Customer Privacy Notice
(hereinafter referred as the “Notice”)
Glossa Technologies (hereinafter as the “Company”) provides you with this Notice to inform you of the practices we use regarding the processing of your Personal Data, which includes name, surname, email address, mailing address, telephone numbers and company registration number (VAT) for invoicing pursposes. Please read this Notice carefully as it contains detailed information about the processing of your Personal Data, including your rights.
Objective and Scope
In the context of our business relationship we will Process Personal Data about you in both paper and electronic format.
For definition of certain terms used in this Notice, please refer to Appendix 1 (end of this page). This Notice may be complemented by additional notices and policies.
Source of the Personal Data
Personal Data Provided by You: Glossa technologies generally collects Personal Data directly from you, that are provided electronically, in writing, or verbally.
To assist us in complying with our obligation to maintain Personal Data accurate you should notify the Company in writing of any changes to your Personal Data.
Categories of Personal Data Processed, Purposes and Legal Bases for the Company’s Processing of Personal Data
The Company processes the below categories of Personal Data for the following Purposes, based on the Legal Basis listed hereof. The provision of the Personal Data is a contractual requirement and without the Personal Data, the Company will not be in a position to properly administer our business contract or to fulfil the contract should provision of the Personal Data be linked to certain contractual obligations (such as if your business contact information was provided in order for the Company to fulfil notification obligations under the relevant obligations).
Provision of Services to Customer
The Categories of Personal Data that the Company processes about you, for this purpose, are Business contact data and information and Performance of the contract, for the purpose of provision of services to the Customer under the relevant business contract.
Personal Data Retention
The Company retains your Personal Data for the period necessary to fulfil the purposes set out in this Notice or as required by applicable law, and, when the purposes are fulfilled, will delete or anonymize the Personal Data. Our general policy is to retain certain Personal Data relating to Customers for 3 (three) years (corresponding to the applicable statute of limitations) after the end of the relevant business contract and/or 10 (ten) years in case of a pending or threatening dispute, but in no event for longer than strictly necessary.
The Company does not process your Personal Data by automated decision-making, including profiling.
Disclosure of Personal Data
Personal Data of Customers will not be shared with third parties, unless it’s for the purpose of a translation project (suppliers) that are engaged to perform services or functions on behalf of the company and under its instructions. In all such cases, the Company will put in place appropriate contracts with these parties to ensure that they only process Personal Data in accordance with our instructions and in order to provide these services and protect the integrity and confidentiality of the Personal Data. When possible all relevant customer’s documents are anonymized before disclosure.
Your Data Protection Rights
Under the conditions set by applicable data protection laws, you may exercise the following rights regarding your Personal Data:
Access: You have the right to obtain from us confirmation if Personal Data is being processed, the purpose of processing, the categories of data, the legal basis of the processing, storage period of data or criteria to determine it, further information on your rights, our processing activities, sources of information and processing.
Rectification: You have the right to request the rectification of inaccurate Personal Data and to have incomplete data completed.
Objection: You have the right to object to the processing of your Personal Data for compelling and legitimate reasons relating to your particular situation, except in cases where legal provisions expressly provide for that processing.
Restriction: You may request to restrict processing of your Personal Data if (i) you contest the accuracy of it – for a period we need to verify your request; (ii) the processing is unlawful and you oppose the erasure of it and request restriction instead; (iii) we no longer need it, but you tell us you need it to establish, exercise or defend a legal claim; or (iv) you object to processing based on public or legitimate interest – for a period we need to verify your request.
Erasure: You may request to erase your personal data if it is no longer necessary for the purposes for which we have collected it, you have withdrawn your consent and no other legal ground for the processing exists, you objected and no overriding legitimate grounds for the processing exist, processing is unlawful, or erasure is required to comply with a legal obligation.
Right to lodge a complaint: You also have the right to lodge a complaint with a supervisory authority, in particular in EU Member State of your residence, place of employment, or the location where the issue that is the subject of the complaint occurred.
Right to refuse or withdraw consent: Please note that in case we ask for your consent to processing, you are free to refuse to give consent and you can withdraw your consent at any time without any adverse negative consequences. The lawfulness of any processing of your Personal Data that occurred prior to the withdrawal of your consent will not be affected.
Updates to this Notice
The Company may update this Notice from time to time. The new version will be effective as from the date indicated in that updated Notice, ensuring that individuals receive sufficient advance notice and draw their attention to any significant changes.
Appendix 1 – Definitions
Customer: Glossa Technologies customer under the relevant business contract
Data Protection Laws: the GDPR and the relevant national implementing legislation.
GDPR: the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (Text with EEA relevance).
Personal Data: any information relating to an identified or identifiable natural person (“data subject”); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, an online identifier or to one or more factors specific of the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Processing: any operation or set of operations performed on Personal Data or on sets of personal data, whether or not by automated means (e.g., computers), such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Special Categories of Personal Data Personal: Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data (for the purpose of uniquely identifying a natural person), data concerning health or data concerning a natural person’s sex life or sexual orientation.
The Company (Glossa Technologies): Glossa Technologies, located in 10, Mellows Park, Callan, c/o Kilkenny, Ireland.