Cogentrix’ commitment to privacy
This Privacy Notice is provided by Cogentrix Energy Power Management (“Cogentrix”, “we” and “us”), and it applies to ways in which we interact with individuals, (“Data Subjects”) in connection with our business, including, without limitation:
We respect the privacy of Data Subjects. This Privacy Notice describes how we collect, use, store, process, disclose and transfer information that we may collect from Data Subjects. Please note that Cogentrix may provide additional privacy notices or similar disclosures in respect of certain categories of Data Subjects (e.g., certain former or existing employees associated with Cogentrix), and certain geographies and jurisdictions.
What data do we collect and how?
Personal Data. When we use the term “Personal Data” we mean information that reasonably can be used to identify you as an individual person. In connection with our business, we may collect various types of Personal Data, including, among other things:
We collect this Personal Data in various ways, including:
Automatic Collection Tools. In addition, we automatically collect certain data from Data Subjects who visit the Site. To this end, we use data collection tools (“Cookies”) on the Site to record certain usage information, such as the number and frequency of visitors to the Site. This information may include the websites that you access immediately before and after your visit to our Site, and which Internet browser you are using.
If you are located outside of the United States, please be aware that the Personal Data we collect will be processed and stored in the United States, a jurisdiction in which the data protection and privacy laws may not offer the same level of protection as those in the country where you reside or are a citizen.
How and on what basis do we use your Personal Data?
We use your Personal Data for a variety of reasonable and legitimate business purposes, including, but not limited to, the following:
We will not use your Personal Data for any purposes inconsistent with this Privacy Notice without your permission.
With whom do we share your Personal Data?
Within Cogentrix. We share your Personal Data among Cogentrix entities for the purposes set forth above. In general, our entities, in turn, are not permitted to share your information with non-affiliated entities, except as described herein or otherwise permitted by applicable laws.
To Third Parties. We share your Personal Data with third parties in certain circumstances, including the following:
How do we protect your Personal Data?
We take seriously the obligation to safeguard your Personal Data. Your Personal Data held by us will be kept confidential in accordance with applicable Cogentrix policies and procedures. We will use all reasonable efforts to ensure that all Personal Data is kept secure and safe from any loss or unauthorized disclosure or use. All reasonable efforts are made to ensure that any Personal Data held by us are stored in a secure and safe place, and accessed only by our authorized employees and transferees.
Keeping your Personal Data current
In general, we seek to ensure that we keep your Personal Data accurate and up to date. However, you are responsible for, and we kindly request that you inform us of, any changes to your Personal Data (such as a change in your contact details).
How long do we keep your Personal Data?
In general, we will process and store your Personal Data for at least as long as it is necessary in order to fulfil our contractual, regulatory and statutory obligations. Subject to those qualifications, our goal is to keep such data for no longer than necessary in relation to the purposes for which we collect and use the Personal Data (we refer to the purposes as set forth above). Cogentrix will retain your Personal Data in accordance with applicable policies. If you have any specific questions in this respect, please feel free to contact us.
Contact and Complaints
Any Personal Data we receive from you when making a complaint will be treated in accordance with this Privacy Notice and only to process the complaint and check on the level of service we provide. Similarly, where inquiries are submitted to us we will only use the information supplied to us to deal with the inquiry and any subsequent issues and to check on the level of service we provide.
The www.cogentrix.com Site
www.cogentrix.com (“the Site) is operated from servers in the United States. BY USING THE SITE AND PROVIDING INFORMATION TO US, YOU CONSENT TO THE TRANSFER AND PROCESSING OF YOUR PERSONAL DATA IN THE UNITED STATES.
Please be aware that the Site may contain links to other websites hosted by third parties. Cogentrix does not control and is not responsible for the content or privacy practices and policies of such third party websites. We encourage you to be aware when you leave the Site and to read the privacy policies of each third-party website, especially if such website collects Personal Data from you.
Additional Information for Job Applicants
Questions, comments, requests or complaints regarding our use of your Personal Data should be addressed to firstname.lastname@example.org.
Additional Information for Residents of the European Economic Area (the “EEA”)
The below information applies to any Data Subject resident in the EEA. For purposes of the General Data Protection Regulation (EU) 2016/679 of the European Parliament and of the Council of 27th April 2016 (the “GDPR”), we act as a “data controller” and our headquarters is located in the United States at 13860 Ballantyne Corporate Place, Suite 300, Charlotte, NC 28277. As a data controller, we are responsible for deciding how we hold and use Personal Data about you.
GDPR Data Protection Principles
In respect of the collection, holding, storage, use, and processing of your Personal Data:
Transfer of Personal Data Outside of the EEA
The transfer of Personal Data from the UK/EEA to Cogentrix entities outside the EEA is governed by data transfer agreements which are in the form of the standard contractual clauses approved by the European Commission.
Where your Personal Data is processed by third parties outside the EEA, we will ensure appropriate safeguards are in place to adequately protect it, as required by applicable law, including the execution of standard contractual clauses (referred to above) if the recipients are not located in a country with adequate data protection laws (as determined by the European Commission) or certified under the EU-US Privacy Shield framework.
GDPR Data Subject Rights
Under the GDPR, in certain circumstances, an EEA-resident Data Subject has certain individual rights with respect to the Personal Data that we hold about them. In particular, you may have the right to:
Additionally, in the circumstances where you may have provided your consent to the collection, processing and transfer of your Personal Data for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.
To exercise any of these rights, please contact us using the contact details set out under the “Contact and Complaints” heading above.
Automated Decision Making
We respect your legal rights not to be subject to decisions that are based solely on automated processing of your Personal Data, including profiling, especially where such processing has legal or other significant effects on you. In establishing and carrying out a business relationship, we generally do not use any automated decision making pursuant to the GDPR. We may process some of your Personal Data automatically, with the goal of assessing certain personal aspects (profiling), such as to comply with legal or regulatory obligations to combat money laundering, terrorism financing, and offenses that pose a danger to assets. We also use assessment tools in order to be able to allow communications and marketing to be tailored as needed.
Complaints to Local Authorities
As a resident of the EEA, you are also entitled to direct any complaints in relation to our processing of your Personal Data to your national or local data protection supervisory authority.
 You will not have to pay a fee to access your Personal Data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive.