to do so. Legal basis includes consent (where you have given consent), contract (where processing is necessary to fulfil contractual obligations (e.g. to provide you with the services you have purchased) and legitimate interest.
If you have any questions about the legal basis we use to process your information, please contact us at: privacy@mercuria.com.
Data retention
We retain your information while you use our services, after you use our services and / or as needed to conduct our business and to meet regulatory, legal and accounting requirements. This includes data you or others provide to us and data generated or inferred from our business with you.
Security
Mercuria takes security of all data, especially your personal information, seriously. We have done our best to protect your information from any unauthorized access or loss by implementing security features and procedures. You should, however, be aware that the transmission of information via the internet is never completely secure. You should also take necessary steps to protect against unauthorized access to your passwords, phone and computer by, among other things, signing off after using a shared computer, choosing a robust password that nobody else knows or can easily guess and keeping your log-in and passwords private. We are not responsible for any lost, stolen or compromised passwords or for any activity conducted via unauthorized password activity.
Transfers To Countries That Do Not Provide Adequate Level Of Protection
Mercuria is a global company and information that we collect from or about you within the European Economic Are (“EEA”) may be transferred across international borders and to countries outside of the EEA that do not have laws requiring a reciprocal level of data protection. We as the Data Controller (or Data Exporter) will do our best to ensure that your information is protected no matter where it is transferred. To ensure adequate protection we enter into Data Processing Agreements with our suppliers processing your information outside of the EEA. When necessary we utilize standard contract clauses to ensure the adequate protection of your information.
Third Party Websites
From time to time our website may contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies; we do not accept any responsibility or liability for those policies. Please check the data privacy policies of these third parties before you submit any personal data to their websites.
Your Rights As A Data Subject
You as a Data Subject have many possibilities to impact how your personal information is being processed. You can:
- Request access to your information that we process
- Request for your information to be deleted or for your right to be forgotten (right to erasure)
- Request us to correct or change your information.
- Limit, restrict or object to our use of your information
- Subject to applicable law, lodge a complaint with your local data protection authority
Please note that if you request us to remove your information, we may retain some of the information for specific reasons, such as to resolve disputes, troubleshoot problems, and to comply with a law or regulation. Furthermore some information is never completely removed from our databases because of technical constraints and the fact that we regularly back up our systems. Therefore, not all of your personal information can ever be completely removed from our databases.
Identity and Contact Details Of The Data Controller
If you have any questions, concerns or feedback relating to Mercuria`s Privacy Policy or its implementation please contact us at: information@mercuria.com.
Mercuria`s Privacy Policy may be updated or revised from time to time and as such you are encouraged to review it periodically.
Cookie policy
Information about our use of cookies
The Mercuria website uses cookies. Cookies are used to distinguish you from other users of our website. These cookies allow us to improve our website and help us to ensure that you have a good experience when you browse our website.
A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you agree.
By continuing to browse the site, you are agreeing to our use of cookies.
Using cookies enables us to:
- Know you when you return to our site
- Know how often and when you have visited our site
- Access traffic source information
- Determine the start and end of a session
- Know the value of visitor-level custom variables
Please note that third parties may also use cookies. Mercuria has no control over third party use of cookies.
Should you wish to block cookies you can do so by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our site.