Privacy and Cookies Policy
Some sections of this Policy contain additional information particularly for our EU users. We included this information to comply with the requirements under the EU General Data Protection Regulation (GDPR).
- Personal Information: means any information relating to a natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, or an online identifier.
- Processing: means any operation which is performed on Personal Information, such as collection, recording, organisation, structuring, storage, adaptation or any kind of disclosure or other use.
- Information we Process
In order to provide our services to you, we need to Process data about you which may in some parts contain Personal Information; if so, we will do so only as permitted by applicable data protection law or with your consent. We will Process the following Personal Information:
- Information voluntarily provided by you
Although we do not require any form of registration or identification to use our website/app, some services require that you provide some Personal Information so that we can respond to you, evaluate your application, or engage in the requested service.
We will Process information you voluntarily provided to us, such as
- Information (such as your name, user name and email address) that you provide to register as a user of our website’s discussion forum or our app;
- Information (such as your name, user name and email address) that you provide to us to register as a supplier;
- Information in connection with an account sign-in facility, your log-in and password details;
- Communications you send to us, for example via e-mail or website/app communication forms;
- Applications for employment with Tenneco.
For employment applications, we also require information pertaining to your job interests, employment history, and qualifications and other information required by law for us to hire you.
For our EU users: The legal basis for using your data is Art. 6 (1) 1 lit. b GDPR (potentially in connection with applicable national law).
- Information automatically collected from you
When you access our website/app, we may automatically collect additional information about you which will contain Personal Information only in limited cases and which is automatically recognised by our server, such as
- Your IP address;
- Device type, name and IDs;
- Date and time of your requests;
- Content of your requests;
- Information on your browser version;
- Screen resolution;
- Information on your operating system, including language settings.
For our mobile app we will additionally collect
- Location data
- Cell phone number
We use such information only to assist us in providing an effective service (e.g. adapt our website or app to the needs of your end user device or to allow you to log in to our website or use our app), and to collect broad demographic information for anonymized, aggregate use.
For our EU users: The legal basis for the data processing is Art. 6 (1) 1 lit. f GDPR. We have a legitimate interest to analyse and improve the use of our website/app.
- Uses made of your information
We will Process the Personal Information you provide to:
- Identify you when you sign-in to your account;
- Enable us to provide you with the services and information offered through our website or app and which you request;
- Provide your contact information and share your personal profile with other users of our website’s/app’s discussion forum;
- Administer your user account with us;
- Communicate with you;
- To the extent you declared respective consent, send you emails or newsletters with information and offers about our products and services; you can object to such communications free of charge at any time by contacting us using the contact details at the end of this Policy.
For our EU users: Where you consented to the use of your personal data the legal basis is Art. 6 (1) 1 lit. a GDPR. The legal basis for the provision of services is Art. 6 (1) 1 lit. b GDPR. Besides, we have a legitimate interest to allow communication between users of the discussion forum as well as communication with us (Art. 6 (1) 1 lit. f GDPR).
- Automated Decision Making
We do not use your personal data for automated decision making which produces legal effects concerning you or similarly significantly affects you.
If your computer browser is set to allow "cookies", then our site, like most sites on the Internet, installs cookies on your computer. This type of information allows us to identify new and returning visitors to the site, evaluate browsing habits on our site, and conduct market research activities so that we can continuously improve our services. It also allows us to track visitors who come to our Websites and allows you to bypass re-entering certain identifying information if you choose to enter certain sections of our site (such as signing up as a Supplier).
- What are cookies?
Cookies are small text files placed on your computer by websites that you visit. These text files can be read by these websites and help to identify you when you return to a website. Cookies can be “persistent” or “session” cookies. While persistent cookies remain on your computer when you go offline, session cookies will be deleted as soon as you close your web browser.
- What cookies do we place on your computer and how can I avoid the cookie use?
For statistical analyses we use a tool called “Google Analytics”, a web analytics service provided by Google, Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (“Google”), to collect information about the use of this site.
Google Analytics collects information such as how often our users visit this website, what content pages they visit when they do so, and events such as downloads and button clicks. We use the information we get from Google Analytics only to determine the most useful information you are looking for, and to improve and optimize this website. We do not combine the information collected through the use of Google Analytics with Personal Information. Although Google Analytics plants a permanent cookie on your web browser to identify you as a unique user the next time you visit this site, the cookie cannot be used by anyone but Google.
The information generated by the cookie about your use of the website will be transmitted to and stored by Google on servers in the United States. Google Analytics collects only the IP address assigned to you on the date you visit this site, rather than your name or other identifying information. Google will use this information in order to evaluate your use of the website, to compile reports on website activities and to provide other services relating to website and internet use to us.
Google is certified under the EU-US Privacy Shield and the Swiss-US Privacy Shield, thereby ensuring an appropriate level of data protection at Google in the United States.
[Recommendable for EU users: We have activated the IP-anonymisation within the Google Analytics service, and your IP address will be truncated within the area of Member States of the European Union or other parties to the Agreement on the European Economic Area. Only in exceptional cases the whole IP address will be first transferred to a Google server in the USA and truncated there. The IP-address your Browser conveys within the scope of Google Analytics will not be associated with any other data held by Google.]
You can prevent Google Analytics from recognizing you on return visits to this site by disabling their cookies on your browser through downloading and installing the following Browser-Plug-in: https://tools.google.com/dlpage/gaoptout?hl=en.
We use a tool called “Flashtalking”. It enables us to deliver ads suited to our user’s interests. The tool is provided by Flashtalking Inc, 1101 W Fulton Market, Suite 200, Chicago, Illinois 60607, USA.
Flashtalking collects information on the websites the user visits and the user’s interaction with ads. In order to be able to identify the user’s computer, Flashtalking stores a cookie on your computer. Further, it stores user IPs on the Flashtalking servers. The cookies used by Flashtalking expire after two years.
Flashtalking may combine your user information with other information gathered from other sources such as third parties or publicly accessible sources.
Users have the ability to opt-out of our Flashtalking cookies via these links:
Flashtalking will still deliver ads to users who have opted-out of cookie use. However, these ads will be generic and not targeted specifically at the user.
- Use of our discussion forum
Our forum can be accessed and read without registration. Anything you post on the discussion forum will be available to a broader public; you can delete your posts at any point in time. In order to provide content to the forum, you will have to register with your name, email address and password. You are not obliged to provide your real name but can use an alias.
If you register for the forum we will Process your name, email address and password as well as all content provided to the forum for the purpose of the forum operation. You can delete your user account by emailing PrivacyOffice@tenneco.com. In case you decide to delete your user account, all your account data, including all communication will be deleted. Information posted by you into our discussion forum will remain visible, but any link to your person will be deleted. The unique username you selected during signup process will become available to other users upon deletion.
For our EU users: The legal basis for using the data to enable the registration for the discussion forum is Art. 6 (1) 1 lit. b GDPR.
- Information sharing
1. We may disclose your Personal Information to our affiliates to get you to the information you are looking for as streamlined as possible. For example, we will forward any inquiry to the legal entity within our group best suited to assist you. Our affiliates will only use your information to the extent necessary to perform their functions.
For our EU users: Such data use is based on our legitimate interest to direct your request to the most appropriate entity within the Tenneco group (Art. 6 (1) 1 lit. f GDPR).
2. We may disclose anonymous aggregate statistics about users of the website/app in order to describe our services to prospective partners, advertisers and other reputable third parties and for other lawful purposes, but these statistics will include no Personal Information.
3. We may disclose your Personal Information to contractors who assist us in providing the services we offer through the website/app. Our contractors will only use your Personal Information to the extent necessary to perform their functions and will be contractually bound to process your Personal Information only on our behalf and in compliance with our requests.
4. In the event that we undergo re-organisation or are sold to a third party, any Personal Information we hold about you may be transferred to that re-organised entity or third party in compliance with applicable law.
5. We may disclose your Personal Information if legally entitled or required to do so (for example if required by law or by a court order). This includes situations where Tenneco may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements, for fraud prevention or investigation, identifying or addressing policy violations, and to enforce our legal rights.
6. [Addition for recipients outside the European Economic Area:] Some of the recipients mentioned above reside outside the European Economic Area (“EEA”). For further information about cross border transfer in general and transfers outside of the EEA see Section H.
- Cross border data transfers
Within the scope of our information sharing activities set out above, your Personal Information may be transferred to other countries which may have different data protection standards than your country of residence. Please note that data processed in a foreign country may be subject to foreign laws and accessible to foreign governments, courts, law enforcement, and regulatory agencies. However, we will endeavour to take reasonable measures to keep up an adequate level of data protection also when sharing your Personal Information with such countries.
In the case of a transfer from a country within the EEA to a country outside of the EEA, this transfer is safeguarded by the EU-US Privacy Shield and EU Model Clauses. You can find further information about the aforementioned safeguards under https://www.privacyshield.gov/ and https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_en.
- Third Party Content
For our EU users: The legal basis is Art. 6 (1) 1 lit. f GDPR. We have a legitimate interest to improve the attractiveness of our website by implementing different media.
- Social Plugins
We have implemented Social Plugins from social networks so that you can share anything of interest to you with your friends and connections. Our website/app contains social plugins to external social networking sites such as facebook.com (“Facebook”), instagram.com (“Instagram”) and twitter.com ("Twitter"). Facebook is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA. Instagram is operated by Instagram, LLC, 1601 Willow Rd. Menlo Park, CA 94025, USA. Twitter is operated by Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA. Where you visit our website or use our app, your device will set up a direct connection to the Facebook, Instagram and Twitter servers. In the process the Facebook, Instagram and Twitter servers recognise that you use our website/app. If you are a member of Facebook, Instagram and/or Twitter, these sites may assign this information to your personal user account. By interaction with one of the plug-ins, e.g. by clicking the 'like' button and/or the Instagram or Twitter button this information will be sent via your device directly to the respective service where it will be stored on your respective personal user accounts.
You can find further information within the privacy policies of Facebook (http://www.facebook.com/about/privacy/), Instagram (https://www.instagram.com/legal/privacy/) and Twitter (http://twitter.com/privacy).
For our EU users: The legal basis is Art. 6 (1) 1 lit. f GDPR. We have a legitimate interest to allow for distribution of our services on social networks and ensure an attractive presentation and simplification of the use of our online offerings.
- Links to third party websites
We have reasonable state of the art security measures and appropriate technical, administrative and physical safeguards in place to protect against the loss, misuse and alteration of Personal Information under our control. For example, our security and privacy policies are periodically reviewed and enhanced as necessary and only authorised personnel have access to Personal Information. In addition, we take steps to ensure that our safeguards take into account new security threats as they continue to evolve. Whilst we cannot ensure or guarantee that loss, misuse or alteration of information will never occur, we use all reasonable efforts to prevent it.
You should bear in mind that submission of information over the internet is never entirely secure. We cannot guarantee the security of information you submit via our website/app whilst it is in transit over the internet and any such submission is at your own risk.
- Data retention
We strive to keep our Processing activities with respect to your Personal Information as limited as possible. Your Personal Information will be retained only for as long as we need it to fulfil the purpose for which we have collected it and, if applicable, as long as required by statutory retention requirements.
Tenneco’s websites are not directed to children under the age of 13. We do not seek, or knowingly collect, information from children under the age of 13. Tenneco abides by the Children's Online Privacy Protection Act (COPPA) in the United States, and respects similar state laws and laws of other countries that protect the privacy of children. Should a child whom we know to be under 13 provide Personal Information to us, we will use that information only to respond directly to that child to inform him or her that we must have parental consent before receiving information about him or her.
- Additional rights for EU users
Under the legislation applicable to you, you may be entitled to exercise some or all of the following rights:
1. require (i) information whether your Personal Information is retained and (ii) access to and/or duplicates of your Personal Information retained, including the purposes of the Processing, the categories of Personal Information concerned, and the data recipients as well as potential retention periods;
2. request rectification, removal or restriction of your Personal Information, e.g. because (i) it is incomplete or inaccurate, (ii) it is no longer needed for the purposes for which it was collected, or (iii) the consent on which the Processing was based has been withdrawn;
3. refuse to provide and – without impact to data Processing activities that have taken place before such withdrawal – withdraw your consent to Processing of your Personal Information at any time;
4. object at any time that your personal data will be used for direct marketing purposes, or - based on grounds relating to your particular situation - that your personal data shall be subject to data processing for other purposes;
5. receive data that you have provided to us surrendered to you or to a third party in a standard, machine-readable format. If you require the direct transfer of data to another controller, this will be done to the extent technically feasible.
6. take legal actions in relation to any potential breach of your rights regarding the Processing of your Personal Information, as well as to lodge complaints before the competent data protection regulators.
You may (i) exercise the rights referred to above or (ii) pose any questions or (iii) make any complaints regarding our data processing by contacting us under the contact details set out below.
N. Contacting us
O. Amendments to this Policy