CX Blog is a brand of Gotelecom, Ltd.
Gotelecom, Ltd. needs to collect and process personal data from individuals for its activity. This includes information from customers, suppliers, business contacts, employees and other people and members of organizations that you have contacted or may need to contact.
This policy describes how personal data must be collected, handled and stored in accordance with Gotelecom, Ltd.’s data protection requirements and with the law, regardless of its support (electronic, paper or any other).
This policy applies:
- For Gotelecom, Ltd.
- All Gotelecom, Ltd.
- All Gotelecom, Ltd. employees regardless of the type of contract
- All subcontractors, suppliers and other persons or organizations acting on behalf of Gotelecom, Ltd.
This policy ensures that Gotelecom, Ltd:
- Complies with the legislation on the protection of personal data, especially the EU Regulation 2016/679, of 04/27.
- Protects the rights of employees, customers and other partners.
- Is transparent about how it handles personal data.
- Protects you from the risk of personal data breaches.
The principles applicable to the protection of personal data are:
- Lawfulness, loyalty and transparency: it is necessary to identify the legal basis for each data processing and previously inform the holders in clear and accessible language about the purposes and the way in which we do it.
- Limitation of purposes: the specific purposes of the processing of personal data must be explicit, legitimate and determined when collecting personal data. Data collected for one purpose must not be used for anything other than the first.
- Adequacy, relevance and minimization: only the personal data necessary and adequate for the purposes to be achieved will be processed.
- Accuracy and Update: Necessary steps must be taken to ensure that inaccurate data is corrected or deleted.
- Retention limitation: personal data will only be kept for the time necessary for the purpose for which they are intended. A deadline for erasure or destruction will be set for each set.
- Security and confidentiality: personal data will be stored in such a way as to ensure their protection and access will be conditioned to ensure that only authorized personnel can process them.
- Privacy by design and by default: before any data processing takes place, steps will be taken to ensure that privacy is a concern from the beginning and throughout the processing process.
Data subjects have the right of access, rectification, limitation of purposes, portability, erasure and opposition to automated decisions.
The employee who receives contact from a holder who intends to exercise any of these rights must verify the identity before providing any information, in accordance with the procedure for exercising rights. After that, you must forward the request to the DPO for processing.
Gotelecom, Ltd. may share data with public authorities without the knowledge of the holders in compliance with a legal or judicial obligation.
Aveiro, March 12, 2018