Our Company Data Protection Policy refers to our commitment to treat information of employees, customers, stakeholders and other parties with care and confidentiality. With this policy, we ensure that we gather, store and handle all data fairly, transparently and with respect towards individual rights.
What do this cover?
Employees of our company and its subsidiaries must follow our rules and regulations. Contractors, consultants, partners and any other external entity are also covered. Our policy refers to anyone we collaborate with or acts on our behalf and may need occasional access to data.
As part of our operations, we need to obtain and process information. This information includes any offline or online data that makes a person identifiable such as names, addresses, usernames and passwords, digital footprints, photographs, social security numbers, financial data etc.
Our company collects this information in a transparent way and only with the full cooperation and knowledge of interested parties. Once this information is available to us, the following rules apply.
Our data will be:
- Accurate and kept up-to-date
- Collected fairly and for lawful purposes only
- Processed by the company within its legal and moral boundaries
- Protected against any unauthorized or illegal access by internal or external parties
Our data will not be:
- Transferred to organizations, states or countries that do not have adequate data protection policies
- Distributed to any party other than the ones agreed upon by the data’s owner (exempting legitimate requests from law enforcement authorities)
In addition to ways of handling the data, the company has direct obligations towards people to whom the data belongs. Specifically, we must:
- Let people know which of their data is collected
- Inform people about how we’ll process their data
- Inform people about who has access to their information
- Have provisions in cases of lost, corrupted or compromised data
- Allow people to request that we modify, erase, reduce or correct data contained in our databases
To exercise data protection we’re committed to:
- Restrict and monitor access to sensitive data
- Develop transparent data collection procedures
- Train employees in online privacy and security measures
- Build secure networks to protect online data from cyber attacks
- Establish clear procedures for reporting privacy breaches or data misuse
- Include contract clauses or communicate statements on how we handle data
- Establish data protection practices
The right to delete
In some cases, you have the right to have all or some of your personal information deleted by us, for example, if you take back your consent.
The right to limit treatment to storage
In some cases, you have the right to limit the processing of your personal data to consist only of storage, for example, if you believe that the information we process about you is incorrect.
The right to data portability
You may in some cases have the right to obtain personal information you provided to us in a structured, commonly used, machine-readable format and have the right to transfer that information to another data controller.
The right to object
You have the right at any time to object to our processing of your personal data for direct marketing purposes.
You also have the right, at any time, for objections relating to your personal situation to object to the processing of your personal data which we undertake on the basis of our legitimate interests.
The right to revoke consent
You have the right at any time to revoke the consent you have given us to given processing of personal data. If you wish to revoke your consent, please contact us at firstname.lastname@example.org