Titus Group Privacy Statement
Effective date: May 25, 2018
As data controllers and data processors we are aware of our obligations to comply with the new GDPR regulation. We have been adapting our policies, processes and other controls where we have identified that changes are required by GDPR. Titus Group will maintain an active role in staying up-to-date with the new Regulation and we are currently in the process of adapting and updating our internal rules, processes and controls with the aim to ensure compliance also by our Suppliers, Customers and Business partners.
To achieve the mentioned goal, we have been implementing a plan of activities which includes the following:
- Informing relevant employees on GDPR requirements
- Updating our contacts, contracts and service agreements
- Improving the rights of data subjects on how to access their own data
- Improving process controls with regard to data destruction and deletion
- Implementing mandatory notifications for data breaches
- Improving transparency and fair processing alerts and notifications
- Improving/updating internal regulation, statements and processes
- Consent requirement
DATA COLLECTION, OBLIGATIONS AND PURPOSE
Titus Group ensures that its employees, processors, service providers and other agents engaged on our behalf respect the confidentiality of Supplier, Customers and Business partners personal data and comply with the terms of this statement.
Titus Group will provide reasonable support and assistance with regard to requests from data subjects for access to, rectification, erasure, restriction, portability, blocking or deletion of data subject’s personal data that Titus Group collects on behalf of Supplier, Customers and Business partners.
WE RESPECT YOUR PRIVACY
We respect your right to Privacy and this document explains how Titus Group collects and use your personal data through your interactions with us.
WHAT PERSONAL DATA WE COLLECT
We collect your personal data in order to provide you with the best experience of our products and services.
We may use your personal data for marketing purposes with your consent and in that regard, you are entitled to choose whether you wish to receive promotional communications, mailings, newsletters, product updates and events. We may collect the following information from you for the purpose of upholding our business relationship or for marketing purposes:
- Name, surname, email, country – based on your consent for sending promotional communications, mailings, newsletters, product updates and events;
- Name, surname, contact details (e.g. email, company contact number/email, job title, department), country, company name and address – based on our legitimate interest with the aim of informing you on product updates and events once a month; and to do business with you.
We only collect data for which we have your approval through contractual agreement (legitimate interest) or consent.
HOW WE USE THE PERSONAL DATA PROVIDED
Personal data are used to perform marketing purposes and essential business operations. This includes operating our products, maintaining and improving the performance of our products, developing new features, and providing customer support.
The processing of personal data aims to provide necessary information for management, business requirements, statistics and promotion such as data storage, billing, printing records, address books, mailing lists, etc. in compliance with the statutory purposes of Titus Group and for legal purposes.
When processing personal data, we shall comply with all applicable data protection legislation and/or applicable recommendations by Data Protection Authorities or other competent authorities and shall keep ourselves updated on and comply with any changes in such legislation and/or recommendations.
REASONS WE SHARE PERSONAL DATA
We share personal data provided with your consent or based on our business relationship, if necessary to provide any product you have requested or authorized with:
- companies operating under the Titus Group if business relation requires
- partners working on our behalf (e.g. Service providers),
- to protect customers and/or lives,
- to maintain security of our product and the rights of our property,
- when required by law.
HOW TO ACCESS & CONTROL YOUR PERSONAL DATA
You can view, edit, or delete your personal data at any time by:
- sending an email to firstname.lastname@example.org
We store personal data on secure servers for different periods depending on the
type of personal data in accordance with national legislation or internal regulation:
▪ Customer, Supplier and other Business partners contact data for an additional period of 10 years from the date on which you ceased to be a customer of ours or from the end of our commercial/business relationship;
▪ Personal Data provided with consent for 5 years after the withdrawal of the given consent;
unless the law requires us to store the data for a longer period.
SECURITY OF YOUR DATA
We take reasonable steps to protect your data by ensuring we have internal and external technical and organizational measures in place based on our Information Technology Group Policy and data protection legislation. We keep all personal data confidential and secure and in that regard we have incorporated the necessary technical and organizational measures to safeguard any personal data processed by us, in accordance with applicable legislation including the use of secure passwords, user access controls, technical security such as firewalls and physical security including alarms, secure locks and specific entry passes for authorized individuals. We use a variety of security technologies and procedures to help protect your personal data from unauthorized access, use, disclosure, alteration. We store the personal data you provide on computer systems and secured servers that have limited access and are within controlled facilities.
We will report any breaches or potential breaches of personal data as soon as we become aware of them (in any event within 72 hours) and we will provide sufficient information as is required for our customers to decide on how to handle the breach and to report such a breach to the relevant supervisory authority, if necessary.
CHANGES TO THIS STATEMENT
We will promptly inform you if any update is made to this privacy statement in order to reflect changes under applicable data protection legislation and Information Technology Group Policy practices.
Titus d.o.o. Dekani,