DATA PRIVACY POLICY
In the regular course of business, NterOne Corporation collects Personal Data from its
customers, suppliers, employees, website users, job applicants, contractors, shareholders,
partners and other third parties.
NterOne Corporation recognizes that Personal Data must be treated with caution. We are
committed to conducting our business in accordance with all relevant Data Protection and
Privacy laws of the countries in which we operate and in line with the highest standards of
ethical conduct.
Protection of Personal Data is important to every part of our business. It is at the heart of our
promise to our clients, our values, our principles, our conduct and our success and is essential to
maintaining trust.
Stricter regulations coming into force and digitalization of our services are an opportunity for
NterOne Corporation to remind our clients and the industry of our integrity in one of the most
important areas of modern life – the protection of Personal Data.
If you have questions or comments about this policy, please contact us at
operations@nterone.com
Scope
This NterOne Corporation Data Privacy Policy applies to all affiliates and entities of the NterOne Group, including
any software product such as applications and virtual reality products. It defines the conduct expected of each
NterOne employee, officer and director when collecting, handling and processing personal data of NterOne’s customers,
suppliers, employees, contractors, and other third parties.
This policy is organized around three underlying commitments:
- Collecting and processing Personal Data fairly and lawfully
- Respecting Individual rights and choices
- Managing Personal Data responsibly
Personal Data refers to any information which relates to an individual, and may include amongst
other: contact information (name, home and business address, telephone, email addresses);
personal information (date of birth, citizenship, pictures, electronic identification data such as
cookies, IP addresses and passwords) professional and employment information (education and
training), financial details (tax identification and bank account number).
This policy defines NterOne’s uniform and baseline standards which apply in the absence of
more stringent rules which may be mandated by local laws.
Internal implementation rules, guidelines and training are provided with all necessary
supporting documentation in order to act according to the NterOne Data Privacy Policy.
NTERONE DATA PRIVACY POLICY
- 1 .COLLECTING AND PROCESSING DATA FAIRLY AND LAWFULLY
- BEING OPEN ABOUT THE PERSONAL DATA WE COLLECT AND USE -
When collecting Personal Data, NterOne informs clearly, honestly and transparently about the nature of the Personal Data it collects and what it intends to do with it. The use of Personal Data
by NterOne for a different purpose than initially communicated is not authorized, unless
adequate information is provided to the concerned individuals, and where applicable,
consent for the intended use is given to NterOne. In general, NterOne is authorized to
use Personal Data for secondary purposes when implementing internal controls and
audits and complying with its statutory and regulatory obligations.
- USING PERSONAL DATA FOR LAWFUL AND SPECIFIC PURPOSES ONLY -
-
Unless something different is authorized by the user, personal data will be used
only for the necessary purposes, which include running, supporting and maintaining
our content in order to provide the experience to the end user and to conduct
analytics pertaining to our content, and using such insights to improve our content,
provided that such user data has been aggregated, and de-identified or anonymized
such that it cannot be re-identified.
-
NterOne collects and processes Personal Data only to the extent that either (i) a
valid and informed consent was given or (ii) if it is required by NterOne legitimate
business interests, such as entering into or performing contracts, processing and
receiving payments, carrying out contractual obligations and complying with
statutory or regulatory commitments.
-
Any consent given by individuals to the collection and use of their Personal Data
must be given freely and in response to clear information by NterOne about the
intended use of the data. Such consent can be withdrawn anytime by the
individual without undue complications. The date, content and validity of such
consent must always be documented.
-
When processing Personal Data on behalf of a client or another third party (a
Data Controller), NterOne will comply with the guidelines and instructions of the
Data Controller in addition with this policy.
- ENSURING DATA QUALITY-
-
NterOne collects and stores the minimum amount of Personal Data required for
the intended initial purpose for which the data is used and ensures that, at all
times, Personal Data in its possession remains relevant and adequate for its
intended purpose. NterOne will keep all data stored up to date and accurate and
will ensure it is corrected when required.
-
Personal Data is kept by NterOne only for the period of time required by its
intended purpose. Specific retention policies will define the time after which
such data will need to be either deleted, destroyed or de-identified
- 2. RESPECTING INDIVIDUAL RIGHTS AND CHOICES
- RESPECTING INDIVIDUAL RIGHTS-
-
NterOne recognizes the rights of individuals to:
-
Request access to the Personal Data collected on them by NterOne and
the reason for NterOne having such data
- Obtain a copy of the Personal Data held on them
- Request the rectification or deletion of inaccurate or incomplete Personal
Data
-
Withdraw consent given to NterOne for the collection of their Personal
Data at any time, including the right to unsubscribe or to opt out of
marketing communications and commercial publications of NterOne
-
All users have the right to deletion. Any individual that desires to have their data removed or updated from
NterOne’s records should contact operations@nterone.com to request it.
-
NterOne will respond to requests made by individuals exercising their rights
within a reasonable period of time after the individual’s request or within any
specific period that may be required by applicable local laws.
-
NterOne will handle and investigate complaints made by individuals about any
breach of these rules or data privacy laws and will respond to such complaints in
a timely manner.
- RESPECTING INDIVIDUAL CHOICES-
-
When using Personal Data for marketing purposes, NterOne will inform
individuals in a clear and plain language about the use of their data for marketing
purposes. NterOne respects the right of its existing and prospective customers
to:
-
only receive marketing communications from NterOne if an explicit and
specific prior consent has been provided, when required by applicable
laws, or if NterOne can demonstrate that it is authorized to send such
communications for its legitimate business purposes
-
no longer receive any marketing communications if a specific preference
setting, an opt-out or an objection to use such data for marketing
purposes has been received by NterOne
- SAFEGUARDING THE USE OF SENSITIVE PERSONAL DATA-
-
NterOne recognizes that some categories of Personal Data are particularly
sensitive and require a higher level of protection. Sensitive Personal Data
includes information regarding a person’s health, biometric and genetic data,
religion and political opinions, racial or ethnic origin, criminal records and any
other information protected specifically by the relevant applicable privacy laws.
-
Explicit consent was given by the individual
-
The use is necessary for NterOne to comply with employment laws or
other statutory obligations or to protect the health of the specific
individual (such as in a medical emergency)
-
NterOne implements adequate procedures and safeguards to restrict access to
sensitive data only by appropriate persons and prevent its unauthorized access,
use and dissemination
- 3. MANAGING DATA RESPONSIBLY
-
NterOne implements adequate security measures to ensure the confidentiality,
integrity and availability of Personal Data and to prevent the risk of unauthorized
or unlawful access, alteration, destruction or disclosure of such data. The
measures for protection are based on impact assessments taking into account
the risk to the individual related to the specific Personal Data stored by NterOne.
These measures include security and organizational measures adapted to the
type of processing and the nature of the data to be protected.
-
NterOne will inform individuals promptly of any privacy breach that has
compromised their Personal Data and will report such incidents to the relevant
authorities as required by applicable laws.
-
NterOne requires from its suppliers or subcontractors that they fully comply with
NterOne Data Privacy Policies, with any applicable data protection and privacy
legislation and maintain adequate technical and organizational security
arrangements to protect personal data from unauthorized persons, including any
other NterOne employees who do not need to access such Personal Data.
- ENSURING ADEQUATE PROTECTION FOR INTERNATIONAL TRANSFERS-
-
NterOne transfers Personal Data across national boundaries within the NterOne
Group or outside the NterOne Group only when
-
this is justified for business purposes and
-
safeguards exist to ensure that Personal Data will continue to be
protected at a minimum with the same level of protection required in the
jurisdiction of origin.