In order to fulfil our obligations to staff, customers and suppliers, we need to process your personal data as defined in this policy and as per The General Data Protection Regulation 2016/679. We do this with the utmost consideration for your privacy and integrity to collect any data.
1. What information do we collect?
You may, directly or indirectly, provide us with information. For example:
Personal and contact information, as specified herein:
1.2. Delivery address
1.3. E-mail address
1.4. Mobile phone number
2. What Gordon does with your personal information?
2.1. All forms of data stated within 1.1 to 1.4 above and herein, “stored or collected” by Gordon is used to provide, perform and improve our services and to maintain agreements entered into with third party providers.
2.2. We process personal data for the following purposes and based on the following legal grounds as per § 6 of the The General Data Protection Regulation 2016/679:
2.2.1. Carry out and follow up on deliveries;
2.2.2. Improve our services delivered to you as end-customer.
2.2.3. Follow up with our business customer on whether delivery has taken place.
3. Communications and correspondences with the end-customer
3.1. We may use your personal data to communicate information relevant to the assignment carried out about previous or similar delivery services and to conduct customer satisfaction surveys regarding our services, e.g. via electronic communication channels and by telephone.
4. Who may we share your information with?
4.1. We may transfer to, or share your information with, selected third parties, as follows. We take all reasonable legal, technical and organizational measures to ensure that your data is handled securely and with an adequate level of protection when transferring to or sharing with such selected third parties. We will not sell your personal data to third parties without your consent.
5. Suppliers and subcontractors
5.1. We may share your personal data with suppliers or subcontractors for the performance of our contractual obligations in relation to you and for other purposes set out in this Data Protection Policy.
6.1. We may provide the necessary information to authorities such as any law enforcement authority, police, the tax authorities or other authorities if we are required to do so by law or if you have consent to that we do so.
6.2. An example of a legal obligation to provide information is for anti-money laundering and terrorist financing measures.
7. Where do we process your personal data?
7.1. We always strive to process your data within the EU/EEA. However, in certain situations, the information may be transferred to, and processed in, countries outside the EU/EEA by another supplier or subcontractor. As we are committed to always protecting your data, we will take all reasonable legal, technical and organisational measures to ensure that your data is handled securely and with an adequate level of protection comparable to and at the same level as the protection offered within the EU/EEA.
8. How long do we store your personal data?
8.1. We store your data only for as long as necessary to perform our contractual obligations to you and for as long as required by statutory retention periods. When we store your data for purposes other than our contractual obligations, e.g. to meet anti-money laundering, accounting and regulatory capital requirements, we only save the data for as long as necessary and/or statutory for each purpose.
9. Your rights to access, rectification and deletion of your personal data
9.1. Right to access your personal data
9.1.1. You can request a copy (register extract) of the information you would like to know and verify the information we have about you. The copy is free to request once a year.
9.2 Right to rectification
9.2.1. You have the right to correct incorrect or incomplete information about yourself.
9.3. Right to be erased or deleted
9.3.1. You have the right to request deletion or erasure of your personal data in cases where the information is no longer necessary for the purpose for which it was collected. However, there may be legal obligations that prevent us from immediately deleting parts of your data. These obligations come from accounting and tax legislation, banking and money laundering legislation, but also from consumer law.
For further details, please see the ‘about Hotjar’ section of Hotjar’s support site.
10. Amazon Web Services
10.1 We use Amazon Web Services to store your data within the cloud.
For further details, please see the ‘about AWS support site.