Data Protection Information
to Customer and Supplier

Constellium is particularly committed to conduct its business in accordance with the privacyand the protection of personal data of individuals, in particular to its customers and suppliers.

The basis is the "General Data Protection Regulation" or "GDPR" (EU Regulation 2016/679 of April 27, 2016) as well as the additional national statutory provisions on data protection.

As our customer or supplier we would like to inform you in accordance with Art.13 and 14 GDPR that your personal data (“Data”) are subject to different processing by Constellium.

The Constellium legal entity you are conducting business with, is the controller of the data processing.

We collect and process some of your Data for the following purposes:

  • development, production and sale of aluminum products and aluminum semi-fabricated products
  • internal (e.g. phone directory) and external (e.g. visit, events) communication
  • management and performance of our business relationship
  • attendance of customer, supplier, potential customer and supplier, visitor and external company support and necessary activities related thereto
  • legitimation purposes
  • enforcement of claims and defense in case of legal disputes

The processing of your Data is based on Art.6 Section.1, lit. a-c GDPR:

  • necessary for an adequate management of your order,
  • necessary for the mutual performance of obligations under an existing contract and business relationship agreed between us or to take necessary steps to enter into a contract and business relationship with you,
  • necessary for compliance with legal obligations and / or
  • as you have given us your consent to the processing for a specified purpose; the consent thereto you can withdraw at any time.

The personal data we process concern the following categories:

  • Title, first name, last name
  • E-Mail address
  • Postal address
  • Phone number (fixed line and/or mobile)

Within Constellium, only individuals have access to your Data which need them to fulfill and conduct our business relationship. Used external service providers or vicarious agents could also receive such Data for this purpose. Any other transfer of your Data will only be made if you consent to it or if we are required to do so by applicable law.

Appropriate IT security measures at Constellium, as well as contractual arrangements in the event of involvement of external service providers, are taken to protect your Data from misuse and loss, from unauthorized access, disclosure or modification.

In case the recipient of the Data is located outside the European Union or the European Economic Area, such a transfer only takes place in compliance with Art. 44 et seqq. GDPR.

The periods for data retention comply with the statutory provisions.

In application of Art. 15 to 21 GDPR you have the right of access to your Data, the right of rectification and to restrict the processing, to the extent permitted by law, as well as a right of erasure, the right of portability of your Data and the right to object.

You can exercise your rights under the following contact: data.protection(at)constellium.com

You can lodge a complaint to the local office for personal data protection according to Article 77 GDPR.

Please also refer to the “Data Protection Policy“ of the Constellium Group under https://www.constellium.com/data-protection-policy.

GERMAN VERSION OF THE DATA PROTECTION INFORMATION TO CUSTOMER AND SUPPLIER

FRENCH VERSION OF THE DATA PROTECTION INFORMATION TO CUSTOMER AND SUPPLIER