“Personal Data” constitutes information relating to the user, which can be used to identify him personally (either directly or indirectly).
Person Responsible for processing Personal Data
The person responsible for the processing of personal data is SISGARBE, which provides services and/or products, determining for this purpose and without limiting:
- Personal Data that must be processed in the context of providing services and/or supplying products;
- The Purposes for which Personal Data is processed; It is,
- The means to be applied for the processing of Personal Data.
Principles applicable to the processing of Personal Data
The Processing of Personal Data is carried out in accordance with the general principles set out in the General Data Protection Regulation and other legislation relating to data protection, namely:
- In the context of the relationship with the Holder, we ensure that Personal Data will be treated in a lawful, fair and transparent manner (“Principle of lawfulness, loyalty and transparency”);
- We collect Personal Data for specified, explicit and legitimate purposes and do not subsequently process the same Data in a way that is incompatible with those purposes (“Principle of purpose limitation”);
- We ensure that only Personal Data that is appropriate, relevant and limited to what is strictly necessary for the purposes for which it is processed is processed (“Principle of data minimization”);
- We adopt appropriate measures so that Personal Data classified as inaccurate, taking into account the purposes of processing, are erased or rectified without delay («Principle of accuracy»);
- We keep Personal Data in a way that allows your identification only for the period necessary for the purposes for which they are processed (“Principle of conservation”);
- We ensure that Personal Data is processed in a way that guarantees its security, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, adopting appropriate technical or organizational measures (“Principle of integrity and confidentiality»).
Data we collect
The types of data we may collect about you, depending on your use of our Website, include:
- email address;
- address (workplace and personal);
- telephone and cell phone numbers (workplace and personal);
- geographic location (country/territory where you live and/or work);
- professional position and functions, as well as the name of your employer;
- your C.V. and cover letter (if you have applied for a position).
- preference data;
- data on the use of information technologies;
- commercial data for the provision of services and/or supply of products;
- any other information you choose to provide to us when contacting us on our Website.
Fundamentals of Lawfulness
By reference to the «Principle of Lawfulness» enshrined in current data protection laws, in the development and performance of its activities, SISGARBE only processes Personal Data when there is a lawful basis that legitimizes the processing.
The fundamentals of Lawfulness are:
- Consent: When the Data Subject has given his/her consent, through a free, specific, informed and explicit expression of will, by which he/she accepts, through a declaration (written or oral) or unequivocal positive act (by filling out a option), that Personal Data be subject to Processing.
- Pre-contractual measures or the execution of a contract: When processing is necessary for the performance of a contract to which the Data Subject is a party or for pre-contractual measures at their request.
- Compliance with a legal obligation: When the processing of Personal Data is necessary to ensure and guarantee compliance with legal obligations to which the Data Controller is subject under the legislation of a Member State and/or the European Union.
- Defense of the vital interests of the Data Holder: When Data Processing is necessary to ensure the defense of the vital interests of the Data Holder or another natural person.
Legitimate Interests: When processing is necessary for the purposes of legitimate interests pursued by the Controller, other Controllers or Third Parties, although the interests or fundamental rights and freedoms of the data subject do not prevail over such processing.
Sharing of Personal Data
- Subcontractors: your Personal Data may be shared with service providing companies. The service providing companies are linked to SISGARBE by means of a written contract, and may only process Personal Data for specifically established purposes and are not authorized to process Personal Data, directly or indirectly, for any other purpose, for their own benefit or that of a third party.
- Other Responsible Persons and/or Third Parties: Personal Data may be shared internally with other entities associated with SISGARBE that will comply with the applicable data protection rules depending on the purposes assigned to the processing carried out.
- Upon request and/or with your consent: your Personal Data may be shared with other entities.
- In compliance with legal and/or contractual obligations: your Personal Data may also be transmitted to judicial, administrative, supervisory or regulatory authorities and also to entities that lawfully carry out data compilation actions, prevention actions and combating fraud , market or statistical studies.
|Right of the Holder
|1. Right to be informed
|2. Right to access
|You have the right to obtain a copy of your data and certain information about how that data is processed. This right allows you to know and confirm that we use your data in accordance with data protection laws. We may refuse to provide you with requested information whenever, in doing so, we may reveal another person’s Personal Data or negatively impact another person’s rights.
|3. Right to rectification
|If your data is incorrect or incomplete, you can ask us to rectify/correct it.
|4. Right to erasure of data
|It allows you to request the deletion or deletion of your data, as long as there are no valid grounds for us to continue using it or its use is unlawful. This is not a generic right to erasure, as exceptions are permitted (for example, whenever this data is necessary to defend a right in legal proceedings).
|5. Right to limit processing
|You have the right to “block” or prevent future use of your data when we evaluate a request for rectification or as an alternative to erasure. Whenever processing is limited, we may still store your data, but we will not be able to use it later. We maintain lists of people who have requested to “block” the future use of their data to ensure that this limitation is respected in the future.
|6. Right to data portability
|You have the right to obtain and reuse certain Personal Data for your own purposes across various organizations. This right only applies to data that you have provided to us and that we process with your consent, which are processed by automated means.
|7. Right to object
|You have the right to object to certain types of processing, for reasons related to your particular situation, at any time that processing takes place, for the purposes of the legitimate interests of SISGARBE or third parties. We may continue to process this data if we can prove “overriding legitimate reasons for the processing that override your interests, rights and freedoms” or if this data is necessary for the establishment, exercise or defense of a right in legal proceedings .
You may at any time, in writing, exercise the rights enshrined in the Personal Data Protection Law and other applicable legislation via email at firstname.lastname@example.org.
Personal Data retention period
We retain Personal Data only for the period of time necessary to carry out the specific purposes for which it was collected. However, we may be required to store some Personal Data for a longer period, taking into account factors such as:
- legal obligations, under current laws, to retain Personal Data for a certain period;
- prescription/statute of limitations, under current laws;
- litigation; It is,
- guidelines issued by the competent data protection authorities.
Personal Data will only be processed within the context of the purposes identified in this Policy, in accordance with SISGARBE’s internal policies and using technical and organizational measures designed in accordance with the risks associated with the specific processing of Personal Data. We use appropriate security measures to ensure the protection of your Personal Data and prevent access by unauthorized persons. We periodically review our security policies and procedures to ensure that our systems are safe and secure. However, given that the transmission of information over the Internet is not completely secure, we cannot guarantee the security of your data transmitted to our Website.