GDPR Privacy Notice
General Data Protection Regulation (GDPR)
Article 13 of Regulation EU 2016/679
This Privacy Notice provides mandatory information as required under Articles 13 and 14 of the European General Data Protection Regulation (GDPR) regarding the transparency of personal data processing.
- Your Rights
As a Data Subject you have the rights under Chapter 3 of the GDPR. BPC Group will always fully respect your rights regarding the processing of your personal data, and has provided below the details of the person to contact if you have any concerns or questions regarding how we process your data, or if you wish to exercise any rights you have under the GDPR.
- Contact Details
The identity and contact detail for the Data Protection Officer within BPC Group is: Andrea Róth-Varga, firstname.lastname@example.org
- Data Protection Principles
4.1. BPC Group has adopted the following principles to govern its collection and processing of Personal Data:
Personal Data shall be processed lawfully, fairly, and in a transparent manner.
The Personal Data collected will only be those specifically required for the purposes using this web-site. Such data may be collected directly from the Data Subject or provided to BPC Group via his /her employer. Such data will only be processed for that purpose.
Personal Data shall only be retained for as long as it is required to fulfil contractual requirements.
Personal Data shall be adequate, relevant, and limited to what is necessary in relation to the purposes for which they are collected and/or processed. Personal Data shall be accurate and, where necessary, kept up to date.
The Data Subject has the right to request from BPC Group access to and rectification or erasure of their personal data, to object to or request restriction of processing concerning the data, or to the right to data portability. In each case such a request must be put in writing as in this Section.
4.2. The Data Subject has the right to make a complaint directly to a supervisory authority within their own country. BPC Group’s Data Protection compliance is supervised by: Andrea Róth-Varga
Personal Data shall only be processed based on the legal basis explained in this section, except where such interests are overridden by the fundamental rights and freedoms of the Data Subject which will always take precedent. If the Data Subject has provided specific additional Consent to the processing, then such consent may be withdrawn at any time.
BPC Group will not use personal data for any monitoring or profiling activity or process, and will not adopt any automated decision making processes.
- Transfers to Third Parties
Personal Data shall not be transferred to a country or territory outside the European Economic Area (EEA) unless the transfer is made to a country or territory recognized by the EU as having an adequate level of Data Security, or is made with the consent of the Data Subject, or is made to satisfy the Legitimate Interest of BPC GROUP in regard to its contractual arrangements with its clients.
All internal group transfers of Personal Data shall be subject to written agreements under the Company’s Intra Group Data Transfer Agreement (IGDTA) for internal Data transfers which are based on Standard Contractual Clauses recognized by the European Data Protection Authority.