Order items
Checkout
Added
Effective as of July 2024
ROCKWOOL A/S is made up of different legal entities, details of which can be found on www.ROCKWOOL.com. This Privacy Statement is issued on behalf of the Group so when we mention “ROCKWOOL”, “we”, “us” or “our” in this Privacy Statement, we are referring to the relevant company in the Group responsible for processing your data.
ROCKWOOL Limited is the Controller and is committed to safeguarding your privacy. The protection of personal data is important to us and we only process personal data in compliance with the applicable data protection requirements, in particular the General Data Protection Regulation (“GDPR“). For that reason ROCKWOOL has implemented a set of Binding Corporate Rules (“BCRs“), introducing data protection requirements to be complied with by the ROCKWOOL Group worldwide.  
In connection with our business activities we, as data controller, process the personal data of our customers, suppliers, users of our websites and apps as well as visitors and other third parties as described further in Section C.  
This Privacy Statement will inform you on what personal data we process, how we collect it, the legal basis, the purpose of our processing, and the retention period. Furthermore, we will inform you about your rights as data subject.
ROCKWOOL LIMITED
Rockwool Site
Wern Tarw
Pencoed
Bridgend County Borough
CF35 6NY
UK
E-mail: joanne.barry@rockwool.com
In case of any questions regarding this Privacy Statement and/or our processing of your personal data please feel free to contact us on: 
T: + 44 1656 868400
Email: joanne.barry@rockwool.com
Depending on your relationship with entities from the ROCKWOOL Group, we will process different categories of your personal data for various purposes. Below you will find an overview of what kind of personal data we process, for which purposes, on what legal grounds and for how long we keep it in our systems.
|
Who? |
Categories of personal data |
Purposes of processing |
Legal basis |
Retention periods |
|
Customers and their employees
|
First and last name, gender, address, phone number, e-mail address, job title, and place of work. |
To carry out ordinary customer relationship i.e.: administration of payments, general communication, management of day-to-day operations in accordance with legitimate and fair business practice (incl. planning, execution. and management of the cooperation; statistics, analyses). |
Performance of a contract (Article 6 (1) (b) GDPR).
|
10 years after the last purchase of our products or services.
|
|
To provide general customer service and support (including follow-up surveys). |
Legitimate interests in ensuring customer satisfaction and improving our products and services (Article 6 (1) (f) GDPR). | |||
|
To gain customer insights and knowledge of how our products and services are used (e.g., by sending satisfaction surveys or market surveys). | ||||
|
To prevent fraud. |
Legitimate interests in protecting interests of the company (Article 6 (1) (f) GDPR). | |||
|
To establish, defend or assert legal claims. | ||||
|
Prospective Customers and their employees |
First and last name, gender, address, phone number, e-mail address, title, and place of work. |
To create business leads. |
Legitimate interests in promoting ROCKWOOL and selling our products and services (Article 6 (1) (f) GDPR). |
5 years from obtained or your last interaction.
|
|
For statistical purposes. |
Legitimate interests in measuring effectiveness of our activities (Article 6 (1) (f) GDPR). | |||
|
To pursue business leads. |
Taking steps prior to entering into a contract (Article 6 (1) (b) GDPR). | |||
|
Suppliers and their employees |
First and last name, company phone number, e-mail address, title, and place of work |
To carry out ordinary supplier relationship, i.e. administration of payments, general communication, management of day-to-day operations in accordance with legitimate and fair business practice (incl. planning, execution, and management of the cooperation, performing credit ratings, as well as carry out statistics, and analyses). |
Performance of a contract (Article 6 (1) (b) GDPR) – if you are self-employed, legitimate interest in performing the contract concluded with your employer (Article 6 (1) (f) GDPR). |
5 years from the end of the financial year to which the data relate if the data is considered accounting material. 5 years from obtained for non-accounting materials if there was no activity with the supplier. |
|
To source and locate suppliers. |
Legitimate interest in fulfilling business needs and conducting regular business activities (Article 6 (1) (f) GDPR). | |||
|
Visitors to physical locations |
First and last name, phone number, e-mail address, place of work, license plate, if applicable, date and time of your visit. |
To ensure the safety of our physical locations and to prevent and solve crime in our physical locations. |
Legitimate interest in ensuring safety on premises and to protect employees, visitors and property (Article 6 (1) (f) GDPR). |
30 days from the registration |
|
CCTV recordings (photos and videos) of your activity at our physical locations. |
Legitimate interest in ensuring safety on premises/physical locations and if necessary, protecting ROCKWOOL’s interests in criminal offence cases (Article 6 (1) (f) GDPR) and section 8 (3) of the Danish Data Protection Act. |
30 days from the day of the visit or as long as necessary in relation to an ongoing case. | ||
|
Receiver of e-mail and/or SMS - direct marketing. |
First and last name, gender (salutation), job title, place of work, e-mail address and/or phone number.
|
To distribute marketing communication based on collected information and consent given. |
Legitimate interest in providing interested parties with direct marketing consent based on valid e-communication consent (Article 6 (1) (f) GDPR). |
Until the marketing consent has been withdrawn. A copy of the marketing consent will be stored 2 years after withdrawal for evidentiary purposes. |
|
Users of contact forms |
First and last name, email address, phone number, what your inquiry is about, date of your inquiry. |
To communicate with you to market, promote and sell ROCKWOOL products and services, as well as to provide support. |
If your inquiry concerns a (potential) formation of contract, the legal basis will be taking steps necessary to enter into an agreement or execute an existing one (Article 6 (1) (b) GDPR). If your inquiry does not concern a contract, the legal basis will be our legitimate interest in handling your inquiry, communication with you, marketing, promoting, and developing our products and services (Article 6 (1) (f) GDPR). |
2 years after obtained or from your last interaction if your personal data has not been used in connection with a purchase of our products or services. |
|
Account users |
First and last name, e-mail address, username, digital footprints, password as well/and as your profile activity. |
To deliver our services on the/our websites or apps to you. |
Performance of a contract for the provision of electronic services (Article 6 (1) (b) GDPR). |
Until closing of the account. |
|
To manage created user accounts; for statistical and analytical purposes. |
Legitimate interest in conducting statistics and analyses for the purpose of improving the user experience (Article 6 (1) (f) GDPR). |
Until closing of the account. | ||
|
Visitors of social media profiles |
Information available on your profile, including your name, gender, civil status, workplace, interests, image, and your city; whether you “like” or have applied other reactions to our profile; comments you leave on our posts; content your shared with ROCKWOOL with intention of interacting; |
To improve our products and services, including our social media profiles and pages; * platform providers may process your personal data for their own purposes – please keep in mind this is outside of our control |
Legitimate interests in being able to communicate with and direct marketing communication to you on our social media profiles, as well as our legitimate interest in improving our products and services (Article 6 (1) (f) GDPR). |
Retention periods are set out by social media platform providers and can be found in their privacy policies: Meta (Instagram, Facebook) Google (YouTube) X (formerly Twitter) |
|
Description |
When? |
Categories of personal data |
Purposes of processing |
Legal basis |
Retention periods |
|
Cookies, pixels, social media tools and other technologies |
When you visit our websites or apps and have provided us with your cookie consent. |
IP-address, MAC address, type of browser and devices, webpage that led you to the website or app, search terms entered in a search engine which led you to our website, browsing history, click-behaviour and use and navigation of websites and apps* * the categories depend on the consent given in the cookie banner. This can be changed at any time here |
To run marketing activities, especially to facilitate your use of the websites and apps; for service development, statistics, and analysis; to deliver personalised content and search |
Legitimate interests in providing a website and app that works, marketing, developing, and providing statistics, evaluating, promoting and selling our products and services through first-party cookies, (Article 6 (1) (f) GDPR). Consent for the processing of personal data in relation to marketing cookies and third-party statistical cookies (Article 6 (1) (a) GDPR). In addition, we always obtain a valid cookie consent with exemption of strictly necessary cookies and other technologies. |
Personal data obtained through cookies, pixels, similar technologies, and social media tools are deleted as described in the cookie declaration. |
|
Facebook custom / lookalike audiences |
When you sign up for our newsletters, create a user account and accept our cookies, pixels, or similar technologies, we will in some cases send non-reversible hashed information to Facebook (Meta). |
E-mail address and in some cases, information about your interest in one or more of our products |
To create audiences for subsequent advertising via Facebook. |
Legitimate interest in spreading awareness of our products and services, including to other persons who may have similar interests in our products and services (Article 6 (1) (f) GDPR). |
Until you object to the processing of your personal data. You can change settings in your Facebook account here. |
|
Tracking of e-mail |
E-mails that we forward for marketing purposes based on your marketing consent or for events you have signed-up for may include tracking technologies that tell us whether you have received or opened the email or clicked a link in the e-mail. |
Tracking information on your interaction with our e-mail. |
To deliver personalised content, analysis, and statistics. |
Legitimate interests in developing, evaluating, promoting, and selling our products and services (Article 6 (1) (f) GDPR). |
If you consented to marketing: until the marketing consent has been withdrawn. A copy of the marketing consent will be stored 2 years after withdrawal for evidentiary purposes. If you did not consent to marketing: 2 years after the/your last interaction (e.g., from participating in the event or when clicking on e-mail). |
Personal data collected may be transferred internationally between entities in the ROCKWOOL Group for the purposes for which they were gathered, provided that such transfer is not prohibited or restricted by law. All transfers between EU/EEA and non-EU/EEA ROCKWOOL entities are legalised by the ROCKWOOL Binding Corporate Rules.
An overview of the ROCKWOOL Group is available at https://www.rockwool.com/group/privacy-statements-of-rockwool-companies/
To achieve the purposes described above, we may give third parties, who provide services to ROCKWOOL entities based on a contractual relationship, access to your personal data. Those service providers are regarded as data processors and include but not limited to:
In addition to what is described above, your personal data is generally not transferred to third parties without your consent. However, in certain circumstances and under the law, it may be necessary to transfer your personal data to e.g. the following categories of data controllers:
|
Categories of recipients |
Type of personal data |
Legal basis |
|
Public authorities, law enforcement authorities, courts, lawyers, and external auditors. |
Relevant information in relation to a specific dispute, including in some cases purchases made. |
Article 6(1)(f) GDPR (legitimate interest). Article 6(1)(c) GDPR (legal obligation to report descriptions of damage to authorities). |
|
Payment acquirers. |
Payment information. |
Article 6(1)(b) (contract) GDPR. |
Personal data may also be transferred to third parties with your prior cookie consent as set out in our Cookie Policy and the cookie consent wording.
If we transfer your personal data to recipients (both controllers and processors) whose registered offices are located in a third country, for which the European Commission has not adopted an adequacy decision, such transfer is based on the Data Privacy Framework (for companies based in the USA) or the EU Commission’s Standard Contractual Clauses (for other countries), which you may obtain a copy of by contacting us as stated above.
ROCKWOOL commits to have in place the appropriate security measures to safeguard the security of your personal data and our website has security measures in place to protect against the loss, misuse and/or alteration of the personal data under our control.
Cooperation with social media platform providers.
Facebook, Instagram and LinkedIn
For Facebook and Instagram (owned by Meta), ROCKWOOL together with the social media providers are joint data controllers for the processing of personal data collected in connection with your interactions with the profiles, including postings on an interaction with the ROCKWOOL page profiles’. However, Meta acts as data processor on behalf of ROCKWOOL when Meta processes your personal data for the purpose of creating target groups (lookalike and custom audiences).
For LinkedIn, ROCKWOOL together with the platform provider are joint data controllers for the processing of personal data for statistical purposes.
ROCKWOOL and the providers of LinkedIn, Instagram and Facebook have entered into agreements on the allocation of the data protection tasks. According to these agreements, the entities (such as ROCKWOOL) and the social media providers are each responsible for the tasks associated with the processing undertaken. The overview of the division of responsibilities can be found here:
· LinkedIn: https://legal.linkedin.com/pages-joint-controller-addendum
· Meta: https://www.facebook.com/legal/controller_addendum/.
YouTube
ROCKWOOL also uses Google as a data processor in connection with its use of YouTube and in this connection also shares certain information about your interactions, interests, etc. with YouTube for the purposes of optimizing marketing and the service, including our videos, on YouTube.
ROCKWOOL is the data controller for the processing of personal data in the context of the management of its account on X (Twitter), and X (Twitter) is a separate data controller for the personal data which it processes. However, in certain situations X (Twitter) will be acting as data processor for ROCKWOOL, for example when uploading custom audiences to the platform.
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Phone: + 44 0303 123 1113
Due to technical developments, new processing activities, and/or amendment of legal requirements we reserve the right to adjust this Privacy Statement. To the extent the changes of the Privacy Statement are regarded as material and significant, you will be informed hereof on our website or/and through our e-mail signatures when corresponding with one of ROCKWOOL’s employees. An up-to-date version of this Privacy Statement will always be available at https://www.rockfon.co.uk/legal-information/privacy-statement/.
We provide customers with a complete acoustic ceiling system offering, combining sound absorbing ceiling tiles and wall panels with suspension grid systems and accessories.
