At “trustilio” we are committed to protecting and respecting your Personal Data. Our general privacy statement regarding Personal data Protection is presented below and informs you about how we use and protect the personal information you provide to us or that we collect about you, when you use our site, when we exchange information or offer each other services while doing business. We also notify you of your rights under the data protection legislation and the relevant General Data Protection Regulation (GDPR). Separate privacy statements apply to employees and job seekers. By using our site, and the services provided through it, you agree to the application of this policy.
WHO WE ARE
“trustilio” is under GDPR terminology, the “data controller” for the personal information it collects and processes. This means that we are responsible for deciding how to process (i.e. collect, preserve, use and disclose) your personal information. We are a company that provides consultancy services in cybersecurity, behaviour change and business innovation worldwide. Our company’s identification data are the following:
WHAT INFORMATION WE HOLD FOR YOU AND THEIR SOURCE
“trustilio” is committed to protecting the privacy and security of your personal data. By personal data we mean information which, either alone or in combination with other information available to the company, can be used for your recognition. Personal information may include, but is not limited to, your name, address, telephone number, date of birth or your age, your occupation, possibly tax details (Tax ID number) stored in the archives of “trustilio”, which may include electronic files, letters, emails, photos and video recordings. It does not contain information where your identity has been removed and you cannot be identified (anonymous information). We may collect personal information directly from you or from other individuals or organizations.
FOR WHAT PURPOSE WE USE YOUR PERSONAL DATA
We use your personal information: to exchange information regarding products and services before entering into a contract; to exchange information (commercial, financial, technical) and doing business in order to fulfil a contract’s terms; to add your details in our newsletter recipients’ list; to let you know about the organization of events related to our business; to handle your requests and complaints; to comply with our legal, regulatory and other obligations (e.g., tax laws, accounting obligations, etc.) that result from our above-mentioned activities; to ensure network and information security.
HOW WE PROCESS YOUR PERSONAL DATA
Being aligned with the provisions of the GDPR Regulation, we process your personal data in accordance with the following data protection principles: Lawfully, fairly and transparently. We collect them only for valid purposes that you know or purposes we explained to you and do not use them in a way that is incompatible with these purposes We process them according to the above purposes only. We collect and process the least and absolutely necessary information for the fulfilment of the above purposes. We keep these data accurate and up-to-date as long as you keep us informed of any changes. We only keep them for as long as necessary, based on the purpose. We keep them safe. We take all reasonable steps to ensure your personal data from loss, unauthorized access or alteration.
LEGAL BASIS OF PROCESSING
According to the GDPR, processing must be based on a legitimate basis, i.e. a sound reason for collecting, storing, using and disclosing your personal information. Our legal basis for this will depend on the services we provide to you and the type of information we process about you. The basis we process your information may be one or more of: To fulfil a contract that we may have with you (providing to you products and/or services); to comply with a legal or regulatory etc. duty. When you consent or agree with it, such as when you choose to receive from us informational emails or newsletters.
<16 YEARS OLD
It is not our purpose to collect personal information from children without the consent of their parents. If you are under 16, please get the consent of your parents or guardian before giving any information.
WITH WHO DO WE SHARE YOUR PERSONAL DATA
Your personal data is shared internally within our company, between its various departments, in order to produce the desired result and so that you receive the service you expect from us. This internal disclosure is done in the safest feasible way on a need to know basis. We may also share and receive your personal data from organizations and individuals outside of the organization. Additionally, your personal information may be provided to a third party by our company in order to provide a service to us or directly to you. These service providers are known as data processors and have also a legal obligation under GDPR and towards “trustilio” to take care of your personal data and use it only for the provision of this service. In the context of commercial, financial, and technical transactions and services, it is likely that contact details of customer personnel (commercial, financial, technical, legal, procurement, logistics, legal representatives etc.) may be shared with suppliers and/or manufacturers for the purpose of conducting and executing contracts with the highest possible benefits for the customer (bid improvement, warranties, direct technical support, product delivery, etc.). Your personal information may also be disclosed to external third parties such as employment bodies, insurance organizations or companies and other regulatory authorities. Beyond the above, your information will not be traded/leased or communicated to third parties for marketing purposes or others.
TRANSFER OF PERSONAL DATA IN OTHER COUNTRIES
Your personal data may be transferred outside of the European Economic Area. While some countries have been identified by the European Commission as having adequate legal protection for personal data, in other countries it will be necessary to take extra measures in order to ensure adequate safeguards for the information. These may include the imposition of contractual obligations to ensure that these safeguards are applied.
FOR HOW LONG DO WE MAINTAIN YOUR DATA
We will retain your personal information only for as long as it is necessary to fulfil the purposes for which we have collected it, and for as long as it is required to satisfy any legal, accounting, etc. obligations. Where feasible, we can make your personal details anonymous so that they can no longer be associated with you. We can then use them without further notice. Once you no longer require services from us, we will maintain and safely destroy your personal information in accordance with the retention schedule.
AUTOMATED DECISION MAKING
In some areas, in order to improve the efficiency of our services, our company may use automated decision-making processes, including profiling. When an automated decision that is taken for you is important (one that may have legal impact or otherwise may significantly affect you), you will be warned about this from us, along with your rights to challenge this decision.
DATA ACCURACY AND YOUR RESPONSIBILITIES
It is important that the personal information we keep for you is accurate and up-to-date. For this reason, in case some of your information changes or is in error, please let us know as soon as possible so as to proceed to the necessary rectifications.
Under the Regulation, you have the following rights: To be informed about the processing of your personal information. This is the purpose of this statement. To correct your personal information if it is inaccurate and have it in full if it is incomplete. To oppose to the processing of your personal data. To restrict the processing of your personal information. To have your personal information deleted (“the right to be forgotten”). To move, copy or transfer your personal data (“data portability”). To be informed about, question or oppose to any automated decisions taken for you, including profiling. Ask for access to your personal information and information about how we process them. Withdraw at any time any consent you have given to the processing of personal data. If you wish to exercise any of these rights, please contact the company directly at firstname.lastname@example.org.
You have the option to choose whether or not you want to receive information from us. We will not contact you for marketing purposes by email, telephone or text message unless you have given your prior consent. We will not contact you for postal marketing purposes if you have stated that you do not wish to be contacted. You can revoke your consent, change your preferences at any time and submit any questions or complaints by contacting us by e-mail: email@example.com
LINKS TO OTHER WEBSITES
This privacy statement applies only to the website of “trustilio” and ceases to apply when you leave our web pages. If you follow links that are available on our website to other organizations’ websites, we advise you to take the time to read the privacy notices on the websites you are visiting.
CHANGES TO THIS PRIVACY NOTICE
We review this privacy statement regularly and we therefore have the ability to modify it at any time.
This Privacy Notice was last updated in June 2021.