Contact details of NetLync’s Data Protection Officer
Processing of Personal Data
“Personal data” is any information that can identify or make an individual identifiable. In order to provide you with a personal account, we need to store your e-mail address together with your first name, last name, your company, your function and additional business contact information.
In addition, we may collect and process technically necessary data that is automatically transmitted by your internet browser such as IP address, browser type, language and browser version, date/time of request, access status, operating system and website-specific settings.
Purposes and Legal Basis
We process your personal data for the following purposes:
To register and manage your account;
To give you access to the Portal and its content;
To establish and fulfil a contract with you or the entity on behalf of which you act, for example, if you make a purchase from us or enter into an agreement to provide or receive additional services;
To manage and maintain the business relationship with you or the entity on behalf of which you act;
To answer your requests and provide you with efficient support;
To communicate with you or the company your represent in the course of our business relationship;
To technically improve the Portal and to defend it against attacks;
For statistical evaluations based on anonymised data;
To preserve NetLync's economic interests and ensure compliance and reporting (such as complying with our policies and legal requirements, tax and deductions, managing alleged cases of misconduct or fraud; conducting audits and defending litigation);
To fulfil the company's obligations with regard to the prevention of money laundering;
Archiving and record keeping;
Billing and invoicing;
Any other purposes imposed by law or authorities.
We will not process your personal data if we do not have a proper justification foreseen in the law for that purpose. As registered user, the legal basis for the processing of your personal data related to the provision and use of the Portal is the fulfilment of the contract or business relationship with you pursuant to Art. 6 (1) lit. b GDPR.
To the extent that the data processing is not directly related to an existing contract or business relationship, the legal basis is our legitimate interest which arises from the described business objectives but does not unduly affect your interests or fundamental rights and freedoms (Art. 6 (1) lit. f GDPR). In such cases, we always seek to maintain a balance between our legitimate interests and your privacy.
Examples of such legitimate interests are the prevention of fraud or criminal activity and misuse of our products and/or services including the security of our IT systems, architecture and networks and the use of cost-effective services offered by suppliers.
Where you give us your consent to the processing of your personal data, this consent is the legal basis pursuant to Art. 6 (1) lit. a GDPR.
Commissioned Data Processing
If you or the entity for which you act wish to use our services (including the Portal) for the processing of personal data that is subject to commissioned data processing as per to Art. 28 GDPR, this requires the separate conclusion of a Data Processing Agreement. For such personal data, you or the entity for which you act remain the data controller under GDPR or any other applicable data protection law, and we act as data processor on your behalf.
Origin of Data
Your personal data is generally collected from you directly, insofar as possible. Depending on the business relationship and the registration process, data may be also collected from the entity for which you act or from administrators of your company managing your account.
Recipients or categories of recipients
Your personal data will not be disclosed to third parties unless you have consented to such disclosure or it is permitted by applicable law. Within the framework of the business relationship between NetLync and you or the company you represent, and in order to provide agreed services, it may be necessary for employees of NetLync located in a country other than the country of your residency, including countries outside the European Union ("EU") and the European Economic Area ("EEA"). In addition, we may use service providers located in countries outside the EU or EEA, who act as data processors on our behalf.
Please note that NetLync has taken appropriate measures with its employees and service providers in order to secure an adequate level of data protection in line with applicable data protection requirements. In particular, the transfer of personal data among Group Companies is subject to Binding Corporate Rules (Art. 47 GDPR).
The Portal is hosted and operated by NetLync Mobile Communication Technologies Limited, Ireland. Data hosting is within the EU (Ireland).
Your personal data will be stored for the fulfilment of the aforementioned purposes. It will be deleted (or irreversible anonymised) as soon as the relevant purpose has been fulfilled, provided that there are no legal storage obligations or legal duties to the contrary, such as i) the resolution of pre litigation and/or litigation started before the expiration of the retention period; ii) the need to follow up with investigations/inspections by internal control functions and/or external authorities, started before the expiration of the retention period; iii) the need to follow up with requests from public authorities received/notified to NetLync before the expiration of the retention period.
Rights of the data subject
You may exercise the following data subject rights in accordance with the applicable data protection law and if the legal requirements are met:
Right to erasure of your personal data stored by us, e.g. if there is no longer a legitimate business purpose for processing in accordance with applicable law and statutory storage obligations do not require further storage (Article 17 GDPR);
Right to restriction of processing, if the accuracy of the personal data is contested by you or the processing is unlawful (Article 18 GDPR);
Right to data portability, i.e. the right to receive the personal data concerning you, which you have provided us with in a structured, commonly used and machine-readable format (Article 20 GDPR);
Right to object for the processing of your personal data insofar as such processing is carried out based on Article 6 par. 1 lit. e. or f. GDPR (Article 21 GDPR);
Right to withdraw consent (Article 7 GDPR)
Right to lodge a complaint with the competent supervisory authority (Article 77 GDPR); a list of the data protection authorities can be found under the following link:
Ireland – Office of the Data Protection Commissioner – https://www.dataprotection.ie
United Kingdom – The Information Commissioner’s Office – https://ico.org.uk/ You can contact us at any time to enforce your privacy rights.