The European business of the James Hardie group is pleased to welcome you to their website. At James Hardie, we are committed to maintaining the accuracy, confidentiality and security of personal data. This Privacy Statement describes the categories of personal data we process, how your personal data may be processed, for what purposes and on what legal basis we process your data and how your privacy is safeguarded.
Please read this Privacy Statement carefully to understand our views and practices regarding your personal data and how we treat it.
2. Collection and use (process) of your personal data
When you visit our website, we collect and process your information using those cookies and similar technologies (“Cookies”) for which you have given your consent. Cookies are small data files which are placed on your computer or other mobile or handheld device (such as smart phones or tablets) as you browse our website. The information Cookies track may be about you, your preferences or your device and is mostly used to make the site work as you expect it to. The information does not usually directly identify you, but it can give you a more personalised web experience. Cookies come in different forms. Some cookies are necessary for our websites to function properly, for analytical purposes or to measure performance of our websites. Other cookies enable us to provide enhanced functionality and personalization, are set by third parties companies to build a profile of interest or enable you to share content with them. Because we respect your right to privacy, you can choose not to allow some types of cookies. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer. If you want to learn more about Cookies and how you can disable them, please scroll down to the chapter “Cookies”.
If you contact us through our website, either by using the contact details listed or by using the webpage forms, we may also collect and process the personal information that you decide to give us which may include your name, address, email address, profession, email address, inquiry and other personal information you decide to give us. We will process this information, for example, to process and respond to inquiries, to be able to provide customer care services (now and in the future) and for general lead conversion purposes. For these purposes your personal information will be stored in our CRM systems and for this purpose a cookie may be placed on your computer.
If you use the digital tools or features on our website, such as our planning tools, newsletter and competitions, we may collect and process your personal information which may include your name, email address, location, profession, email address and other personal information you decide to give us. We will process this personal information for the purposes informed to you before using these digitals tools or features. If you have signed up for an alert or newsletter, we may update you, for example, with new website features, special events, contests, products and services. We will of course ask you for your consent if required.
3. The lawful basis of processing your personal data
As a general rule, James Hardie only collects and processes your personal data if there is a lawful justification to do so. This includes necessity for the performance of a contract or service available on our website, and legitimate interest in relation to the tracking of online behaviour, email engagement or IP related tracking. For the processing of personal information collected using Cookies, we generally ask you for your consent and if so we always provide you with an easy way to withdraw that consent (opt-out).
4. Who has access to your personal data?
Persons within James Hardie that may, for example, get access to your personal data are system administrators or persons working in or for our marketing, IT, sales or customer service department. Your personal data may also be shared with third parties with who we work and who require such information in order to carry out their work for us. This includes, for example, IT or marketing professionals that we engage for managing our website or its content. James Hardie expects such third parties to process any personal data disclosed to them in accordance with applicable law.
Your personal data may also be transferred to other companies within the James Hardie group. Where other members of the James Hardie group or these third parties act as a “data processor” they carry out their tasks on our behalf and upon our instructions for the above-mentioned purposes. In this case your personal data will only be disclosed to these parties to the extent necessary to provide the required services.
If this is permitted by applicable data protection laws, your personal information may be shared with members within the James Hardie group and third parties outside of your home jurisdiction. As a consequence, your personal data may, for example, be collected and processed in a jurisdiction outside of Europe. Where required by applicable data protection laws, James Hardie ensures that when your personal data is being processed by members of the James Hardie Group or third parties located in jurisdictions without adequate protection (as determined by the European Commission) that standard contractual clauses as approved by the European Commission or other supervisory authority with jurisdiction over the relevant data exporter are in place.
5. Security of your information
To help protect the privacy of personal data and personally identifiable information, we maintain physical, technical and administrative safeguards. We update and test our security technology on an ongoing basis. We restrict access to your personal data to those employees who need to know that information. In addition, we train our employees about the importance of confidentiality and maintaining the privacy and security of your personal data. We commit to taking appropriate disciplinary measures to enforce our employees' privacy responsibilities.
6. Data storage and retention
Personal data is stored on James Hardies' servers, and on the servers of the (cloud-based) services James Hardie engages, located in the United States, Australia and in countries in the European Union. Your personal data is encrypted at storage and during transmission. Except as otherwise permitted or required by applicable law or regulatory requirements, James Hardie endeavours to retain your personal data only for as long as it is necessary to fulfil the purposes for which the personal data was collected. Further details can be found in our data retention policy.
7. Right to access, correct and delete your personal data and further data subject’s rights
The European Union’s General Data Protection Regulation and other countries’ privacy laws provide certain rights for data subjects.
Right of access and right to rectification: You have a right to request access to any of your personal data that James Hardie may hold, and to request correction of any inaccurate data relating to you.
Right to erasure: Provided the legal requirements are fulfilled, you may request deletion of your data. This does not apply to personal data which is subject to a statutory retention period or which are necessary for the establishment, exercise or defence of legal claims.
Right to lodge a complaint: You have a right to lodge a complaint with the appropriate data protection authority, in particular in the country off your residence, place of work or place of the alleged infringement if you consider that the processing of your personal data infringes applicable law.
Right to restriction of processing: You have the right to restrict our processing of your personal data in certain cases.
Data portability: Where we are relying upon your consent or the fact that the processing is necessary for the performance of a contract to which you are party as the legal basis for processing, and that personal data is processed by automatic means, you have a right to receive all personal data which you have provided to James Hardie in a structured, commonly used and machine-readable format, and also to require us to transmit it to another controller where this is technically feasible.
Right to object to processing justified on legitimate interest grounds: Where we are relying upon legitimate interest to process data, then you have the right to object to such processing on grounds relating to your particular situation, and we must stop such processing unless we can either demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms or where we need to process the data for the establishment, exercise or defence of legal claims. Normally, where we rely upon legitimate interest as a basis for processing we believe that we can demonstrate such compelling legitimate grounds, but we will consider each case on an individual basis.
Right to withdraw consent: Where we are relying upon your consent to process data, you have the right to withdraw such consent at any time. This would particularly apply to Cookies and we have implemented functionality on our website to support this.
Please find below more information on each of the Cookies that we use on our websites and how you can disable them. If you disable cookies some or all of the features of our website may not function properly or at all. If you want to disable cookies you can do this by changing your website browser settings to reject cookies. How to do this will depend on the browser you use. All modern browsers allow you to change your cookie settings and will typically be found in the ‘options’ or ‘preferences’ menu of your browser. Use the ‘Help’ option in your browser for more details. If you are looking for more information on cookies, you may want to visit www.allaboutcookies.org which contains comprehensive information about cookies and on how to change settings on a wide variety of browsers. If you want to withdraw your consent for certain cookies used on our websites, please click on the “cookie settings” button at the bottom of our web sites.
Strictly Necessary Cookies. These cookies are necessary for our websites to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of our websites will not then work. These cookies do not store any personally identifiable information.
Performance Cookies. These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our websites. They help us to know which pages are the most and least popular and see how visitors move around the site. If you do not allow these cookies then some or all of these services may not function properly. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.
Functional Cookies. These cookies enable the website to provide enhanced functionality and personalization. They may be set by us or by third party providers whose services we have added to our pages.
Targeting Cookies. These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.
Social Media Cookies. These cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites, building up a profile of your interests and possibly other personal data. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools. Social Media Platforms for which there may be social media Cookies on our websites include Facebook, LinkedIn, twitter, google + and Instagram. We refer you to websites of these social media platforms for their privacy notices and policy.
9. Links to other websites
Our sites may contain links to other sites not affiliated with us for your convenience. When you access those links, you will leave our website. We do not control such websites. These sites have their own policies and practices with respect to online privacy, and we cannot be held responsible for the privacy practices or the content of these unaffiliated sites. For avoidance of doubt, the personal data you choose to give to unrelated third-party websites are not covered by this Privacy Statement.
We may display advertisements from third parties. Such an advertiser may ask you for personal data as well. We cannot be held responsible for the privacy practices of the advertisers on our websites. However, we encourage our partners and advertisers to adopt privacy policies that respect the local legal requirements.
10. Privacy and Data Protection Office and Data Protection Officers
James Hardie established a Privacy and Data Protection Office with data protection experts located in the United States, the European Union and Australia. In addition, for Germany, James Hardie has appointed a Data Protection Officer.
If you have any questions regarding the processing of your personal data or if you believe your privacy rights have been violated, please contact us at: