Privacy Policy

We value our clients privacy

 


GENERAL DATA PROTECTION REGULATION (GDPR)

WHO IS PROCESSING YOUR DATA?

North Star Support Group („NSSG”) is an international security company globally providing a wide range of mitigation support services.
We value and respect the privacy of your data thus we integrated privacy principles and policies in our daily work flow. Our privacy policies focus on legally processing, stocking and, if needed, accordingly exchanging personal data.

NSSG privacy policy is to be followed by all employees and applies to our Africa & Middle East chapter in Cairo, as NSSG represents the common term referring to North Star Support Group business activities.

NSG declares as Headquarter the Bucharest Office in Popa Nan Street, 169, Bucharest Romania, P.O. Box 030582, contact info +40 21 795 7601, servicedesk@nsgconsult.com and Africa & Middle East Office in Cairo, Egypt.

PRINCIPLES

NSSG privacy policy is based on data protection principles listed below:
• Personal data processing will be done in a legal, correct and transparent manner.
• Personal data collecting will be done only in legitimate, explicit and specified purposes and data will not be further processed in any other manner that does not comply to these purposes. Data will be collected in a relevant and proper manner.
• Personal data have to be correct and updated when necessary.
• All necessary measures will be taken in order to assure that incorrect data will be deleted or corrected as soon as observed.
• Personal data will be kept in an ordered manner and not longer than the purpose mentioned requires or longer than specified.
• All personal data will be kept confidential and stored in a secured manner.
• Personal data will not be revealed to any third parties if not required and in agreement’s purpose only.
• Persons concerned have the right to request access to personal data, as well as correction and deletion of their data. Moreover, persons can request a processing and transfer restriction of their data.

WHAT PERSONAL DATA WE PROCESS

Generally, NSSG collects the following personal data: name, date of birth, address, contact info (e-mail, phone number), identity data (passport number, identity card number, driver’s licence.

Type of processes that require data processing are in relation to our clients, our partners, our local providers, as well as the employees and collaborators of NSSG. Each process uses different way of data collecting that are helping to improve our services in implementing our security services, facilitating a secure journey management and improving our communication and relation towards our clients, providers and other collaborators. Other purposes may include business statistics, administrative procedures, IT and cybersecurity procedures, authentication systems, physical security, support systems as well as usual processes that are requested in work flow.

Processed data will only follow the mentioned purpose, which is legitimate and explicit, or for a requested purpose accordingly to local laws required by the national legislature in countries where we are active.

WHICH ARE THE AIMED PERSONS

Among the aimed persons that NSSG collects and processes personal data we list employees, partners, collaborators, clients and general public.
Any of the listed cases are following the privacy policy and technical procedures to collect, store and delete the personal data of the persons mentioned above.

PERSONAL DATA PROCESSION PURPOSES

Personal data will be processed only in the following cases that requires it:
• Business projects management and implementation
• Employees, collaborators and providers management
• Contracts management and implementing process
• Informing
• Site’s management and running
• Clients communication and informing both in project’s implementation and preparation and in providing requested information prior to project’s debut.
• Implementing a common project will require contractual and financial exchange of data that we will process and store according to our privacy policy.

We request from our partners and collaborators to follow our privacy policy principles so that common data processes and exchanged with them in the requires processes are safely managed and stored.

Your data won’t be provided to any 3rd parties except the situation requires it and not prior to ensure that the partner and collaborator acknowledges our privacy policy and implements its principles. Moreover, we have developed a Non-Disclosure Agreement (NDA) that helps us secure our clients sensitive information regarding business activities and staff safety. The NDA is part of our usual documentation when we open a new collaborator relation and when we develop a new partnership. Through this measure we take the necessary measures to prevent any sensitive information leak.

HOW LONG ARE PERSONAL DATA STORED?

NSSG stores personal data on a determined period of time that is legitimate, transparent and that is corresponding our common activities and projects implementation. After projects implementation and activities completion, data will be kept for a reasonable period of time, having the clients approval and maintaining a safe management storage.

PERSONAL DATA PROCESSING GROUND

NSSG bases personal data processing on the following grounds that the data protection regulation provides:
Execution of contracts – personal data are required in order to generate a contract between NSSG and clients/collaborators/partners and employees
Legal obligations – personal data will be part of financial documentation that state’s fiscal authorities require in order to prove the legitimacy of our company activities.
Consent – the legal ground based on which we collect, store and process personal data is the explicit consent of the interested person whether it is our client/ collaborator/ partner or employee.
Situations that require consent and personal data providing are:
• Site registration and Hercules application account management;
• Communication and information providing to our clients/ collaborators/ partners and employees while implementing common activities.
• Response management when required by our clients/ collaborators/ partners and employees regarding our common activities and their data procession.
• Common activities will require use of data in line with the implementation process of our project’s objectives. Local, national and international authorities might require proof of contracts and other type of documentations in order to proceed with our project’s activities.
Legitimate interest – legal ground in processing personal data of our clients/ collaborators/ partners and employees is legitimate interest of NSSG regarding.
&bulletCommunicate and inform our clients on their best interest solutions in current projects and activities, as well as, other type of activities that regard our client interest.
&bulletCommunicate and inform our partners and collaborators about any opportunity or change that directly affects our common projects and activities or that might develop new common projects.

PERSONAL DATA TRANSFER

NSSG data are mainly processed and store in Romania, part of European Union and obeying European legislation. Our international partners are aligned with our privacy policy so that when situations require us to transfer data outside the EU space, we are taking the safety measures over data protection. Part of our regular safety management is the NDA that protects sensitive information from being displayed by our worldwide partners and collaborators. The NSSG NDA is both ensuring our data safety and our clients personal data protection, as well as, providing an easy framework to align our international activities to GDPR requirements.

COMPLAINTS

NSSG clients have the right to request information about their personal data collect-process-storage activities and we ensure to provide an answer in appropriate time and following our privacy policy procedures. The same procedure is available for our partners and collaborators both from EU space and international parties. In the improbable case in which our clients have suffered damage by eventual gaps in managing data protection privacy policy and NSSG did not comply in a remedial action, clients have the right to appeal competent authorities in the matter.
Eventual complains can be sent to our Data Protection Officer, Liliana Geru, e-mail: dataprotection@nsgconsult.com.

HOW DOES NSSG PROTECTS PERSONAL DATA?

NSSG takes technical and procedural measures to ensure that collected, processed and stored data are safely managed. By this we prevent any cases of lost, falsification, destruction of information or illegitimate access to data. Both employees and partners and collaborators of NSSG are obliged to conform our privacy policy regarding data management and have the information required to do so. Technical security measures are taken to ensure that data cannot be abusively accessed. Our website’s firewall and control procedures contribute to a safe display of public information and data gathering.

NSSG team follows secure procedures while using and analysing data by ensuring a security over their operating systems hardware and software. While printed information is stored only in organised manner and inside NSSG office. Our office has tailored security measures such as an surveillance system and personnel access distinct from visitors access.

WHAT ARE MY PERSONAL DATA RIGHTS?

According to GDPR personal data has the following rights protected and assured.

Right of access: this right assures access to informing whether personal data are collected and processed and, if so, the right to be sent a copy of data that is used by NSSG regarding your personal data.
Right of correction/rectification: if by consulting your data stored by NSSG, you encounter incorrect or incomplete data, you have the right to inform us how to correct or complete the data regarding your personal data profile. If you already have access to modify or complete your personal data profile, while using our travel application, please do so in order to receive a best solution from our team.
Right of partial or complete deleting of data: data that are no longer necessary and that are no longer used in the expressed objective of our common projects and activities, can be partial or complete deleted based on a direct request.
Right of usage limitation: personal data gathered can be accessed and, if needed, can be further used in a limited or restricted manner through a direct request at our data protection e-mail address.
Right of portability: personal data stored online are under the effect of portability right and can be requested through a direct message to be provided in a formatted and accessible way.
Right of opposition: personal data can be restricted from processing based on the right of opposition, even when processing regards legitimate right of NSSG or is of public interest. In such a situation, NSSG will take follow on your request, except the cases where there are explicit requests from a competent authority or the data is already part of claiming request and response procedure.
Automated individual decisions: automated processing of data can be restricted by request, exceptions can be made if the automatised process is required by the common contract signed with NSSG where data protection is assumed.
Right of complaint: complains can be forwarded to our DPO assigned team member through our dedicated e-mail address: dataprotection@nsgconsult.com. Your request will be processed and might require a proof of identity, in order to verify that the request is made by the legitimate person. If necessary, you have the right to consign a complaint to National Supervision Authority of Personal Data Processing (Autoritatea Nationala de Supraveghere a Prelucrarii Datelor cu Caracter Personal) that has office in Bucharest, Romania at Blvd. General Gheorghe Magheru, 28-30, sector 1 or following procedures of its website: www.dataprotection.ro.

WEBSITE COOKIES POLICY


NSSG website collects and process data through cookies in order to ensure a better quality of information and promotion of our security services and methods. Improving public experience while navigating through NSSG site might require a constant adaptation to our public’s choices when it comes to online informing behaviour. This process helps us develop tailored services and informing products that can deliver the best security solution for our international public.

Cookies tool collects and analyse the following data while navigating our website: Internet Protocol (IP) address, browser type, Internet Service Provider (ISP), visited pages, exit pages, operating systems, data and hour of visit, time spent on our website, clicks done on our website. These information helps us understand what are the services that respond to the international market needs over security products and what is our client’s profile overview. Based on this analysis we further develop and improve our services, products and our communication and informing style.

Further information and specific questions can be directly requested to our dedicated address: dataprotection@nsgconsult.com.