Privacy Notice

1. INTRODUCTION

McDermott and its affiliated companies (the “Company”) is committed to upholding the principles of privacy and data protection.  Like most global organizations, we hold and Process (as defined below) a wide range of personal information and data, some of which relates to our employees and other personnel (“Personal Data”). As your employer, the Companyprovides this Employee Privacy Notice to explain our practices regarding the collection, use, and other Processing activities of certain Personal Data, as described in more detail below.

In brief, this Notice explains:

  • what Personal Data we hold and why we Process it;
  • the legal grounds which allow us to Process your Personal Data;
  • where the Personal Data  comes from, who are the recipients and how long we keep it;
  • how to access your Personal Data and other rights;
  • how to contact the Company or express concerns.

This Notice applies to anyone working for or engaged by the Company and involved in the Processing of Personal Data in the European Union (EU) and/or otherwise subject to the General Data Protection Regulation (GDPR).  This includes all employees, officers, consultants, independent contractors, volunteers, interns, casual workers, agency workers and those engaged by third party companies or personnel services/contract labor companies performing work for our business.  When we use the terms ‘employment’ or ‘employee’, we mean all of these categories of workers.  However, nothing in this Notice is intended to create an employment relationship between the Company and any non-employee providing services to us. 

2. CATEGORIES OF PERSONAL DATA

“Personal Data” is information relating to you (or from which you may be identified) which is Processed by any means including automatic means or which is (or is intended to be) part of a structured manual or electronic filing system.  It includes not only facts about you, but also intentions and opinions about you in relation to the workplace or employer-employee relationship. 

"Processing" means a series of operations pertaining to the collection and use of information to retrieve, transform or classify data including without limitation collecting it, storing it, disclosing it and deleting it. 

The Company collects and Processes the following categories of Personal Data, including but not limited to:

  • Personal information: name, gender, and contact information (home and host country addresses, phone number(s), photograph (optional), and emergency contact information), date of birth, government identification numbers, nationality, citizenship/residency, language(s) spoken, personal status (marital status, dependents, military status, veteran status), passport/visa information, and other data collection permitted or required by local law;
  • Employee status: full-time, part-time, permanent, fixed term, active, leave of absence, and employment termination data;
  • Organization information: work contact information, title, department, employer, cost center, location, hire date and any previous hire or service dates, employee Legacy number, employee badge number, supervisor, and job function;
  • Compensation information: current base salary and differentials, annual salary, pay scale and range, pay grade, type of employee, average hours worked, incentive information, equity and other compensation program participation, insurance and medical benefits, severance payments, and salary history and terms of employment contract (if any);
  • Payroll information: bank information, tax information, garnishments and deductions, time worked, attendance, vacation information, and other paid time off information;
  • Monitoring information: computer usage information related to your use of company equipment, systems, and other resources;
  • Communication information: email content, business letter content, business documents, and chat content;
  • Performance and talent information: qualifications, evaluations, performance ratings, mentoring information, developmental planning, and other talent management and team based assessments; and
  • Background information: education, training, and employment background, and other background information commonly used for security screenings.

Personal Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, health, trade union membership and genetic and biometric data are subject to special protection(s) and considered by EU privacy law to be “Sensitive or Special Personal Data”.

The Company may also collect, Process and use the following categories of Sensitive Personal Data about you from you or from authorized third parties (e.g., your supervisor, public authorities or public resources) in connection with your employment for specific purposes identified in the tables further below:

  • Sick day information for purposes of administering and providing compensation, administering the workforce (e.g., workforce planning), and compliance with applicable laws and employment-related requirements (e.g., statutory wage tracking);
  • Work-related Fit for Duty/Work Related accidents information for purposes of administering and providing compensation (e.g., insurance compensation), and compliance with applicable laws and employment-related requirements (e.g., work safety, reporting obligations);
  • Disability information (if provided voluntarily) for purposes of administering the workforce (e.g., accommodating the work place) and compliance with applicable laws and employment-related requirements;
  • Maternity leave information for purposes of administering the workforce (e.g., workforce planning), and compliance with applicable laws and employment-related requirements;
  • Religion for purposes of processing visa or other work permits but only to the extent such information is required by the issuing country law and/or agency;
  • Ethnicity for purposes of compliance with applicable laws and employment-related requirements (e.g. EEO 1 reporting in the US)
  • Drug test results for the purposes of ensuring safety within the workplace where the role requires it, and always in compliance with any applicable legislation. 

We will only Process your Sensitive Personal Data if we have a legal ground to do so and if one of the following conditions are met:

  • The Processing is necessary for the purposes of your or our obligations and rights in relation to employment in so far as it is authorized by law or collective agreement;
  • The Processing relates to data about you that you have manifestly made public;
  • The Processing is necessary for the purpose of establishing, making or defending legal claims;
  • The Processing is necessary for provision of health care or treatment, medical diagnosis, and assessment of your working capacity;
  • The Processing is required for equality and diversity purposes to the extent permitted by law.

The provision of Personal Data and Sensitive Personal Data as described in this Employee Privacy Notice is partly a statutory requirement, partly a contractual requirement under your employment contract, and partly a requirement to carry out the employment relationship with you. In general, you are obliged to provide the Personal Data and Sensitive Personal Data, except in limited instances when we indicate that certain information is voluntary (e.g., in connection with employee satisfaction surveys). In some cases, not providing certain Personal Data that is essential to your role (for instance where we, for regulatory or legal reasons, are required to verify your legal right to work) may prevent the Company from offering you employment and may impact on our ability to continue your engagement with us.

3. Legal grounds for Processing Personal Data

Under data protection law, there are various grounds on which we can rely when Processing your Personal Data.  In some contexts more than one ground applies.  We have summarized these grounds as Contract, Legal obligation, Legitimate Interests and Consent and outline what those terms mean in the following table:

Term

Ground for Processing

Explanation

Contract

Processing necessary for performance of a contract with you or to take steps at your request to enter a contract

This covers carrying out our contractual duties and exercising our contractual rights directly or via a collective agreement or works council, if applicable.

Legal obligation

Processing necessary to comply with our legal obligations

Ensuring we perform our legal and regulatory obligations.  For example, providing a safe place of work and avoiding unlawful discrimination.

Legitimate  Interests

Processing necessary for our or a third party’s legitimate interests

We or a third party have legitimate interests in carrying on, managing and administering our respective businesses effectively and properly and in connection with those interests Processing your data. 
Your data will not be Processed on this basis if our or a third party’s interests are overridden by your own interests, rights and freedoms.

Consent

You have given specific consent to Processing your data

In general Processing of your data in connection with employment is not conditional on your consent.  But there may be occasions where we do specific things such as getting a criminal record check for a role which is regulated and rely on your consent to our doing so. 

In addition to the main purposes set out earlier in this Notice, more specific information on our purposes and the legal grounds for Processing are set out in the table below.

The examples in the table cannot, of course, be exhaustive.  For example, although the table does not mention data relating to criminal offences, if we were to find out that someone working for us was suspected of committing a criminal offence, we will Process that information if necessary for our purposes.  If necessary we will also require criminal background checks for certain roles – for example those working in financial roles or working with minors, subject to applicable law. 

Purpose

Examples of Personal Data that may be Processed

Grounds for Processing

Recruitment

Standard data related to your identity (e.g. your name, address, email address, ID information and documents, telephone numbers, place of birth, nationality, contact details, professional experience and education (including university degrees, academic records, professional licenses, memberships and certifications, awards and achievements, and current and previous employment details), financial information (including current salary information) language skills, and any other Personal Data that you present us with as part of your application related to the fulfilment of the role.
Information concerning your application and our assessment of it, your references, any checks we may make to verify information provided or background checks and any information connected with your right to work.
If necessary, we will also Process information concerning your health, any disability and in connection with any adjustments to working arrangements.

Contract
Legal obligation
Legitimate interests

Your employment contract including entering it, performing it and changing it

Information on your terms of employment from time to time including your hours and working patterns and your pay and benefits such as your participation in pension arrangements, life and medical insurance; and any bonus or share schemes.

Contract
Legal obligation
Legitimate interests

Contacting  you or others on your behalf

Your address and phone number, emergency contact information and information on your next of kin.

Contract
Legal obligation
Legitimate interests

Payroll administration

Information on your bank account, pension contributions and on tax and national or social insurance. 
Your national or social insurance number or other government issued identifier.
Information on attendance, holiday and other leave and sickness absence.

Contract
Legal obligation
Legitimate interests

Financial planning and budgeting

Information such as your salary and (if applicable) bonus levels.

Legitimate interests

Supporting and managing your work and performance and any health concerns

Information connected with your work, anything you do at work and your performance including records of documents and emails created by or relating to you and information on your use of our systems including computers, laptops or other device. 
Management information regarding you including notes of meetings and appraisal records, including information you or our managers enter onto our training or appraisal platforms.  
Information relating to your compliance with our policies.
Information concerning disciplinary allegations, investigations and Processes and relating to grievances or complaints in which you are or may be directly or indirectly involved.
General information concerning your health, including return to work plans, as permitted or required by local law.

Contract
Legal obligation
Legitimate interests

Changing or ending your working arrangements

Information connected with anything that may affect your continuing employment or the terms on which you work including any proposal to promote you, to change your pay or benefits, to change your working arrangements or to end your employment.

Contract
Legitimate interests

Physical and system security

Closed Circuit TV images.
Your IT account and directory information.
Records of use of swipe and similar entry cards.
Records of your use of our systems including computers, phones and other devices and passwords. 

Legal obligation
Legitimate interests

Improving efficiency of IT and business systems and device use

Records of your use of IT and business systems and McDermott devices.
For example, we may collect information on the number of minutes and amount of data used on company mobile phones to ensure employees are on the most cost-effective tariff for their usage.
We will where necessary and as set out in this Privacy Notice also contract with third parties so you can use third party applications on your company devices which may assist with your work (for example an application allowing ‘one-click’ dial in to conference calls). Such applications will Process your Personal Data. Their own privacy notices will make clear precisely what information will be collected. We may be provided with information on the usage of such applications, for example for the purpose of troubleshooting or assessing overall usage and whether to continue to provide them.

Legitimate interest

Providing references in connection with your finding new employment

Information on your working for us and on your performance.

Consent
Legitimate interests

Providing information to third parties in connection with transactions that we contemplate or carry out

Information on your contract and other employment data that may be required by a party to a transaction such as a prospective purchaser, seller or outsourcer.

Legitimate interests

Compliance with  diversity and fair employment  opportunities

Information on your nationality, racial and ethnic origin, gender, religion, disability and age as part compliance with diversity and fair employment   initiatives. Please note we may share aggregated and anonymised diversity statistics with regulators if formally required / requested.

Legitimate interests
Legal Obligations

Monitoring and investigating suspicions of misconduct, compliance with policies and rules – both generally and specifically

We expect our employees and workers to comply with our policies and rules and may monitor our systems to check compliance (e.g. rules on accessing pornography at work).  We will where necessary and as set out in this Privacy Notice check system and other data to look into those concerns (e.g. log in records, records of usage and emails and documents, Closed Circuit TV images).  In appropriate cases if we have suspicions of serious wrong-doing, we may make targeted records (e.g. video or sound) in connection with an investigation. 

Legitimate interests

Disputes and legal proceedings

Any information relevant or potentially relevant to a dispute or legal proceeding affecting us.

Legitimate interests
Legal obligation

Trade union check off arrangements and Works Council administration

Details of trade union membership and deductions of contributions made at source.
Information relating to Works Council participation, including any communication you send to us if acting for the Works Council (if applicable).

Contract
Legal Obligation

Day to day business operations including marketing and customer/client relations and travel on our behalf

Information relating to the work you do for us, your role and contact details including relations with current or potential customers or clients.  This may include a picture of you for internal or external use.
Information regarding your travel arrangements and location.

Legitimate interests

Maintaining appropriate business records during and after your employment

Information relating to your work, anything you do at work and your performance relevant to such records. 

Contract
Legal obligation
Legitimate interests

4. WHERE THE PERSONAL DATA COMES FROM

The Personal Data will be collected either directly from employees, through their activities in the course of their employment, from Company HR personnel, or from third parties (including references, former employees, former employers, recruitment agencies, or governmental authorities), subject to the requirements of applicable law.

5. CATEGORIES OF RECIPIENTS

Company may transfer your Personal Data, including any Sensitive Personal Data as necessary, to third parties for the Processing Purposes as follows:

  • Within the McDermott Group of Companies: As part of our global structure, your manager or certain regional or global departments may be located within other McDermott group entities in other jurisdictions. Therefore, our parent entity, McDermott International, Inc. in the United States and other entities within the global McDermott group of companies may receive your Personal Data as necessary for the Processing Purposes, in particular to administer the workforce, monitor and ensure compliance with applicable McDermott procedures, and respond to and comply with requests and legal demands. In order to provide adequate protection for such data transfers (especially to jurisdictions that the EU does not generally consider to have adequate data protection safeguards, such as the USA), Company has put in place appropriate data transfer agreements based on - and conforming to - the EU standard contractual clauses.
  • With certain third parties: Existing or potential business partners including joint venture or consortium partners, suppliers, customers, independent external advisors (e.g., auditors), banks, insurance carriers, benefits providers, and other third parties may also receive your Personal Data as necessary in connection with our business operations, in particular to carry out our contractual relationships with such third parties, to administer and provide compensation, administer and provide applicable benefits and other work-related allowances, administer the workforce, comply with applicable laws and employment-related requirements, communicate with you and third parties, to comply with corporate financial responsibilities, and respond to and comply with requests and legal demands.
  • With certain acquiring or acquired entities: If the Company business for which you work is sold or transferred in whole or in part or if the Company is acquiring and integrating another entity into the business for which you work (or any similar transaction is being contemplated), your Personal Data may be transferred to the other entity (e.g., the new employer, potential new employer, the new acquired entity, or potential new acquired entity) prior to the transaction (e.g., during the diligence phase) or after the transaction, subject to any rights provided by applicable law, including jurisdictions where the other entity is located.
  • Law Enforcement Agencies or Government Authorities: The Company may disclose Personal Data to respond to law enforcement agency requests or where required by applicable laws, pursuant to court orders, or arbitral or tribunal orders or rules of procedure, or to government regulations departments or agencies or regulatory bodies (including disclosures to tax and employment authorities), employment and any other regulatory bodies).   The Company may also disclose your Personal Data as required or permitted by applicable law to governmental authorities, courts, external advisors, and similar third parties.
  • Advisers: The Company may disclose your Personal Data on a confidential basis to our advisers for example to our lawyers for the purposes of seeking legal advice or to further the Company’s interests in legal proceedings and to our accountants for auditing purposes. 
  • Insurers: Your Personal Data may be transferred to our insurers for the purposes of making an insurance claim. 
  • IT service providers:  For the purposes of assessing efficiency of IT or business system device usage, your Personal Data may be transferred to our IT service providers. 

Certain third parties, whether affiliated or unaffiliated, may receive your Personal Data to Process such data under appropriate instructions ("Data Processors") as necessary to support and facilitate the Processing purposes. The Data Processors will be subject to contractual obligations to implement appropriate technical and organizational security measures to safeguard the Personal Data, and to Process the Personal Data only as instructed.

The recipients of your Personal Data might be located in countries which do not adduce an adequate level of protection from a European data protection law perspective. Company will take all necessary measures to ensure that transfers out of the EU are adequately protected as required by applicable data protection law. With respect to transfers to countries not providing an adequate level of data protection, we may base the transfer on appropriate safeguards, such as standard data protection clauses adopted by the European Commission or by a supervisory authority, approved code of conducts together with binding and enforceable commitments of the recipient, or approved certification mechanisms together with binding and enforceable commitments of the recipient. You can request a copy of the appropriate safeguards by contacting us as set out under “Questions” below.

Any access to your Personal Data is restricted to those individuals that have a need to know in order to fulfil their job responsibilities.

6. RETENTION PERIOD

Your Personal Data is stored by the Company and/or our service providers, strictly for the time necessary to achieve the purposes for which the information is collected, in accordance with applicable data protection laws. When the Company no longer needs to use your Personal Data, we will remove it from our systems and records and/or take steps to properly anonymize it so that you can no longer be identified from it (unless we need to keep your information to comply with legal or regulatory obligations to which the Company is subject).

Although there is no specific period for which the Company will keep your Personal Data, the Company will not keep it for longer than is necessary for its purposes.  In general, the Company will keep your Personal Data for the duration of your employment and for a period afterwards.  In considering how long to keep it, we will take into account its relevance to our business and your employment, and applicable data protection laws and regulations. Certain special circumstances may require a longer retention period (e.g. in the event of a legal claim).  For the retention periods applying to specific types of documents, please see the Company Retention Policy in the IMS or CMS portal.

7. YOUR RIGHTS

If we have relied on your consent regarding certain types of Processing activities, you can withdraw this consent at any time with future effect. Such a withdrawal will not affect the lawfulness of the Processing prior to the consent withdrawal.  In general, the Processing of your data in connection with employment is not conditional on your consent and the Company relies on other grounds to Process your Personal Data. 

Pursuant to applicable data protection law you may have the right to: (i) request access to your Personal Data; (ii) request rectification of your Personal Data; (iii) request erasure of your Personal Data; (iv) request restriction of Processing of your Personal Data; (v) request data portability; (vi) object to the Processing of your Personal Data. Any such requests should be made through your local HR Representative. Please note that these aforementioned rights might be limited under the applicable national data protection law.

(i)  Right of access: You may have the right to obtain from us confirmation as to whether or not Personal Data concerning you is Processed, and, where that is the case, to request access to the Personal Data. The access information includes, among other things, the purposes of the Processing, the categories of Personal Data concerned, and the recipients or categories of recipient to whom the Personal Data have been or will be disclosed. However, this is not an absolute right and the interests of other individuals may restrict your right of access.

You may have the right to obtain a copy of the Personal Data undergoing Processing. For further copies requested by you, we may charge a reasonable fee based on administrative costs.

(ii) Right to rectification: You may have the right to obtain from us the rectification of inaccurate Personal Data concerning you. Depending on the purposes of the Processing, you may have the right to have incomplete Personal Data completed, including by means of providing a supplementary statement.

(iii)   Right to erasure (right to be forgotten): Under certain circumstances, you may have the right to obtain from us the erasure of Personal Data concerning you and we may be obliged to erase such Personal Data.

(iv)   Right to restriction of Processing: Under certain circumstances, you may have the right to obtain from us restriction of Processing your Personal Data. In this case, the respective data will be marked and may only be Processed by us for certain purposes.

(v) Right to data portability: Under certain circumstances, you may have the right to receive the Personal Data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and you may have the right to transmit those data to another entity without hindrance from us.

(vi)   Right to object: Under certain circumstances, you may have the right to object, on grounds relating to your particular situation, at any time to the Processing of your Personal Data by us and we can be required to no longer Process your Personal Data.

To exercise your rights, please contact us as stated in the "Questions" section below.

You also have the right to lodge a complaint with the competent data protection supervisory authority.  Please see the section “Questions” below for further information. 

8. QUESTIONS

Employees who have any questions or complaints about this Notice should contact their local HR manager or area compliance representative in the first instance or the contact person set out in Annexure 1. You may also raise complaints with your statutory regulator, the contact details of which are also set out in Annexure 1. 

9. STATUS OF THIS NOTICE

This Notice does not form part of your contract of employment and may be amended by us at any time.  Nothing in this Notice is intended to create an employment relationship between the Company and any non-employee providing services to us. 

 

Annexure 1 – Information specific to Jurisdictions

Czech Republic

If you are employed, engaged or otherwise in the Czech Republic the following additional information applies.

Data controller/Employer(s)

Address

CB&I s.r.o.

Holandská 874/8; Štýřice
Brno, Czech Republic, 63900
Czech Republic

Lutech Resources Czech Republic s.r.o.

Holandská 874/8; Štýřice
Brno, Czech Republic, 63900
Czech Republic

 

Contact Person

E-mail address

Vlastimil Kazda

vkazda@mcdermott.com

Sander Vink – Lutech Contact

SVink@lutechresources.com

 

Statutory Regulator Information

You can find an overview and contact information of the relevant data protection supervisory authorities for the EU (including those for Czech Republic) under http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm

Germany

If you are employed, engaged or otherwise in Germany the following additional information applies.

Data controller/Employer(s)

Address

CB&I Lummus Deutschland GmbH

Hagenauer Strasse 59
Wiesbaden, Germany  D-65203

Lummus Novolen Technology GmbH

Gottlieb-Daimler-StaBe 8
Mannheim, Germany  68165

 

Contact Person

E-mail address

Grit Papke

Gpapke@mcdermott.com

 

Statutory Regulator Information

You can find an overview and contact information of the relevant data protection supervisory authorities for the EU (including those for Germany) under http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm

Netherlands

If you are employed, engaged or otherwise in the Netherlands the following additional information applies.

Data controller/Employer

Address

CB&I Cojafex B.V.

Blaak 22
D42
Rotterdam, The Netherlands  7011 TA

CB&I Europe B.V.

Prinses Beatrixlaan 35
The Hague  2595 AK

CB&I Nederland B.V.

Prinses Beatrixlaan 35
The Hague  2595 AK

CB&I Oil & Gas Europe B.V.

Prinses Beatrixlaan 35
The Hague  2595 AK

CB&I Rusland B.V.

Prinses Beatrixlaan 35
The Hague  2595 AK

CB&I-CTCI B.V.

Prinses Beatrixlaan 35
The Hague  2595 AK

Chicago Bridge & Iron Company B.V.

Prinses Beatrixlaan 35
The Hague  2595 AK

Lealand Finance Company B.V.

Prinses Beatrixlaan 35
The Hague  2595 AK

Lummus Technology Heat Transfer B.V.

Prinses Beatrixlaan 35
The Hague  2595 AK

Lutech Resources B.V.

Prinses Beatrixlaan 35
The Hague  2595 AK

Netherlands Operating Company B.V.

Prinses Beatrixlaan 35
The Hague  2595 AK

 

Contact Person

E-mail address

Bas Niehien

BNiehien@mcdermott.com

Sander Vink – Lutech Contact

SVink@lutechresources.com

 

Statutory Regulator Information

You can find an overview and contact information of the relevant data protection supervisory authorities for the EU (including those for The Netherlands) under http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm

United Kingdom

If you are employed, engaged or otherwise in the UK the following additional information applies.

Data controller

Address

CB&I UK LIMITED

40 Eastbourne Terrace, London W26LG

Lummus Consultants International, Limited

Alitus Houst, 1 North Fourth Street, Third Floor Milton Keynes  MK9 1NE

Lutech Resources Limited

40 Eastbourne Terrace, London W26LG

McDermott Marine Construction Limited

Global House, 1 Ashley Avenue, Epsom, Surrey KT18 5AD

 

Contact Person

E-mail address

Husna Miah - McDermott

HMiah@mcdermott.com

Anastasia Lisyutina - Lutech

alisyutina@lutechresources.com

 

Please note that this Privacy Notice, along with other related McDermott policies and/or protocols, shall form McDermott’s policy for procuring special data as required by the UK Data Protection Bill 2018 (Schedule 1 Part IV). 

Statutory Regulator Information

You can find an overview and contact information of the relevant data protection supervisory authorities for the EU (inclusive of those for the UK) under http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm