EUROANSWER DATA PROTECTION & PRIVACY POLICY

Euroanswer Data Protection & Privacy Policy
Updated November 26th 2020

Privacy Statement
Euroanswer (the Company) is committed to being compliant to the EU General Data Protection Regulation and to data privacy and security compliance globally.
We respect individual privacy and we value the confidence of our customers, employees, business partners and suppliers. We collect, use and disclose Personal Data in a manner consistent with the requirements of the General Data Protection Regulation.
It is Euroanswer’s strategy to guarantee that our consistence with the GDPR and other important enactment is clear and verifiable consistently. The General Data Protection Regulation (GDPR) is a standout amongst the most noteworthy bits of enactment influencing the way that Euroanswer does its data preparing exercises.

Your personal data and our website
Euroanswer’s website is our most important communication tool. We process personal data collected on our website (name, email address, any personal data from your message) for the following purposes:
– to enable you to have access to our website – our Cookie Policy is available here ;
– when you send us a request or a complaint through our website or by other means, only for the purpose of the management of this request of complaint;
– when you apply for a job on our website, only for recruitment;
– when you subscribe to our mailing list, only for marketing.
We processthis personal data for our legitimate interest in marketing.
As a rule, we do not keep your personal information for longer than necessary for the purposes for which we collected it.

Security of Personal Data
Euroanswer understands the importance of building the right awareness amongst the teams in order to diminish risks of human error, theft, fraud and misuse. Euroanswer’s efforts include training employees to implement data protection & security policies and regular awareness trainings for the entire staff. Euroanswer employees’ obligations include written confidentiality agreements and compliance with company policies concerning protection of confidential information.
Euroanswer has appointed a Data Protection Officer and an intervention team who act as point of contact for any concerns the employees might have related to a possible Personal Data breach. The team promptly evaluates and responds to incidents that create suspicions of unauthorized handling of data. If Euroanswer determines that your data has been misappropriated (including by a Euroanswer employee) or otherwise wrongly acquired by a third party, Euroanswer will promptly report such misappropriation or acquisition to you.
Data subject’s rights

The GDPR establishes a set of rights that the data subject can exercise and which Euroanswer will react and respond to, generally within a month. These rights are outlined in Chapter III of GDPR:
The right to be informed
You have the right to be told how the Company processes your data and the reasons for the processing. In order to provide this information to you, the Company has a privacy notice to explain what data we collect about you, how we collect and process it, what we process it for and the lawful basis which permits us to process it. You can obtain a copy of the privacy notice, at no cost, from dpo@euroanswer.co.uk. If the Company intends to use data already collected from you for a different reason than that already communicated, you will be informed of the new reason in advance.

The right of access
You have the right to access your personal data which is held by the Company.
The right for data to be corrected
One of the fundamental principles underpinning data protection is that the data the Company processes about you will be accurate and up to date. You have the right to have your data corrected if it is inaccurate or incomplete.
The Company will respond to a data rectification request within one month. Where the data rectification request is complex, the Company may extend the timescale for response from one month to three months. If this is the case, the Company will write to you within one month of receipt of the request explaining the reason for the extension.
If the response to your request is that the Company will take no action, you will be informed of the reasons for this and of your right to complain to the Information Commissioner and to a judicial remedy.
Where any data which has been rectified was disclosed to third parties in its unrectified form, the Company will inform the third party of the rectification where possible. The Company will also inform you of the third parties to whom the data was disclosed.
The right to have information deleted
You have the right to have your data deleted and removed from our systems.
You have a right to have your data deleted in the following circumstances:
where the personal data is no longer necessary in relation to the purpose for which the Company originally collected or processed it
where you have withdrawn your consent to the continued processing of the data and there is no other lawful basis for the Company to continue processing the data
where you object to the processing and the Company has no overriding legitimate interest to continue the processing
the personal data has been unlawfully processed
the personal data has to be deleted due to a legal obligation.
If you wish to make a request for data deletion, you should complete the Data Deletion Request.
Upon receipt of a request, the Company will delete the data unless it is processed for one of the following reasons:
to exercise the rights of freedom of expression and information
for the Company to comply with a legal requirement
the performance of a task carried out in the public interest or exercise of official authority
for public health purposes in the public interest
archiving purposes in the public interest, scientific historical research or statistical purposes or
the defence of legal claims.
Where your request is not complied with because of the one of the above reasons, you will be informed of the reason. Where your request is to be complied with, you will be informed when the data has been deleted.
Where the data which is to be deleted has been shared with third parties, the Company will inform those third parties where this is possible. However, where this notification will cause a disproportionate effect on the Company, this notification may not be carried out.
The right to restrict the processing of data
You have the right to restrict the processing of your data in certain circumstances. Restricting the Company from processing your data means that the Company will continue to hold the data but will stop processing it.
The Company will be required to restrict the processing of your personal data in the following circumstances:
where you tell the Company that the data it holds on you is not accurate. Where this is the case, the Company will stop processing the data until it has taken steps to ensure that the data is accurate
where the data is processed for the performance of a public interest task or because of the Company’s legitimate interests and you have objected to the processing of data. In these circumstances, the processing may be restricted whilst the Company considers whether its legitimate interests mean it is appropriate to continue to process it
when the data has been processed unlawfully
where the Company no longer needs to process the data, but you need the data in relation to a legal claim.
Where data processing is restricted, the Company will continue to hold the data but will not process it unless:
you consent to the processing
processing is required in relation to a legal claim.
Where the data to be restricted has been shared with third parties, the Company will inform those third parties where this is possible. However, where this notification will cause a disproportionate effect on the Company, this notification may not be carried out.
Where the Company is to lift any restriction on processing, you will be informed in advance.
The right to data portability
You have the right to obtain the data that the Company processes on you and use it for your own purposes. This means you have the right to receive the personal data that you have provided to the Company in a structured machine readable format and to transmit the data to a different data controller.
This right applies in the following circumstances:
where you have provided the data to the Company
where the processing is carried out because you have given the Company your consent to do so
where the processing is carried out in order to perform the employment contract between you and the Company
where processing is carried out by automated means.
If you wish to exercise this right, please speak to dpo@euroanswer.co.uk.
Where a request for data portability is received, the Company will respond without undue delay, and within one month at the latest. Where the request is complex or the Company receives a number of requests, the Company may extend the timescale for response from one month to three months. If this is the case, the Company will write to you within one month of receipt of the request explaining the reason for the extension.
Where the Company is to comply with your request, you will receive the data in a structured and machine readable form. You will not be charged for the provision of this data. Upon request, the Company will transmit the data directly to another organization if our IT systems are compatible with those of the recipient.
If the response to your request is that the Company will take no action, you will be informed of the reasons for this and of your right to complain to the Information Commissioner and to a judicial remedy.
The right to portability is different from the right to access. Although both involve a right to access your personal data, the personal data to be accessed is not the same. The right to access your data under the right to portability includes only personal data as described above. Access to data under the right of access includes all personal data relating to you, including that which has not been provided to the Company by you.
The right to object to the inclusion of data
You have a right to object to the processing of your data in certain circumstances. This means that you have the right to require the Company to stop processing your data. In relation to your employment with the Company, you may object to processing where it is carried out:
in relation to the Company’s legitimate interests
for the performance of a task in the public interest
in the exercise of official authority or
for profiling purposes.

Where you object to processing, the Company will stop the processing activity objected to unless:
the Company can demonstrate compelling legitimate reasons for the processing which are believed to be more important than your rights or
the processing is required in relation to legal claims made by, or against, the Company.
If the response to your request is that the Company will take no action, you will be informed of the reasons.
Rights in relation to automated decision making
You have the right not to have decisions made about you solely on the basis of automated decision making processes where there is no human intervention, where such decisions will have a significant effect on you. However, the Company does not make any decisions based on such processes.
In circumstances where we use special category data, for example, data about your health, sex life, sexual orientation, race, ethnic origin, political opinion, religion, and trade union membership the Company will ensure that one of the following applies to the processing:
you have given your explicit consent to the processing or
the processing is necessary for reasons of substantial public interest.
Right to complain
You have the right to complain at any time if you believe your data protection rights have been breached.

If you would like to exercise your data protection rights, please send us a written request either by e-mail dpo@euroanswer.co.uk or to our DPO by post in a sealed envelope. In principle, we cannot accept verbal requests (telephone or face-to-face) as we may not be able to deal with your request immediately without first analyzing it and reliably identifying you. Your request should contain a detailed, accurate description of the data you want access to.Our use of the information on your identification document is strictly limited: the data will only be used to verify your identity and will not be stored for longer than needed for this purpose.

Changes to The Data Protection and Privacy policy

We will update this privacy statement when necessary to reflect customer feedback and changes in our services. When we post changes to this statement, we will revise the “last updated” date at the top of the statement. If there are material changes to the statement or in how Euroanswer will use your Personal Data, we will notify you either by obviously posting a notice of such changes before they take effect or by directly sending you a notification. We encourage you to periodically review this privacy statement to learn how Euroanswer is protecting your information.

How to Unsubscribe or Opt-out

Individuals who subscribe to e-mail lists via our website will receive periodic updates from Euroanswer by e-mail. You may opt out of receiving future information via e-mail by using the unsubscribe procedure specified in the e-mail message.

Contact Us

Name: Mihaela Fotescu
Phone: (+40) 0737 019 171
Email: dpo@euroanswer.co.uk
Address: Grigore Alexandrescu Street, nr. 59, HQ Victoriei, 1st Floor, District 1, Bucharest