PRIVACY NOTICE
Updated July 2021
Data Privacy Global (“DPG”) is a legal consultancy provider in the field of data protection and information privacy.
We are based in the European Union. You can get in touch with questions about this Privacy Notice, our data processing or any other topics by sending an email to dpo@dataprivacyglobal.com
We understand that you are aware of and care about your own personal privacy interests, and we take that seriously. This Privacy Notice describes DPG’s policies and practices regarding its collection and use of your personal data, and sets forth your privacy rights. We recognize that data privacy is an ongoing responsibility, and so we will from time to time update this Privacy Notice as we undertake new personal data practices or adopt new privacy policies.
Your data is valuable and it is your personal property. We, therefore, encourage you to read the following paragraphs carefully and let us know if you have any questions.
I. How we collect and use (process) your personal information
Data Privacy Global collects personal information about its clients, prospective clients and employees. With few exceptions, this information is limited to the kinds of information that can be found on a business card: first name, last name, job title, employer name, work address, work email, and work phone number. We use this information to provide current and future clients and employees with information about our services and products. We do not sell personal information to anyone and only share it with third parties who are facilitating the delivery of our services and products.
1. Personal information you give to us:
A. Business Relationship
Data Privacy Global is a legal consultancy firm that enters into business relationship with individuals and organizations to provide them with consultancy services and products in the field of data protection and information privacy. As with any business relationship, Data Privacy Global enters into a service contract with its clients where personal information is collected and processed in order to execute DPG’s obligations under the contract.
B. Publications
Data Privacy Global publishes content on its website and sometimes those publications include links to other websites. This means you may find yourself on DPG’s website or reading an email sent to you by DPG and we will offer you a link to another organization’s website where you will find content on privacy or data protection that we find relevant and useful to you. At these times, you will be leaving DPG’s website. DPG is not responsible or liable for content provided by these third-party websites or personal information they may gather from you.
C. Your correspondence with Data Privacy Global
If you correspond with us by email, the postal service, or other form of communication, we may retain such correspondence and the information contained in it and use it to respond to your inquiry; to notify you of DPG’s social media posts, publications, or other services; or to keep a record of your complaint, accommodation request, or similar concern. As always, if you wish to have DPG “erase” your personal information or otherwise refrain from communicating with you, please contact us at dpo@dataprivacyglobal.com
Note: if you ask DPG not to contact you by email at a certain email address, DPG will retain a copy of that email address on its “master do not send” list in order to comply with your no-contact request.
Data Privacy Global has a legitimate interest in maintaining personal information of those who communicate voluntarily with Data Privacy Global.
D. Purposes for processing your data
DPG processes your data to provide you with the goods or services you have requested or purchased from us, including consultancy services, publications and other content.
We use this information to refine our goods and services to better tailor them to your needs and to communicate with you about other services DPG offers that may assist you in the field of data protection and information privacy.
Most of the time, DPG needs to process your personal data to fulfill a contractual obligation related to providing services to you. Sometimes DPG has a legitimate interest in processing your data to better understand the needs, concerns, and interests of DPG clients and prospective clients so DPG can operate optimally as a business. And other times, DPG relies upon your consent, in which case we will keep a record of it and honor your choices.
2. Personal information we get from third parties
From time to time, DPG receives personal information about individuals from third parties. This may happen, for example, if you are subscribed to a blog or have obtained services from DPG’s partner company, that wish to share your information with DPG to provide you with additional information and services. We may also collect your personal data from a third-party website (e.g. LinkedIn) if you fill out a form on that site requesting content from or registering for an event with DPG. You may always update your data held by DPG by contacting us at dpo@dataprivacyglobal.com
II. Use of www.dataprivacyglobal.com website
As is true of most other websites, DPG’s website collects certain information automatically and stores it in log files. The information may include internet protocol (IP) addresses, the region or general location where your computer or device is accessing the internet, browser type, operating system, history of the pages you view, and other usage information about the use of DPG’s website. We use this information to better design our site to better suit our users’ needs. We may also use your IP address to help diagnose problems with our server and to administer our website, analyze trends and gather broad demographic information that assists us in identifying visitor preferences.
DPG has a legitimate interest in understanding how visitors on our website use it. This assists DPG with providing more relevant products and services, with communicating value to our staff and management board, and with providing appropriate staffing to meet customer needs.
III. Data Subject Rights
If you wish to confirm that DPG is processing your personal data, or to have access to the personal data DPG may have about you, please contact us at dpo@dataprivacyglobal.com
You may also request information about: the purpose of the processing; the categories of personal data concerned; who else outside DPG might have received the data from DPG; what the source of the information was (if you didn’t provide it directly to DPG); and how long it will be stored. You have a right to correct the record of your personal data maintained by DPG if it is inaccurate. You may request that DPG erase that data or cease processing it, subject to certain exceptions. You may also request that DPG cease using your data for direct marketing purposes. In many countries, you have a right to lodge a complaint with the appropriate data protection authority if you have concerns about how DPG processes your personal data. When technically feasible, DPG will—at your request—provide your personal data to you or transmit it directly to another controller.
Reasonable access to your personal data will be provided at no cost to DPG clients, conference attendees and others upon request made to DPG at dpo@dataprivacyglobal.com. If access cannot be provided within a reasonable time frame, DPG will provide you with a date when the information will be provided. If for some reason access is denied, DPG will provide an explanation as to why access has been denied.
IV. Security of your data
To help protect the privacy of data and personally identifiable information you transmit through use of DPG’s website, we maintain physical, technical and administrative safeguards. We update and test our security technology on an ongoing basis. We restrict access to your personal data to those employees who need to know that information to provide benefits or services to you. In addition, we train our employees about the importance of confidentiality and maintaining the privacy and security of your information. We commit to taking appropriate disciplinary measures to enforce our employees' privacy responsibilities.
V. Data Storage and Retention
Your personal data is stored by DPG on the servers of its third-party service provider, Wix. In this case, DPG is the Controller and Wix is the Processor of your personal as defined by the European Union’s General Data Protection Regulation (GDPR). DPG has ensured that Wix has put in place all the necessary and required steps to protect your personal data the way that DPG does.
Wix.com Ltd. is based in Israel, which is considered by the European Commission to be offering an adequate level of protection for the personal iformation of EU Member State residents.
DPG uses Wix for its website platform and servers. Any third-party service providers that are used by Wix to store or process your personal information on Wix’s behalf (sub-processors) are contractually committed to keep it protected and secured, in accordance with industry standards and regardless of any lesser legal requirements which may apply in their jurisdiction.
Furthermore, DPG has ensured and Wix has confirmed that if you are located in Europe, when Wix will transfer your personal information to the United States or anywhere outside Europe, Wix will make sure that (i) there is a level of protection deemed adequate by the European Commission or (ii) that the relevant Model Standard Contractual Clauses are in place.
Although Wix and its affiliates participate in and have certified their compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework, For the avoidance of doubt, Wix does not rely on the Privacy Shield as a mechanism for transferring GDPR protected personal data.
Wix ensures that the processing of your personal information shall take place within the territory of the European Union, Israel or a third country, territory or one or more specified sectors within that third country of which the European Commission has decided that it ensures an adequate level of protection and such Processing and transfer will be in accordance to the Data Processing Agreement – Users (“DPA"). Any transfer to and processing in a third country outside the European Union that does not ensure an adequate level of protection according to the European Commission, shall be undertaken in accordance with the Standard Contractual Clauses (2010/87/EU) set out in Annex 1of the DPA. For the sake of clarity, “Processing” should be understood as per the definition provided in the DPA.
For more detailed information about Wix’s data protection activities, please read Wix’s Privacy Notice.