Privacy Policy

1. Introduction

This privacy policy describes how we collect, use, process, disclose and protect personal information about you. It applies to personal information we collect when you access and use the services and features offered on our websites and mobile applications that link to this policy (collectively the “Sites”).

We may change this policy from time to time. If we make significant changes, we will notify you by email, notice in your account on our Sites or another appropriate method. We encourage you to review this policy whenever you use the Sites. It is important that personal information we hold about you is accurate and current. Please let us know if your personal information changes during your relationship with us.

This policy may be supplemented by other more specific privacy policies on our Sites. For example, if you apply to work for us through our careers Site, you will be provided with access to our Candidate Privacy Policy that will explain how your personal information is used during the recruitment process.

2. What personal information do we collect?

Personal information, or personal data, means any information about an individual from which that person can be identified.

We may collect, store and use, the following categories of personal information about you:

We do not specifically collect special category personal information about you. This includes details about your racial or ethnic origin, political opinions, religion or other beliefs, health, biometric or genetic characteristics, criminal background or trade union membership. We ask you not to share special category personal information with us, unless specifically requested or necessary.

If you are resident in California, we may collect certain categories of sensitive personal information. This is usually limited to your user account login detail.

We also collect, use and share Aggregated Data such as statistical, demographic, aggregated usage and purchasing data for any purpose. Aggregated Data may be derived from your personal information but is not considered personal information in law as this data does not directly or indirectly reveal your identity. However, if we combine or connect Aggregated Data with your personal information so that it can directly or indirectly identify you, we treat the combined data as personal information which will be used in accordance with this privacy policy.

3. How do we collect your personal information?

We collect personal information using different methods:

4. How and why do we use your personal information?

4.1.Purposes for which we use your personal information

We will use your personal information for the following purposes:

The above purposes for using your personal information will overlap and, therefore, multiple purposes may justify our use of your personal information.

4.2. Lawful bases for processing your personal information

We will only use personal information where the applicable law allows us to do so. Where necessary, we will rely on the following lawful bases:

Where the applicable law does not require us to only process personal information under a specific lawful basis but imposes other requirements such as ensuring that the purposes for which we use personal information would be considered appropriate, we will comply with such other requirements.

4.3. If you do not provide your personal information

If you do not provide personal information that we request, we may not be able to provide products or services that you or our business partner requests. You will also not be able to receive targeted offers and other relevant communication. If we enter into a contract with you, without personal information that we need, we may not be able to perform that contract.

4.4. Change of purpose

We will only use your personal information for the purposes for which we collected it. If we need to use your personal information for a different purpose, we can use it provided we reasonably consider that such different purpose is compatible with the original purpose.

If we need to use your personal information for an unrelated purpose, we will, where required by law, notify you and we will explain the legal basis which allows us to do so.

Please note that we may process your personal data without your knowledge or consent where this is required or permitted by law.

4.5. Marketing

We may use information about how you use the Sites, your identity, the identity of a business partner you represent to form a view on the products and services you may need or be interested in or that may be relevant to you. We may also combine personal information gathered across the Sites and from third parties to bring you products, services, offers, promotions and events that are most relevant to you.

Where permitted by law, we may send marketing communications to you, unless you opt-out or unsubscribe and, where required, we will ask for your consent before sending direct marketing communications to you.

Wherever you are based, you can always ask us or our nominated third parties to stop sending you marketing messages at any time by following the links on any marketing message sent to you or by contacting us at any time.

4.6. Cookies

We use cookies and other tracking technologies to distinguish you form other users of our site. For simplicity, we will refer to these technologies as “cookies”. A cookie is a small text file that is placed on your device by the websites that you visit. On subsequent visits, cookies are sent back by the website that recognizes the cookies, to develop a record of your online activity. To manage your choices, please see our cookie manager].

In addition, most browsers allow you to refuse to accept cookies. You may also delete cookies. This can be found in your browser settings. Please remember that if you block all cookies in your browser, you will not be able to use all features of our Sites.

4.7. Third-party links

The Sites may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy policy of every website you visit.

5. Who do we share your personal information with?

5.1. Categories of recipients of personal information

We may share your personal information with the following categories of third parties:

XpressConnect Supply

Service providers and suppliers of goods

Professional advisers and insurers. We may need to share information with our lawyers, accountants and other consultants, as well as with our insurers and brokers.

Regulators and other authorities. It may be necessary to provide personal information to, for example, tax authorities.

M&A buyers and sellers. The parties to whom we may choose to sell, transfer, or merge parts of our business or assets or where we acquire or seek to acquire other businesses or merge them.

We require third parties to respect security of your personal information and treat it in accordance with the law. Where we disclose personal information to a service provider or other processor, we require them to take adequate security measures to protect your personal information in line with our policies and the law. We only permit such third parties to process your personal information for specified purposes and in accordance with our instructions

5.2. International data transfers

We may share your personal information within XpressConnect Supply. This will involve transferring your personal information to our global HQ in the US and countries where XpressConnect Supply is located. Where required, we use intra-group standard contractual clauses approved by the European Commission or the UK’s Information Commissioner.

External third parties with whom we share personal information may be based outside EEA. In that case, we have processes in place to ensure that your personal information is adequately protected. For example, our contracts with third party processors include provisions that they must follow to ensure adequate protection of your personal information.

If you wish to know about the above contracts, please contact us.

6. How do we protect your personal information?

We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. We take reasonable steps to maintain physical, procedural, and technical security in our offices, information systems, and information storage facilities in order to protect your personal information. We restrict access to personal information to those individuals who need access to it in performing our duties and obligations.

7. How long will we keep your personal information?

We will only keep your personal information for as long as is necessary for the purpose for which it was collected. That includes satisfying any legal, accounting, or reporting requirements.

8. What are your rights over your personal information?

8.1. Your rights in general

Your rights will vary depending on your location. These rights may be subjects to exceptions and certain limitations under the applicable law.

In certain circumstances, you have the right to:

If you are resident outside of the US and want to exercise any of the above rights, please contact us.

8.2. US residents

If you are resident in the US, your rights will depend on the State you reside in.

8.3. Verification and unfounded requests

Please note that you will not have to pay a fee to exercise your rights. However, where allowed by law, we may charge a reasonable fee if your request is clearly unfounded or excessive or we may refuse to comply with your request in such circumstances.

When you exercise your rights, we may request information form you to confirm your identity. This is to ensure your personal information is not disclosed to any person who has no right to receive it.

9. Who to contact?

We hope that this policy has been helpful, but if you have questions or wish to exercise your legal rights or to complaint, please contact our Chief Compliance Officer by submitting a form here.

If you do not have access to an email you may write to us at Chief Compliance Officer:

Global HQ
1601 Feehanville Drive, Suite 500
Mount Prospect, IL 60056

You also have a right to make a complaint at any time to a supervisory authority in your country.