Arconic Inc. and its affiliates (collectively referred to as “Arconic”, “we” and “us”) takes its data protection and privacy responsibilities seriously. This Online Privacy Notice applies to Arconic.com and other external Arconic websites that link to this Notice (the "Sites"). This Notice describes the types of personal information we collect on the Sites, how we use the information, with whom we share it and the choices available to users of our Sites regarding our use of the personal information. We also describe the measures we take to protect the security of the personal information and how users can contact us about our privacy practices. Certain of the Sites may provide additional detail about privacy practices specific to those Sites. Internal company policies and procedures govern Arconic's internal networks and systems and the processing of personal information relating to employees and other authorized Arconic network users.
We collect personal information about you if you visit one of our facilities, request access to our network and/or computing assets apply for a job with us, or have a type of business relationship with us. We will collect your personal information via the following methods:
The types of personal information users of our Sites may submit include:
We will only collect, use and share your personal data where we are satisfied that we have an appropriate legal basis to do this. This may be because:
If you would like to find out more about the legal basis for which we process personal data please contact us at GDPR@arconic.com.
|Personal Data Processed||Reason for Processing||Legal Justification|
|Personal data processed for visitors may include: Full name, home address, email address, personal telephone number, company name, business contact information, citizenship/U.S. person status, government ID number, number, security clearance information, date of birth, and/or passport number||To provide you with physical access to an Arconic facility or logical access to our network, and/or checking security clearance status;||Consent, our legitimate interests, or necessity for performance of a contract|
|Still photograph or video via CCTV.||Facility security||Legitimate interest|
|Name, personal and business address, fax number, phone number, email address, W-8BEN form, W-9 Form, biography with work history, photo, banking information provided with invoices, business reference information including name and contact information||Communicate with you in the context of a contractual agreement which we have with you; facilitate payments to you; fraud prevention; and/or communicate with you regarding our products and services||Performance of a contract, our legitimate interests|
We may use the information described above to:
We also may use the information in other ways for which we provide specific notice at the time of collection.
We do not sell or otherwise disclose personal information we collect about you, except as described in this Online Privacy Notice. We share your information in the manner and for the purposes described below:
In addition, we may disclose information about you (i) if we are required to do so by law or legal process, (ii) to law enforcement authorities or other government entities, and (iii) when we believe disclosure is necessary or appropriate to prevent harm or financial loss, or in connection with an investigation of suspected or actual espionage, cybersecurity or security events or other fraudulent or illegal activity. We also reserve the right to transfer personal information we have about you in the event we sell or transfer all or a portion of our business or assets (including in the event of a reorganization, spin-off, dissolution or liquidation).
Arconic operates on a global basis. Accordingly, your personal data may be transferred and stored in countries outside the EU (including Canada, the United States, Mexico, China, Brazil, South Korea, Japan, Australia and Russia) that are subject to different standards of data protection. Arconic will take appropriate steps ensure that transfers of personal information are in accordance with applicable law and carefully managed to protect your privacy rights and interests and transfers are limited to countries which are recognized as providing an adequate level of legal protection or where we can be satisfied that alternative arrangement are in place to protect your privacy rights. To this end:
If you are located in the European Economic Area ("EEA"), we will comply with applicable legal requirements providing adequate protection for the transfer of personal information to recipients in countries outside of the EEA. With respect to transfers of personal information to the U.S., Arconic is certified under the EU-U.S. Privacy Shield framework developed by the U.S. Department of Commerce and the European Commission regarding the transfer of personal information from the EEA to the U.S. To learn more about the Privacy Shield program, and to view our certification, please visit www.privacyshield.gov. For more information about the Privacy Shield Principles, please visit the Arconic U.S.-EU Privacy Shield Privacy Notice by clicking the following link: https://www.arconic.com/global/en/pdf/Arconic-Privacy-Shield-Privacy-Principles.pdf.
You have a right to contact us at GDPR@arconic.com for more information about the safeguards we have put in place to ensure the adequate protection of your personal data when this is transferred as mentioned above.
Subject to certain exemptions, and in some cases dependent upon the processing activity we are undertaking, you have certain rights in relation to your personal data. We may ask you for additional information to confirm your identity and for security purposes, before disclosing the personal data requested to you. We reserve the right to charge a fee where permitted by law, for instance if your request is manifestly unfounded or excessive.
You can exercise your rights by contacting us at GDPR@arconic.com. Subject to legal and other permissible considerations, we will make every reasonable effort to honor your request promptly or inform you if we require further information in order to fulfill your request.
We may not always be able to fully address your request, for example if it would impact the duty of confidentiality we owe to others, or if we are legally entitled to deal with the request in a different way.
Right to access personal data
You have a right to request that we provide you with a copy of your personal data that we hold and you have the right to be informed of; (a) the source of your personal data; (b) the purposes, legal basis and methods of processing; (c) the data controller’s identity; and (d) the entities or categories of entities to whom your personal data may be transferred.
Right to rectify or erase personal data
You have a right to request that we rectify inaccurate personal data. We may seek to verify the accuracy of the personal data before rectifying it. You can also request that we erase your personal data in limited circumstances where:
We are not required to comply with your request to erase personal data if the processing of your personal data is necessary:
Right to restrict the processing of your personal data
You can ask us to restrict your personal data, but only where:
We can continue to use your personal data following a request for restriction, where:
Right to transfer your personal data
You can ask us to provide your personal data to you in a structured, commonly used, machine-readable format, or you can ask to have it transferred directly to another data controller, but in each case only where:
Right to object to the processing of your personal data
You can object to any processing of your personal data which has our legitimate interests as its legal basis, if you believe your fundamental rights and freedoms outweigh our legitimate interests. If you raise an objection, we have an opportunity to demonstrate that we have compelling legitimate interests which override your rights and freedoms.
Right to object to how we use your personal data for direct marketing purposes
You can request that we change the manner in which we contact you for marketing purposes. You can request that we do not transfer your personal data to unaffiliated third parties for the purposes of direct marketing or any other purposes.
Right to obtain a copy of personal data safeguards used for transfers outside your jurisdiction
You can ask to obtain a copy of, or reference to, the safeguards under which your personal data is transferred outside of the European Union. We may redact data transfer agreements to protect commercial terms.
Right to lodge a complaint with your local supervisory authority
You have a right to lodge a complaint with your local supervisory authority if you have concerns about how we are processing your personal data. We ask that you please attempt to resolve any issues with us first, although you have a right to contact your supervisory authority at any time.
We have implemented and maintain appropriate technical and organizational security measures, policies and procedures designed to reduce the risk of accidental destruction or loss, or the unauthorized disclosure or access to such information appropriate to the nature of the information concerned. As the security of information depends in part on the security of the computer you use to communicate with us and the security you use to protect User IDs and passwords please take appropriate measures to protect this information.
Storing your personal data
We will store your personal data for as long as is reasonably necessary for the purposes for which it was collected, as explained in this notice. In some circumstances we may store your personal data for longer periods of time, for instance where we are required to do so in accordance with legal, regulatory, tax, accounting requirements.
In specific circumstances we may store your personal data for longer periods of time so that we have an accurate record of your dealings with us in the event of any complaints or challenges, or if we reasonably believe there is a prospect of litigation relating to your personal data or dealings.
Our Sites may provide links to other websites for your convenience and information. These websites may operate independently from us. Linked sites may have their own privacy notices or policies, which we strongly suggest you review. To the extent any linked websites are not owned or controlled by us, we are not responsible for the websites' content, any use of the websites, or the privacy practices of the websites, even though you may enter that site directly from visiting ours.
This Online Privacy Notice may be updated periodically and without prior notice to you to reflect changes in our personal information practices. We will post the updated version on our Sites and indicate at the top of the notice when it was most recently updated.
If you have any questions or comments about this Online Privacy Notice, or if you would like us to update information we have about you or your preferences, please contact us by writing to us at:
Attn: Corporate Communications/Privacy
201 Isabella Street
Pittsburgh, PA 15212
Because Arconic offers a wide range of online business opportunities for its customers, the amount of information Arconic needs to collect in order to serve you in a particular business transaction will sometimes vary from case to case. Regardless of the amount of information collected, the principles listed above will apply. Wherever Arconic collects personal information, you will find a link to an Arconic privacy statement. If you choose not to provide some information, for example to enable confirmation of credit status or contact information to permit sending you requested information, it may not be possible for you to proceed with your chosen business activity with Arconic.