- 1 Application of appropriate precautions when processing personal data
- 2 Compliance with applicable legislation
- 3 Privacy principles
- 4 Policy Update
- Scope of application
The requirements of this policy must be met by all employees, contractors, suppliers, consultants, temporary employees of “Seeton Group” LLC and its subsidiaries and affiliates (“Employees of “Seton Group” LLC”).
- Policy provisions
3.1 Application of appropriate precautions when processing personal data
3.2 Compliance with applicable legislation
The Company undertakes to comply with applicable laws and regulations regarding data protection and privacy of personal data.
3.3 Privacy principles
The general principles that establish the company’s methods of processing, collecting, using, disclosing, storing, protecting, transmitting, accessing, and other types of personal data are set out below.
- Good faith
The company processes personal data in good faith, legally, reasonably and transparently.
- Limitation of purpose
The company collects personal data only for specific, explicitly defined and legal purposes. Any further processing must comply with such purposes, except in cases where the company has obtained the appropriate permission of the personal data subject or is otherwise permitted by law.
The company processes only adequate, relevant and minimally sufficient personal data for the purposes of processing.
- Data integrity
The company maintains the correctness, completeness and relevance of personal data at the rationally necessary level for the purposes of processing.
- Data storage and deletion
The company stores personal data in a form that allows identifying their subject, no longer than necessary to achieve the purposes for which the personal data was obtained, or other permitted purposes. In the future, the data will be liquidated, deleted, anonymized or removed from our systems.
- Data protection
The company implements appropriate and justified physical, technical and organizational measures to protect personal data from accidental or illegal destruction, accidental loss, modification, unauthorized disclosure, use or access. The company imposes and establishes in the agreement the following requirements for third parties that process personal data on behalf of the company (if such parties are involved): (a) process personal data only for purposes that meet the company’s processing purposes; (b) implement appropriate physical, technical and organizational measures to protect personal data.
- Rights of personal data subjects
The company processes personal data in a way that ensures the rights of its subjects in accordance with the applicable laws on the protection and privacy of personal data.
3.4 Policy Update
- take reasonable measures to notify all divisions of “Seeton Group” LLC, employees of “Seeton Group” LLC, customers, business partners of the company and other data subjects affected by these changes;
- publish appropriate notifications about changes on the relevant websites, both internal and external (depending on the nature of the changes).
- Compliance with the policy
4.1 Policy effective date
This policy is effective from the moment of its approval.
4.2 Policy Compliance assessment
4.3 Exceptions to compliance
Any exception records must be archived.
Compliance with the Company’s policies is mandatory. Deviation from the requirements of this policy or their non-compliance, in particular attempts to avoid the implemented policies or processes, bypassing processes, systems and data or deliberately manipulating them, may lead to disciplinary measures (including dismissal), civil and legal claims, as well as referral to criminal prosecution within the limits of the legislation of Ukraine.
This document contains the terms defined below.
|Business personal data||Different from personal data, personal data that the Company processes in the context of business operations.|
|Candidate of “Seeton Group” LLC||A person interested in employment opportunities in “Seeton Group” LLC who may not have applied for a specific position.
Note. For the purposes of this policy, the term “personal data” does not include information that may be obtained during any monitoring or surveillance of employees or candidates of “Seeton Group” LLC, for example, during legal video surveillance of the premises of “Seeton Group” LLC.
|Employee of “Seeton Group” LLC||These are employees and temporary employees.
Note. Any reference in this Policy to “employee or candidate of “Seeton Group” LLC” is intended only for the purposes of the functioning of the Policy and is not intended and in no way indicates the employment relationship between the mentioned ” employee or candidate of “Seeton Group” LLC and “Seeton Group” LLC”.
|Customers||Individuals who are current, former, or potential customers of the company or represent organizations that are its customer.|
|Personal data||Information concerning an employee or candidate of “Seeton Group” LLC who has been identified or can be identified, within the limits to which this information was obtained by the company in the context of the actual or potential working relationship of the employee or candidate of the company with “Seeton Group” LLC. An employee or candidate of a Company is one who is “identifiable” if it is possible to identify him directly or indirectly, in particular by referring to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity. The Company’s personal data includes the following::
· identification data of an employee or candidate-company of the Company – is data generated and/or collected solely for the purpose of identifying an employee of the company during the performance of his duties in “Seeton Group” LLC;
· contextual data of an employee or candidate of the Company – is data generated and/or collected that identifies or describes performance, compensation, or other similar data that provides additional information about the employee, their background, and family;
· personal identification data of an employee or candidate of the Company – is data generated and/or collected that identifies or describes identifiers that do not belong to “Seeton Group” LLC associated with bank, government and other accounts of employees or candidates.
|Personal data||Any data relating to an individual (the “data subject”) who has been identified or is likely to be identified. A individual who can be identified should be understood as an individual who can be identified directly or indirectly, in particular by identifiers such as the name, identification number, address, internet identifier, or by one or more factors concerning the physical, physiological, genetic, mental, economic, cultural or social identity of that individual.|
|Personal data processing||Any operation or set of operations performed on personal data at any time during its life cycle, in particular the creation, collection, recording, ordering, storing, adapting, modifying, extracting, accessing, reviewing, reconciling, using, disclosing in any way (for example, by transmitting, distributing, or otherwise providing access to data), analyzing, reconciling or combining data, or blocking, erasing, or destroying data. Processing is not limited to the use of automated means or types of media. Generally, the Company “processes” personal data whenever we or any of our third-party processors use, access, or otherwise deal with personal data.|
|Laws on the protection and privacy of personal data||All applicable legal and regulatory requirements related to personal data protection and privacy, including, without restrictions, all regional, national and local laws on privacy and protection of personal data and relevant regulations that are changed, repealed, consolidated or replaced from time to time.|