The European General Data Protection Regulation (GDPR), which globally impacts the processing of personal data, takes effect on May 25, 2018.

The privacy of our customers’ data, especially data about identified or identifiable individuals (personal data), is very important to us.

That is why we process it in accordance with applicable data protection laws and we have revisited our data privacy practices and have set them forth in our Data Privacy policy concisely and transparently.

Our Data Privacy policy covers essential GDPR requirements:

  • Our responsibilities as Data Controllers and / or Data Processors
  • What constitutes personal data
  • Purposes for which personal data are processed
  • Storage period (never longer than is legally permitted and necessary for the related processing purposes)
  • Legitimate grounds for processing
  • Rights of individuals whose personal data we process (access, consent withdraw, rectification, right to object, restriction of processing, portability, erasure) and how they can exercise these rights
  • How we ensure the security of personal data by implementation and maintenance of reasonable and appropriate technical and organizational security measures to protect against unauthorized access, alteration, disclosure, loss or destruction
  • In which instances we share personal data with third parties
  • The national supervisory authority for data protection where complaints can be lodged by individuals that consider our processing of their personal data to be inconsistent with applicable data protection laws

Our privacy policy is dated March 16, 2018. We may update it at any time if required in order to reflect changes in our data processing practices or in data protection laws. For substantial changes, we will use reasonable means to provide notice.

In addition to the existing rights, you have additional rights from the date of application of the Regulation. Here’s the full list of rights you have:

  • The right to information – you can request information about the processing of your personal data;
  • The right to rectification – you can rectify inaccurate personal data or fill it in;
  • The right to delete the data (“the right to be forgotten”) – you can obtain the deletion of the data, if the processing was not legal or in other cases stipulated by the law;
  • The right to restrict processing – you may request processing to be restricted if you are inconsistent with the accuracy of the data, as well as in other cases provided by law;
  • Opposition right – you can oppose, in particular, data processing that is based on our legitimate interest;
  • The right to data portability – you may receive, under certain conditions, the personal data you have provided us in a format that can be read automatically or you may require that the data be transmitted to another operator;
  • The right to lodge a complaint – you can file a complaint with the processing of your personal data with the National Supervisory Authority for Personal Data Processing;
  • The right to withdraw consent – in cases where processing is based on your consent, you can withdraw it at any time. Withdrawal of consent will only have effect for the future, the processing carried out before the withdrawal remains valid;
  • Additional rights related to automatic decisions: you can ask for and get human intervention about the processing, you can express your own point of view and you can challenge the decision.