SSRJ Signature Corporation Limited, with registered offices at 12 Kennedy Avenue, Kennedy Business Centre, 2nd Floor, Nicosia, Cyprus, telephone: 00302104834340 (hereafter “Signature Europe”, “Signature”, “we”, “us” or “our”) recognizes the importance of protecting your privacy.
This Privacy Notice (“Notice”) explains in general terms how we seek to comply with data privacy laws and regulations, including but not limited to national laws implementing the European Union (“EU”) Data Protection Regulation (GDPR) 2016/679 (“Regulation” or “GDPR”) and data protection legislation adopted by increasing numbers of other jurisdictions globally as well as describes the main types of Personal Data we process within our organization, how that Personal Data is used and disclosed, and our commitments to the individuals whose Personal Data we handle.
Personal data we collect
The term “Personal Data”, as used in this Notice and in accordance with the applicable legal framework, refers to a natural person’s personal information which can directly or indirectly identify him/her (hereinafter referred to as “Personal Data” or “Data”).
When you visit our website, we may collect the following types of Personal Data:
- Identification data, such as name, surname
Personal data collected as a data processor for services provided to our customers
In some cases, in the performance of our services to our customers we may need to collect and process Personal Data concerning end users/ employees / representatives of our customers. Such Personal Data are necessary to be collected and processed in order to provide the agreed services to our customers or may be accessed by our customers in order for them to make use of our platform or SaaS Product. In this case, if you provide us as our customer with any personal information of a third party (e.g. the personal information of employees), by submitting such information to us, you represent and warrant that you have obtained the necessary consent of those third parties to provide us with their personal information for the respective purposes.
If you are an employee of our costumer, you acknowledge and agree that your personal information may be displayed in the user account which your organization has with us, which may be accessible by other employees and/or authorized representatives of our costumer.
Such Personal Data which may process include but are not limited to the following types:
- Identification details, such as name, surname, employee number;
We process such Personal Data in the role of a processor on behalf of our customers (and/or their affiliates) who are the responsible controller of the Personal Data concerned. If your Personal Data has been submitted to us by or on behalf a Signature customer and you wish to exercise any rights you may have under applicable data protection laws, please inquire with the applicable customer directly. Because we may only access a customer’s data upon instruction from that customer, if you wish to make your request directly to us, please provide to us the name of the Signature customer that submitted your data to us. We will refer your request to that customer and will support them as needed in responding to your request within a reasonable timeframe.
You may choose not to provide your information to us. However, this may prevent you from being able to use certain services or accessing certain parts of the Site.
How we use your Personal Data
We use your Personal Data:
- To contact you or to send you news and updates when completing online the contact form, or when completing the subscription form;
- To provide information regarding our services and corporate activity through social media platforms, e.g. Facebook, LinkedIn.
- To provide you our customized services as well as to allow you to participate in interactive features of our services as our customer, such as OLS, ASCENT and ARCHON and any other associated web-based applications as operated by Signature.
Legal basis of Processing
We process Personal Data under one or more of the following conditions:
- Where you have provided your consent, in written or electronic form; please note that your consent is voluntary; you can refuse to provide it along with the requested data or later change your mind and withdraw it at any time and without giving any reason for doing so;
- Where it is necessary to comply with our contractual obligations towards you or third parties;
- Where the processing is necessary for complying with a legal obligation to which we are subject to; or
- Where the processing is necessary for the pursuit of our legitimate interest and business needs; for example, we will need to process your Personal Data for statistical and survey purposes, to track the visits and use of our website and related social media accounts by interested parties, for the development and improvement of the quality of our services, to implement appropriate technical and organizational security measures to protect our employees, contractors, and any related information assets as well for recordkeeping and auditing purposes.
Choices about Marketing
If we intend to use your Personal Data for direct marketing purposes or if we intend to disclose your Personal Data to any third party for such purposes, we will inform you respectively and request your explicit consent. You have the right to object to Personal Data being used for the purposes of direct marketing including subscribing to newsletters. Where this right applies, you can exercise this and prevent such processing by checking certain boxes on the forms provided to collect your Personal Data (please use the “opt-out” or “unsubscribe” functionality contained within any electronic communications to update your privacy preferences). You can also exercise the right at any time by contacting us as set out below.
Automated Decision Making and Individuals’ Rights
We do not undertake decisions based solely on automated processing, including profiling, of individuals, unless we explicitly inform you otherwise.
Transfers to Third Parties
To facilitate the purposes of our business activity and benefit from centralized administration and IT resource, Personal Data shall be shared with third parties to whom we have chosen to outsource our work. Examples of third parties include but are not limited to Cloud service providers and web-based applications providers, hosting providers and other service providers whose services or applications we use to provide our training, scoring, coaching and performance evaluation related services to customers, such technological solutions being our Online Scoring System (OLS) and ASCENT web-based platforms.
Such third parties, working as our processors are required to enter into data processing and/or confidentiality agreements whereby they will commit to only process Personal Data consistent with contracted purposes and solely on our documented instructions and to apply appropriate organizational and technical security safeguards to secure the processing of any personal data. Your data will be shared with our own and any processors’ authorized personnel committed under a duty of confidentiality or under a statutory duty of confidentiality and only on a need to know basis.
Personal Data we collect is processed and stored by our company, our affiliates and third-parties in countries within and outside the European Economic Area. When we transfer your Personal Data to recipients located in third countries, outside the European Economic Area, where the level of data protection is not considered adequate or equivalent with the one afforded by the European Economic Area or your country of residence, we will undertake every reasonable effort to ensure that appropriate data safeguards are in place (such as by executing the appropriate EU Standard Contractual Clauses for cross-border data transfers from the Community to third countries for controllers or processors, as adopted by the European Commission and as applicable) to ensure the adequacy of the protection and the security of the processing of your Personal Data.
We will apply reasonable and appropriate technical, administrative and physical safeguards designed to protect Personal Data in our possession from loss, misuse and unauthorized access, disclosure, alteration and destruction, taking into account the nature of the processing activities and the risks associated thereof in accordance with this Privacy Notice, applicable data protection laws and regulations and international industry security standards. Access to your Personal Data is limited to a restricted number of our employees whose duties reasonably require such Personal Data and third parties with whom Signature Europe contracts to carry out business activities on its behalf. Our employees have been trained on the importance of privacy and how to handle and manage Personal Data appropriately and securely.
We will retain your Personal Data for no longer than is necessary for the processing purpose(s) for which your Personal Data was collected and any other compatible or permitted purposes in accordance with applicable laws or regulations. Your Personal Data that is no longer needed is either irreversibly anonymized or securely destroyed.
We make every effort to ensure that you can easily exercise your rights with respect to your Personal Data processed by us; in particular, we remind you that you have the right of access and correction or completion of your Personal Data, the right to withdraw consent at any time, where relevant, the right to object to any processing, the right to data erasure, the right to restrict aspects of data processing, and to request transmission of personal data to yourself or another organization. Your exercise of the above-mentioned rights is subject, in certain cases, to specific conditions as is for example where it is necessary to safeguard the public interest and/or our own legitimate interests.
If you decide to exercise any of these rights, we will check your entitlement, we may request to confirm your identity and in any case we shall respond to you within a calendar month from receipt of such a request, unless there are valid grounds for extending the relevant response periods.
If you are not satisfied with how we process your Personal Data or how we have handled your request or complaint, you have the right to submit a complaint to the competent national data protection authority of your country of residence or place of work.
A list of all the EU supervisory authorities, and their individual contact details, is available on the European Data Protection Board website at: https://edpb.europa.eu/about-edpb/board/members_en
In Cyprus, the competent data protection authority is the Commissioner for Personal Data Protection. You can contact the Commissioner at the contact information provided below.
Commissioner for Personal Data Protection
1 Iasonos Street, 1082 Nicosia
P.O. Box 23378, CY-1682 Nicosia
Tel. +357 22 818 456 | Fax +357 22 304 565
e-mail: [email protected]
How to contact us
To ask any questions with regard to this Privacy Notice, to make a request or raise a concern or to exercise any of your privacy rights, please contact us at SSRJ Signature Corporation Limited, 12 Kennedy Avenue, Kennedy Business Centre, 2nd Floor, Nicosia, Cyprus, telephone: 00302104834340. You can also contact us by email at : [email protected]
Changes to the Privacy Notice
This Notice may be reviewed and amended from time to time, without advance notice, to ensure that an appropriate level of data protection is maintained. All amendments will be posted on this website. Please check back periodically for updates to this Notice.
Signature Europe Privacy Notice Effective Date: 19 Sep 2019