Basic principles and our privacy commitment

At Danone Nutricia Côte d’Ivoire (hereinafter “DNCI”) we are committed to protecting your right to privacy. We aim to protect any personal data we collect, to manage your personal data in a responsible way and to be transparent in our practices. Your trust is important to us. We have therefore committed ourselves to the following basic principles:

• You have no obligation to provide any personal data requested by us. However, if you choose not to provide any personal data requested by us, we may not be able to provide you with some services or products.
• We only collect and process your data for the purposes set out in this Personal data protection policy or for specific purposes that we share with you and/or that you have consented to.
• We aim to collect, process and use as little personal data as possible.
• When we do collect your personal data, we aim to keep it as accurate and up to date as possible.
• If the personal data we collect is no longer needed for any purposes and we are not required by law to retain it, we will do what we can to delete, destroy or permanently de-identify it.
• Your personal data will not be shared, sold, rented or disclosed other than as described in this Personal data protection policy.

 

Who does this Personal data protection policy apply to?

 

Depending on our relationship, we will collect and use your personal data in different ways.  Please refer to the list below to find out the information that we collect about you and how we use this personal data:

1. Visitors to our websites and users of our apps and services;
2. Persons using the tools offered on this website

 

What this Personal data protection policy contains:

This Personal data protection policy describes the following important topics relating to your personal data:

1.      Who are we?

2.      What personal data do we collect and how?

3.      The purpose and legal basis for collecting and using personal data

4.      Profiling and automated decision making

5.      Links to other websites

6.      Social media and other User Generated Content

7.      Children’s personal data  

8.      Sharing personal data with third parties

9.      Sharing personal data internationally

10.  How we protect your personal data

11.  How long we store your personal data

12.  Your rights

13.  How to contact us

14.  Changes to our Personal data protection policy.

 

1. Who are we?

Danone Nutricia Côte d’Ivoire is responsible for the personal data that you share with us. When we say “Danone”, “us”, “our” or “we”, we are referring to Danone Nutricia Côte d’Ivoire. In accordance with regulations applicable to the processing of personal data, DNCI is the “data controller”.

DANONE NUTRICIA CÔTE D’IVOIRE

Abidjan Marcory, Blvd FHB Ex VGE face à l’hôtel Ibis, Immeuble Tour Ivoire au 4ème étage, 28 BP 651 Abidjan 28, Côte d’Ivoire

 

If you want to know more about DANONE and its products, please visit https://www.danone.com

 

2. What personal data do we collect and how?

 

The personal data we collect varies depending on our relationship with you, the purpose of the collection and the product or service we are providing to you. Please see the section(s) below that best describes our relationship with you for further details of the personal data that we collect.

 

We may collect your personal data directly from you.

 

You may give us personal data about yourself by visiting our websites or applications, entering or participating in a survey or a research activity, filling in our forms or questionnaires.

 

Some of this data is collected via cookies and similar tracking technologies – see our Cookie Statement for further details on this.

 

We may also receive personal data about you from third parties such as: our business partners, including marketing agencies, market research companies, companies that co-sponsor our promotions, retailers; family, friends and others who provide your personal data to us because you have consented to or they think you may be interested in our products and services or they want to share a product or service with you; and other third parties such as media providers/owners, public and third party websites, social media platforms, advertising platforms, our suppliers or our group companies (referred to in this Personal data protection policy as “third parties” or “suppliers”). 

 

Statistical modelling

 

When you browse and interact with our websites, we may also collect aggregated and non-identifying information such as country and page URL.

We use these anonymized data to build statistical models, allowing us to infer the impact of our ads on users’ actions, such as purchases, while respecting your privacy.

This helps us refine our advertisements to make them more relevant to our consumers, thereby enhancing their experience on our websites.

It is important to underscore that this method of gathering information does not, under any circumstances, enable users’ identification.

 

Visitors to our websites and users of our apps and services

We, or third parties on our behalf, may collect and use information about you such as the following:

1. health data where you provide this to us – please also see the “Special categories of data” section below;
2. your entry into a survey (including the entry itself, which may be a photo or answer to a question);
3. information about people other than you, such as personal data about your family members, when you provide such information directly to us;
4. any updates to data provided to us; and
5. personal data created and recorded as you use our websites, apps and/or services, including:
   • technical information– this includes the Internet Protocol (IP) address used to connect your device to the internet address; the website address and country from which you access information; and
   • information about your visit and your behavior on our websites and/or apps (such as the pages that you click on) – this may include time and length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs, information shared with others, including through email and social media), methods used to browse away from the page, traffic data, location data, weblogs and other communication data and information provided when requesting further service or downloads.

 

People using the tools offered on this website

 

We, or third parties acting on our behalf, may collect and use certain information about you, such as the following:

 

1. Gender,
2. date of birth,
3. age group,
4. feeding method, frequency of breastfeeding, consumption of different foods (milk, cereals, meat, eggs) and other sources of iron,
5. iron intake score, and
6. the consent on the use of this data.

 

Special categories of data

In principle DNCI does not seek to process sensitive data relating to you. However, some of the personal data that we collect about you or which you provide to us may be special categories of data, often relating to health and wellbeing. 

We will only process this type of data for purposes to which you give your explicit consent, or in any other circumstances permitted by law (such as defense of legal claims).

 

3. The purpose and legal basis for collecting and using personal data

 

The table below shows the purposes for which we collect and use your personal data, as well as the legal bases for our use for your personal data. Further information as to our legal bases is set out below the table. Please note that not all of the uses below will be relevant to every individual:

 

Our purpose(s) for processing your personal data	Our legal basis
Managing our relationship with you ·     To keep track of our interactions with you ·     To keep a record of your consent and to manage your data subject rights requests	·     Contractual necessity ·     Legitimate interests ·     Compliance with legal obligations
Managing and improving our processes and business operations ·     To provide, improve, maintain, keep secure and provide technical support in relation to our websites and apps ·     To evaluate your visit to our websites and apps and your use of our services and prepare reports to compile statistics to understand the type of people who use our websites, apps and services, how they use our websites, apps and services and how to make our websites, apps and services more intuitive ·     To manage, develop and improve our products, services and communications ·     For internal corporate reporting, business administration, ensuring adequate insurance coverage for our business, ensuring the security of company facilities, research and development, and identifying and implementing business efficiencies	·     Legitimate interests ·     Consent (where you have given it)
Provide results based on your answers	·       Legitimate interests ·       Consent (when you have given it)
Manage and improve our products and/or services:  ·       For scientific research: to understand the prevalences linked to diet in Africa, and the correlation between diet and health. ·       To improve our knowledge of consumers and consumption habits ·       Create profiles based on your interests, preferences and other information that help us understand what products and services are of interest to you. ·       Create consumer categories (segments) of people with interests and preferences similar to yours (lookalike audiences).	·       Legitimate interests ·       Consent (when you have given it)
Other purposes ·     To follow applicable laws and regulations ·     To respond to requests from competent public authorities ·     To establish exercise or defend our legal rights ·     To investigate and take action against illegal or harmful behavior of users ·     To drive company engagement among an ecosystem of stakeholders with a view to developing common solutions ·     To provide our expertise for more informed decision-making, in a collaborative and transparent environment with decision-makers and other relevant stakeholders	·     Legitimate interests ·     Compliance with legal obligations

 

When we collect and use your personal data for new purposes, we will inform you before or at the time of collection (and ask for your consent when required) unless we reasonably consider that this purpose is compatible with the original one as detailed above.

 

Legal basis

We consider that the legal bases for using your personal data as set out in this Personal data protection policy are as follows:

1. Contractual necessity: our use of your personal data is necessary to perform our obligations under any contract with you or to take steps prior to entering a contract with you.
2. Compliance with legal obligations: our use of your personal data is necessary for complying with our legal obligations.
3. Legitimate Interests: our use of your personal data is necessary for our legitimate interests or the legitimate interests of others. Our legitimate interests might include the following:

1. 1. running, growing and developing our business;
   2. operating and ensuring the security of our websites and apps;
   3. ensuring a safe working environment for our staff and visitors;
   4. consumer knowledge, market research and business development;
   5. providing services to our customers;
   6. investing in and rolling out new products to benefit the communities in which we operate;
   7. for internal group administrative purposes; and
   8. to create profiles and provide you with personalized messages and tips about products directly, as well as through traditional and social media campaigns based on your interests and preferences. More information on how your personal data is used and how to opt out is explained below in the “Profiling and automated decision making” section of this Personal data protection policy.

Whenever we collect and use your personal data on the legal basis of legitimate interests, we take care it does not outweigh your rights as an individual.

      4. Consent: We may process your personal data on the basis of your consent. Where you have given consent, but you later change your mind, you may withdraw your consent by contacting us and we will stop doing processing your personal data in this way. However, if you withdraw your consent, this may impact our ability to provide our products and associated services to you.

 

 

4. Profiling and automated decision making

 

We may analyze information about you in order to create profiles (e.g. by compiling individuals into groups that we believe to have certain common characteristics). We use these profiles to personalize our websites, apps, services or products, as well as our communications to you (e.g. by sending/displaying content that may be relevant and useful to you, subject to applicable data protection and e-privacy laws). We may also use these insights to display relevant advertising to you either on our websites or apps, or via third-party websites.  

 

For some services and products, we may process your personal data using automated means. Essentially this means that decisions are taken automatically without human intervention. We will not make decisions based solely on automated decision making to the extent that they have a legal effect or significant impact on you without first notifying you and providing you with clear information about any such automated decision-making, including our lawful basis for carrying it out and the ability to have a human intervention for reviewing the decision.

 

5. Links to other websites

Our websites and apps may contain hyperlinks to third party websites, plug-ins or applications that are not operated by us. These hyperlinks are provided for your reference and convenience only and do not imply any endorsement of the activities of such third-party websites or any association with their operators.

This Personal data protection policy only applies to the personal data that we collect or which we receive from third party sources and over which we act as a data controller, and we cannot be held responsible for personal data about you that is collected and stored by third parties. Third party websites have their own terms and conditions and privacy policies, and you should read these carefully before you submit any personal data to these websites.

We do not endorse or otherwise accept any responsibility or liability for the content of such third-party websites or third-party terms and conditions or policies.

 

6. Social Media and other User Generated Content

 

Some of our websites and apps allow users to submit their own content. Please remember that any content submitted on our product/brand page(s) on social media platforms can be viewed by the public and reposted, and you should be cautious about providing certain personal data e.g. financial information or address details. We are not responsible for any actions taken by other individuals if you post personal data on one of our product/brand page(s) on social media platforms. We reserve the right to delete user generated content that doesn’t comply with the relevant terms & conditions.

 

7. Children’s Personal Data

 

Most of our websites are designed and intended for use by people of legal age. We understand the importance of taking extra precautions to protect the privacy and safety of children.

 

We do not request or knowingly collect personal data from minors.

If we discover that we have collected personal data from a child without consent from a parent or legal guardian, we will delete that personal data as soon as we become aware of it.

 

The only exception concerns the collection of personal data of minor children carried out directly from a parent or guardian, with their consent (for example, when a parent has answered questions about the age of their children in a form published on one of our websites).

In such a case, by using the Website, the user acknowledges and guarantees that he/she is the legal representative of the child whose data he/she is providing.

Also, we do not contact or knowingly collect personal data directly from minor children.

 

Other Danone Group companies may contact you if you have given your consent to receive communications about Danone Group brands. In this case, our brands can personalize the communications sent to you based on the information you provided to us in our forms (e.g.: first name or date of birth of your child). For more information, you can consult paragraph 8 – Sharing of personal data with third parties.

 

You can at any time check, modify or delete the personal data that you have transmitted to us about your child. You can also request the deletion of data relating to your child by proceeding as indicated in paragraph 12 – Your rights.

 

8. Sharing Personal Data with Third Parties

 

When we share your personal data with affiliates and other organizations, we make sure we only do so with organizations that safeguard and protect your personal data and comply with applicable privacy laws in the same or similar way that we do.

 

Your personal data will never be sold or rented.

 

We may, however, share or disclose your personal data as described in this Personal data protection policy. Your personal data will be shared with the following third parties for the purposes described:

 

1. Other Danone companies/entities: Where it is in our legitimate interests to do so for internal administrative purposes (for example, ensuring consistent and coherent delivery of products to our customers, corporate strategy, merger and acquisition operations, compliance, auditing and monitoring, research and development and quality assurance).
2. Third party service providers and subcontractors: Including those which:

 

i) assist us to carry out your requests, respond to your inquiries, fulfil your orders, such as logistics providers, sponsors and customer support providers;

ii) perform core information technology and other business-related services, such as website/app development providers, cloud hosting providers, management and evaluation service providers, data analysts, payment processors, utility providers, insurers;

iii) assist in the organization of our events, marketing, advertising and promotional activities; or

iv) provide analytics and optimization services relating to our websites and apps.

 

3. Social media platforms: When our web pages use social plug-ins from these businesses (such as the “Like” and “Share” buttons). These other businesses may receive and use personal data about your visit to our sites or apps. If you browse our website or view content on our apps, personal data they collect may be connected to your account on their site. For more information on how these businesses use personal data, please read their privacy policies.

 

4. Business transfer recipients: Where we sell or buy any business or assets, (such as a merger/absorption), to the prospective seller or buyer of such business or assets, or where substantially all of our or any of our affiliates’ assets are acquired by a third party, in which case personal data held by us will be one of the transferred assets. Where appropriate, in such case, the buyer acting as the new data controller processes your data and its Personal data protection policy governs the processing of your personal data.

 

5. Legal disclosure recipients: Where we are obliged by law to disclose your personal data (e.g. to government or law enforcement bodies) or where disclosure is required to protect our rights or those of our staff, customers or other third parties.

 

Save as expressly detailed above, we will never share, sell or rent any of your personal data to any third party without notifying you and, where necessary, obtaining your consent.

 

9. Sharing Personal Data Internationally

 

Your data will not be shared other than as described in this Personal data protection policy. Your personal data may be used, stored and/or accessed by staff working for us, other members of our group, trusted third parties or when required by law and/or government authorities operating outside your country of residence.

When we share your data internationally, we make sure only to do so with entities that safeguard and protect your data and make sure that the cross-border data processing complies with applicable data protection laws and is protected by adequate safeguards.

 

10. How We Protect Your Personal Data

 

We understand that the security of your personal data is important. We make our best efforts to protect your personal data from misuse, interference, loss, unauthorized access, modification or disclosure. We have implemented a number of security measures to help protect your personal data, and we require that trusted third parties who handle your personal data for us do the same. For example, we implement access controls, use firewalls and secure servers, and we encrypt personal data.

 

In the course of provision of your personal data to us, your personal data may be transferred over the internet.  Although we make every effort to protect the personal data which you provide to us, the transmission of information over the internet is not completely secure. As such, you acknowledge and accept that we cannot guarantee the security of your personal data transmitted to our website and that any such transmission is at your own risk. Then, once we have received your personal data, we will use strict procedures and security features to prevent unauthorized access to it.

 

Where we have given you (or where you have chosen) a password which enables you to access your online account, you are responsible for keeping this password confidential.

 

11. How long we store your personal data

 

We keep your personal data for no longer than necessary for the purposes for which the personal data is processed.  The length of time for which we retain personal data depends on the purposes for which we collect and use it, for the duration of your contractual relation with us and/or as required to comply with applicable laws and regulations as well as to establish, exercise or defend our legal rights.

 

For example, where you make a purchase online with us or register for a webinar, we will keep the personal data related to your purchase or registration, so we can perform the specific contract you have entered. After that, we will keep the personal data for a period which enables us to handle or respond to any complaints, queries or concerns relating to the purchase or registration.

 

12. Your rights

 

Where we process your personal data, you are entitled to a number of rights established in the relevant applicable laws and can exercise these rights at any point. We have provided an overview of these rights below together with what this entails for you. You can exercise your rights by contacting us here: dpo.dnao@danone.com.

 

We will consider all such requests and, in accordance with the applicable laws, will provide our response within a reasonable period, or within the period prescribed by law. Please note, however, that we may rely on certain exemptions to complying with your requests in certain circumstances, for example if we need to keep using the information to comply with our own legal obligations or to establish, exercise or defend legal claims.  If an exemption applies, we will tell you this when responding to your request.

 

We may request you provide us with information necessary to confirm your identity before responding to any request you make. 

 

The right to be informed

You have the right to obtain clear, transparent and easily understandable information about how we use your personal data, and your rights. This is why we are providing you with the information in this Personal data protection policy.

The right to access your personal data and correction

You have the right to access the personal data we hold about you, as well as correct, update or complete it at any time.

 

The right to deletion of your personal data

You have right to request that we delete your personal data. However, this is not an absolute right and we may have legitimate, legal and regulatory reasons to retain your personal data.

 

The right to object

Under certain circumstances, you have the right to object to certain types of processing based on grounds relating to your particular situation when such processing is based on our or another’s legitimate interest. If you exercise this right, we will stop using your personal data for this purpose, unless we can demonstrate compelling legitimate grounds to continue processing your personal data that would outweigh your interests, rights and freedoms. You have the right to object to the processing of your personal data for direct marketing activities (for example, by clicking on the unsubscribe link in our emails). 

 

The right to withdraw consent

Where we rely on your consent to process personal data, you have the right to withdraw consent at any time, without affecting our processing of your personal data before you withdrew consent.

 

The right to restriction of processing

Under certain circumstances you have the right to restrict the processing of your personal data if:

1. you do not believe the personal data we have about you is accurate; or
2. you consider that the personal data is not being processed lawfully, but instead of deleting the personal data, you would prefer us to restrict processing instead; or
3. we no longer need your personal data for the purposes we collected it, but you require the data in order to establish, exercise or defend legal claims; or
4. you have objected to the processing of your personal data and are awaiting verification on whether your interests related to that objection outweigh the legitimate grounds for processing your data.

 

The right to data portability

Your personal data is portable. This means it can be moved, copied or transmitted electronically. However, this right only applies to personal data you have provided to us and where the processing: (i) is based on your consent or takes place for the performance of a contract; and (ii) it takes place by automated means.

The right to lodge a complaint with a supervisory authority

If you think that we have not met the data protection or privacy requirements, you have the right to make a complaint to the data protection authority in the country where you reside, or where an alleged infringement of applicable data protection laws has taken place. 

If you want to bring a specific complaint against Danone Nutricia Côte d’Ivoire for the way your personal data has been processed you can raise a complaint with the ARTCI – Autorité de Protection, Abidjan – Marcory Anoumabo, 18 BP 2203 Abidjan 18 – Côte d’Ivoire.

 

13. How to contact us

 

If you have any questions, comments or complaints regarding this Personal data protection policy or the processing of your personal data, please write to us at Danone Nutricia Côte d’Ivoire, Service Juridique, Abidjan Marcory, Blvd FHB Ex VGE face à l’hôtel Ibis, Immeuble Tour Ivoire au 4ème étage, 28 BP 651 Abidjan 28, Côte d’Ivoire.

 

You can also contact us via dpo.dnao@danone.com.

 

 

14. Changes to our Personal data protection policy

 

We may update our Personal data protection policy from time to time (for example, to comply with changes in laws or regulations, our practices, procedures and organizational structures, requirements imposed or recommended by supervisory authorities or otherwise). Any changes we make to our Personal data protection policy in the future will be posted on this page and will be applicable on the effective date of implementation.  Where we are legally required to do so, we will notify you of any changes. Please check back frequently to see any updates or changes to our Personal data protection policy.  

This Personal data protection policy was last updated on October 30, 2024.

 

 

 

BA24-737