The privacy of all individuals that we come in contact with is very important to us.
You can at any time exercise your rights of access (Article 15), rectification (Article 16), erasure respective right to be forgotten (Article 17), restriction of processing (Article 18), and data portability (Article 20) under the EU regulation, by contacting the Data Controller or the Data Processor (e-mail: firstname.lastname@example.org).
It is our practice to apply appropriate technical and organizational measures to avoid loss of Personal Data and unlawful accessing or processing. We are constantly making an effort to ensure that these measures ensure an adequate level of security, taking into account: The state of technology; The risks posed by the processing; The nature of the Personal Data, and The cost of implementing these measures. We have a number of measures in place to ensure the security of digitally stored Personal Data, such as a strict policy on access authorization, instructions in our Binding Corporate Rules on how to ensure security of Personal Data, a back-up procedure and secured connections. We also have adequate measures in place to secure Personal Data on hard copy and to physically secure back-up tapes of our digital Data. Access to your Personal Data is restricted to individuals who need such access in order to assist with our telecommunications services. We have strict confidentiality obligations that apply to these individuals. Failure to meet these obligations may result in disciplinary and other actions, including dissolution of a contract, termination of employment and criminal prosecution. The databases in which your personal data is stored meet the security requirements established pursuant to articles 24 and 25 of the EU Regulation. Access to the databases by both internal and external persons in charge of processing is regulated by our Privacy Organizational Model. Access is enabled depending on the tasks and responsibilities of the persons in charge of processing who liaise with you, and is tracked by our computer system.
We are aware of the importance of rules on the timely destruction of Personal Data. We are making an effort to ensure that your Personal Data is not stored for any longer than necessary for the purpose for which we collected or processed it. This means that it is our practice to destroy your Personal Data as soon as possible after it is no longer necessary for the purpose for which it was collected. In some cases we do store your Data for a longer period of time than would be necessary for the purpose for which it was collected, e.g. when: There is a legal obligation to do so; We store the Data for historical, statistical or scientific purposes; There is an overriding interest of PGC to retain the Data, in which case we will take the necessary steps to comply with all relevant legislation. This may mean that we will notify this storage to one or more Data Protection Authorities (DPA's). It may also occur that we would like to retain some of your Personal Data for specific reasons, e.g. to stay in touch with you over time. In that case, we will regularly contact you to obtain your consent to retain your Data.
In accordance with the available choices and as required by current law, you may revoke your previous consent or raise objections to the processing of your data at any time, for legitimate reasons and without charges, by contacting the Data Controller or the Data Processor (e-mail: email@example.com), and in the future we will apply the preferences expressed by you.
The data controller is Pearlgates Associates Ltd, represented by it's CEO Andreas Stegmaier and you may at any time contact us in writing (hard copy or email) under the following address: