Employee Privacy Policy – Europe

Introduction

Nutrien Ltd. and its affiliated entities are a family of companies with operations both inside and outside of Canada (the “Nutrien Family”). The Nutrien Family is committed to maintaining the accuracy, confidentiality and security of your personal data.

The Nutrien Family has adopted a series of policies in order to address the specific privacy concerns of certain groupings of individuals and specific issues relating to the use of the website of the Nutrien Family.

Organizations covered by this Privacy Policy

This Employee Privacy Policy – Europe (hereafter the “Employee Privacy Policy”) specifically covers the processing of personal data by the European entities of the Nutrien Family, which are Agrium Europe SA and its affiliated entities in Europe (all these European entities referred to hereafter as “Agrium Europe”). In particular, it applies to the processing of personal data of all individuals who seek to be, are, or were employed by Agrium Europe (collectively, an "Employee") in the context of a future, present or past employment at Agrium Europe.

All references in this Employee Privacy Policy to "Agrium Europe", "we", "us", "our" and like terms should be interpreted accordingly. These references in particular refer to the entity that you seek to be, are, or were employed by, and which is the “controller” for the processing of your personal data under applicable data protection law. Where reference is made to Agrium Europe as employer of the (prospective / current / former) Employee in this policy, this should be understood as a reference to the relevant local Agrium Europe entity.

Policy of compliance

It is the policy of the Nutrien Family to comply with the privacy legislation within each jurisdiction in which we operate. Sometimes the privacy legislation and / or an individual's right to privacy are different from one jurisdiction to another. This Employee Privacy Policy was developed to guide the activities of Agrium Europe. In addition, specific privacy practices may be adopted to address the specific privacy requirements of particular jurisdictions.

This Employee Privacy Policy has a limited scope and application and the rights and obligations contained in this Employee Privacy Policy may not be available to all individuals or in all jurisdictions. If you are unsure if or how this Employee Privacy Policy applies to you, please contact the local privacy contact or the office of our group Privacy Officer for more information, using the contact information set out below.

What is personal data?

For the purposes of this Employee Privacy Policy, personal data is any information about an identifiable or identified individual. Personal data does not include anonymous or non-personal data (i.e., information that cannot be associated with or tracked back to a specific individual).

What personal data do we collect?

We collect and maintain different types of personal data in respect of those individuals who seek to be, are, or were employed by us, including:

  • name, home address, telephone, work and personal email address, date of birth, gender, Employee identification number and marital status;
  • details of the terms of employment, job duties, job location, working arrangements, seniority data, line management details, Employee ID number, performance ratings, IT usage information, utilization records, hire/re-hire date, termination date, job history and business travel arrangements;
  • photographs and video;
  • payroll information; including but not limited to social insurance number, tax information, pay cheque deposit information, and information about pension plans and group insurance;
  • wage and benefit information, including but not limited to expense reimbursement details, benefit information, bank account details, direct deposit/credit arrangements, bonus, additional pay, variable compensation;
  • family composition, beneficiary and emergency contact information;
  • medical certificates and details of health and sickness absence;
  • details of any disciplinary investigations and proceedings;
  • any personal data contained in:
    1. resumes and/or applications;
    2. references and interview notes;
    3. letters of offer and acceptance of employment, and employment agreements;
    4. mandatory policy acknowledgement sign-off sheets;
    5. forms relating to the application for, or in respect of changes to, Employee health and welfare benefits; including, short and long term disability, medical and dental care; and
  • any other information necessary to Agrium Europe’s business purposes, which is voluntarily disclosed in the course of an Employee's application for and employment with Agrium Europe, including in e-mail or other correspondence.

As a general rule, Agrium Europe collects personal data directly from you. If not otherwise required or permitted by law or regulatory requirements, where the personal data that we collect about you is held by a third party, we will obtain a valid legal basis, which may be your consent when required before we seek out this information from such sources.

From time to time, we may utilize the services of third parties (including other members of the Nutrien Family) in our business and may also receive personal data collected by those third parties in the course of the performance of their services for us or otherwise. Where this is the case, we will take all steps required by applicable law or regulatory requirements to ensure that such third parties have represented to us that they have the right to disclose your personal data to us and we will not use such personal data for any purpose other than the purposes described in this Employee Privacy Policy or for the purpose communicated to you by such third party.

Agrium Europe will only process personal data in as far as this is permitted or instructed by applicable law or regulatory requirements.

Why do we collect personal data?

The personal data collected is processed as reasonably required for our business purposes, including establishing, managing or terminating your employment relationship with Agrium Europe. Such uses include:

  • determining eligibility for initial employment, including the verification of references and qualifications;
  • administering pay and benefits;
  • processing Employee work-related claims (e.g. worker compensation, insurance claims, etc.);
  • managing corporate travel arrangements;
  • establishing training and/or development requirements;
  • conducting performance reviews and determining performance requirements;
  • assessing qualifications for a particular job or task;
  • gathering evidence for disciplinary action or termination;
  • legal proceedings (including any actions preceding legal proceedings) and obtaining legal advice;
  • establishing a contact point in the event of an emergency (such as next of kin);
  • health and safety (including sickness administration, disability cases, …);
  • complying with applicable labor, tax, social security and other legal requirements;
  • maintaining and monitoring usage of internal networks and IT systems as further detailed below under the section “Monitoring”;
  • compiling directories;
  • ensuring the security of company-held information;
  • for due diligence purposes in the event of a change in ownership of, or a grant of a security interest in, all or a part of Agrium Europe and/or the Nutrien Family through, for an example, an asset or share sale, or some other form of business combination, merger or joint venture; and
  • such other purposes as are reasonably required by Agrium Europe in connection with your employment.

Monitoring

The work output of Agrium Europe’s Employees, whether in paper record, computer files, or in any other storage format belongs to Agrium Europe under the conditions foreseen by applicable law, and - to the extent permitted by law - that work output, and the tools used to generate that work output, are subject to review and monitoring by Agrium Europe and/or other members of the Nutrien Family.

In the course of conducting our business, we may – under the conditions accepted by applicable law and after having respected all compulsory procedures - monitor Employee activities and our premises and property, for organizational and production-related needs and/or for safety at work needs. For example, some of our locations are equipped with surveillance cameras. These cameras are generally in high risk areas or plant sites. Where in use, surveillance cameras are there for the protection of Employees and third parties, and to protect against theft, vandalism and damage to Agrium Europe’s goods and property. They do not aim at controlling the working activity of the individual Employee. Generally, recorded images are routinely destroyed and not shared with third parties unless there is suspicion of a crime, in which case they may be turned over to the police or other appropriate government agency or authority. If recorded, the images will be kept with a maximum of 1 month, except if law authorizes, expressly or explicitly, a longer period or prescribes a shorter period. Pursuant to our “Acceptable Use of Computers and Communications Systems Policy”, we have the capability to monitor the Employees' business use of computer and e-mail, under the conditions accepted by applicable law and after having respected all compulsory procedures.

If imposed by the applicable law or regulatory requirements, we shall notify each Employee the purposes of the surveillance, the duration of storing of information and categories of third parties to whom the information may be disclosed.

This section is not meant to suggest that all Employees will in fact be monitored or their actions subject to constant surveillance. We have no duty to so monitor. It is meant to bring to your attention the fact that - in compliance with the applicable data protection laws - such monitoring may occur and may result in the collection of personal data from Employees (e.g. through their use of our resources).

How do we use your personal data?

We may use your personal data:

  • for the purposes described in this Employee Privacy Policy; or
  • for any additional purposes that we advise you of and for which we have a legal basis, which may for instance be your consent when such consent is required by applicable law.

When do we disclose your personal data?

In consideration of local legislation, we may share your personal data with our Employees, contractors, consultants and other parties (including other members of the Nutrien Family) who require such information, if and to the extent necessary for them, to assist us with the processing of personal data for the purposes mentioned in this Employee Privacy Policy, including parties that provide products or services to us or on our behalf and parties that collaborate with us in the provision of products or services to you. In some instances, such parties may also provide certain information technology and data processing services to us so that we may operate our business. When using processors to process your personal data on our behalf, we will have entered into the necessary data processing agreements.

Personal data is only transferred by us to another country, including within the Nutrien Family, if this is required or permitted under the applicable data protection law, in particular only in as far as a reasonable level of data protection is guaranteed in the recipient country. Insofar, we may share personal data with such parties both in and outside of your home jurisdiction, and as result, your personal data may be processed in Canada and in the United States of America, and in some cases, other countries. Such transfer shall only be made possible provided the appropriate guarantees and safeguards are in place.

When we share personal data with such parties we typically require that they only process such personal data in a manner consistent with the provisions of this Employee Privacy Policy.

In addition, personal data may be disclosed or transferred to other parties and their advisors (including to another member of the Nutrien Family and to the prospective contracting parties outside of your home jurisdiction, including in Canada and the United States, and in some cases, other countries) in the event of a change in ownership of, or a grant of a security interest in, all or a part of Agrium Europe and/or the Nutrien Family through, for example, an asset or share sale, or some other form of business combination, merger or joint venture, to the extent such disclosure or transfer of personal data is required to complete the transaction and permitted by the applicable data protection laws, and provided that such parties and their advisors are bound by appropriate agreements or obligations and required to process your personal data in a manner consistent with the provisions of this Employee Privacy Policy, unless you consent otherwise.

Further, your personal data may be disclosed:

  • as permitted or required by applicable law or regulatory requirements. In such a case, we will endeavor to not disclose more personal data than is required under the circumstances;
  • to comply with valid legal processes such as search warrants, subpoenas or court orders;
  • as part of Agrium Europe’s regular reporting activities to other members of the Nutrien Family (including outside of your home jurisdiction);
  • to protect the rights and property of Agrium Europe if such rights are not overridden by the rights of the data subject;
  • during emergency situations or where necessary to protect the safety of a person or group of persons; or
  • with your consent where such consent is required by law.

We will only disclose personal data insofar as permitted or required by applicable law or regulatory requirements. In any case, we will not disclose more personal data than is required under the circumstances.

Lawfulness of processing

We make sure that our processing of personal data has a legal basis under applicable law.

In general, the processing of your personal data is based on the necessity for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract. Such processing will in addition be based on our legitimate interest to process your personal data in order to evaluate your application for employment, to perform your employment agreement or to terminate your employment.

When we have a legal obligation to process your personal data, for instance in the field of social security and social protection law, the processing will be based on the necessity to comply with such legal obligation.

We will only process Special Categories (as defined hereinafter) of personal data when required by law or when there is another legal basis (e.g. for the management of Agrium Europe’s legal proceedings), and only after establishing appropriate safeguards. “Special Categories” of personal data are sensitive personal data which includes data relating to racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, biometric data, health, sex life, sexual orientation or data relating to offences, criminal convictions or security measures, or any other data identified as such under applicable local laws.

In circumstances where under applicable law, we would require consent prior to a certain processing, we will make sure to obtain consent first.

In circumstances where your consent was required for a certain processing of your personal data, you may, at any time, withdraw your consent subject to legal or contractual restrictions and reasonable notice, by contacting the local privacy contact. All communications with respect to such withdrawal or variation of consent should be in writing.

How is your personal data protected?

Agrium Europe will maintain physical, technical and procedural safeguards that are appropriate to the sensitivity of the personal data in question. These safeguards are designed to protect your personal data from loss and unauthorized access, copying, use, modification or disclosure.

How long is your personal data retained?

Except as otherwise permitted or required by applicable law or regulatory requirements, Agrium Europe endeavors to retain your personal data only for as long as it believes is necessary to fulfill the purposes for which the personal data was collected (including, for the purpose of meeting any legal, accounting or other reporting requirements or obligations), with a maximum of 1 year after the termination of your employment with Agrium Europe, except (i) if law authorizes, expressly or explicitly, a longer period or prescribes a shorter period and (ii) if at the end of such 1 year period, the processing of the personal data would still be required for the purpose of legal proceedings or would still be required by applicable law. If destroying or erasing your personal data is not mandatory by law, we may make it anonymous such that it cannot be associated with or tracked back to you.

Updating your personal data

It is important that the information contained in our records is both accurate and current. If your personal data happens to change during the course of your employment, please keep us informed of such changes.

Access to your personal data and other rights

You have a right to request from Agrium Europe (controller) access to, and rectification or erasure of personal data, or restriction of processing concerning yourself, or to object to processing, as well as a right to data portability.

If you want to perform your rights, please contact your local privacy contact or your direct supervisor, or, alternatively, the office of our group Privacy Officer using the contact information set out below. Please note that any such communication must be in writing.

When you want to perform your rights, please note that we may request specific information from you to enable us to confirm your identity and right to access, as well as to search for and provide you with the personal data that we hold about you. When allowed by the applicable law or regulatory requirements, we may charge you a fee for any data access request; however, we will advise you of any fee in advance.

You also have the right to lodge a complaint with the competent supervisory authority.

Your rights mentioned in this section are, in principle, absolute. However, there are instances where applicable law or regulatory requirements allow or require us to refuse to provide some or all of the personal data that we hold about you.

Inquiries or concerns?

If you have any questions about this Employee Privacy Policy or concerns about how we manage your personal data, please contact your local privacy contact, your direct supervisor or, alternatively, the office of our group Privacy Officer by telephone, in writing or by e-mail. We will endeavor to answer your questions and advise you of any steps taken to address the issues raised by you.

Privacy Officer

The Nutrien Family has appointed a group Privacy Officer to oversee compliance with this Employee Privacy Policy at group level. The group Privacy Officer is not a “Data Protection Officer” or “DPO” as provided for in article 37 and subs. of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data. The contact information for the group Privacy Officer is as follows:

(403) 225-7542 Direct
1-877-247-4866 Toll Free
[email protected]

You may in addition contact the local privacy contact of the relevant Agrium Europe affiliate.

Revisions to this Employee Privacy Policy

Agrium Europe may from time to time make changes to this Employee Privacy Policy to reflect changes in its legal or regulatory obligations or in the manner in which we deal with your personal data. We will communicate any revised version of this Employee Privacy Policy. Any changes to this Employee Privacy Policy will be effective from the time they are communicated, provided that any change that relates to a certain processing of your personal data will not apply to you, where your consent for such processing would be required, until we have obtained your consent to such change. This Employee Privacy Policy was last reviewed in April 2018.

Interpretation of this Employee Privacy Policy

This Employee Privacy Policy includes examples but is not intended to be restricted in its application to such examples, therefore where the word 'including' is used, it shall mean 'including without limitation.

This Employee Privacy Policy does not create or confer upon any individual any rights, or impose upon Agrium Europe any rights or obligations outside of, or in addition to, any rights or obligations imposed by the privacy laws applicable to such individual's personal data. Should there be, in a specific case, any inconsistency between this Employee Privacy Policy and such privacy laws, this Employee Privacy Policy shall be interpreted, in respect of that case, to give effect to, and comply with, such privacy laws.