Our Experience, Your Success.
Menu
Menu
Our Experience, Your Success.
The GDPR includes a list of definitions, the most important of which are explained below:
“Controller” refers to a person or organization that, alone or jointly with others, determines the purposes and means of processing personal data. In the context of this policy, West Group is a controller.
“Employee” – For practical reasons, the term “employee” in this policy will broadly include any former or current employee, temporary employee (agency), volunteer, expatriate, intern, or any other non-permanent worker.
“European Economic Area (EEA)” currently includes the following countries: Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Italy, Latvia, Liechtenstein, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, United Kingdom.
“Personal data” means any information relating to an identified or identifiable natural person (the “data subject”).
“Data subject” refers to an identified or identifiable natural person, who can be identified, directly or indirectly, particularly by reference to an identifier such as a name, identification number, location data, online identifier, or one or more specific factors related to their physical, physiological, genetic, mental, economic, cultural, or social identity.
“Sensitive personal data” means personal data revealing, concerning, or related to a person’s:
“Processing” is defined as any operation or set of operations performed on personal data or sets of personal data, whether or not by automated means, such as collecting, recording, organizing, structuring, storing, adapting or altering, retrieving, consulting, using, disclosing by transmission, disseminating or otherwise making available, aligning or combining, restricting, erasing, or destroying. This means that the term “processing” has a very broad meaning and scope.
“Consent” is defined as any freely given, specific, informed, and unambiguous indication of the data subject’s wishes, by which they, by a statement or by a clear affirmative action, signify agreement to the processing of personal data relating to them.
The meaning of the terms in the list above will be as defined, regardless of whether they are capitalized in this Policy.
West Group respects the privacy of the data subjects whose Personal Data it processes and is committed to protecting their Personal Data in accordance with GDPR requirements. This compliance aligns with West Group’s desire to inform its Employees and other Data Subjects about the processing of their personal data and to recognize and respect their privacy rights.
The data processing activities conducted by West Group at the date of adoption of this Policy are outlined in Annex No. 2 of this Policy. Should there be any changes in the data flows described in Annex No. 2 or should new data processing activities arise, these will be reviewed, and it will be determined (by amending or supplementing Annex No. 2): what data is processed, from where it is collected, where it is stored, which departments within West Group have access to this data, to whom the data is transmitted, the purpose of the data processing, the retention period, and the legal basis for the processing (with reference to the list of legal bases for processing outlined below).
Data will be processed with respect to the Data Subject in a lawful, fair, and transparent manner. Processing is considered lawful only if it is based on at least one of the following legal grounds:
Data will be collected for specified and legitimate purposes and not further processed in a manner that is incompatible with those purposes.
Data will be adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed.
Data will be accurate and, where necessary, kept up to date. Reasonable steps will be taken to rectify or erase any inaccurate or incomplete data.
Data will be kept only as long as necessary for the purposes for which they were collected and processed. These purposes are described in this policy and may only be amended or extended in compliance with GDPR and other relevant regulations and after properly informing the Data Subjects.
Data will be deleted or modified upon a justified request from the data subject.
Data will be processed in accordance with the legal rights of the data subject, as described in this policy or under applicable law.
Appropriate technical, physical, and organizational measures will be taken to prevent unauthorized access, unlawful processing, and accidental loss, destruction, or damage to data. In case of a breach as mentioned in the previous sentence and/or in the event of an accidental data leak, Eren Cons will take appropriate measures to end the breach/eliminate the leak and determine liability in accordance with GDPR and cooperate with competent authorities if they are involved due to such a breach or leak.
West Group expects all its employees to adhere to these principles and the rules outlined in this policy.
Job Applicants
Personal data related to job applicants includes the following:
