South Africa
Data Protection

Privacy Statement

BASF Online Data Protection Rules

Note: where applicable and where brought to a party’s attention (via a policy or contractual terms) these rules shall also serve to supplement/apply mutatis mutandis to customer, supplier or third-party transactions/activities and shall not be limited to only online interactions or activities. In the case of a conflict between an express contractual term/policy and these rules, the former shall apply.

BASF is delighted that you have visited our website and thanks you for your interest in our company. We take the protection of your personal data seriously and want you to feel safe when you are visiting our Internet site.

We would like to inform you in our data protection declaration what information we collect at BASF while you are visiting our website or within the ordinary course of or leading up to a business transaction and how this is used.

This data protection declaration applies to all of the South African, Kenyan, Nigerian Tanzanian and Zambian BASF entities and you can access details about these entities (including registered names and physical addresses) at their relevant local websites.

At BASF, data protection has the highest priority. This document is designed to provide you with information on how we are following the rules for data protection at BASF, which information we gather while you are browsing our website, and how this information is used. First and foremost: your personal data is only used in the following cases and will not be used in other cases without your explicit approval.

 

Collecting data

When you visit the BASF website, general information is collected automatically (in other words, not by means of registration) which is not stored as personal related data. The web servers that are used store the following data by default:

  • The name of your internet service provider
  • The website from which you visited us
  • The websites which you visit when you are with us
  • Your IP address

This information is analyzed in an anonymous form. It is used solely for the purpose of improving the attractiveness, content, and functionality of our website. Where data is passed on to external service providers, we have taken technical and organizational measures to ensure that the data protection regulations are observed.

Collecting and processing personal data

Personal data is only collected when you voluntarily provide us with this in the course of, say, registration, by filling out forms or sending emails, and in the course of ordering products or services, inquiries or requests for material or if we a required to collect personal data in terms of applicable laws, which may include, amongst others. We may not be able to provide our products and/or services to you, should you not be willing to provide us with the required personal data. The database and your information remain with our company and our provider. Save for the below listed instances, your personal data will not be made available to third parties in any form by us or by persons instructed by us:

  • Personal data shared by BASF with credit bureaus for verification or other legitimate purposes;
  • Personal data shared by BASF with its affiliate companies in order to perform our duties or for other legitimate purposes;
  • Personal data transferred cross-border to countries, which do not necessarily have data-protection laws similar to South Africa, for storage or other legitimate purposes.

By submitting any personal data to BASF in any form you acknowledge that such conduct constitutes an indefinite unconditional, specific and voluntary consent to the processing of such personal data  by BASF and/or third parties listed above.

Data retention

We store personal data for as long as it is necessary to perform a service that you have requested or for which you have granted your permission, providing that no legal requirements exist to the contrary such as in the case of retention periods required by trade or tax regulations.

Security

BASF deploys technical and organizational security measures to protect the information you have made available from being manipulated unintentionally or intentionally, lost, destroyed or accessed by unauthorized persons. Where personal data is being collected and processed, the information will be transferred in encrypted form in order to prevent misuse of the data by a third party. Our security measures are continuously reviewed and revised in line with the latest technology.

Right to obtain and correct information

You have the right to obtain information on all of your stored personal data, to receive, to review, and if necessary to amend or erase. To do this, just send an email to the email address indicated in the imprint or to the person in charge of data protection (see below for the relevant contact details). The deletion of your personal data will be completed unless we are legally obligated to store the information.

Children

BASF urges all parents and persons supervising children to instruct their children on how to deal with personal data on the Internet in a safe and responsible way. Children should not transmit personal data to BASF's website without permission from their parents or the person supervising them. BASF undertakes not to knowingly collect the personal data of children, to use it in any way or to disclose it to third persons

Indemnity

You unconditionally agree to indemnify BASF against any liability that may result from the processing of your personal data, including any reliance which may be placed on inaccurate personal data provided to BASF by the you and/or any third parties and/or any unintentional disclosures of such personal data to, or access by, unauthorised persons.

 

Cookies

On our corporate website, we only use cookies if they are required for an application or service which we provide. If you would like to opt out of the advantages of these cookies, you can read in the ‘help’ function on your browser how to adjust your browser to prevent these cookies, accept new cookies, or delete existing cookies. You can also learn there how to block all cookies or set up notifications for new cookies.

The Cookies which we currently use on the website are listed below.

1. What personal data does BASF collect when you visit our website?

(1)   When you visit our website without contacting us or signing in, your browser transmits the following information automatically to our server:

  • IP address of your computer
  • Information about your browser
  • Website that you were on right before you landed on our website
  • URL or file requested
  • Date and time of your visit
  • Volume of data transmitted
  • Status information, e.g. error messages

(2)   If you contact us by email or by contact form on our website, we receive the following information:

  • Your email address and further information that you provide by email or contact form
  • Date and time of your message

2. To what extent and for what purposes does BASF process such data?

(1)   When you visit our website, we use your IP address and the other data that your browser transmits automatically to our server (see Section 1 (1)) in order to:

a) Send the requested content to your browser. In doing so, we store the complete IP address only to the extent necessary to serve the requested content to you.

b) Send your IP address to a service provider to map your public IP address with company and industry related information (no personal information). This company- and industry related information will be processed to our web measurement system. In this process step your IP address is not stored at our service provider or in our system at any time.

c) Protect us from attacks and to safeguard the proper operation of our website. In doing so, we store said data transiently and with restricted access for a maximum period of 180 days. Such period may be extended if and to the extent necessary to prosecute attacks and incidents.

BASF will investigate the user of an IP address only in case of an illegal attack.

(2)   We store the IP address of your computer after having removed the last octet of the IP address, i.e. in anonymous form, for web audience measuring that allows us to improve our website. We remove the last octet of the IP address immediately after collection. That is why we do not collect personal data about your use of our website.

(3)   If you contact us by email or by contact form on our website, we use the data under Section 1 (2) to answer and, if possible, to meet your request. We store such data to the extent necessary to answer and meet your request.

3. Are you required to provide the data? Are you entitled to object to processing?

When you visit our website, your browser transmits the information under Section 1 (1) automatically to our server. You are free to transmit such data. Without providing such data we are not able to serve you the requested content.

You are not obliged to let us use your anonymized data for web audience measuring. You are also not obliged to let us use your IP address for mapping with your company or industry information.

If you want to contact us by email or by contact form on our website, you are free to transmit the data under Section 1 (2).

We will mark mandatory fields, if any, of a contact form. Without providing the required data you may prevent us from answering and meeting your request properly.

4. How do we protect your personal data?

BASF implemented technical and organizational measures to ensure an appropriate level of security to protect your personal data against accidental or unlawful alteration, destruction, loss or unauthorized disclosure.

Such measures will be continuously enhanced in line with technological developments.

5. Do we use cookies on our website?

We will inform you about using cookies in our cookie banner when you visit our website. You accept the use of cookies by further using our website. We would like to inform you about the cookies we use and how you may decline cookies.

(1) The following cookies are important for the smooth operation and specific services of our website:

Cookie   Purpose End-of-life
SessionPersistence (CLIENTCONTEXT and PROFILEDATA)   Allows us to save preferences that you set during your visit on our website. Will be erased as soon as you clear your cache (or one year after your visit)
SessionPersistence (Cookie Layer)   This cookie stores your consent to the use of cookies. Will be erased as soon as you clear your cache (or one year after your visit)
Session Persistence (Cookie Disclaimer)   This cookie stores your acknowledgement of and consent to any disclaimers on our website. Will be erased as soon as you clear your cache (or one year after your visit)
TS<pool_name>   This cookie enables us to distribute the load of requests of our users properly to our servers. It facilitates the stability of our website. Will be erased as soon as you close your browser
Cookie   Purpose End-of-life  
ACOOKIE   This cookie allows the web analytics tool Webtrends to collect anonymous information about how our website is used. Such anonymous information shows us inter alia how many people visited our website, the websites that the users were on right before they landed on our website and which pages they visited. Will be erased two years after your visit
WT_FPC   By default, Webtrends tracks visitors across the primary domain and all subdomains. This sis done by setting a first party cookie on your primary domain with the leading dot, which allows sub-domains to also read this cookie. Will be erased two years after your visit
Id   We use the DoubleClick cookie to collect data regarding user interaction with ad impressions and other ad service functions as they relate to our website. Will be erased two years after your visit
utag_main   The Tealium Tag Management library creates and maintains a single cookie called utag_main. Within that cookie are several built-in calues that keep track of anonymous visitor session. Like a unique identifier for the session and a Unix/Epoch time stamp in milliseconds. Will be erased one year after your visit
D41ID   We use this cookie from Dun and Bradstreet to derive anonymous information concerning businesses visiting our websites. Will be erased one your after your visit

You may use your browser settings to decide which cookies to accept and to decline. Please be aware that you may not be able to use all features of our website if you decline cookies under Section 7 (1).

6. What rights do you have?

You may have certain rights under the applicable data-protection laws, including:

6.1. Right to access: the right to obtain access to your information (if we’re processing it), and certain other information (like that provided in this Privacy Policy);

6.2. Right to correct: if your personal is inaccurate or incomplete you have the right to have your personal information rectified;

6.3. Right to erasure: this is also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of your information where there’s no compelling reason for us to keep using it. This is not a general right to erasure; there are exceptions. For example, we have the right to continue using your personal data if such use is necessary for compliance with our legal obligations or for the establishment, exercise or defense of legal claims.

6.4. Right to restrict our use of your information: the right to suspend the usage of your personal information or limit the way in which we can use it. Please note that this right is limited in certain situations: when we are processing your personal information that we collected from you with your consent you can only request restriction on the basis of: (a) inaccuracy of data; (b) where our processing is unlawful and you don’t want your personal information erased; (c) you need it for a legal claim; or (d) if we no longer need to use the data for the purposes for which we hold it. When processing is restricted, we can still store your information, but may not use it further. We keep lists of people who have asked for restriction of the use of their personal information to make sure the restriction is respected in future;

6.5. Right to object: the right to object to our use of your personal information including where we use it for our legitimate interests, direct marketing;

6.6 Right to be informed: you have the right to be provided with clear, transparent and easily understandable information about how we use your personal information; and

6.7. Right to withdraw consent: if you have given your consent to anything we do with your personal information, you have the right to withdraw your consent at any time (although if you do so, it does not mean that anything we have done with your personal information with your consent up to that point is unlawful).

The exercise of these rights is free of charge for you, however you are required to prove your identity with an official identification or similar document. We will use reasonable efforts consistent with our legal duty to supply, correct or delete personal information about you on our files.

To make inquiries or exercise any of your rights set out in this Privacy Policy and/or make a complaint please contact us by emailing or write to us and we will endeavor to respond within 30 days. Contact details can be found in section 8 below.

When we receive formal written complaints, we will contact the person who made the complaint to follow up. We work with the appropriate regulatory authorities, including local data protection authorities, to resolve any complaints that we cannot resolve directly.

If you are not satisfied with the way any complaint you make in relation to your personal information is handled by us then you may refer your complaint to the relevant data protection supervisory authority.

7. Where can you lodge a complaint?

You have the right to lodge a complaint with our Data Protection/Information Officer (for contact details see below) or with a relevant Regulator.

8. Who is the Controller and Data Protection Officer?

Name:

Stormme Gibson

(Please mark any/all correspondence as being "For the Attention: Head of Legal")

In the event of such person no longer being in office and a replacement not being notified of where a local representative is legally required in the applicable relevant country then the Managing Director of the entity - whose details shall be available on BASF's website.

Address: BASF Holdings South Africa Proprietary Limited. Alternatively, the registered address of the legal entity where legally required.
Email Address: AfricaInfoOfficer@basf.com  
Telephone Number: (+27) 11 203 2487

9. Privacy of Children

This Website is intended to be used by persons aged 18 and older. We do not seek to collect information about persons under the age of 18.

No information should be submitted to or posted on the Websites by persons younger than 18 years of age. If such a person submits personal information via the Websites, we shall delete that information as soon as we are made aware of their age and thereafter shall not use it for any purpose whatsoever.

10. Contact

If you experience any problems or have any questions or ideas, please refer to the data protection representative at BASF, who will be pleased to help you. Should you believe that BASF has utilised your personal data contrary to applicable data-protection laws, you agree to first resolve any concerns with BASF via the contact details below. If you are not satisfied with such process, you have the right to lodge a complaint with the Information Regulator (once established).

 

The continuous development of the Internet makes it necessary for us to adjust our data protection declaration from time to time. We reserve the right to implement appropriate changes at any time.

 

 

 

Stormme Gibson
Information Officer
+27 11 203 2487

How to apply for personal information held about you by BASF