Privacy Statement regarding use of Your Personal Data by SMK ELECTRONICS (EUROPE) LIMITED – Effective from 25 May 2018
Data Protection is the safeguarding of the privacy rights of individuals in relation to the processing of their personal information, in both paper and electronic format.
SMK Electronics (Europe) Limited (“we”, “us”, “our” or “SMK”) is committed to protecting the privacy and security of your personal data, which is data identifying you or from which you can be identified.
This privacy statement is a privacy statement that we must provide to you in accordance with Irish data protection laws, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”), and the Data Protection Acts 1988 to 2018, as such laws may be updated from time to time, (“data protection laws”).
Where we need to process your personal data in connection with our operations or services, or where we have a legal obligation to process your personal data (for example, in order to comply with our legal obligations), we will not be able to provide you with the full benefit of our operations or services if you do not provide this information to us.
This privacy statement applies to all people who are living individuals about whom we process personal data in the course of our operations (“you” and “your”) who visit and/or interact with our website www.smkeurope.com (the “Website”) and to all subsequent correspondence or communications with those people, whether by email using email addresses from our Website, telephone or VOIP.
SMK is a "controller". This means that we are responsible for deciding how we hold and use personal data about you. It is important that you read this privacy statement so that you are aware of how and why we are using your personal data.
1. The personal data we collect and use about you
In this privacy statement when we refer to “personal data” this means any information identifying you (such as your name, address, email address, telephone number(s), your employer and your location of employment or workplace and job title) or information from which you can be identified. If you are requesting goods or services from us or are involved in a business relationship with us, we will collect, store and use the following categories of personal data about you: (1) your personal contact details such as your name, title, address(es), telephone numbers and email addresses; and (2) our employer and your location of employment or workplace
2. How your personal data is collected by us
We collect personal data about you directly from you through our Website when you contact us, or when you correspond or communicate with us (including by telephone) in connection with our business. If you are an employee or an agent of a customer or supplier, your employer may provide us with your information in the course of doing business with us.
3. How we will use information about you and the basis for that use
We gather and process your personal information for a variety of reasons and rely on a number of different legal bases to use that information. For example, we use your personal information to perform business contract obligations, to manage your requests for information about our business, processing payments in the course of your business, to give you information about your interests or interactions with your business, to prevent unauthorised access to your information and to meet our legal and regulatory obligations.
We need all the categories of information in the list above (in section 1) primarily to enable us to carry out the following actions with your personal data:
- to determine how best to run our business, and to respond to your communications to us via the Website or contact points referred to on the Website;
- to provide goods and services to you or others;
- to verify the personal information provided to us;
- to perform the acts that you ask us to perform using your data, such as contacting you to supply information about SMK to you; and
- to comply with applicable laws, tax and regulatory reporting obligations.
For each of the situations listed in which your personal data is processed, one, several, or all of the following grounds justify this use of your personal data: (1) processing is necessary for the performance of a contract to which you are party or in order to take steps at your request; (2) processing is necessary to comply with our legal obligations; and/or (3) to pursue legitimate interests of our own or those of third parties, provided your interests and fundamental rights do not override our legitimate interests.
Some of these grounds for processing will overlap, and there may be several grounds which justify our use of your personal data.
4. What happens if you do not give us personal data or tell us when it changes?
It is important that the personal data we hold about you is accurate and current. You agree to notify us without delay in the event of any change in the personal data that we hold about you, to enable us to comply with our obligations, including to keep information up to date. If you fail to provide certain information when requested by us, or by our processor(s) on our behalf, we may not be able to give you the full benefit of our services or to respond to your communications. In addition, we may be prevented from complying with our obligations to you as we require your personal data to perform our obligations, or we may be prevented from complying with our legal obligations or applicable laws. This may also be the case if you exercise your rights to erasure or restriction of processing, or object to our processing of your personal data (as described in section 9).
You can contact us at any time using the details set out in section 11.
5. Third Party Information
Where you provide us with personal data relating to other people, you represent and warrant that you will only do so in accordance with applicable laws. You will ensure that before doing so, the individuals in question are made aware of the fact that we will hold information relating to them and that we may use it for any of the purposes set out in this privacy statement and the relevant terms and conditions, and where necessary you will obtain their consent to our use of their information. You will provide anyone that you provide us with personal data about with a copy of this privacy statement. We may notify those individuals that you have provided their details to us.
6. Sharing your personal data
We will only ever share your personal data with third parties in connection with our obligations to you. We will share your personal data with third parties where required by law or where we have a legitimate interest in doing so.
We may transfer your personal data outside the European Union (“EU”), including to the US and Japan, to companies in our group, or to service providers which use resources, or which carry on data processing facilities outside of the EU. We will only transfer your personal data to these entities where the EU Commission has decided that the third country in question in which they are located ensures an adequate level of protection in line with EU data protection laws; in accordance with your instructions where you have explicitly consented; or where we have agreed with these recipients to use EU Commission approved standard contractual clauses to transfer the personal data.
7. Data security
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to SMK, its agents, contractors and other third parties who have a business need to know about the personal data that you give to us. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
Although we cannot guarantee against any loss, misuse, unauthorised disclosure, alteration or destruction of data, we take reasonable steps to prevent this from happening. We have put in place measures to protect the security of your personal data.
Please note however that where you are transmitting information to us or to our service provider over the internet or another telecommunications network this can never be guaranteed to be 100% secure. For any payments which we take from you or pay to you online we will use a recognised third party online secure payment system, and we are not responsible for the security of this system. You should contact these third parties for information about the security of these internet, telecommunications systems or payment systems if you need further information.
8. How long will we hold and use your personal data for?
We will hold some personal data about you for as long as you are involved in a business relationship with us. We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for; see section 3 of this privacy statement. Your personal data will be retained by us for any period required by law. Some of your personal data may need to be retained because of circumstances such as a legal dispute or regulatory investigation, which would not normally be subject to retention.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
We review our retention of personal data regularly, to establish whether we are still entitled to process it. If we decide that we are not entitled to do so, we will stop processing your personal data except that we will retain your personal data in an archived form in order to be able to demonstrate compliance with future legal obligations.
9. Your rights in connection with the personal data we hold about you
You have the right, subject to some conditions and limited exceptions contained in the data protection laws (such as those set out below), to:
- Request access to your personal data that we hold about you. This right enables you to receive a copy of this personal data from us;
- Request correction of the personal data that we hold about you. This right enables you to have any incomplete or inaccurate information we hold about you corrected;
- Request erasure of your personal data. This right enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have exercised your right to object to processing (see below);
- Where we hold and process your personal data in order to comply with legal obligations, such as compliance with tax requirements and exemptions, or for the establishment exercise or defence of legal claims, your right to ask us to delete or remove your personal data is limited;
- Object to our processing your personal data where we are relying on a legitimate interest (or those of a third party) in order to justify the basis for our processing your personal data and there is something about your particular situation which makes you wish to object to processing on this ground;
- Request that we restrict processing of your personal data. This right enables you to ask us to suspend the processing of your personal data, e.g., if you want us to establish its accuracy or the reason for processing it; and
- Request the transfer of your personal data to another party where you provided that information to us.
We are not under an obligation to rectify or delete your personal information where to do so would prevent us from meeting our contractual obligations to you, or where we are required or permitted to process your personal information for legal purposes or otherwise in accordance with our legal obligations.
If you want to review, verify, correct or request erasure of your personal data, object to the processing of your personal data, or request that we transfer a copy of your personal data to another party, please contact our GDPR Coordinator, Conor O’Doherty, by email at email@example.com setting out in writing your request clearly, including by specifying the personal data to which the request relates. We recommend that you provide as much detail as possible in your when sending requests to us, and that you identify yourself clearly, so that we can deal with your query properly and efficiently.
(a) What we may need from you
We may need to request specific information from you to help us confirm your identity and ensure your right to access the personal data, or to exercise any of your other rights. We may ask you to provide us with your current name and address, proof of identity (a copy of your driving licence, passport or two different utility bills that display your name and address), and once verified we will delete this data. This is another appropriate security measure to ensure that personal data is not disclosed to any person who has no right to receive it.
(b) Fees for our response to your requests
Generally you will not have to pay a fee to access, or to exercise any of your other rights in connection with, your personal data. However, we may charge you a reasonable fee if your request for access to your data is clearly unfounded or excessive and/or we are permitted by data protection laws to do so; alternatively, we may refuse to comply with the request in such circumstances.
10. Changes to this privacy statement
This privacy statement is introduced with effect from 25 May 2018. We reserve the right to change this privacy statement at any time (for example, to comply with changes in laws or regulations, our practices, procedures and organisational structures, requirements imposed or recommended by supervisory authorities or otherwise). Any changes to the privacy statement will be communicated to you in writing by us where we are legally required to do so.
Changes to this privacy statement shall be applicable on the effective date set out in the updated privacy statement and the latest version of this privacy statement will be available to view on the Website available at www.smkeurope.com
11. How to contact us
If you have any queries or complaints regarding our use of your personal data or the contents of this privacy statement you may contact our GDPR Coordinator, Conor O’Doherty, by email at firstname.lastname@example.org, or by phone at 087 8551925.
If you are still dissatisfied with how we have handled your complaint, you may contact the Data Commission’s Office and may lodge a complaint by emailing email@example.com or writing to the following address: Data Protection Commission, Canal House, Station Road, Portarlington, R32 AP23 Co. Laois. You can visit the website of the Data Protection Commission at www.dataprotection.ie for more details.