- visit or use our Websites;
- interact with us on behalf of a customer in connection with the provision of our services;
- interact with us on behalf of a service provider in connection with the products and services our service provider provides to us;
- interact with us on behalf of a business partner in connection with our relationship with the business partner;
- receive marketing communications from us; and/or
- interact with us by registering for, attending and/or otherwise taking part in our trade events, webinars, or conferences or who communicate with us via email, phone, or in-person.
This Policy is designed to assist individuals and businesses that interact with us to understand the types of personal data we collect, how that personal data is processed, and the practices we have adopted to protect personal data.
Residents of the EEA
If your personal data is processed by us in the European Economic Area (“EEA”), including in the United Kingdom (“UK”) or the European Union (“EU”), or if you are a resident of the EEA, including the UK or EU, and subject to GDPR protections, please review Section XIV below for a description of your rights. In the event of a conflict between Section XIV and other provisions of this Policy, Section XIV will prevail.
Residents of California
If you are a California resident, please review Section XIII below for a description of your rights under applicable California law. In the event of a conflict between Section XIII and other provisions of this Policy, Section XIII will prevail.
II. Sources of Information
Harsco will collect and process the following data about you:
- Information you give Harsco. This is information about you that you give Harsco by filling in forms on the company's websites or by corresponding with Harsco by phone, e-mail or otherwise. The information you give Harsco may include your name, address, e-mail address and phone number, and financial information.
- Information Harsco collects about you. With regard to each of your visits to Harsco's website, we will automatically collect the following information:
- technical information, including your Internet protocol (IP) address, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
- information about your visit, including the full Uniform Resource Locators (URL), clickstream to, through and from our site (including date and time), products you viewed; page response times, download errors, duration of page visits, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page and any phone number used to call Harsco.
- Information Harsco receives from other sources. This is information Harsco receives about you if you use any of the other websites we operate or the other services we provide. We will also have told you for what purpose we will share and combine your data. We are working closely with third parties (including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers and search information providers).
More detailed information on cookies can be found at www.allaboutcookies.org.
IV. Uses of Information
Harsco uses information held about you in the following ways:
Information you give to Harsco. Harsco will use this information:
- to carry out its obligations arising from any contracts entered into between you and Harsco and to provide you with the information, products and services that you request from us;
- to provide you with information about other goods and services we offer that are similar to those that you have already purchased or enquired about;
- to notify you about changes to our service;
- to ensure that content from our site is presented in the most effective manner for you and for your computer.
Information we collect about you. Harsco will use this information:
- to administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- to improve our site to ensure that content is presented in the most effective manner for you and for your computer;
- as part of our efforts to keep our site safe and secure;
Information we receive from other sources. Harsco will combine this information with information you give to us and information we collect about you. We will use this information and the combined information for the purposes set out above (depending on the types of information we receive).
V. Disclosure of your Information
Harsco may disclose your personal information:
- In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets;
- To business partners, suppliers and sub-contractors for the performance of any contract we enter into with them;
- To analytics and search engine providers that assist Harsco in the improvement and optimization of its site; or
VI. Data Storage and Security
The data that Harsco collects is stored on our servers in multiple jurisdictions. It will be processed by staff that work for Harsco or on its behalf. This includes staff engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services. Your personal data may be transferred within or outside the European Economic Area (the “EEA”). By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance applicable law and this Policy.
Unfortunately, the transmission of information via the internet is not completely secure. Although Harsco takes reasonable measures to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. We maintain organizational, technical and administrative measures designed to protect personal information within our organization against unauthorized access, destruction, loss, alteration or misuse, consistent with applicable regulatory requirements and applicable published security standards.
VII. Records Retention
Harsco will keep your personal data for as long as we need it, or as otherwise prescribed by law, for the purposes set out above, and so this period will vary depending on your interactions with us. For example, where you have contracted with Harsco, we will keep a record of your payment for the period necessary for invoicing, tax and warranty purposes. We may also keep a record of correspondence with you (for example if you have made a complaint about our products or services) for as long as is necessary to protect Harsco from a legal claim. Our data retention policy further describes our retention practices. Please note that where you unsubscribe from our marketing communications, we will keep a record of your email address to ensure we do not send you marketing emails in future.
VIII. Third Party Sites
Harsco's site may, from time to time, contain links to and from the websites of our partner networks and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
IX. Social Media Features
Harsco's site may also include social media or lead generation features, such as Facebook or Twitter buttons and widgets, such as the “share this” button. These features may collect your IP address, which page you are visiting on our site and may set a cookie to enable the feature to function properly. Social media and lead generation features and widgets may be hosted by a third party and your interactions with these features and widgets are governed by the privacy notice of the company providing it.
Our site is directed at an adult audience and we do not knowingly collect information from or about children.
XI. Changes to This Policy
Any changes Harsco makes to this Policy in the future will be posted on this page and, where legally required, notified to you by e-mail. Please check back frequently to see any updates or changes to this Policy.
Questions, comments and requests regarding this Policy are welcomed and should be addressed to firstname.lastname@example.org. If you are having trouble viewing or accessing this Policy or need it made available to you in an alternative format, please contact email@example.com.
This section applies to California residents whose Personal Information is subject to the California Consumer Privacy Act of 2018 (“CCPA”). If you are not a California resident, the rights described in this section do not apply to you. For purposes of this Section XIII, “Personal Information” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.
A. Collection of Personal Information. In the preceding twelve (12) months, we have collected the following categories of Personal Information:
- Identifiers, such as such as name, address, telephone number, fax number, e-mail address, date of birth.
- Certain categories of Personal Information listed in California law, such as name, signature, social security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.
- Protected legal characteristics, such as age, race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, or genetic information (including familial genetic information).
- Commercial information, such as records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
- Biometric information, such as imagery of the iris, retina, fingerprint, face, hand, palm, vein patterns, and voice recordings, from which an identifier template, such as a faceprint, a minutiae template, or a voiceprint, can be extracted, and keystroke patterns or rhythms, gait patterns or rhythms, and sleep, health, or exercise data that contain identifying information.
- Internet activity, such as computer, operating system, IP address, browser type and language, general location information, domain name, a date/time/access stamp, internet service provider, referring/exit URLs, clickstream data, and other information about pages you view and resources you access or download, including but not limited to, the links clicked, traffic data, weblogs and other communication data, features used, size of files uploaded, streamed or deleted, and similar device and usage information when users access or use the services or visit our Site for system administration, to filter traffic, to look up user domains and to report on statistics.
- Geolocation data, such as may be determined by GPS, IP address, and other data from a mobile device.
- Audio, electronic, visual, thermal, olfactory, or similar information.
- Employment information, such as current or past job history or performance evaluations.
- Education information, such as education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.
- Inferences about personal preferences and attributes, such as profiles reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
B. Sources of Personal Information. A description of the sources from which we collected Personal Information may be found in Section II above.
C. Uses of California Residents’ Personal Information. Below is a description of how we use Personal Information:
- To ensure the proper functioning of our business operations and administration of our general business, accounting, record-keeping and legal functions;
- To monitor user activities on our systems to ensure users are complying with applicable laws and regulations, and are not performing activities that would negatively affect our reputation;
- To assess, improve and develop our business, products and services, and for similar research and analytics purposes;
- To help prevent fraud and abuse;
- To ensure that you receive an excellent user experience and/or maintaining the safety, security, and integrity of our Site, Services, information, tools, systems, databases and other technology assets and business;
- To comply with a law, regulation, legal process, order of a court or by any rule of law or governmental request; protect the safety of any person; protect property or the rights or property of those who use our services; prevent or detect crime; apprehend or prosecute offenders; and
- To facilitate merger, acquisition, reorganization, sale of assets or similar strategic transaction.
D. Disclosures of Personal Information for a Business Purpose. In the preceding twelve (12) months, we have disclosed the following categories of Personal Information for a business purpose:
|Categories||Categories of Third Parties to Whom Personal Information Was Disclosed|
|B. Certain categories of Personal Information listed in California law||
|C. Protected legal characteristics||
|D. Commercial information||
|E. Biometric information||
|F. Geolocation data||
|G. Employment information||
E. Sales of Personal Information. We do not sell Personal Information. To our actual knowledge, we have not sold the Personal Information of California residents under 16 years of age.
F. Your CCPA Rights. Subject to certain legal limitations and applicable exceptions, California residents may exercise the following rights.
- Right to Know. You have the right to request that we disclose to you the categories of Personal Information we have collected about you in the preceding 12 months, the categories of sources from which we collected the Personal Information, the purposes for collecting the Personal Information, and the categories of third parties with whom we have shared your Personal Information. You may also request information about the specific pieces of Personal Information we have collected about you.
- Right to Delete. You have the right to request that we delete your Personal Information that we have collected from you.
How to Exercise Your CCPA Rights
You may exercise your rights under the CCPA by either:
- emailing us at firstname.lastname@example.org;
- writing us at Data Privacy Coordinator, Harsco Corporation, 350 Poplar Church Road, Camp Hill, PA 17011; or
- calling us at +1 717 763 7064.
You may also designate an authorized agent to exercise these rights on your behalf by following the process described in “Authorized Agents,” below.
You may request access to your Personal Information twice in any 12-month period, measured from the date we receive your first request. If you submit a request to obtain your Personal Information more than twice in any 12-month period, we will either: (i) proceed with honoring your request; or (ii) deny your request in writing.
In accordance with the CCPA, you have the right not to receive discriminatory treatment from us as a result of your exercising these rights.
In order for you to exercise your CCPA rights, we will need to obtain information to verify your identity. For a report of the specific Personal Information we have processed about you, you must provide us with your name, mailing address and email address in order that we may verify your identity. You also must provide us with a signed declaration, under penalty of perjury, that you are who you say you are. For a report of the categories of Personal Information we have processed about you or for a request to delete your Personal Information, you must provide us with your name and email address in order that we may verify your identity.
Where necessary, we may request additional information about you so that we can verify your identity. Where we did not already hold that information, we will use it only for the purpose of verifying your identity and to process your request. If you are submitting a request on behalf of a household, we will need to verify each member of the household in the manner set forth in this section.
You may use an authorized agent to exercise your CCPA rights on your behalf. Authorized agents may demonstrate that the agent has authority to exercise rights on the requesting consumer’s behalf by providing reasonably requested supporting documentation in order for us to ensure appropriate authorization. At a minimum, we will require evidence of the agent’s identity (such as via passport or driver’s license submission), and at least one of the following evidencing proof of your legal authority to act on the behalf of the individual who is the subject of this request:
- Written authorization signed by the consumer;
- Certified copy of a Power of Attorney granted under the California Probate Code; or
- Evidence of parental responsibility.
Whenever you interact with us on behalf of another individual or entity, such as by providing or accessing Personal Information about another individual, you represent that your interactions and exchanges comply with applicable data privacy laws. You shall have sole responsibility for any violation of applicable laws as a result of a failure to obtain any necessary consent from such individual.
We will respond to Requests to Delete and Requests to Know within 45 calendar days, unless we need more time, in which case we will notify you and may take up to 90 calendar days total to respond to your request.
G. Contact Information. California residents with questions regarding this Policy or our privacy practices generally, please contact us at:
Phone: +1 717 763 7064
Mail: Data Privacy Coordinator, Harsco Corporation, 350 Poplar Church Road, Camp Hill, PA 17011;
This section applies to residents of the EEA. If you are not a resident of the EEA, the rights described in this section do not apply to you. For purposes of this Section XIV, “Personal Data” means any information relating to an identified or identifiable natural person.
A. The Legal Basis for Processing Your Personal Data. In order to comply with applicable data protection laws in the EEA, Harsco is required to set out the legal basis for the processing of your Personal Data. In accordance with the purposes for which we collect and use your Personal Data, as set out above, the legal basis for processing your Personal Data in the EEA will typically be one of the following:
- Harsco's or its third parties' legitimate business interests (for example, in maintaining and promoting Harsco's business by providing customers with feedback opportunities or other instances where we have carried out a legitimate interests assessment and have established an existing legitimate interest);
- the performance of a contract that Harsco has in place with you;
- your consent where appropriate;
- to protect your vital interests; or
- compliance with Harsco's legal obligations.
B. Data Subject Rights. Data subjects in the EEA and other jurisdictions may have rights in relation to their personal data which include:
- Right to rectification. Data subjects may request that we rectify any inaccurate or incomplete personal data.
- Right to withdraw consent. Data subjects may at any time withdraw their consent to the processing of their personal data carried out by Harsco on the basis of their previous consent. Such withdrawal will not affect the lawfulness of processing based on such previous consent.
- Right to make a subject access request (SAR). Data subjects may request in writing copies of their personal data. However, compliance with such requests is subject to certain limitations and exemptions and the rights of other individuals. Each request should make clear that a SAR is being made. You may also be required to submit a proof of your identity and any payment permitted by law, where applicable.
- Right to object to processing including automated processing and profiling. We do not make automated decisions about data subjects. However, we may rely on information provided by third parties such as credit reference agencies which may score data subjects on the basis of automated decisions. Profiling may be carried out for business administration purposes, such as monitoring trends in user visits of our website and in order to deliver relevant ads to users' devices. We will comply with valid objection requests unless we have a compelling overriding legitimate ground for the continuation of our processing or we have another lawful reason to refuse such request. We will comply with each valid opt-out request in relation to marketing communications.
- Right to erasure. Data subjects may request that we erase their personal data. We will comply, unless there is a lawful reason for not doing so. For example, there may be an overriding legitimate ground for keeping the personal data, such as, our business record retention obligations that we have to comply with.
- Restriction. Data subjects may request that we restrict our processing of their personal data in various circumstances. We will comply, unless there is a lawful reason for not doing so, such as, a legal obligation to continue processing your personal data in a certain way.
- Right to data portability. In certain circumstances, data subjects may request the controller to provide a copy of their personal data in a structured, commonly used and machine-readable format and have it transferred to another provider of the same or similar services. We do not consider that this right applies to our Services. However, to the extent it does, we will comply with such transfer request. Please note that a transfer to another provider does not imply erasure of the data subject's personal data which may still be retained for legitimate and lawful purposes.
- Right to lodge a complaint with the supervisory authority. We suggest that data subjects contact Harsco about any questions or complaints in relation to how we process their personal data. However, each data subject has the right to contact the relevant supervisory authority directly.