Andersen Group is fully committed to comply with applicable data protection laws, as we believe that ensuring data protection is the basis of trustworthy business relationships.
We are always working to stay compliant - encourage audits, certifications, and provide industry-standard contractual protections.
This Data Protection Policy ensures the level of data protection prescribed by the European Union Data Protection Regulations and provides one of the necessary framework conditions for cross-border data transmission.
This Data Protection Policy applies to all companies of the Andersen Group, affiliated companies and their employees and is based on globally accepted, basic principles on data protection.
The latest version of the Data Protection Policy can be accessed with the data privacy information at Andersen’s website at: www.andersenlab.com
We have to collect and use (to process) certain types of information (Personal Data) that relates to the people (Data Subjects) who we come into contact with in order to carry out our business.
We are confident that when processing personal data, the individual rights must be protected what means that all personal data must be collected and processed in a legal and fair manner.
Therefore we presume and agree that Personal data shall be:
(a) processed lawfully, fairly and in a transparent manner in relation to the data subject (‘lawfulness, fairness and transparency’)
(b) collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes (‘purpose limitation’)
(c) adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (‘data minimisation’);
(d) accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay (‘accuracy’);
(e) kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed (‘storage limitation’);
(f) processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures (‘integrity and confidentiality’).
To make processing compliant, we should ensure it has at least one legitimate reason for processing (collecting, using, managing or disclosing) personal data.
According to Article 6 (1) of EU Regulation No 2016/679 (General Data Protection Regulation or GDPR) such reasons could be:
Please note, that in some circumstances prior consent is not necessary. Article 6 (1) of EU Regulation No 2016/679 (General Data Protection Regulation)
These are the main ways we collect your information:
If you are under 16, please do not provide us with any of your information unless you have the permission of your parent or guardian.
Please help us to keep your information up to date by informing us of any changes to your contact details as we respect your right to obtain the rectification of inaccurate personal data and the right to have incomplete personal data completed. Also, please be noticed that you have the right to obtain from us the erasure of personal data («right to be forgotten») according to point (a) of the Article 17 (1). In order to use this right please contact us at: firstname.lastname@example.org.
The following types of personal information about you may be collected:
Also, when you visit our website, the web servers automatically recognize your domain name and IP address. The IP address of the site that directed you to our website, operating system version and your web browser would be disclosed too as a related information. Nevertheless, this information does not relate to you directly and could not identify your personality so it could not be treated as personal data.
We believe that personal information must be collected and dealt with appropriately, thus there must be safeguards in place to ensure this. Although data transmission over the Internet cannot be guaranteed to be secure, we work hard to maintain physical, electronic and procedural safeguards to protect your information in accordance with applicable data protection requirements. We use technical and organizational security measures including encryption and authentication tools to protect your personal information, against manipulation, loss, destruction, and access by third parties. Our main security measures are:
Every data subject is guaranteed the following rights. Their assertion is to be handled immediately by the responsible unit and cannot pose any disadvantage to you.
When you share your business or Personal Data, you want to know that it is protected. We proactively ask third parties to review our services against international standards, like ISO standards, so you know your business and personal data is handled responsibly.
During the contractual relations there might be a necessity to process Personal Data previously collected and processed by your company. The types of the Personal Data and the categories of the Data Subjects can be all types of Personal Data of your or your affiliates’ services or website users or clients and/or the clients’ users. In such case we would act as a processor or a sub-processor and will keep all the Personal Data strictly confidential and fully complied with EU Regulations. With respect to this matter some specific responsibilities and liabilities would took place for us and to ensure their enforcement we will provide you with a special Data Protection Agreement and Standard Contractual Clauses for transfers of Personal Data recommended by European Commission.
We believe that creative marketing is a key to business success. Basically, it is a reason you receive an e-mail from us. Still, we presume and agree that each person individual rights must be protected - that leads to the fact that all personal data must be collected and processed in a legal and fair manner. To show that that we are fully compliant with the EU Data Protection Regulations we want you to get acquainted to the following:
The processing of your personal data was carried out according to the point (f) of the Article 6 (1) (Legitimate Interests) of EU Regulation No 2016/679 (General Data Protection Regulation).
In accordance with Article 47 of the Preamble to the GDPR, the processing of personal data for direct marketing purposes is considered as processing that serves a legitimate interest.
We acquired your personal data from open sources, for example social media sites.
The following types of personal information about you may be collected:
We use technical and organizational security measures including encryption and authentication tools to protect your personal information, against manipulation, loss, destruction, and access by third parties.
Assertion of the following rights is to be handled immediately by the responsible unit and cannot pose any disadvantage to you:
Virtual server hosting, container management, and serverless computing.