EIDOO Sagl, Via Motta 10, 6830 Chiasso, Switzerland, and Eidoo Lithuania UAB, Liepų al. 24, LT-35121 Panevėžys, Lithuania (the "Companies"), collect Personal Data (as defined below) in compliance with the applicable law and regulations, in particular the Swiss Federal Act on Data Protection ("FADP") as well as the General Data Protection Regulation (EU/2016/679) ("GDPR") (together "Data Protection Law").
Pursuant to the Data Protection Law, the following capital terms shall have the meaning indicated here below:
"Personal Data" means any information relating to an identified or identifiable natural or legal person;
"Processing" means any operation or set of operations, performed whether or not by automated means which are applied to Personal Data or sets of Personal Data, such as the collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
“AML” means anti-money laundering.
We collect different information depending on how you use the site and how you interact with us.
Eidoo collects personal data on different ways:
• via the site we may collect data which include:
• via the Eidoo app we may collect data which include:
• via the EidooID app we ask you to provide data required by the AML legislation which include:
Our site is not intended for storing or 'special categories' of personal data, such as details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, health information.
Different personal data is collected in different ways.
You can remove cookies from your computer through the settings on your browser, but be aware that this may impact your ability to make use of some features on this and other web sites. Management of cookie settings varies from one browser to another.
We will only use your information where:
a) You have given us permission to do so
If you sign up to our mailing lists, we will use the personal data in the management of our relationship with you and for communication purposes, including to send you newsletters and invitations to events, training programs or lectures, and to maintain our list of contacts.
If you apply for a position with the Companies, we treat any information you send to us as strictly private and confidential and will only use it in relation to application you have submitted.
b) We have a legitimate interest (reasonable business purpose) for doing so
We will use your information for our legitimate business reasons where our doing so will not unduly affect your rights.
We will use your identity, contact and usage information to keep our records up to date.
We will use your technical information to:
We may also use any or all of the information above to administer and manage our business in general. If you feel that your interests and fundamental rights outweigh our business purposes, and that we should therefore stop processing your data, please let us know.
c) We need to comply with a legal or regulatory obligation
In certain circumstances, we may need to retain or use your data to comply with regulations and/or the law, especially AML laws and regulatory investigations.
We will only retain this data for as long as is necessary to fulfill the purposes for which it was collected or to comply wih legal, regulatory or internal policy requirements.
We will only disclose your personal data where we are required to do so to comply with our legal or regulatory obligations; where we need to do so for business management or administration purposes; or because you have asked us to. This is likely to include:
We may share your personal data with other companies if you have given us permission to do so. This is the case when through EidooID you are asking to have access to the services of a third entity without the need to undo the KYC/AML procedure. In this case, you will execute with the third entity a transaction confirming that you are the identified person and authorizing us to share your KYC/AML file with the third party in order to have access to this third-party services. In this case, the Companies is no more liable for the use of the data done by the third party.
The Companies is part of an international group, this could conduct to an international transfer of personal data.
Should we transfer your data outside Switzerland or the European economic Area to a country which Switzerland or the European Commission does not deem to have adequate data privacy laws, we will ensure that such transfer(s) are in accordance with applicable data privacy laws. In respect of transfers within the Companies Group, we have executed a data transfer agreement giving effect to the Model Clauses pursuant to Commission decision 2004/915/EC.
In respect of transfers outside of the Companies Group, we either implement the Model Clauses pursuant to Commission decision 2004/915/EC or 2010/87/EU (as appropriate) with the recipient of your personal data.
The safety of your personal data is important to us, and we use various technical and organization measures to ensure that your data is secure.
We are committed to safeguarding and protecting personal data and maintain appropriate technical and organizational measures to protect any personal data provided to us from accidental or unlawful destruction, loss, alteration, or unauthorized disclosure. We also have in place safeguards including data encryption in motion and at rest, data access and security monitoring, and 24/7 network security monitoring for breaches or anomalous behavior to ensure the security of your data.
Under Data Protection Law, data subjects have a number of rights with regard to their personal data. They have the right to request from us access to and rectification or erasure of their personal data, the right to restrict or object to processing, as well as in certain circumstances the right to data portability.
If a data subject has provided consent for the processing of their data, he or she has the right (in certain circumstances) to withdraw that consent at any time.
Any data subject wishing to exercise any of the above rights should email us at: email@example.com.
We endeavor to respond to such requests within a month or less, although we reserve the right to extend this period for complex requests. We also reserve the right to charge you a reasonable administrative fee for any manifestly unfounded or excessive requests concerning access to personal data, and for any additional copies of the personal data requested from us.
The Data Controller is the EIDOO Sagl, Via Motta 10, 6830 Chiasso, Switzerland.
The Data Processor are the employee within Eidoo Sagl active within the EidooID Service.
The representative within the union is Eidoo Lithuania, Panevėžio m. sav. Panevėžio m. Liepų al. 24-70.
The contact of the DPO is the following EIDOO Sagl, Data Protection Officer, Via Motta 10, 6830 Chiasso, Switzerland / e-mail: firstname.lastname@example.org.