The General Data Protection Regulation (GDPR) is a comprehensive update to existing European Union laws that goes into effect on May 25, 2018. The GDPR was designed to harmonize data privacy laws across Europe, to protect and empower all EU resident’s data privacy and to reshape the way organizations across the region approach data privacy.
The GDPR applies not only to organizations who process data in the EU, but also any organization that offers goods or services inside the EU.
The GDPR applies to information that directly or indirectly could identify an individual. This includes information, such as names, addresses, phone numbers, date of birth, as well as financial information, biometric information, etc. Specifically, if you contact us with a view to enquire about our services to you, a potential vacancy or provision of services to us, we may keep records of that correspondence. If you contact us by telephone, your telephone call may be recorded.
We collect personal data from you when you provide, post or upload it to our website, call our telephone lines or send us an email. Examples include: filling out a “Contact Us” form on our website, responding to a customer satisfaction survey, or submitting a resume.
We will only collect and process personal data about you where we have lawful basis. Lawful basis include contract (where processing is necessary for the performance of a contract with you (e.g. employment of provision of services), “legitimate interests” and consent (where you have given consent).
Where we rely on your consent to process personal data, you have the right to withdraw or decline your consent (to the extent permitted by law) and where we rely on legitimate interests, you have the right to object. If you have any questions about the lawful basis upon which we collect and use your personal data, please contact our Data Protection Officer on DPO@hatsgroup.com.
We currently do not send data outside the EU. We do not share personal data with third parties for their direct marketing purposes. We may disclose your personal information to any member of our group of companies, which means companies related via common shareholders.
In the course of our regular operations, we may have to share your data with regulatory bodies and authorities, as required by law. We take care to provide such data only as needed. We always verify the source of such requests and use multi-step security systems during data transfers.