- About the Data Controller
The GlobalPass AG (Data Controller or Company), corporate ID number CH-170-3043885-9, domiciled at Metallstrasse 8, 6300 Zug, Switzerland, is the data controller. You may contact our data protection officer at [email protected].
When providing the GlobalPass service to Clients, the company acts as a Data Processor.
- What Is Personal Data?
Personal data is any information collected about a data subject by the Data Controller, which may be used for identifying the data subject. Personal data includes any information, including the data subject’s full name, surname, IP address, etc.
- What Kind Personal Data Do We Process and Why?
The Data Controller process your personal data for the following purpose:
- For concluding/executing and administrating contracts with Clients
For the purpose to conclude and execute contracts / transactions with legal entities, the Data Controller processes the following personal data: name, surname, contact information, content of correspondence, contract details, etc. These personal data are processed on the basis of a legitimate interest in carrying out the activity and stored for 10 (ten) years after the expiry of the contract.
- For sending information regarding commercial offer
For the purpose to send information (notifications) regarding commercial offer the Data Controller processes the following personal data: name, surname, position, e-mail address, phone number. These personal data are processed on the basis of consent and stored for 3 (three) years after receiving the consent.
- For carrying out requests/complaints
For the purpose of ensuring the proper handling of request or complaints, the Data Controller will process: name, surname and contact details. This personal data is processed on the basis of consent of data subject and is stored until the request is fulfilled.
- For GlobalPass account setup and access to the platform
For the purpose of managing accounts and providing accesses, the Data Controller processes the following personal data of Clients: name, surname, position, contact details (email address, phone number). These personal data are processed on the basis of a contractual obligations and stored until the termination of the contract.
- For recruitment of employees
For the purpose of hiring employees, the Data Controller processes the following personal data of the candidate to position: name, surname, email address, telephone number, skills description, education, experience, if candidate is foreign – nationality. This personal data is processed on the basis of consent of candidate and is stored until the end of the recruitment process or period that is written in data subjects consent to store this personal data after recruitment.
- When you visit social media site “Linkedin” account
Information communicated to us when visiting our social media sites (including notifications, use of “Like” and “Follow” buttons and other communication) will be controlled by us jointly with social media managers as joint controllers.
- When Data Controller performs as Data Processor in relation to Clients
The responsibility for informing Data subjects about the processing of their personal data lies with the Client.
- Our website and cookies used
When you visit our Website, we may place cookies on your device. Cookies are small, often encrypted text files which we place on your browser or hard disc on the basis of your consent. We use different cookies for different purposes as they help us to identify you among other Data Controller Website users. This allows us to make your experience of using our website far more pleasant and to improve it.
We use the following cookies:
- Strictly necessary cookies
These cookies are essential for our website to operate. Such cookies process data on the basis of proper performance of the agreement when you visit the website, while we ensure the safety and quality of such visit. Cookies that allow you to log in to access secure areas of our website or to hold your items in your cart while shopping online, or to use electronic accounting systems are examples of strictly necessary cookies.
- Analytical and/or performance cookies
They allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users easily find what they are looking for. Data collected by these cookies is processed on the basis of your consent.
- Functionality cookies
These cookies are used to remember choices you made in the past when you re-visit our website so as to provide you personalised or enhanced features that you select. Data collected by these cookies is processed on the basis of your consent.
You may find a detailed list of the cookies below:
|Cookie name||Data processing purpose/cookie use||Expiration time||Cookie type (strictly necessary/ analytical/ functionality/marketing)||Data used|
|cookie_||To store user cookies settings||1 year||Functional||Selected cookie consent|
|Google cookies to recognise and distinguish users||2 years
|Analytical||Unique Identification ID|
- How is your personal data processed?
Your personal data will be processed in accordance with the General Data Protection Regulation (GDPR) and other data protection law and soft law sources. We will manage your personal data responsibly and securely. When identifying the means of personal data processing and in the course of such processing, the Company undertakes to implement appropriate technical and organisational measures for protecting your personal data from accidental or unlawful destruction, damage, modification, loss, disclosure or any other kind of illegal handling and to adopt proper measures taking into account the risks around your personal data processing.
- Who can we disclose your personal data to?
We may disclose your personal data to our data processors who provide us with services (perform work), i. e. IT service providers, auditors, lawyers, consultants, and process your data on behalf of Company as a data controller.
Data processors will be allowed to process your personal data solely based on our instructions and only to the extent necessary. We will take all necessary steps to ensure that our data processors implement the appropriate organizational and technical measures to ensure safety and confidentiality of your personal data.
Your data may also be transferred to public bodies or institutions or other persons who are statutorily entrusted with certain functions. In addition, we may disclose your information in the following cases:
- If required to do so by law;
- In order to protect our rights or interests (including the case when your personal data is disclosed to others for debt recovery purposes);
- When intending to sell any of the Company’s business or assets, we are asked to disclose your personal data to potential buyers of such business or assets;
- What are your rights?
- Right of access to your personal data
- Right to withdraw consent
- Additional rights
Below, please find information about your additional rights that may be exercised by you as follows:
- You have the right to request us to correct any inaccuracy of your personal data. In that case, we may ask you to confirm the corrected information.
- You have the right to request us to erase your personal data. This right may be implemented in the cases described in Article 17 of the GDPR.
- You have the right to request us to restrict/refrain from processing your personal data.
- You have the right to data portability if processing of such data is carried out by automated means and we have obtained such data from you based on your consent or for the purpose of concluding the agreement. If you opt to exercise this right, we will transmit at your request a copy of the data submitted by you.
- You have the right to object to processing of your personal data pursuant to Article 21 of the GDPR.
- Right to request more information.
- How can you exercise your rights?
To enforce your rights, you may submit requests, complaints or claims to us in writing in any of the following ways:
- By sending an e-mail to [email protected], or
- By sending a letter to GlobalPass AG, Metallstrasse 8, 6300 Zug, Switzerland.
We will respond to your request, complaint or claim in writing in accordance with the applicable laws and will do our best to provide you with information within the shortest time possible but in no event later than within 30 (thirty) days after receiving your request.
If having received your request, complaint or claim we have doubts about your identity, we may ask for your identity document.
If we fail to provide you with the necessary information and/or should you have complaints about how your personal data are processed, you may approach your national Data Protection Authority (the list of authorities is available here) or Lithuanian State Data Protection Inspectorate (www.vdai.lrv.lt) by filing a complaint.
You are responsible for the confidentiality of your or your children’s data submitted and for ensuring that such data is accurate, correct and complete. You should inform us immediately by e-mail if changes are made to the data you have submitted. Therefore, we will not be held liable for damage resulting from your failure to provide correct or complete personal data or to give us notice of changes made to such data.