PEEK POLISH AFRICA | Peak Season Privacy Policy
Policy Aims
PEEK Polish Africa is committed to being transparent about how it collects and uses the personal data of its customers and its workforce, and to meeting its data protection obligations. This policy sets out the organization’s commitment to data protection and individual rights and obligations in relation to personal data.
PEEK Polish is committed to complying with data protection legislation and good practice including:
Processing personal information only where this is strictly necessary for legitimate organizational purposes
Collecting only the minimum personal information required for these purposes and not processing excessive personal information
Providing clear information to individuals about how their personal information will be used and by whom
Only processing relevant and adequate personal information
Processing personal information fairly and lawfully
Maintaining an inventory of the categories of personal information processed by STARBRITE
Keeping personal information accurate and, where necessary, up to date
Retaining personal information only for as long as is necessary for legal or regulatory reasons or, for legitimate organizational purposes
Respecting individuals’ rights in relation to their personal information, including their right of subject access
Keeping all personal information secure
Responsibilities under the General Data Protection Regulation (GDPR)
STARBRITE is a Data Controller and a Data Processor under the GDPR.
Senior Management and all those in managerial or supervisory roles throughout STARBRITE are responsible for developing and encouraging good information handling practices within the organization.
A member of the senior management team is accountable to the Directors for the management of personal information within STARBRITE and for ensuring that compliance with data protection legislation and good practice can be demonstrated.
STARBRITE has a GDPR Owner who has been appointed to take responsibility for STARBRITE’s compliance with this policy on a day-to-day basis.
The GDPR Owner has specific responsibilities in respect of procedures such as the Subject Access Request Procedure and is the first point of call for Employees/Staff seeking clarification on any aspect of data protection compliance.
Compliance with data protection legislation is the responsibility of all staff at STARBRITE who process personal information.
When you express interest in STARBRITE its products, we will collect and process the following data from you:
your name
email address
your country
Who will your personal information be shared with?
If we are obliged to disclose personal data by law, or if the disclosure is necessary for purposes of national security, taxation and criminal investigation, we will do so. In some circumstances, you may not be notified first.
Your data is hosted on several different systems. All these providers have relevant safeguards in place to protect your data in the same way that we do.
What happens with my data and how is it retained?
Upon no longer conducting business with STARBRITE your data will be stored safely and securely. We will retain your personal data a maximum of 2 years
Data protection principles