Pledge on privacy
Intended use of Personal Data
Most of our services do not require any form of registration, allowing you to visit our site without telling us who you are. However, some services may require you to provide us with Personal Data. In these situations, if you choose to withhold any Personal Data requested by us, it may not be possible for you to gain access to certain parts of the site and for us to respond to your query. We may collect and use Personal Data to provide you with products or services, to market products and services which we think may be of interest to you, or to communicate with you for other purposes which are evident from the circumstances or about which we inform you when we collect Personal Data from you. We may use your personal data to verify accounts and activity, to monitor suspicious or fraudulent activity, and to identify violations of our policies. Where required by law or where we believe necessary to protect our legal rights, interests and the interests of others, we may use your personal data in connection with legal claims, compliance, regulatory, and audit functions. We may use automated decision making in processing your personal information for some services and products. You can request a manual review of the accuracy of an automated decision if you are unhappy with it.
Non-disclosure of Personal Data
Right of access, correction and objection
Whenever we process Personal Data, we take reasonable steps to ensure that your Personal Data is kept accurate and up-to date for the purposes for which it was collected. We will provide you with the ability to object to the processing of your Personal Data if such processing is not reasonably required for a legitimate business purpose as described in our policy or our compliance with law. In the case of electronic direct marketing, we will provide you with a method to opt out of receiving further marketing materials or with a method to opt in if required by law. To enable you to do the aforementioned and to contact us regarding our use of your Personal Data or object to the processing of your Personal Data, please email us at email@example.com. If you contact us, please note the name of the website where you provided the information, as well as the specific information you would like us to correct, update or delete plus a proper identification of you. Requests to delete personal data will be subject to any applicable legal and ethical reporting or document filing or retention obligations imposed on us.
Security and confidentiality
To ensure the security and confidentiality of Personal Data that we collect online, we use data networks protected, inter alia, by industry standard firewall and password protection. In the course of handling your Personal Data, we take reasonable measures, designed to protect Personal Data from loss, misuse, unauthorized access, disclosure, alteration or destruction.
Data Protection Policy
As part of its social responsibility, Azentio is committed to international compliance with data protection laws. Ensuring data protection is the foundation of trustworthy business relationships and the reputation of Azentio.
Application of Laws
This Data Protection Policy comprises of the internationally accepted data privacy principles and the laws of the land. The relevant national law will take precedence in the event that such national law conflicts with this Data Protection Policy, or has stricter requirements than this Policy.
Confidentiality of processing
Personal Data is subject to secrecy. Any unauthorized collection, processing or use of such data by employees is prohibited. Any data processing undertaken by an employee that he/she has not been authorized to carry out as part of his/her legitimate duties is unauthorized. The “need to know” principle applies. Employees may have access to personal information only as is appropriate for the type and scope of the task in question. This requires a careful breakdown and separation, as well as implementation, of roles and responsibilities.
Employees are forbidden to use Personal Data for private or commercial purposes, to disclose it to unauthorized persons, or to make it available in any other way. Supervisors must inform their employees at the start of the employment relationship about the obligation to protect data secrecy. This obligation shall survive termination of employment.
Personal Data must be safeguarded from unauthorized access and unlawful processing or disclosure, as well as accidental loss, modification or destruction. This applies regardless of whether data is processed electronically or in paper form. Before the introduction of new methods of data processing, particularly new IT systems, technical and organizational measures to protect personal data must be defined and implemented. These measures must be based on the state of the art, the risks of processing, and the need to protect the data (determined by the process for information classification).
In particular, all users must consult with our “Privacy Compliance Officer”, an employee whose responsibilities include overseeing our company’s ongoing activities related to the development, implementation, maintenance of, and adherence to our policies and procedures. The technical and organizational measures for protecting personal data are part of our Information Security management and must be adjusted continuously to the technical developments and organizational changes.
Data protection control
Compliance with the Data Protection Policy and the applicable data protection laws is checked regularly with data protection audits and other controls. The performance of these controls is the responsibility of the Privacy Compliance Officer, the data protection coordinators, and other company units with audit rights or external auditors hired.
On request, the results of data protection controls will be made available to the responsible data protection authority. The responsible data protection authority can perform its own controls of compliance with the regulations of this Policy, as permitted under national law.
Data protection incidents
To ensure the security and confidentiality of Personal Data that we collect online, we use data networks protected, inter alia, by industry standard firewall and password protection. In the course of handling your Personal Data, we take measures reasonably designed to protect that information from loss, misuse, unauthorized access, disclosure, alteration or destruction.
All employees must inform their supervisor, data protection coordinator or the Privacy Compliance Officer immediately about cases of violations against this Data Protection Policy or other regulations on the protection of personal data (data protection incidents). The manager responsible for the function or the unit is required to inform the responsible data protection coordinator or the Privacy Compliance Officer immediately about data protection incidents.
In case of:
- improper transmission of personal data to third parties,
- improper access by third parties to personal data,
- loss of personal data
The required company reports (Information Security Incident Management) must be made immediately so that any reporting duties under national law can be complied with.
“Cookies” and internet tags
We may collect and process information about your visit to this website, such as the pages you visit, the website you came from and some of the searches you perform. Such information is used by us to help improve the contents of the site and to compile aggregate statistics about individuals using our site for internal, market research purposes. In doing this, we may install “cookies” that collect the domain name of the user, your internet service provider, your operating system, and the date and time of access. A “cookie” is a small piece of information which is sent to your browser and stored on your computer’s hard drive. Cookies do not damage your computer. You can set your browser to notify you when you receive a “cookie,” this will enable you to decide if you want to accept it or not. If you do not want us to install cookies, please email us at firstname.lastname@example.org. We would like to inform you, however, that if you do not accept you may not be able to use all functionality of your browser software. We may obtain the services of outside parties to assist us in collecting and processing the information described in this Section.
Occasionally, we may use internet tags (also known as action tags, single-pixel GIFs, clear GIFs, invisible GIFs and 1-by-1 GIFs) and cookies at this site and may deploy these tags/cookies through a third-party advertising partner or a web analytical service partner which may be located and store the respective information (including your IP-address) in a foreign country. These tags/cookies are placed on both online advertisements that bring users to this site and on different pages of this site. We use this technology to measure the visitors’ responses to our sites and the effectiveness of our advertising campaigns (including how many times a page is opened and which information is consulted) as well as to evaluate your use of this website. The third-party partner or the web analytical service partner may be able to collect data about visitors to our and other sites because of these internet tags/cookies, may compose reports regarding the website’s activity for us and may provide further services which are related to the use of the website and the internet. The third-party partner or web analytical service partner may provide such information to other parties if there is a legal requirement that they do so, or if they hire the other parties to process information on their behalf.
Azentio shall not be responsible for the authenticity of the Personal Data supplied to it by the providers, whose’ duty is to ensure that the information provided by it/them or its/their employees is authentic.
EU Data Subject Rights
Users residing in the European Union have the following affirmative rights:
Right to Be Informed: Anyone processing your personal data will clearly inform you about what they are processing, why, and who else the data may be passed to.
Right of Access: You have the right to see and access the data that is held about you.
Right to Withdraw Consent: Under the General Data Protection regulation, you have the right to change or withdraw your consent and to request details of any personal data that we hold about you.
Right to Be Forgotten: If we have no legitimate reason to continue to hold your information, you have the right to be forgotten.
Right to Correct: You have the right to correct or amend any data that is incorrect in some way.
Right to Restrict Processing: You have the right to temporarily halt the processing of your personal data, such as in the case where a dispute or legal case is pending, or if the data is being corrected.
Right of Data Portability: You have the right to obtain and move your personal data in a commonly used and machine-readable form.
The Right to Object: You have the right to object to any processing of your data which is inconsistent with the primary purpose for which it was collected.
Rights in Relations to Automated Decision Making: You have the right to request that we stop processing your personal information for marketing purposes.