This privacy notice describes how we collect and use personal information about you in accordance with the General Data Protection Regulation (GDPR).
It contains important information on how and why we collect, store, use and share personal information, your rights in relation to your personal information and on how to contact us and supervisory authorities in the event you have a complaint.
FHC collects, uses and is responsible for certain personal information about you. When we do so we are regulated under the FHC Germany which applies across the European Union (including Switzerland) and we are responsible as ‘controller’ of that personal information for the purposes of those laws.
What information do we collect?
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
On our websites we collect and use personal information (including name, address, telephone number and email) in order to:
- Respond to queries or requests submitted by you
- Process orders or applications submitted by you
- Administer or otherwise carry out our obligations in relation to any agreement you have with us
- Anticipate and resolve problems with any services supplied to you
G4S has set our analytics not to expire i.e. the information will be retained in order to allow us to analyse trends in our website usage over time.
Who we share your personal information with
We will share personal information with other FHC businesses as appropriate in order to respond to your queries or requests.
We will share personal information with law enforcement or other authorities if required by applicable law.
We will not share your personal information with any other third party and we will only provide your personal information which we consider is necessary for the performance of that reason.
Whether we need your consent
We do not need your consent if we use special categories of your personal information in accordance with our written policy to carry out our legal obligations. In limited circumstances, we may approach you for your written consent to allow us to process certain particularly sensitive data. If we do so, we will provide you with full details of information that we would like and the reason we need it, so that you can carefully consider whether you wish to consent.
How long your personal information will be kept
We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including the purposes of satisfying any legal, accounting, or reporting requirements.
We will hold personal data for the period we are required to retain this information by applicable German tax law (currently 6 years). In some circumstances we may anonymise your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you.
Transfer of your information out of the EEA
We may transfer your personal information to other FHC businesses which are located outside the European Economic Area (EEA) in order to respond to any queries submitted to us via our website or social channels.
Some FHC countries do not have the same data protection laws as Germany, Switzerland and EEA. Whilst the European Commission has not given a formal decision that such countries provide an adequate level of data protection similar to those which apply in Germany, Switzerland and EEA, any transfer of your personal information will be subject to suitable relevant safeguards eg European Commission approved contract (of the GDPR that are designed to help safeguard your privacy rights and give you remedies in the unlikely event of a misuse of your personal information.
Under the GDPR you have a number of important rights free of charge. Under certain circumstances, you have the right to:
- Request access to your personal information and to certain other supplementary information that this Privacy Notice is already designed to address.
- Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
- Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
- Object to processing of your personal information where we are processing your personal information for direct marketing purposes.
- Object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you.
- Object in certain other situations to our continued processing of your personal information.
- Request the transfer of your personal information to another party.
In some circumstances you can claim compensation for damages caused by our breach of any data protection laws.
If you would like to exercise any of those rights, please:
- email, call or write to us at email@example.com
- let us have enough information to identify you,
- let us have proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill), and
- let us know the information to which your request relates.
In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time.
To withdraw your consent, please contact firstname.lastname@example.org. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.
Keeping your personal information secure
We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
Data protection officer
We have appointed a data protection officer (DPO) to oversee compliance with this privacy notice. If you have any questions about this privacy notice or how we handle your personal information, please contact the DPO by emailing email@example.com
Changes to this privacy notice
This privacy notice was published on 18.07.2018.We reserve the right to update this privacy notice at any time, and we will provide you with a new privacy notice on this page.