B2B Privacy Notice

PRIVACY NOTICE FOR OUR BUSINESS SUPPLIERS, CUSTOMERS, AGENTS, CONSULTANTS, ADVISORS, PARTNERS AND INVESTORS (“B2B PRIVACY NOTICE”)

What does this B2B Privacy Notice apply to?

This B2B Privacy Notice sets out the policy of Cadeler A/S (“we” or “us”) in relation to the personal data we collect from individuals who work for or on behalf of or who are shareholders of our business suppliers, customers, agents, consultants, advisors, partners and investors, including users of our vendor portal.  

As well as this B2B Privacy Notice, local privacy notices may vary among the countries in which we operate to reflect local practices and legal requirements and is subject at all times to applicable law.

If in the course of or prior to your business dealings with us, you visit our website to learn more about us, please also refer to our Privacy Notice for our Website Users to learn more about the information we collect through your use of our website.

This B2B Privacy Notice explains what personal data we collect from you, for which purposes we collect and use such personal data, how long we retain the personal data, how to access and update your personal data and how to contact us for further information.

Who controls your personal information?

Unless otherwise specified in our business contract with you, your personal data is ultimately controlled by Cadeler A/S, a company registered in Denmark with its business address at Fairway House, Arne Jacobsens Allé 7, DK-2300 Copenhagen S, Denmark.

Information we collect from you and for what purposes do we use such information:

What personal data do we collect?

Business contact and other information such as:

• your name, designation, department, name of organization and your contact details; and
• your dealings with us on behalf of yourself or our relevant business customer, supplier, partner, agent or investor.

Such information may be provided directly by you to us or by a third party such as your employer or your business partner, customer or supplier whom we work closely with, or through our vendor portal.

Information required to screen individuals such as directors, officers, sole traders, shareholders and key stakeholders of our current and potential counterparties.

This screening takes place against publicly available or government issued sanctions lists and media sourcest o comply with legal and regulatory obligations including but not limited to trade control, sanctions and/or bribery and corruption laws and other regulatory requirements. The screening does not result in any automated decision making in relation to our current counterparties or potential counterparties.

Information collected when you visit our website or vendor portal

Please refer to our Website Privacy Notice for more information on the personal data we collect from you through your use of our website or Orbis vendor portal and how we use such personal data.

Information collected through the use of cookies when you visit our website or vendor portal

Please refer to our Cookie Policy for more information on the personal data we collect through the use of cookies.

Legal basis and purpose for processing the data?

Our legal basis for processing your personal data could be any of or a combination of the following:

• to take steps at your request prior to entering into a contract such as conducting credit checks and fulfilling our onboarding requirements;
• to perform our business contract with you or where applicable, our business customer, supplier, partner, agent or investor whom you act on behalf of or represent;
• where necessary for the purposes of the legitimate interests pursued by Cadeler A/S, except where such interests are overridden by the interests or fundamental rights and freedoms of the individual(s);
• where necessary for us to comply with our legal obligations or to enforce or defend our legal rights; and
• (only if legally required) in accordance with the purposes for which you have granted your explicit consent. In cases where we process your personal data based on consent, you have the right to withdraw your consent at any time. This will not affect the validity of our processing of your data prior to your withdrawal of consent.

The purposes for which we process your personal data include the above and in relation to our legitimate interests, include the following:

• Conducting and developing the business such as researching, developing and improving our products or services, managing our business relationships including account management, business development and marketing in relation to our existing and prospective business suppliers, customers, partners, agents or investors.
• Organisation and governance of business such as financial management, asset management, mergers, acquisitions or divestitures, implementation of controls, management reporting, analysis, internal audits and investigations.
• Health, safety and security such as protecting an individual’s life or death, occupational health and safety, protection of Cadeler A/S assets and staff, authentication of individual status and access rights.

Who do we share your information with?

We may share your personal data in the following circumstances:

• with our authorised third-party service providers who process personal data on our behalf;
• in the event that we sell or buy any business or assets, in which case we will disclose your personal data to the prospective buyer or seller of such business or assets subject to the terms of this Privacy Notice;
• where we have your explicit consent to do so for the particular purposes you have consented to;
• where we are authorised or required by law, or exempted by any applicable legislation, to do so; and
• in order to enforce or defend our legal rights

Transfers of personal data

Where your personal data may be transferred to authorised parties located outside of your country (including outside of the European Union) we take corporate, contractual and legal measures to ensure that your personal data is processed strictly on a need-to-know basis for the purposes mentioned above and that adequate levels of protection have been implemented to safeguard your personal data. These measures include European Commission approved transfer mechanisms for transfers to third parties in countries which have not been deemed to provide an adequate level of data protection.

Safeguarding your personal data

As we value the privacy of your personal data, we have implemented technology and policies to protect your personal data from unauthorised access, modification and improper use. 

We will treat all personal information you provide us through our website confidentially and securely in compliance with this Privacy Notice.

Your privacy rights and who to contact

You have the right in certain circumstances to:

• request for information on the data we hold about you;
• correct or update your personal information which you have provided to us; and
• erase your personal data or withdraw consent you previously provided to us to use the personal data we hold about you (where it is no longer required for a legitimate business purpose), but note that erasures of such data or withdrawal of such consent may result in us not being able to provide you with the service or information you requested or to take steps to enter into or perform the contract.

Please contact enquiry.DNK@cadeler.com if you wish to access, correct or delete your personal data, or have any questions, comments or concerns about how we handle your personal data. To assist us in dealing with your request, please provide your full name and details. Please allow us reasonable time to respond to your request and effect any change.

If your request or concern is not satisfactorily resolved by us, you may approach your local data protection authority (see http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm) for further assistance.

How long do we retain your personal data?

Any personal data you have provided to us in order for us to take steps at your request prior to entering into a contract, or which we require to perform a contract with you, including for the purposes of considering any bids or tenders with you, will be held throughout the bid / contract period and up to 7 years after such period.

Please note that in all cases, we may retain the personal data for:

• a longer period where there is a legal or regulatory reason to do so; or
• a shorter period where the individual objects to the processing of their personal data and we no longer have a legitimate purpose to retain the personal data.

Changes to this B2B Privacy Notice

This B2B Privacy Notice may be changed over time. You are advised to regularly review the B2B Privacy Notice for any changes made.