Statement of Commitment to Privacy and Personal Data Protection by Bizdirect
The protection of privacy and personal data of all persons who somehow relate to Bizdirect (clients, users of the services, employees, partners and others) is a fundamental commitment of our Company.
Personal data is important for the activity of Bizdirect, in particular, for the marketing of its products and services, for the provision, monitoring and improvement of the quality of the services made available by Bizdirect, for the management of Bizdirect’s human resources and for the fulfilment of legal obligations, with the challenges that are associated to the processing of personal data for the said purposes being very strongly influenced by the technological, economic and social developments.
Our commitment is to work every day in order to ensure the privacy and protection of personal data for which we are responsible in compliance with the applicable legislation, regulations and guidelines on such matters.
With this Statement of Commitment, we want to make clear Bizdirect’s commitment to privacy, security and personal data protection and ensure that all those processing personal data on behalf of Bizdirect are bound and act in accordance with the underlying principles.
Personal Data Processing Principles and Data Subjects Rights
The processing of personal data by our Company complies with the following fundamental principles:
- Lawfulness principle;
- Purpose limitation principle;
- Transparency principle;
- Adequacy and data minimisation principle;
- Need to know principle;
- Integrity and confidentiality principle;
- Privacy by design and by default principle
In addition to complying with the said applicable principles, Bizdirect is committed to ensure the respect of Data Subjects rights, in particular, the right of access and information to personal data being processed by Bizdirect, the right to rectification, the right to erasure (“right to be forgotten”), the right to data portability, the right to restriction of processing, the right to withdraw consent, the right to object, the right not to be subject to a decision based solely on automated processing, including profiling, and the right to lodge a complaint.
A) Lawfulness principle
The personal data will be processed only if and to the extent that it is grounded on one of the conditions laid down for lawfulness, namely (i) when consent is given by the Data Subject or when the processing is necessary for (ii) the performance of a contract to which the Data Subject is a party, (iii) compliance with a legal obligation, or (iv) the purposes of the legitimate interests pursued by Bizdirect or by a third party.
B) Purpose limitation principle
The personal data will be processed exclusively for the purposes that determined its collection and will only be processed when legally permitted and by providing the due information to the corresponding Data Subject.
C) Transparency principle
Data subjects will be informed in a clear and concise way of the relevant aspects related to the processing of their personal data, namely, regarding the processing purposes and possible transmission to third parties.
D) Adequacy and data minimisation principle
Only personal data that is adequate, relevant and limited to the necessary personal data for the relevant purposes will be processed and for the time strictly necessary.
E) Need to know principle
Only employees and partners of Bizdirect whose functions require it will have access to the relevant personal data processed.
F) Integrity and confidentiality principle
The personal data will be processed in such a way as to guarantee its security, namely, (i) protected against unlawful or unauthorized access or disclosure, (ii) protected against unauthorized modification, loss or destruction of personal data or accidental loss of such personal data, and (iii) ensured that personal data will be available when necessary and permitted, without undue delay.
G) Privacy by design and by default principle
Bizdirect’s products and services, their support systems, and their procedures will be developed with the concern of protecting your privacy and personal data.
Personal Data Protection
Bizdirect respects best practices in the field of protection of personal data and information, and has adopted a program of policies and standards to ensure confidentiality, integrity and availability of the information it is dealing with and that is under its responsibility, which is known to all employees and partners of Bizdirect.
Bizdirect’s Information Security Policy establishes a wide range of set of technical and organizational measures, organized in several security areas, including:(i) Logical security measures, such as the use of firewalls and detection of intrusion, the existence of a policy of access to information and logging;
(ii) Physical/organizational security measures, among which a strict access control to the physical installations of our Company, by employees, partners and visitors, as well as very restricted access to the essential technological infrastructures of our Company;
(iii) Other measures such as masking, pseudonymization and anonymization of personal data, as well as a set of measures which aim to execute the principle of privacy by design and by default. Where Bizdirect uses subcontractors or third parties, Bizdirect will assure that its subcontractors and third parties are be bound by obligations in order to comply with the applicable legislation and security measures considered necessary by Bizdirect for the relevant purposes, as well as to ensure that: (i) the sharing of personal data obeys the applicable laws as amended from time to time, (ii) the transmission is securely made, and that (iii) the subcontractors or third parties are contractually obliged to observe confidentiality duties, which, to that end, may be transmitted to them, with the restriction not to be able to use such data for any other purpose, for their own benefit or that of third parties, nor to correlate them with other data that is in the said subcontractors and third parties possession.
Compliance with information security policies, security standards and protection of personal data is subject to regular scrutiny, complemented by a demanding program of information and training of Bizdirect’s employees and partners.