The DOOR sites take industry standard and reasonable precaution to protect our users' information during transmission and upon receipt. When users submit information via the sites, their information is protected both online and offline. When you enter sensitive information on our sites, we encrypt that information using secure socket layer technology (SSL).
In addition, as of May 2018, DOOR will be compliant with the General Data Protection Regulations (GDPR) and the associated requirements and parameters regarding personal data as prescribed within the GDPR mandate.
You have the right to request access to your personal data from DOOR, rectification, deletion or limitation of processing, and we may transfer it to another data controller at your request. You may object to the processing of your data to market DOOR products or services.
HOW WE USE AND SHARE YOUR INFORMATION
If you choose to provide us with your personal data, as contemplated above, in addition to using the data for the express purpose for which it was provided, we may, if permitted by applicable law, use your information to:
Process a payment that you have made
Process orders that you have submitted
Carry out our obligations arising from any contracts entered into by you and us (or by your employer and us)
Seek your views or comments on the services we provide through surveys or otherwise
Notify you of changes to our services
Send you communications that you have requested or that may be of interest to you, including activities or promotions of our products or services, or those of our affiliates
Send you newsletters, event notices and announcements
As a global organization offering a wide range of products and services, with business processes, management structures and technical systems that cross borders, we have implemented global policies, along with standards and procedures, for consistent protection of personal information. As a global company, we may share information about you with our subsidiaries worldwide and transfer it to countries in the world where we do business in accordance with this Privacy Notice.
Between our controlled subsidiaries, we only grant access to personal information on a need-to-know basis, necessary for the purposes for which such access is granted. In some cases, we use suppliers located in various countries to collect, use, analyze, and otherwise process personal information on our behalf.
Where appropriate, we may also share your personal information with selected partners to help us provide you, or the company you work for, products or services, or to fulfill your requests, or with your consent. When selecting our suppliers and partners, we take into account their data handling processes.
If you do not wish for us to use your data in the ways described above, you may follow the instructions contained in the relevant communication, update your communication preferences in your online account (if applicable), or follow the instructions below, under the heading “YOUR RIGHTS.”
Please be aware that, in certain circumstances, personal information may be subject to disclosure to government agencies pursuant to judicial proceedings, court order, or legal process. We may also share your personal information to protect our rights or property, or that of our business partners, suppliers or clients, and others when we have reasonable grounds to believe that such rights or property have been, or could be, affected.
We may involve the transfer of personal information between different subsidiaries, as well as to third parties located in the countries where we do business. Some countries have implemented transfer restrictions for personal information. Where required, we implement Standard Contractual Clauses approved by the EU Commission, or similar contractual clauses in other jurisdictions. This includes transfers to suppliers or other third parties.
INFORMATION SECURITY AND ACCURACY
We intend to protect your personal information and to maintain its accuracy. We implement reasonable physical, administrative and technical safeguards to help us protect your personal information from unauthorized access, use and disclosure. We also require that our suppliers protect such information from unauthorized access, use and disclosure.
We will not retain personal information longer than necessary to fulfill the purposes for which it is processed, including the security of our processing complying with legal and regulatory obligations (e.g. accounting and statutory retention terms), handling disputes, and for the establishment, exercise or defense of legal claims in the countries where we do business.
Because the circumstances may vary depending on the context and the services, the information provided in Online Privacy Statement or provided in a specific notice may provide more detailed information on applicable retention terms. In the event that we process your data for marketing purposes, we will delete your data if we have not received any responses to our marketing activities for a period of three years. The deletion will occur within six months of such three-year period elapsing.
The Data Subjects shall have the rights contemplated in the GDPR (articles from 15-21) in respect of the processing of data contemplated thereto, including the right to:
Obtain confirmation of the existence of personal data concerning him/her and to gain access to them (right of access);
Obtain the updating, modification and/or rectification of their personal data (right of rectification);
Obtain erasure, or to set limits to processing, of personal data whose processing is unlawful, including that which is no longer necessary in relation to the purposes for which it was collected or otherwise processed (right to be forgotten and right to the restriction of processing);
Object to processing (right to object);
Withdraw previously given consent, if any, without prejudice to the lawfulness of processing based on that consent;
Lodge a complaint with their local EU Data Protection Authority or to the data protection authority of Nederland, if they believe that the DOOR has handled their information in an unlawful manner. The names and contact details of the Data Protection Authorities in the European Union can be found at http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm ;
Receive a copy in electronic form of their data which has been provided to the DOOR and to have such data transmitted to another controller (right to data portability).
To exercise the rights above, and to request any further information regarding how the DOOR processes your data, please send an e-mail at the following address: firstname.lastname@example.org.
We reserve the right to update or modify this policy at any time.