This Privacy Policy is issued by the owners of www.origin-merchants.com (“Origin Merchants”), on behalf of itself and each of the companies of this venture.
We have developed this policy because we want you to feel confident about the privacy and security of your Personal Data held by us. It explains how Origin Merchants collects Personal Data from you or about you on our websites (the
“Website”), or via written or verbal communications with us, mobile applications, social networking presence or from other sources. It also explains how we use and disclose such Personal Data. While this Privacy Policy broadly describes
the practices we have adopted across Origin Merchants globally, local laws vary and some jurisdictions may place restrictions on our processing activities.
Please read the following carefully to understand our practices regarding your Personal Data and how we will treat it. It is important that you read this Privacy Policy together with any other privacy policy that we may provide on specific
occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This privacy policy supplements other notices and privacy policies and is not intended to override
them.
“GDPR” means Regulation EU 2016/679 (GDPR) or a privacy law with the same requirements applies to you
“Personal Data” means any information that relates to you as an individual, and could allow you to be identified or identifiable, directly or indirectly, for example your full name or email address.
Origin Merchants will be the data controller and our nominated representative in relation to this Privacy Policy will be Chartered Associates Corp, Toronto, ON, Canada (ct@chartered.associates)
Below you will find information about how Origin Merchants collects and uses your Personal Data if you are a Website User. Origin Merchants is the operator of this Website which is hosted in __________________.
We may collect and process the following Personal Data about you:
Applications for jobs: First Name, Last Name, Email address, Phone number, Nationality, Country – residence, Languages, Level spoken, Years of experience, Current company, Current position, Current function, Current professional area,
Previous Company, Previous position, Previous professional area, Previous function, Uploaded resume, CV or cover letter.
Investment proposal: Title, First Name, Last Name, Company, Address, City, Country, Postal Code, Phone, Email.
Supplier Opportunities: Title, First Name, Last Name, Company, Address, City, Country, Postal Code, Phone, Email.
Quote request for commodities: Title, First Name, Last Name, Company, Address, City, Country, Postal Code, Phone, Email.
Sustainability Inquiries: Title, First Name, Last Name, Company, Address, City, Country, Postal Code, Phone, Email.
Investor Relations: Title, First Name, Last Name, Company, Address, City, Country, Postal Code, Phone, Email, Status.
Media Inquiries: Title, First Name, Last Name, Media outlet of affiliation, Contact type, Email, Country.
A request to download an Origin Merchants brochure or other marketing information: email address.
Connection information (last login date, IP address) and mobile device information (device ID, manufacturer, platform, version).
Information about how you use our Website, including technical information (such as type of browser and operating system) and log information (your visits to and use of the site). This includes information gathered by the use of cookies in
your web browser.
If you contact us, we keep a record of that correspondence.
Any other information uploaded by you onto our site.
Your Personal Data is collected directly from you via your interactions with our Website, for example by filling in online forms such as the “Contact Us” field or a job application form. We also collect your personal data by automated means
such as cookies, server logs] and other similar technologies. This data tells us about your equipment, browsing actions and patterns. Please see our Cookie Policy for more information.
From time to time, we may supplement the information you give us with information from business partners, social media, or other third party sources, for example, in order to obtain additional information to validate your address or
information about your business.
To administer and protect our business and the Website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)
To deliver relevant Website content and provide you with a good user experience when you use our site.
To use data analytics to improve our Website, products/services, customer relationships and experiences.
For client and contract management, in order to contact you and for electronic signature of contracts.
To provide any information and services that you request.
For security or fraud prevention purposes.
To provide you with effective customer service.
To improve the content, functionality and usability of our site.
Where you have consented explicitly, we may contact you with marketing offers.
To improve our marketing and promotional efforts.
We are able to lawfully process your personal data where you have explicitly consented to this. We are also permitted to process your personal information where (i) the processing is necessary to perform the agreement we have with
you or to take steps to enter into an agreement with you, (ii) where the processing is necessary for compliance with a legal obligation that we have, or (iii) for the purposes of our overriding legitimate interests.
Our legitimate interests might be: to prevent fraud, to provide you with a safe, efficient and customised experience on our Website and to provide the services you have requested. We consider and balance any potential impact on you and
your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required
or permitted to by law).
We collect information about your device, including where available your internet protocol (“IP”) address, operating system and browser type, for system administration. An IP address is a number that is automatically assigned to your
computer when you use the internet. We use IP addresses to help diagnose problems with our server, administer our site, analyse trends, track users’ activity within the application, and gather broad demographic information for aggregate
use in order for us to improve our site.
We do use cookies that are vital for the basic functionality of the Website. A cookie is a small data file that our server sends to your browser when you visit the site. Cookies will only be stored to improve the performance of the site in order
to retrieve data in the most effective way and notify the user of previous activities. You can delete cookies at any time or you can set your browser to reject or disable cookies. If you are unsure how to do this, follow this link where you will
find instructions for many of the most popular web browsers: http://www.allaboutcookies.org/manage-cookies/stop-cookies-installed.html.
The Personal Data that we collect from you may be transferred to, and stored at, a destination outside Switzerland and the European Economic Area “EEA). Such destination countries may have different levels of privacy protection than in
your country of residence. Your Personal Data are processed by staff operating outside Switzerland and the EEA who work for us or for one of our group companies, affiliates or suppliers. These staff are engaged in the provision of support
services. We will take all steps reasonably necessary to ensure that your Personal Data is treated securely and in accordance with this Privacy Policy and applicable data protection laws.
These steps include imposing contractual obligations on the recipients of your Personal Data to protect that Personal Data, using standard contractual clauses approved by the European Commission. We may alternatively require approved
codes of conduct or certification mechanisms to be in place.
Please contact our data protection team at the address in the Contact Us section to obtain more information about our contractual clauses imposed on third party recipients of your Data.
We store your Personal Data carefully. We have implemented, and follow, industry standard measures to protect against unauthorized access to, and unlawful interception or processing of, Personal Data. Once we have received your
Personal Information, we will use strict procedures and security features to prevent unauthorized access.
We may disclose your Personal Data to any member of our group, which means our subsidiaries, our ultimate holding parent company and its subsidiaries and/or affiliates. Furthermore, we disclose your Personal Data to our business
partners (DocuSign and Certisign for electronic signature, Plivo for SMS communication, Microsoft for hosting, Google for web analytics) insofar and for as long as it is necessary to perform our services. We oblige our business partners to
assume and apply the same rights and obligations regarding your Personal Data as described in this Privacy Policy.
Other than previously specified in this Privacy Policy, we may also disclose your Personal Data to third parties in the following circumstances:
If we become part of another organization, such organization will possess the Personal Data collected by us, and it will apply and assume the same rights and obligations regarding your Personal Data as described in this Privacy Policy.
If we are under a duty to disclose or share your Personal Data, or part of it, in order to comply with any applicable legal or regulatory obligation, or in order to enforce or apply our Terms of Use and other agreements; or to protect the rights,
property, or safety of us, our customers, or others.
Origin Merchants is a global organization that does business in many countries. Some of the parties, identified above, with whom we share your data may be located in countries outside of your own. Although the data protection laws of
these various countries may differ from those in your own country, we have put in place appropriate safeguards (such as contractual commitments) to ensure that your personal information is handled as described in this Privacy Policy and
in accordance with the law. For transfers of data outside of the European Union, this includes standard contractual clauses approved by the European Commission. For more information on the appropriate safeguards in place, please
contact us via the contact information provided in the Contact Us section at the end of this Privacy Policy.
The time period for which we shall retain and keep Personal Data varies according to various statutes and what the information is used for. In some cases, there are legal requirements to keep data for a minimum period of time. Unless there
is a specific legal requirement for us to retain and keep the information, we will retain and keep it only insofar and as long as it is necessary for the purposes for which the data was collected or for which it is to be further processed.
Non-personal information is information that does not identify you individually. We collect non-personal information from your computer, such as your Web browser, the date and time of your Web site visit, the Web address from which
you accessed our site, the number of visitors to the site, the pages viewed, and the length of time on the Web site.
We collect data to analyse the Website in general, to gain insights into how to improve our services and to target our marketing measures to your identifiable needs. For some marketing activities we will need your consent (e.g., receiving
newsletters). If you consent to the use of your Personal Data for marketing purposes, you can change your mind and opt-out of this at any time. You can do this by selecting ‘unsubscribe’ at the bottom of any marketing email you receive
from us, or at any time by contacting us at the address in the Contact Us section.
For other marketing activities, for which we do not need your consent, we process your personal data for our legitimate interests. You have the right to ask us not to process your Personal Data for our marketing purposes. We will inform
you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for our own marketing purposes. You can at any time exercise your right to prevent such
processing by checking certain boxes on the forms we use to collect your Personal Data or by unsubscribing. You can also exercise the right at any time by contacting us at the address in the Contact Us section.
Our website may contains links to other websites. Please note that when you click on one of these links, you are entering another website over which we have no control and will bear no responsibility. Often these sites require you to enter
your Personal Data. We encourage you to read the privacy policies on all such websites as their policies may differ from ours.
Below you will find information about Origin Merchants’ processing of the Personal Data of our Suppliers, Customers, Logistics Partners and member of the public.
We may collect and process the following Personal Data about you:
Investment proposal: Title, First Name, Last Name, Company, Address, City, Country, Postal Code, Phone, Email.
Supplier Opportunities: Title, First Name, Last Name, Company, Address, City, Country, Postal Code, Phone, Email. Supplier Data: we may collect additional personal data in connection with our transparency and traceability programme and
as required by our accredited certifications: gender, national ID number, date of birth, household size, income, location of farms/supplier premises including GPS co-ordinates, photos, videos, voice recordings, quotes from speech or text
provided by you.
Quote request for commodities: Title, First Name, Last Name, Company, Address, City, Country, Postal Code, Phone, Email.
Sustainability Inquiries: Title, First Name, Last Name, Company, Address, City, Country, Postal Code, Phone, Email.
Investor Relations: Title, First Name, Last Name, Company, Address, City, Country, Postal Code, Phone, Email, Status.
Media Inquiries: Title, First Name, Last Name, Media outlet of affiliation, Contact type, Email, Country.
Supplier/contractor/partner employees: Name, job title, copies of relevant certificates (e.g. qualifications, skills, training).
Where we have a contract with you, we will also hold any personal contact details contained in that contract, which may include payment information and invoice information.
If you contact us, we keep a record of that correspondence.
Your image may be recorded on CCTV or similar systems when you visit our sites.
Your car number plate may be recorded at some of our sites to manage parking restrictions.
Your Personal Data is collected directly from you via your interactions with us, for example when you correspond with us or contract with us, or provided by your employer.
From time to time, we may supplement the information you give us with information from business partners, social media, or other third party sources, for example, in order to obtain additional information to validate your address or
information about your business, carry out credit checks etc.
For client and contract management in order to contact you and for electronic signature of contracts.
To provide any information and services that you request.
For security or fraud prevention purposes.
To provide you with effective customer service.
To improve our products and services.
Where you have consented explicitly, we may contact you with marketing offers.
To improve our marketing and promotional efforts.
In connection with the sustainability objectives and obligations of Origin Merchants and its customers.
To onboard suppliers, contractors and partners and their staff, e.g. with respect to Origin Merchant’s Health Safety and Environment onboarding process.
We are able to lawfully process your personal data where you have explicitly consented to this.
We are also permitted to process your personal information where (i) the processing is necessary to perform the agreement we have with you (or your company) or to take steps to enter into an agreement with you (or your company), (ii)
where the processing is necessary for compliance with a legal obligation that we have, or (iii) for the purposes of our overriding legitimate interests.
Our legitimate interests might be: to comply with our corporate due diligence and sustainability obligations/objectives and those of our customers, to prevent fraud, to provide the services you have requested, to provide a safe and secure
environment for all parties. We consider and balance any potential impact on you and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are
overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
The Personal Data that we collect from you may be transferred to, and stored at, a destination outside Switzerland and the European Economic Area (“EEA”). Such destination countries may have different levels of privacy protection than in
your country of residence. Your Personal Data are processed by staff operating outside Switzerland and the EEA who work for us or for one of our group companies, affiliates or suppliers. These staff are engaged in the provision of support
services. We will take all steps reasonably necessary to ensure that your Personal Data is treated securely and in accordance with this Privacy Policy and applicable data protection laws.
These steps include imposing contractual obligations on the recipients of your Personal Data to protect that Personal Data, using standard contractual clauses approved by the European Commission. We may alternatively require
approved codes of conduct or certification mechanisms to be in place. Please contact our data protection team at the address in the Contact Us section to obtain more information about our contractual clauses imposed on third party
recipients of your Data. We store your Personal Data carefully. We have implemented, and follow, industry standard measures to protect against unauthorized access to, and unlawful interception or processing of, Personal Data. Once we
have received your Personal Information, we will use strict procedures and security features to prevent unauthorized access.
In connection with your application we may disclose your Personal Data to the following parties: any member of our group, which means our subsidiaries, our ultimate holding parent company and its subsidiaries and/or affiliates;[our
business partners (DocuSign and Certisign for electronic signature, Plivo for SMS communication, Microsoft for hosting, Google for web analytics) and to certification schemes and control bodies, insofar and for as long as it is necessary to
perform our services], and third parties such as recruitment agencies, background check providers etc. We oblige our group companies and third parties to assume and apply the same rights and obligations regarding your Personal Data as
described in this Privacy Policy.
Other than previously specified in this Privacy Policy, we may also disclose your Personal Data to third parties in the following circumstances:
If we become part of another organization, such organization will possess the Personal Data collected by us, and it will apply and assume the same rights and obligations regarding your Personal Data as described in this Privacy Policy.
If we are under a duty to disclose or share your Personal Data, or part of it, in order to comply with any applicable legal or regulatory obligation, or in order to enforce or apply our Terms of Use and other agreements; or to protect the
rights, property, or safety of us, our customers, or others.
Origin Merchants is a global organization that does business in many countries. Some of the parties, identified above, with whom we share your data may be located in countries outside of your own. Although the data protection laws of
these various countries may differ from those in your own country, we have put in place appropriate safeguards (such as contractual commitments) to ensure that your personal information is handled as described in this Privacy Policy
and in accordance with the law. For transfers of data outside of the European Union, this includes standard contractual clauses approved by the European Commission. For more information on the appropriate safeguards in place, please
contact us via the contact information provided in the Contact Us section at the end of this Privacy Policy.
We retain job candidate Personal Data for 24 months so that we are able to contact you if another job opportunity arises.
We may collect data in order to gain insights into how to improve our services and to target our marketing measures to your identifiable needs. For some marketing activities we will need your consent (e.g., receiving newsletters). If you
consent to the use of your Personal Data for marketing purposes, you can change your mind and opt-out of this at any time. You can do this by selecting ‘unsubscribe’ at the bottom of any marketing email you receive from us, or at any
time by contacting us at the address in the Contact Us section.
For other marketing activities, for which we do not need your consent, we process your personal data for our legitimate interests. You have the right to ask us not to process your Personal Data for our marketing purposes. We will inform
you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for our own marketing purposes. You can at any time object to this processing activity by
contacting us at the address in the Contact Us section.
You may have the following rights in respect of your personal data.
The right to access and receive a copy of your Personal Data held by us.
The right to demand that we correct incorrect information.
The right to request the erasure of your Personal Data at any time, if you consider that we do not have the right to hold it. We may retain certain information about you as required by law and for legitimate business purposes permitted by
law.
The right to ask us to suspend the processing of your Personal Data in several scenarios, including if you want us to verify the accuracy of the data, and where our use of the data is unlawful, but you do not want us to erase it.
The right to request the transfer of your Personal Data that you provide to us to you or to a third party. We will provide to you, or a third party you have chosen, your Personal Data in a structured, commonly used, machine-readable format.
This right only applies to information which you initially provided consent for us to use, where we used the information to perform a contract with you or where the processing of your Personal Data is carried out by automated means.
The right to object to your Personal Data being processed for a particular purpose or to request that we stop using your Personal Data.
Where our processing of your Personal Data is based on your consent, you have the right to withdraw your consent at any time. If you do so we will stop processing your Personal Data unless there is another lawful basis we can rely on, if
which case we will inform you of this.
The right to request not to be subject to a decision based on automated processing and to have safeguards put in place if you are being profiled based on your personal data;
We reserve the right to change, alter or otherwise modify this Privacy Policy at any time by posting revisions on this web page. In the event of any change, you will be alerted.
If you have any concerns about our processing of your Personal Data, you may of course contact us at the address and email address in the Contact Us section but you also have the right to complain to your local data protection regulator.
Origin Merchants is not required to appoint a Data Protection Officer under EU regulations. However, it has chosen to do so and they can be contacted at coffee@origin-merchants.com
In addition to the types of Personal Data listed in the Privacy Policy, we may also collect your Personal Data when you apply for jobs in our site, including expected working location, work eligibility, and Salary expectations. Furthermore,
certain information as listed in the “Non-personal information” section of the Privacy Policy may constitute Personal Data under Applicable Legal Requirements, such as your Web browser, the date and time of your Web site visit, and the
pages viewed.
We only process your Personal Data when we have a legal basis for the processing. We may process your Personal Data on the basis of: (a) obtaining your consent for the purposes listed in the Privacy Policy, especially for recruitment
purposes; (b) on the basis where Origin Merchants and/or Chartered Associates Corp. is required to perform a statutory responsibility or obligation; and/or (c) on the basis where it is necessary for Origin Merchants to respond to a public
health emergency, or for protecting the life, health or property safety of a natural person in the case of an emergency.
In addition to the above, we may process your Personal Data on other statutory bases for purposes that could be justified by such other bases.
It refers to Personal Data that, once leaked or illegally used, may easily cause infringement upon the human dignity or harm to the personal or property safety of a natural person, including biometric recognition, religious belief, specific
identity, medical and health, financial account, personal whereabouts and other information of a natural person, as well as the Personal Data of minors under the age of 14. For achieving the purposes specified in this Privacy Policy, we may
collect certain types of Sensitive Personal Data only when permitted or required by Applicable Legal Requirements, such as:
Where we have a contract with you, we will also hold any personal contact details contained in that contract, which may include payment information and invoice information.
Information about how you use our Website, including log information (your visits to and use of the site).
If you contact us, we keep a record of that correspondence.
Our Processing of your Sensitive Personal Data will strictly comply with Applicable Legal Requirements, including the enhanced protection measures and the separate consent you give us to such processing.
We may share and transfer your Personal Data to third parties, including to entities located within and outside the Mainland China, for the processing purposes as follows:
Within Origin Merchants: Your Personal Data as described in the Privacy Policy may be shared with / or otherwise accessed by any member of Origin Merchants (defined in Appendix I), for the processing purposes as provided in the Privacy
Policy.
If we are under a duty to share your Personal Data, or part of it, in order to comply with any applicable legal or regulatory obligation, or to protect the rights, property, or safety of us, our customers, or others, we may share your Personal
Data to public and governmental authorities.
For achieving the purposes stated in the Privacy Policy, your Personal Data we collect may be transferred to and stored outside the Mainland China. The overseas data recipients include Members of Origin Merchants as described in
Appendix I, which may be located outside the Mainland China. We will comply with Applicable Legal Requirements before transferring your Personal Data overseas.
In addition to the data subject rights listed in the Privacy Policy, you also have, in accordance with Applicable Legal Requirements, the right to request for an explanation on this Addendum, the Privacy Policy and other processing rules of
Origin Merchants in relation to your Personal Data. If you are a close relative of a deceased user of our site, for your own legal and legitimate interests, you can contact us through the contact information described in the Contact Us section
below to exercise personal information related rights regarding Personal Data about the deceased we hold, unless otherwise arranged by the deceased. In order to fully protect the personal information rights of deceased users, when you
contact us, we may inform you of the specific application procedures and requirements, and you will need to proceed the application per our instruction.
If you have any questions about the processing of your Personal Data or would like to exercise any of your data subject rights, in addition to the ways described in the Privacy Policy, you may also contact us at ct@chartered.associates.
This Colombia Addendum to the Privacy Policy (this “Addendum”) applies to the processing of Personal Data of Colombian residents by Chartered Associates Corp. and Origin Merchants. This Addendum supplements and constitutes an
integral part of this Privacy Policy and is formulated in accordance with the applicable laws and regulations in the jurisdiction of Colombia, mainly, Law 1581 of 2012 and Decree 1377 of 2013. The terms in this Addendum shall have the same
meaning defined under this Privacy Policy unless otherwise clearly specified.
We will collect, store, use, transfer, circulate, or delete your Personal Data for the purposes described in the main section of this Privacy Policy and we will rely on your prior, explicit, and informed consent as the primary lawful basis.
For the case of Colombian residents/data subjects, you may exercise the following additional privacy rights:
Right to Consultation You have the right to consult your Personal Data at any time and free of charge.
Right to Update You have the right to update your Personal Data at any time.
Right to be Informed You have the right to be informed about how we are using your Personal Data.
In order to exercise the right to rectify, update or demand the deletion of your information, as Data Subject you are entitled to make complaints by sending an email to ct@lchartered.associates , which will be answered within 30 business days from the date of their
receipt.
To exercise the right to consult your information, you are entitled to file any type of inquiries concerning the processing of your Personal Data by sending an email to ct@lchartered.associates , which will be answered within 10 business days from the date of their
receipt.
Members of Origin Merchants that may receive applicants’ Personal Data mean Chartered Associates Corp., any company or legal entity directly or indirectly controlled by Chartered Associates Corp., and other entities controlling Origin Merchants.
