What is Personal Data?
Personal data is any information relating to personal or material circumstances that relates to an identified or identifiable individual. This includes, for example, your name, date of birth, e-mail address, postal address, or telephone number as well as online identifiers such as your IP address. In contrast, information of a general nature that cannot be used to determine your identity is not personal data. This includes, for example, the number of users of a website.
What are the relevant legal bases?
In accordance with Art. 13 GDPR the following informs you about the legal basis of us processing your data and unless the legal basis is not specifically mentioned, the following applies:
This is where we have asked you to provide explicit permission to process your data for a particular purpose. (Art. 6 Para. 1 lit. and Art. 7 GDPR)
This is where we process your information to fulfil a contractual arrangement we have made with you. (Art. 6 Para. 1 lit. b GDPR)
Answering your business enquiries
This is where we process your information to reply to your messages, e-mails, posts, calls, etc. (Art. 6 Para. 1 lit. b GDPR)
This is where we rely on our interests as a reason for processing, generally this is to provide you with the best products and service in the most secure and appropriate way. (Art. 6 Para. 1 lit. f GDPR). Of course, before relying on any of those legitimate interests we balance them against your interests and make sure they are compelling enough and will not cause any unwarranted harm.
This is where we have a statutory or other legal obligation to process the information, such as for the investigation of crime. (Art. 6 Para. 1 lit. b GDPR)
This is where we process your information for communications about security, privacy and performance improvements of our services. Or for establishing, exercising or defending our legal rights. (Art. 6 para. 1 lit. d GDPR)
Your Rights - GDPR Specific Rights
- You have the right to request confirmation as to whether data in question is being processed and to information about this data, as well as further information and a copy of the data in accordance with Art. 15 GDPR.
- You have according to. Article 16 GDPR the right to request the completion of the data concerning you or the correction of incorrect data concerning you.
- In accordance with Art. 17 GDPR, you have the right to demand that data concerning you be deleted without delay or, alternatively, in accordance with Art. 18 GDPR, to dexmand restriction of the processing of the data.
- You have the right to demand that the data concerning you that you have provided to us be received in accordance with Art. 20 GDPR and to demand that it be transferred to other data controllers.
- You also have the right to lodge a complaint with the competent supervisory authority in accordance with Art. 77 GDPR.
- You have the right to revoke given consents according to Art. 7 para. 3 GDPR with effect for the future.
- You may object to the future processing of data concerning you in accordance with Art. 21 GDPR at any time. The objection can be made in particular against the processing for purposes of direct advertising.
If you wish to rely on any of your data subject rights or have a request, please contact us.
California Specific Rights
- If you are a California resident, you have the following rights:
- You have the right to:
- request, up to two times each year, access to categories and specific pieces of personal information about you that we collect, use, disclose, and sell.
- request that we delete personal information that we collect from you, subject to applicable legal exceptions.
- “opt out” of the “sale” of your “personal information” to “third parties”
- In addition under California’s “Shine the Light” law, California residents who provide personal information (as defined in the statute) to obtain services are entitled to request and obtain from us, once per calendar year, information about the personal information we shared, if any, with other businesses for marketing uses. If applicable, this information would include the categories of personal information and the names and addresses of those businesses with which we shared such personal information for the immediate prior calendar year (e.g., requests made in the current year will receive information about the prior year). To obtain the information about data we hold about you or to effect the opt out, please contact us.
What are the purposes for processing?
Provision of the online offer, its contents and the website functions. Provision of contractual services, service and customer care. Answering contact enquiries and communication with users. Marketing, advertising and market research. Security measures.
What Personal Data is Collected? Information you provide to us
When you participate in, access, request or use any of our services, activities or online content, we receive personal information about you which we use to provide these services. This may consist of data such as your name, email address, postal address and telephone number.
Content you share with us
When you participate in, access, request or use any of our services, activities or online content, we receive personal information about you which we use to provide these services. This may consist of data such as your name, email address, postal address and telephone number.
Information collected online
We automatically collect personal data (technical and usage) when you browse or interact with our website, by using cookies, and other similar technologies. We may also receive technical data about you if you visit other websites which use our cookies.
We use web beacons in our emails to track the success of our marketing campaigns. If you open an email from us, we can see which of the pages of our website you visited. Our web beacons don’t store any information on your computer but communicate with our cookies and tell us when you have opened an email from us. Data collected is linked, for example if you have used our service and later choose us again, we will link your data and treat that linked data as Personal Data.
How personal data is collected, We collect personal data in the following ways:
- Direct interactions you may provide personal data when you complete online forms, request products/services, use our contact form or otherwise or correspond with us (by post, phone or email).
- Automated Technology we automatically collect personal data (technical and usage) when you browse or interact with our website, by using cookies, and other similar technologies. We may also receive technical data about you if you visit other websites which use our cookies.
General information on data processing
- In the course of our business and website operations, we process data. This also includes disclosure by transmission to third parties and, where applicable, to so-called third countries outside the USA, India and the EEA. Where we transfer data outside Switzerland or EEA, we have highlighted this accordingly below.
- All personal data that we obtain from you via the website will be processed for the purposes described in more detail below. This is done within the framework of the respective legal regulations mentioned above or with your consent. In particular, only when data processing is permitted and if:
- you have given your consent, the data is necessary for the fulfilment of a contract / pre-contractual measures, the data is necessary for the fulfilment of a legal obligation or the data is necessary to protect the legitimate interests of our company, provided that your interests are not overridden.
- SwagClix processes and stores your personal data only for the period of time required to achieve the respective processing purpose or for as long as a legal retention period (in particular commercial and tax law) exists. Once the purpose has been achieved or the retention period has expired, the corresponding data is routinely deleted.
Processing of Automatically Collected Data
- a) Hosting To provide our website, we use the services of Digital Ocean who process the below-mentioned data and all data to be processed in connection with the operation of our website on our behalf. The legal basis for the data processing is our legitimate interest in providing our website Log file information is stored for security reasons (e.g., for the clarification of abuse or fraud) for a maximum of 7 days and then deleted. Data whose further storage is necessary for evidentiary purposes is exempt from deletion until the respective incident is finally clarified. The legal basis for the data processing is our legitimate interest in providing an appealing website.
- b) Collection of access data and log files We also collect data on every access to our website. The access data includes the name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the requesting provider,
- d) Google Analytics On our website we use Google Analytics, a web analytics service provided by Google, Inc. Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about the use of this website by the users is usually sent to a Google server in the USA. The legal basis for the data processing is your consent.
- e) Google TagManager We use Google Tag Manager, a web analytics service provided by Google, Inc. This service allows website tags to be managed via an interface. The Google Tag Manager only implements tags. No cookies are set, and no Personal Data is collected. The Google Tag Manager triggers other tags that may collect data. The Google Tag Manager does not access this data. If a deactivation has been made at domain or cookie level, it remains in place for all tracking tags, insofar as these are implemented with the Google Tag Manager. More information on the Google Tag Manager can be found at the following link: http://www.google.com/tagmanager/use-policy.html. The legal basis for this processing is our legitimate interest.
- f) Google Fonts We integrate the fonts of the provider Google Inc, whereby the user's data is used solely for the purpose of displaying the fonts in the user's browser. The integration is based on my legitimate interest in a technically secure, maintenance-free and efficient use of fonts, their uniform display and taking into account possible licensing restrictions for their integration. The legal basis for this processing is our legitimate interest.
- g) reCAPTCHA We also use Google`s reCAPTCHA from Google Inc of 1600 Amphitheatre Parkway Mountain View, CA 94043, US to check whether data input is made by a human being or by an automated program. For this purpose, reCAPTCHA analyses the behavior of the website visitor on the basis of various characteristics. This analysis begins automatically as soon as the website visitor enters the website. The legal basis for the data processing is our legitimate interest in operating a secure and spam free website
What Personal Data do we process?
We may process the following data which may contain Personal Data: information that you provide by filling in forms, including information provided at the time of contacting us, subscribing to any services provided by us, posting material, reporting a problem, or requesting further services; information, data, documents or images that you share with us; details of transactions you carry out with us when you use services we offer; details of your visits to our website, resources that you access and actions you are working on through the website; if you contact us, a record of that correspondence; and We process Personal Data within the scope of our services. In doing so, we process: inventory data (e.g., customer master data, such as names or addresses), contact data (e.g., e-mail, telephone numbers), contract data (e.g., subject matter of contract, term), payment data (e.g., bank details, payment usage data and metadata (e.g., in the context of you visiting our website).
Data processing when you submit it to our website and when you use our services.
When you contact us through our website or use our services, some data is collected and processed by us or on our behalf by our selected third-party providers.
- a) Contacting us If you contact us, we process the following data from you for the purpose of processing and handling your request: first name, last name, e-mail address, and, if applicable, other information if you have provided it, and your message. The legal basis for the data processing is our obligation to fulfill the contract and/or to fulfill our pre-contractual obligations and/or our overriding legitimate interest in processing your request.
- b) Data management and customer support For optimal customer support, we use first name, last name, e-mail address, and the data related to your contract with us. Your data may be stored on our website and or our customer relationship management system ("CRM system"). This data processing is based on our legitimate interest in providing our customer service.
- c) Contract processing We process your first name, last name, e-mail address, and the data related to your contract with us data to handle the contractual relationship between you and us. The legal basis for the data processing is the fulfillment of our contractual obligations and, in individual cases, the fulfillment of our legal obligations.
- d) When using our services including surveys We process the data of our clients and registered users, in order to be able to provide our contractual services as well as to ensure the security of our services and to be able to develop it further. The required information is identified as such in the context of the order, purchase order or comparable contract conclusion and includes the information required for the provision of services and billing as well as contact information. Unless otherwise specified the purposes of processing are contractual performance and service, contact requests and communication, office and organizational procedures, administration, and response to requests, visit action evaluation, interest-based and behavioral marketing, profiling. The legal basis for the data processing is the fulfillment of our contractual obligations and, in individual cases, the fulfillment of our legal obligations as well as your Consent
Duration of data storage
We only store personal data for as long as it is necessary for the purposes for which it is processed or for as long as any consent you have given us has been revoked by you. Insofar as statutory retention obligations must be observed, the storage period for certain data may be up to 10 years, irrespective of the processing purposes.
Transfer of personal data
We will not disclose or otherwise distribute your personal data to third parties unless this: is necessary for the performance of our services, you have consented to the disclosure, or the disclosure of data is permitted by relevant legal provisions. However, we are entitled to outsource the processing of your personal data in whole or in part to external service providers acting as processors within the framework of the DOPPA and GDPR. External service providers support us, for example, in the technical operation and support of the website, data management, the provision and performance of services, marketing, as well as the implementation and fulfilment of reporting obligations.
The service providers commissioned by us however will process your data exclusively in accordance with our instructions and we remain in accordance with the DOPPA and GDPR responsible for the protection of your data. Doing so we always make sure that service providers commissioned by us are carefully selected, follow strict contractual regulations, technical and organizational measures, and additional controls by us.
We may also disclose Personal Data to third parties if we are legally obliged to do so e.g., by court order or if this is necessary to support criminal or legal investigations or other legal investigations or proceedings at home or abroad or to fulfil our legitimate interests.
Automated decision-making including profiling does not take place at SwagClix.
Your data subject rights
- the right to rectification,
- the right to erasure,
- the right to restriction of data processing,
- the right to data portability,
- the right to object to data processing,
- the right to revoke any consent you have given, and
- the right to lodge a complaint with the competent supervisory authority
These rights are standardized in the DOPPA and GDPR. These include: the right to information,
Please contact us at any time with questions and suggestions regarding data protection and to enforce your rights as a data subject. We encourage you to contact us if you have any information requests, requests for information or objections about data processing or concerns. However, you also have the right to file a complaint with your local supervisory authority. However, we would appreciate it if you would contact us with your concern before turning to a supervisory authority.
Exercising Your Privacy Rights
You may also designate an authorized agent to make a request on your behalf as provided under California law and we reserve the right to request proof of such authorization. Further, you can also make a verifiable consumer request on behalf of your minor child. However, please note that we cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm that the personal information relates to you, or if you do not provide us with sufficient detail to allow us to understand and respond to your request. Our response will explain any reasons we cannot comply with a request, if applicable.
Updating your information
If you believe that the information, we hold about you is inaccurate or that we are no longer entitled to use it and want to request its rectification, deletion, or object to its processing, please do so by contacting us. For your protection and the protection of all of our users, we may ask you to provide proof of identity before we can answer the above requests. Keep in mind, we may reject requests for certain reasons, including if the request is unlawful or if it may infringe on trade secrets or intellectual property or the privacy of another user. Also, we may not be able to accommodate certain requests to object to the processing of personal information, notably where such requests would not allow us to provide our service to you anymore.
Personal information and children
Our services are aimed at people aged 18 and over. We will not knowingly collect, use or disclose personal information from minors under the age of 18 without first obtaining consent from a legal guardian through direct offline contact.
Online presences in social media
We take appropriate technical and organizational measures in accordance with Article 32 of the GDPR, taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of the processing, as well as the varying likelihood and severity of the risk to the rights and freedoms of natural persons, in order to ensure a level of protection appropriate to the risk; the measures include, in particular, ensuring the confidentiality, integrity and availability of data by controlling physical access to the data, as well as access concerning them, input, disclosure, ensuring availability and their separation.
Furthermore, we have established procedures to ensure the exercise of data subjects' rights, deletion of data, and response to data compromise. Furthermore, we already take the protection of personal data into account during the development and selection of hardware, software and processes, in accordance with the principle of data protection through technology design and through data protection-friendly default settings (Art. 25 GDPR).
When do we disclose your Personal Data?
We disclose your Personal Data in response to your business enquiry or your request for information within our Company in order to provide the best service possible and within our legitimate interest. We may share your information with organizations that help us provide the services described in this policy and who may process such data on our behalf and in accordance with this policy, to support this website and our services. For example, with our legal other professional advisors. In relation to information obtained about you from your use of our website, we may share a cookie identifier and IP data with analytic and advertising network services providers to assist us in the improvement and optimization of our website which is subject to our Cookies Policy.
We may disclose personal information in other circumstances such as when you agree to it or if the law, a Court order, a legal obligation or regulatory authority ask us to. If the purpose is the prevention of fraud or crime or if it is necessary to protect and defend our right, property or personal safety of our staff, the website and its users.
If, in the course of our processing, we disclose data to other persons and companies (processors or third parties), transmit it to them or otherwise grant them access to the data, this will only be done on the basis of a legal permission (e.g. if a transmission of the data to third parties, such as to payment service providers, pursuant to Art. 6 para. 1 lit. b GDPR is necessary for the performance of a contract), you have consented, a legal obligation provides for this or on the basis of our legitimate interests (e.g. when using agents, hosting providers, tax, business and legal advisors, customer care, accounting, billing and similar services that allow us to efficiently and effectively fulfill our contractual obligations, administrative tasks and duties). If we entrust third parties with the processing of data on the basis of a so-called "processing agreement", this is done on the basis of Art. 28 GDPR.
Transfers To Third Countries
If we process data in a third country (outside the USA, the EU or India) or if this happens in the context of using third-party services or disclosing, or transferring data to third parties, this will only happen if it is done to fulfill our (pre)contractual obligations, on the basis of your consent, due to a legal obligation or on the basis of our legitimate interests. Subject to legal or contractual permissions, we process or allow the processing of data in a third country only if the special requirements of Art. 44 et seq. GDPR are met. I.e. the processing is carried out, for example, on the basis of special guarantees, such as the officially recognized determination of a level of data protection or compliance with officially recognized special contractual obligations (so-called "standard contractual clauses").
How Long Do We Keep Your Data
Business Analyses And Market Research
In order to operate our business economically and to be able to recognize market trends, customer and user wishes, we analyze the data we have on business transactions, contracts, inquiries, etc.. In doing so, we process inventory data, communication data, contract data, payment data, usage data, metadata on the basis of Art. 6 para. 1 lit. f. GDPR, whereby the data subjects include customers, interested parties, business partners, visitors and users of the online offer. The analyses are carried out for the purpose of business management evaluations, marketing and market research. In doing so, we may take into account the profiles of registered users with details of, for example, their purchase transactions. The analyses serve us for the increase of the user friendliness, the optimization of our offer and the business management. The analyses serve us alone and are not disclosed externally, unless they are anonymous analyses with aggregated values. If these analyses or profiles are personal, they will be deleted or anonymized upon termination of the user, otherwise after two years from the conclusion of the contract. Otherwise, the overall business analyses and general tendency analyses shall be prepared anonymously, if possible.
If we provide advance services, we reserve the right to obtain identity and credit information for the purpose of assessing the credit risk on the basis of mathematical-statistical methods from specialized service providers (credit agencies) in order to protect our legitimate interests. We process the information received from the credit agencies about the statistical probability of a payment default within the framework of an appropriate discretionary decision about the establishment, implementation and termination of the contractual relationship. We reserve the right to refuse payment on account or any other advance payment in the event of a negative result of the credit check. The decision as to whether we provide advance services shall be made solely on the basis of an automated decision in individual cases, which our software shall make on the basis of the information provided by the credit agency, in accordance with Article 22 of the GDPR.
If we obtain explicit consent from you, the legal basis for the transmission of the customer's data to the credit agencies is consent pursuant to Art. 6 (1) lit. a, 7 GDPR. If no consent is obtained, our legitimate interests in the default security of their payment claim is the legal basis pursuant to Art. 6 para. 1 lit. f. GDPR.
Collection Of Access Data And Log Files
We collect on the basis of our legitimate interests within the meaning of Art. 6 para. 1 lit. f. GDPR, we collect data about each access to the server on which this service is located (so-called server log files). The access data includes the name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the requesting provider. Log file information is stored for security reasons (e.g. for the clarification of abuse or fraud) for a maximum of seven days and then deleted. Data whose further storage is required for evidentiary purposes is exempt from deletion until final clarification of the respective incident
Online Presences In Social Media
We maintain online presences on the basis of our legitimate interests within the meaning of Art. 6 para. 1 lit. f. GDPR, we maintain online presences within social networks and platforms in order to be able to communicate with the customers, interested parties and users active there and to inform them about our services there. When calling up the respective networks and platforms, the terms and conditions and data processing policies of their respective operators apply. Unless otherwise stated in our data protection policy, we process the data of users if they communicate with us within the social networks and platforms, e.g. write posts on our online presences or send us messages.
Integration Of Services Of Third Parties
We use within our online offer on the basis of our legitimate interests (i.e. interest in the analysis, optimization and economic operation of our online offer within the meaning of Art. 6 para. 1 lit. f. GDPR), we use content or services offered by third-party providers in order to integrate their content and services, such as videos or fonts (hereinafter uniformly referred to as "content"). This always requires that the third-party providers of this content are aware of the IP address of the user, since without the IP address they could not send the content to their browser. The IP address is thus required for the display of this content. We endeavor to use only such content whose respective providers use the IP address only for the delivery of the content. Third-party providers may also use so-called pixel tags (invisible graphics, also known as "web beacons") for statistical or marketing purposes. The "pixel tags" can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user's device and may contain, among other things, technical information about the browser and operating system, referring websites, time of visit and other information about the use of our online offer, as well as be linked to such information from other sources. The following presentation provides an overview of third-party providers and their content, along with links to their data protection policies, which contain further information on the processing of data and, in part already mentioned here.
If you are a registered user, you may access certain information associated with your Account by logging into our Services or emailing us. If you terminate your Account, any public activity on your Account prior to deletion may remain stored on our servers and may remain accessible to the public. To protect your privacy and security, we may also take reasonable steps to verify your identity before updating or removing your information. The information you provide us may be archived or stored periodically by us according to backup processes conducted in the ordinary course of business for disaster recovery purposes. Your ability to access and correct your information may be temporarily limited where access and correction could: inhibit our ability to comply with a legal obligation; inhibit our ability to investigate, make or defend legal claims; result in disclosure of personal information about a third party; or result in breach of a contract or disclosure of trade secrets or other proprietary business information belonging to us or a third party. Please contact us at any time if you would like to find out what personal data we are storing about you or if you would like to have it corrected or deleted. Furthermore, you have the right to restrict processing (Art. 18 GDPR), the right to object to processing (Art. 21 GDPR) and the right to data portability (Art. 20 GDPR). In these cases, please contact us directly.
It is important that the data we hold about you is accurate and current, therefore please keep us informed of any changes to your personal data
Our website is not intended for children and we do not knowingly collect data relating to children. If you become aware that your Child has provided us with Personal Data, without parental consent, please contact us and we take the necessary steps to remove that information from our server.
Processing of special categories of data
No special categories of data are processed.
What are cookies?
Cookies are small text files sent to your device by the Site. Cookies are uploaded onto your device, thus allowing the Site to recognize you and store certain information concerning you, in order to permit or improve the service offered. A cookie will usually contain the name of the website from which the cookie has come from, the "lifetime" of the cookie (i.e. how long the cookie will remain on your device), and a value, which is usually a randomly generated unique number. As regards the lifetime of cookies, two types of cookies may be used, "session cookies" and "persistent cookies". Session cookies are automatically deleted at the end of your browsing session. Persistent cookies remain longer on your device, for the duration of each specific cookie, and will remain valid until its set expiry date (unless deleted by the user before the expiry date).
Cookies can be used by web servers to identify and track users as they navigate different pages on a website and identify users returning to a website. Cookies do not contain any information that personally identifies you, but personal information that we store about you may be linked to the information stored in and obtained from cookies.
We also use other types of tracking technologies, such as flash cookies, server logs, web beacons or pixel gifs in connection with our website and services. These technologies are similar to cookies in that they are stored on your device and can be used to maintain information about your activities and preferences.
What types of cookies does the Site use and what are they for?
We may use different types of cookies. We may use what we call "required" cookies to enable core site functionalities, such as logging-in and completing an Order for Products. These cookies do not collect personal information for marketing purposes and cannot be disabled. Functional cookies provide more advanced functions, such as remembering log-in details, remembering what is in your shopping cart and remembering your preferences such as language and country, analyzing Site usage to measure and improve performance. Also, these cookies do not collect information that can identify users. We may use different types of cookies. We may use what we call "required" cookies to enable core site functionalities, such as logging-in and completing an Order for Products. These cookies do not collect personal information for marketing purposes and cannot be disabled. Functional cookies provide more advanced functions, such as remembering log-in details, remembering what is in your shopping cart and remembering your preferences such as language and country, analyzing Site usage to measure and improve performance. Also, these cookies do not collect information that can identify users. In any case, our cookies do not run programs on users' device nor upload viruses on it, and do not allow any kind of control over the device. Cookies commonly used on this Site are listed in the table below. From time to time, we may also use additional cookies and tracking technologies not listed in this table. You may obtain an updated list of all cookies and tracking technologies used on this Site at the time of your visit upon request by contacting us. Cookie (Google Analytics): _gid; _ga; When you visit the Site, you may receive cookies from third party websites or domains. We do not control the placing of these cookies and you should check the relevant third party's website for more information about these cookies. The relevant third party is responsible for providing you with information regarding the cookies they place and obtaining your consent before placing cookies on your device.
How can you control cookies? Your cookie preferences
By clicking the "cookie preferences" button on the Site's Cookie Banner, you may choose whether the Site will use "Functional" cookies and/or "Advertising" cookies, as described above. The "cookie preferences" function available on the Site's Cookie Banner will inform you of which functionalities are available to you or not depending on the types of cookies you choose to authorize the Site to use.
Personal Identity Information (PII) Statement Commercial Partners:
Individual(s) or companies that have been approved by us as a recipient of organizational PII and from which SwagClix has received confirmation of their data protection practices conformance with the requirements of this policy. Commercial Partners include all external providers of services to SwagClix and include proposed Commercial Partners. No PII information can be transmitted to any vendor in any method unless the vendor has been pre-certified for the receipt of such information.
All new hires entering SwagClix who may have access to PII are provided with introductory training regarding the provisions of this policy, a copy of this policy and implementing procedures for the department to which they are assigned. Employees in positions with regular ongoing access to PII or those transferred into such positions are provided with training reinforcing this policy and procedures for the maintenance of PII data and shall receive annual training regarding the security and protection of PII data and company proprietary data
SwagClix conducts audits of PII information maintained by SwagClix in conjunction with fiscal year closing activities to ensure that this policy remains strictly enforced and to ascertain the necessity for the continued retention of PII information. Where the need no longer exists, PII information will be destroyed in accordance with protocols for destruction of such records and logs maintained for the dates of destruction.
Databases or data sets that include PII may be breached inadvertently or through wrongful intrusion. Upon becoming aware of a data breach, SwagClix will notify all affected individuals whose PII data may have been compromised, and the notice will be accompanied by a description of action being taken to reconcile any damage as a result of the data breach. Notices will be provided as expeditiously as possible.
Confirmation of Confidentiality:
All company employees must maintain the confidentiality of PII as well as company proprietary data to which they may have access and understand that that such PII is to be restricted to only those with a business need to know. Employees with ongoing access to such data will sign acknowledgement reminders annually attesting to their understanding of this company requirement.
Violations of PII Policies and Procedures:
SwagClix views the protection of PII data to be of the utmost importance. Infractions of this policy or its procedures will result in disciplinary actions under SwagClix discipline policy and may include suspension or termination in the case of severe or repeat violations. PII violations and disciplinary actions are incorporated in SwagClix PII onboarding and refresher training to reinforce SwagClix continuing commitment to ensuring that this data is protected by the highest standards.
Concerns and Contact
If you have any concerns about a possible compromise of your privacy or misuse of your personal information on our part, or any other questions or comments, you can contact us: email@example.com
Who should I contact for more information?
Any comments or queries on this policy should be directed to us using the following contact details: firstname.lastname@example.org
Last Update: 21-01-2023