Ensuring the protection and lawful handling of our Customers’ personal data is a top priority for us at Globus Solutions Z.o.o. We are fully committed to complying with the GDPR and national data protection laws, demonstrating our dedication to data protection and privacy. We only engage with partners who share our commitment to maintaining a high standard of data protection.
Our data processing activities are conducted in accordance with both current national legal frameworks and the GDPR, effective throughout Europe since May 25, 2018. We do not sell or disclose Customer data to unauthorized third parties, recognizing that our Customers own their data.
Lawful Basis and Transparency
We conduct regular audits, at least monthly, to assess the information we process and who has access to it. Given the nature of our data processing, particularly the higher-risk activities, we maintain an up-to-date and detailed list of processing activities (Schedule A-DP). This list is readily available for inspection by regulators upon request. To demonstrate GDPR compliance, we employ a data protection impact assessment (Schedule B-DP), detailing the purposes, types of data processed, access within our organization, involvement of third parties, data protection measures, and data retention plans.
Globus Solutions Z.o.o ensures that all data processing is justified under the GDPR, adhering to the conditions specified in Article 6. We process data based on consent, contract, legal obligation, vital interests, public interest, or legitimate interests, as outlined in the GDPR.
Key Elements to Lawful Consent:
- Freely given
2. Specific
3. Informed
4. Unambiguous
5. Clear affirmative action
We provide clear information about our data processing activities and legal justifications in our privacy policies, explaining to our Customers and site visitors what data we collect, why we collect it, how it’s processed, who has access to it, and how we ensure its security.
Data Security
Data protection is integrated into all stages of our data processing activities. We employ encryption, pseudonymization, or anonymization of personal data wherever possible, following the principles of ‘data protection by design and by default.’
Internal security policies are established to educate our team members about data security practices, covering aspects such as email security, password management, two-factor authentication, device encryption, and VPN usage.
We conduct data protection impact assessments whenever we plan to process personal data in a manner that could pose a high risk to individuals’ rights and freedoms. Additionally, we have established procedures for notifying authorities and data subjects in the event of a data breach, ensuring timely communication and response.
Accountability and Governance
Jonathan Curci oversees GDPR compliance at Globus Solutions Z.o.o, evaluating data protection policies and their implementation.
We enter into data processing agreements with all third parties handling personal data on our behalf, ensuring that they provide adequate data protection guarantees.
As we operate outside the EU, we plan to appoint a representative within Switzerland or, if required, in an EU member state. Additionally, we intend to appoint a qualified Data Protection Officer (DPO) to oversee data protection matters.
Privacy Rights
We make it easy for our Customers to exercise their privacy rights, including requesting access to their data, correcting inaccuracies, requesting deletion or restriction of processing, receiving data in a portable format, and objecting to processing for direct marketing purposes.
Since Globus Solutions Z.o.o utilizes automated decision-making processes, we have established procedures to safeguard individuals’ rights, allowing them to request human intervention, provide input on decisions, and challenge automated decisions.
By adhering to these principles and practices, we demonstrate our commitment to protecting our Customers’ privacy and upholding their data protection rights.
Ensuring the protection and lawful handling of our Customers’ personal data is a top priority for us at Globus Solutions Z.o.o. We are fully committed to complying with the GDPR and national data protection laws, demonstrating our dedication to data protection and privacy. We only engage with partners who share our commitment to maintaining a high standard of data protection.
Our data processing activities are conducted in accordance with both current national legal frameworks and the GDPR, effective throughout Europe since May 25, 2018. We do not sell or disclose Customer data to unauthorized third parties, recognizing that our Customers own their data.
Lawful Basis and Transparency
We conduct regular audits, at least monthly, to assess the information we process and who has access to it. Given the nature of our data processing, particularly the higher-risk activities, we maintain an up-to-date and detailed list of processing activities (Schedule A-DP). This list is readily available for inspection by regulators upon request. To demonstrate GDPR compliance, we employ a data protection impact assessment (Schedule B-DP), detailing the purposes, types of data processed, access within our organization, involvement of third parties, data protection measures, and data retention plans.
Globus Solutions Z.o.o ensures that all data processing is justified under the GDPR, adhering to the conditions specified in Article 6. We process data based on consent, contract, legal obligation, vital interests, public interest, or legitimate interests, as outlined in the GDPR.
Key Elements to Lawful Consent:
- Freely given
2. Specific
3. Informed
4. Unambiguous
5. Clear affirmative action
We provide clear information about our data processing activities and legal justifications in our privacy policies, explaining to our Customers and site visitors what data we collect, why we collect it, how it’s processed, who has access to it, and how we ensure its security.
Data Security
Data protection is integrated into all stages of our data processing activities. We employ encryption, pseudonymization, or anonymization of personal data wherever possible, following the principles of ‘data protection by design and by default.’
Internal security policies are established to educate our team members about data security practices, covering aspects such as email security, password management, two-factor authentication, device encryption, and VPN usage.
We conduct data protection impact assessments whenever we plan to process personal data in a manner that could pose a high risk to individuals’ rights and freedoms. Additionally, we have established procedures for notifying authorities and data subjects in the event of a data breach, ensuring timely communication and response.
Accountability and Governance
Ms. Dimitra Dimitriou oversees GDPR compliance at Globus Solutions Z.o.o, evaluating data protection policies and their implementation.
We enter into data processing agreements with all third parties handling personal data on our behalf, ensuring that they provide adequate data protection guarantees.
Privacy Rights
We make it easy for our Customers to exercise their privacy rights, including requesting access to their data, correcting inaccuracies, requesting deletion or restriction of processing, receiving data in a portable format, and objecting to processing for direct marketing purposes.
Since Globus Solutions Z.o.o utilizes automated decision-making processes, we have established procedures to safeguard individuals’ rights, allowing them to request human intervention, provide input on decisions, and challenge automated decisions.
By adhering to these principles and practices, we demonstrate our commitment to protecting our Customers’ privacy and upholding their data protection rights.