Business Unit Policy

North America Privacy Policy


We are committed to respecting your privacy.

 

  1. Purpose

The purpose of this Policy is to set out how we collect, use, store and disclose your Personal Information. We are bound by applicable United States of America (“USA”) Federal and State privacy laws, including without limitation the California Consumer Protection Act of 2018, as amended (“CCPA”, and together with other applicable privacy laws, “US Privacy Laws”)).

  1. Scope

This Policy applies to all BlueScope businesses and BlueScope controlled joint ventures in North America. If you are a resident of California, please see our CCPA Privacy Supplement.

We may change our Privacy Policy from time to time by publishing changes to it on our website. We encourage you to check our website periodically to ensure that you are aware of our current Privacy Policy.

  1. Definitions

In this Privacy Policy, ‘us’ ‘we’ or ‘our’ means BlueScope Steel North America Corporation and its subsidiaries, affiliates and BlueScope controlled joint ventures located in North America (BlueScope).

Personal Information

is information that uniquely identifies, relates to, describes, or is reasonably capable of being associated with or linked to you.

For example, this may include your name, age, gender, postcode and contact details, as well as financial information.

Sensitive Information

includes information or an opinion about an individual’s racial or ethnic origin, political opinion, religious beliefs, sexual orientation, criminal record, health, or medical information.

  1. What Personal Information we collect
  • The types of Personal Information BlueScope will collect from you will depend on the nature of our processing activities. It may include: your name, date of birth, contact details such as current and previous address, telephone numbers, email address, occupation, details of shareholdings, information required for recruitment purposes, information required to open or maintain a trading account with BlueScope or otherwise do business with us, including your bank account details, information obtained through credit checks, information from prior dealings with BlueScope and statistical information on the use of the BlueScope websites, such as your IP address, dates and times of   Personal Information may also include location data shared by your mobile device or browser while you navigate our websites, and the content of your communications with us (including telephone calls).
  • Sensitive Information requires a higher level of protection under applicable US Privacy Laws. Where such US Privacy Laws require us to do so, we will only collect such Sensitive Information when we obtain your express consent..
  1. How we collect Personal Information
  • We collect Personal Information through various means including: our websites, software products, interactions with our social media pages and advertisements, from publicly accessible social media profiles, orders for and provision of products, services or support, employment applications, third party service providers, credit checks, credit assessments and debt recovery actions, warranty claims, feedback from customers, our shareholder registry, provision of training and educational materials, content and services, responses to surveys or research conducted by us, and entries into competitions or trade promotions.
  • If you do not provide us with the Personal Information we request, we may not be able to fulfill the applicable purpose of collection, such as to supply products or services to you or to assess your application for
  • US Privacy Laws contain certain exemptions that may apply with respect to employees and business contacts.
  1. Use and disclosure of Personal Information
  • Our main purposes for collecting, holding, using and disclosing Personal Information are to: supply and obtain products or services or software; provide training and educational materials, content and services; respond to enquiries; assess and process warranty claims; assess employment applications; undertake research and surveys, analyse statistical information, conduct trade promotions, comply with legislation and regulations, protect against criminal activity, claims, and other liabilities, comply with our internal policies, including in relation to occupational health and safety, diversity, workers compensation, environmental matters, inform you of changes to our business and our products, give you access to our websites and software, and for marketing purposes, including to assist in developing our websites and software.
  • We may disclose Personal Information for the purposes described in this Privacy Policy to our employees and affiliates and subsidiaries, third party suppliers and service providers (including providers for the operation of our websites and/or our business in connection with providing our products and services to you), professional advisers, dealers and agents, payment systems operators (eg, merchants receiving card payments), our existing or potential agents, business partners or partners, anyone to whom our assets or businesses (or any part of them) are transferred, specific third parties authorised by you to receive information held by us, your employer in instances where you register or participate in training and educational activities with us that are related to your employment, customers in response to inquiries made by those customers’ clients, and other persons, including government agencies, regulatory bodies and law enforcement agencies, or as requested, authorised or permitted by law.
  • We may also share your Personal Information if we are involved in a merger, acquisition, or any form of transfer or sale of some or all of our business, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding. In such case, Personal Information may be transferred along with the business. Where legally required we will give you prior notice and if you have a legal right to do so, an opportunity to object to this transfer.
  • We will only use or disclose Personal Information for a secondary purpose where such use or disclosure is compliant with applicable US Privacy Laws.

.

  1. How we store and protect Personal Information

We may store your Personal Information in either electronic or hard copy form. We take reasonable steps to store your Personal Information securely by protecting it from misuse, interference and loss, as well as unauthorised access, modification or disclosure.  To achieve this, we use a number of physical, administrative, personnel and technical measures to protect your Personal Information. However, we cannot guarantee the security of your Personal Information.

  1. Disclosure of Personal Information outside the USA

We may disclose Personal Information to recipients outside of the USA. We will take reasonable steps to ensure that any overseas recipient will deal with such Personal Information in a way that is consistent with applicable US Privacy Laws.

  1. Direct marketing

We may, from time to time, send you direct marketing communications in the form of emails, SMS, mail or other forms of communication in accordance with applicable US Privacy Laws. If you no longer wish to receive such communications, please contact us using the details set out in section 15 (‘Contacting Us’) and ask to be removed from our mailing lists, or use the unsubscribe link included in our marketing communications.

  1. Cookies

We sometimes use or enable cookies, pixels, and similar technology on our websites. Cookies are pieces of information that a website transfers to your computer’s hard disk for record keeping purposes and are a necessary part of facilitating online transactions. Most web browsers are set to accept cookies. Cookies are useful to determine overall traffic patterns through our websites. If you do not wish to receive any cookies you may set your browser to refuse cookies, or opt out via our cookie preference page. This may mean you will not be able to take full advantage of the services on the website.

  1. Links to other websites

Our websites may contain links to third party websites. These linked sites are not under our control and we are not responsible for the content of those sites nor are those sites subject to our Privacy Policy. Before disclosing your Personal Information on any other website we recommend that you examine the terms and conditions and privacy policy of the relevant site. BlueScope is not responsible for any practices on linked websites, including practises that might breach your privacy.

  1. Children

We do not knowingly collect or solicit any Personal Information from children under the age of 16. In the event that we learn that we have collected Personal Information from a child, we will promptly take steps to delete that information. If you are a parent or legal guardian and think your child has given us their Personal Information, you can email us at privacyquestions@bluescope.com or contact us using the information listed in Section 15.

  1. Accessing and correcting the Personal Information we hold about you
  • You can access the Personal Information we hold about you by contacting us using the details set out in section 15 (‘Contacting Us’). Sometimes, we may not be able to provide you with access to all of your Personal Information and, where this is the case, we will tell you why. We may also need to verify your identity when you request your Personal Information.
  • Depending on where you live, and subject to certain exceptions, you may also have the right to:
    1. receive a copy of your Personal Information in a portable form;
    2. correct your Personal Information, if you think it is inaccurate;
  • object to our processing of your Personal Information;
  1. withdraw your consent to our processing of your Personal Information; and
  2. opt out of the sale of your Personal Information.

 

  1. Making a complaint
  • To exercise any of these rights, please contact us using the details set out in section 15 (‘Contacting Us’). You will not be discriminated against in any way by virtue of your exercise of the rights listed in this Privacy Notice which means we will not deny goods or services to you, provide different prices or rates for goods or services to you, or provide a different level or quality of goods or services to you. 
  • If you wish to make a complaint about the way we have handled your Personal Information you can contact us using the details set out in section 15 (‘Contacting Us’). Please include your name, email address and/or telephone number and clearly describe your complaint.
  1. Contacting Us

If you have any concerns or complaints about how we handle your Personal Information, or if you have any questions about this Privacy Policy or our practices, please contact us at privacyquestions@bluescope.com. You may also write to us at:

 

BlueScope Steel North America Corporation

1540 Genesee Street

Kansas City, Missouri 64102

 

 

 

We value inclusion and encourage our People to share their ideas and feedback.

We are committed to fostering a culture of speaking up when something isn’t right.  If you see something that is not consistent with Our Bond, our Code of Conduct – How We Work or any Guiding Document including this Policy, you should speak up.

If you wish to speak up, raise a concern or complaint or seek further advice you should speak with your manager or your local People or Ethics & Compliance representative, send an email to ethics@bluescope.com or contact BlueScope’s externally managed confidential hotline at www.bluescopespeakup.deloitte.com.au or by email bluescopespeakup@deloitte.com.au.

For further information please see BlueScope’s Speak Up Policy.

 

Reference: NA Privacy Policy   |   Revision No: 0   |   Issue/Last Review Date: September 2023   |   Printed copies are uncontrolled