CompanyXP PRIVACY STATEMENT
This policy applies to TireNet ltd and its affiliates companies Software House srl and all its brands CompanyXP, GaragaXP, SpeedMarkt and GroupXP. The headquarter of our company TireNet ltd is at 57, Rue Michel Hack, L-3240, Bettembourg, Luxembourg. This privacy statement applies to the CompanyXP, GaragaXP, SpeedMarkt and GroupXP web platform, as well as to all other applications and in general to any communications made by TireNet and Software House.
To provide your company with the best level of service, we needs to be able to maintain and use your contact information and other information about you. We do of course ensure that your privacy will be fully respected. We commit therefore to full compliance with the new European Privacy legislation, the GDPR (General Data Protection Regulation). This regulation applies from 25 May 2018 onwards.
- The official GDPR reference is: Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data.
- You will find further information on the official website: http://www.eugdpr.org/ We will only collect and use your personal data for specific purposes. We always limit ourselves to what is truly necessary.
- We do naturally keep contact information up-to-date to communicate with prospective clients, customers, suppliers and partners within the framework of our contractual obligations. We also use these data to further inform you of products and services that are in line with the agreement we already have with you.
- However, we also allow you to submit your contact information and your interests to us yourself through the form on our website, through direct conversations or telephone calls or when requesting for information. Subsequently, after obtaining your explicit consent, we will make further use of this information to send you our newsletter or provide you with other information about our products and services.
- If you visit our website, we would like to know which of our activities interests you. That is why we work with a partner to analyse website activity data. We process the majority of these data anonymously, but if you fill in a contact form or click through to the website from an e-mail we sent you, we link this information to your personal data. This enables us to do more to cater for your specific needs and improve the use and access of our website or our portal applications. We also use cookies and web beacons to achieve this. We believe that data used this way has a legitimate purpose, which does not infringe on your right to privacy. You can always prevent the placing of cookies by adjusting your browser settings, but this may mean you will lose some functionality and not be able to use certain features. If you would like to know more about cookies, what their main purpose is and how to delete or stop them, please visit the following website: http://www.aboutcookies.org
- Personal data that you entrust to us as a customer for processing on your instruction will of course only be used by us for the assignment clearly defined by you. The data will never be used for any other purpose. We protect all collected personal data as strictly confidential information. Information security is our number one priority. Therefore, our security procedures are audited annually by an external organisation.
- All our employees and partners sign a confidentiality agreement in which they undertake to maintain strict confidentiality at all times in relation to the information that they gain knowledge of in connection with their job. For this purpose, they follow a number of clear guidelines and are trained and made aware of their responsibility on a regular basis.
- We have a highly secured ICT infrastructure. State-of-the-art technology is used to protect the network against attacks from outside, viruses and malware. Monitoring and logging detect possible abnormal situations or activities. Maximum availability of the infrastructure and applications is ensured.
- If we uses external parties, partners or subcontractors for certain services, they will be thoroughly screened and instructed regarding their obligations in terms of confidentiality and information security. If your information is entrusted to them, they will receive a clear assignment and the information provided will only be used for this. Your data is registered and processed with the greatest care to ensure that they are accurate and up-to-date, and we store them no longer than necessary for the intended purpose.
- The necessary control mechanisms, software-related tools and manual systems are available to monitor the quality of the data. A retention period is determined in accordance with the type of information, after which the collected data is completely and permanently deleted. Personal data is stored and processed as much as possible internally.
- They are only passed on to external parties in the context of a proven partnership (for example, a commercial offer that we jointly set up with a partner and for which purpose our commercial contact information is shared with the partner) or a contractually well-defined assignment, executed under our responsibility (for example, the processing of visits to our website). The personal data referred to here are never transferred to any location outside the EU. As a person involved, you always have the right to be fully informed of the data we keep about you. You have the right to retrieve, correct or completely delete these data. If you believe that we don’t handle your personal data correctly or violates the laws and regulation in any way, you are entitled to file a complaint with the Privacy Commission.
- Any questions in relation to how we process your personal data or requests to correct, supplement or delete these data can be sent to our Data Privacy Officer by e-mail (stating your motivation) (See ‘Contact’) . We will comply with your request within four weeks of its receipt unless this deadline cannot be met due to additional complications or unless conflicts would occur with the privacy of other persons or the disclosure of the information would be prohibited by law. In such a case, a statement will also be given to you within the four week period.
- If you have given us permission to use your data you always retain the right to withdraw this permission at any time. If you have subscribed to receive our newsletters, there will always be an option available to easily unsubscribe.
- In certain circumstances, you can also request that we store but no longer process your data (for example, in case of a dispute or for further investigation). The GDPR also gives you the right to have your personal data transferred to another service provider. This can be applied to any personal data provided directly to us by you.
We regularly update this statement to give you a correct view of our intentions and our practices, which are always adapted to comply with the regulations. With this in mind, we also suggest that you occasionally read through this text again when visiting our website or using our online services.
Our Data Protection Officer, who has the primary task of ensuring your rights, will answer all your questions about personal data. The officer can be contacted using the our e-mail address (See ‘Contact’) . You can count on a prompt response