Reporting Privacy Notice

Purpose

The aim of this Reporting Privacy Notice is to ensure a high level of protection and transparency for all individuals whose personal data will be collected by respective Syngenta Group Legal entity ("Syngenta", "Syngenta Group", "we" or "us") in EU in connection with a report made. Reporting wrongdoings, misconduct, or law violations is voluntary. You can make a report without mentioning your name or any other information about yourself in the report, if you wish (anonymous report) and if anonymous reporting is not excluded in the given country. If your report contains personal data, please make sure it is limited to what is necessary to process and resolve the case.

Who will be responsible for processing your data?

If your report concerns only the Syngenta Group entity or entities in your country and the report is managed entirely locally, Syngenta entity in your country is the controller of your personal data. Please check the table below to find out contact details of personal data controllers in your country.

However, if other Syngenta entities are impacted by your report, or your report has been escalated to the Group level and is managed with the support of the Group Compliance both Syngenta entity in your country and our parent company, Syngenta Crop Protection AG, a Swiss corporation based in Basel, Switzerland ("Syngenta Parent") are jointly responsible for the collection and use of your personal data.

If issues raised in your report relate to the entire Syngenta Group or the report is managed by the Group Compliance, then Syngenta Parent is the sole controller of your personal data.

What Information (Personal Data) do We collect and Process

If you decide to provide personal data in your report, we may process the following information:

Ordinary personal data

If you register for the web-based SYNGENTA Compliance Helpline, you will be asked to provide us with the following personal data (although only the data marked by an (*) are mandatory:

  • Your login credentials for the tool (*)
  • Language (*)
  • Whether you are a Syngenta employee or an external contributor or a third party
  • Whether you want to remain anonymous (*)
  • Your contact details (name, address, e-mail address, phone number)
  • Any optional information that you record about yourself

Special Categories of Data

Providing Special Categories of Data[1] in a report is voluntary. If Special Categories of Data provided in the report turn out to be irrelevant for the case, we will immediately delete it. Please do not reveal Special Categories of Data about yourself or anyone else if not necessary for us to understand or resolve the case or protect you or others.

Sources of the personal data

Personal Data Directly from You: As a rule, we collect personal data directly from you via the Syngenta Compliance Helpline.

Personal Data from Third Parties: We may receive personal data from your colleagues, supervisors, third parties (such as our contractors or clients), or otherwise generate such data during investigation.

WHY DO WE COLLECT AND HOLD YOUR PERSONAL DATA AND WHY ARE WE ALLOWED TO DO SO

We may process your personal data for the following purposes.

Purpose

Legal Basis

Handling reports and investigation
We process your personal data to manage in a safe and efficient manner all reports made under our Whistleblowing Policy, including:

  • analysis, storage and follow up on reports,
  • identification and exclusion of irrelevant or false reports,
  • investigation of reported facts (where relevant),
  • necessary actions to stop wrongdoings, misconducts, or law violations, preserve evidence and defend rights of our employees or Syngenta's rights and assets,
  • protecting privacy, rights and safety of the reporting person, witnesses and third parties mentioned in the Report as well as the rights of the person concerned.

Depending on the case, the processing may be based on:

  • the need to comply with our legal obligations[2], given the fact that implementing whistleblowing systems is mandatory in some countries where Syngenta operates (Art. 6(1)c GDPR[3]),
  • -our legitimate interests, more specifically to monitor compliance with our Code of Conduct and other internal regulations (Art. 6(1)f GDPR).

Special Categories of Data
We may process Special Categories of Data to carry out investigation, confirm reported facts and allegations and to take actions to stop detected wrongdoings, misconducts, or law violations.

Depending on the case, the processing may be necessary:

  • to perform obligations and/or exercise specific rights of the employer or employee in the field of employment and social protection law (Art. 9(2)b GDPR);
  • to establish, exercise or defend a legal claim (Art. 9(2)f GDPR);
  • (in exceptional cases) for reasons of substantial public interest (Art. 9(2)g GDPR);

Sharing your Personal Data

We may share your personal data between Syngenta Group affiliates (i.e., Intra-Group) or with other recipients for the following reasons.

Intra-Group

We may share your personal data between Syngenta Group affiliates, for all the purposes specified in Section 4 of this Notice. Syngenta Parent has concluded Intragroup Data Transfer Agreements (IDTAs) with many of its subsidiaries (Syngenta DP Network), including us, to enable the effective and secure transfer and processing of personal data.

Access to personal data is granted on a need-to-know basis, and in all cases provided data remain confidential to the extent possible to comply with applicable local law and to enable investigation and resolution of the case.

Other Recipients

We also share your personal data with service providers that have been selected by Syngenta to perform specific activities on our behalf (such as operators of or technology companies which provide software and computing services (e.g., e-mail, telecommunications, and information management services). We may also share personal data with governmental and public authorities when required by law.

International Transfer of Personal Data

We may transfer your personal data to Syngenta Parent as well to China National Agrochemical Corporation in China. Switzerland have been officially recognized by the European Commission as providing an adequate level of protection for personal data. When we transfer your personal data to recipients located in other third countries (i.e. outside of the European Economic Area) which have not been officially recognized by the European Commission as adequate, transfers take place using an acceptable data transfer mechanism, such as the EU Standard Contractual Clauses (see here), or in exceptional circumstances on the basis of permissible statutory exceptions.

How long Do we Keep your Personal data

We will keep your personal data and data of others for the time necessary to defend claims or due to other applicable laws. If the investigation revealed misconduct or other violations, we may keep personal data for the time necessary to remove the consequences of the misconduct or violation identified.

Your Rights

Rights of individuals

You have the right to access your personal data and obtain a copy of the information that we hold about you. You have the right to correct any inaccurate or incomplete data, object to the processing of your personal data and request restriction of processing in certain instances. You can also request the deletion of your personal data if there is no good reason for us to continue processing it.

Certain rights are subject to restrictions or limitations, and their availability may depend on the lawful basis we rely on to process your personal data (see section 4 above). Further, we may rely on applicable exemptions under applicable law to deny part or all your request. If we do so, we will inform you when responding to your request.

If you wish to exercise any of your above rights, please see Section 9 to check how you can contact us.

Right to lodge a complaint

You also have the right to lodge a complaint with a Supervisory Authority, in the EU Member State of your residence, place of employment, or the location where the issue that is the subject of the complaint occurred. Please check the table below for the Supervisory Authority in your country.

Contact

To exercise you rights or if you have any questions regarding this Reporting Privacy Notice, please contact the relevant Syngenta legal entity in your country via email or via post at the registered office address as provided in the table below.

Country

Data Controller

Syngenta Contact

Supervisory Authority

Hungary

Syngenta Kft.
Alíz utca 2
1117 Budapest
Hungary

dataprivacy.hu@syngenta.com

Hungarian National Authority for Data Protection and Freedom of Information (details available at https://naih.hu).

Syngenta Services Kft.
Alíz utca 2
1117 Budapest
Hungary

Switzerland

Syngenta Crop Protection AG
Rosentalstrasse 67
4058 Basel
Switzerland

dataprivacy.ch@syngenta.com

Federal Data Protection and Information Commissioner (FDPIC (www.edoeb.admin.ch).

Belgium

Syngenta Seeds N.V.
Devgen N.V.
Technologiepark 30
9052 Ghent-Zwijnaarde
Belgium

dataprivacy.be@syngenta.com

Gegevensbeschermings-autoriteit
(www.gegevensbeschermingsautoriteit.be)

Syngenta Crop Protection N.V.
Avenue Louise 489
1050 Brussels
Belgium

Syngenta Chemicals B.V., Belgian Branch
Rue de Tyberchamps 37
7180 Seneffe
Belgium

Bulgaria

Syngenta Bulgaria EOOD
Tsarigradsko Shosse blvd, 145
Sofia Office Center, fl. 6
1784 Sofia
Bulgaria

dataprivacy.bg@syngenta.com

Commission for Personal Data Protection
(https://www.cpdp.bg/en/index.php)

France

Syngenta France SA
1228 Chemin de l'Hobit, 31790 Saint-Sauveur
France

dataprivacy.fr@syngenta.com

Commission nationale de l'informatique et des libertes
(https://www.cnil.fr/en)

Syngenta Production France S.A.S
55, rue du Fond du Val , 27600 Saint-Pierre-la-Garenne
France

Germany

Syngenta Seeds GmbH
Zum Knipkenbach 20
32107 Bad Salzuflen
Germany

de.datenschutz@syngenta.com

Federal:
Bund: Der Bundesbeauftragte für den Datenschutz und die Informationsfreiheit
States:
- Baden-Wurttemberg: The state commissioner for data protection and freedom of information for Baden-Wurttemberg
- Bavaria (public sector): The Bavarian State Commissioner for Data Protection
- Bavaria (private area): Bavarian State Office for Data Protection Supervision
- Berlin: Berlin Commissioner for Data Protection and Freedom of Information
- Brandenburg: The state commissioner for data protection and the right to inspect files in Brandenburg
- Bremen: The State Commissioner for Data Protection and Freedom of Information of the Free Hanseatic City of Bremen
- Hamburg: The Hamburg Commissioner for Data Protection and Freedom of Information
- Hesse: The Hessian data protection officer
- Mecklenburg-Western Pomerania: The State Commissioner for Data Protection and Freedom of Information Mecklenburg-Western Pomerania
- Lower Saxony: The State Commissioner for Data Protection for Lower Saxony
- North Rhine-Westphalia: State Commissioner for Data Protection and Freedom of Information for North Rhine-Westphalia
- Rhineland-Palatinate: The state representative for data protection and freedom of information for Rhineland-Palatinate
- Saarland: Independent Data Protection Center Saarland - State Commissioner for Data Protection and Freedom of Information
- Saxony: Saxon data protection officer
- Saxony-Anhalt: State Commissioner for Data Protection for Saxony-Anhalt
- Schleswig-Holstein: Independent State Center for Data Protection Schleswig-Holstein
- Thuringia: Thuringia State Commissioner for Data Protection and Freedom of Information

Syngenta Agro GmbH
Lindleystrasse 8 D
60314 Frankfurth am Main
Germany

Greece

Syngenta Hellas Single Member S.A.C.I.Anthoussas Avenue
153 49 Anthoussas Attikis Athens
Greece

dataprivacy.gr@syngenta.com

(https://www.dpa.gr)

Italy

Syngenta Italia S.p.A.
Viale Fulvio Testi 280/6, 20126
Milano
Italy

dataprivacy.it@syngenta.com

Garante per la protezione dei dati personali.
(https://www.garanteprivacy.it/)

Netherlands

Syngenta Seeds B.V.
Westeinde 62
1601 BK Enkhuizen
The Netherlands

dataprivacy.nl@syngenta.com

Autoriteit Persoonsgegevens (www.autoriteitpersoonsgegevens.nl)

Syngenta Crop Protection B.V.
Jacob Obrechtlaan 7
4611 AP Bergen op Zoom
The Netherlands

Poland

Syngenta Polska Sp.z.o.o.
Ul. Szamocka 8
01-748 Warsaw
Poland

dataprivacy.pl@syngenta.com

Urz?d Ochrony Danych Osobowych
(https://uodo.gov.pl/)

Romania

Syngenta Agro SRL
Victoria Park, 73-81 Bucure?ti-Ploie?ti road,
3rd building, 4th floor, 1st district
Bucharest, 013685
Romania

dataprivacy.ro@syngenta.com

Autoritatea Na?ional? de Supraveghere a Prelucr?rii Datelor cu Caracter Personal
(https://www.dataprotection.ro/)

Spain

Syngenta Espana, S.A.U.
Calle Ribera del Loira, 8-10, 3ª Planta
28042 Madrid
Espana

dataprivacy.es@syngenta.com

Agencia Española de Protección de Datos
(https://www.aepd.es/es)

UPDATES

You can find out when this Reporting Privacy Notice was last amended by checking "LAST REVISED" at the top of this page. You may print, download, or otherwise retain a copy of this Privacy Notice (and of any revised version) for your records.

[1] "Special Categories of Data" - data that reveal race or ethnicity, political opinions, religious or philosophical beliefs, trade union membership, health, sex life or sexual orientation, physical or mental health, or that include genetic data, or biometric data.

[2] We may process your personal data to comply with our legal obligations set out for example in the Directive (EU) 2019/1937 of the European Parliament and of the Council of 23 October 2019 on the protection of persons who report breaches of Union law and implementing acts which impose an obligation on companies to implement internal and external reporting procedures to detect and react to breaches of law. We may process your data also on the basis of national legislation in your country.

[3] "GDPR" - Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).