In order to service our clients the Optionlounge (hereinafter “theOptionlounge” “we” or “us”) needs to collect personal data from our clients and/or potential clients, contact persons at suppliers and/or other business partners. TheOptionlounge also processes personal data about employees for the purpose of personnel administration. In light of the above, theOptionlounge Group wants to ensure a high level of data protection as privacy is a cornerstone in gaining and maintaining the trust of our clients and/or potential clients, contact persons at suppliers and/or other business partners and thus, ensuring theOptionloungefuture business. The same applies to the processing of personal data about the employees..
Protection of personal data requires among other things that appropriate technical and organisational measures are implemented to demonstrate a high level of data protection. theOptionlounge Group has adopted a number of internal and external data protection policies, which must be followed by employees of theOptionlounge Group.
Personal data can be categorized as ordinary non-sensitive personal data or special categories of personal data (sensitive personal data). Special categories of personal data are exhaustively outlined in the GDPR and include personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, bio-metric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation. Ordinary non-sensitive personal data include all information that is not categorized as special categories of personal data (sensitive personal data). Such information can be name, address, telephone number, employee id, information about education, etc. Certain ordinary non-sensitive personal data may be considered confidential. This may, for instance, include information on income and wealth, and information on internal family relationships/matters. Confidential, ordinary non-sensitive data are normally subject to further security measures.
TheOptionlounge is in most cases processing personal data as a data controller, as theOptionlounge determines the purposes and means of the processing of personal data, e.g. when the processing relates to theOptionlounge clients, other business partners and employees.
An external data processor is a company, which processes personal data on behalf of theOptionlounge and in accordance with the Optionlounge documented instructions, including for theOptionlounge purposes and by means set-out by theOptionlounge , e.g. in relation to providers of HR systems, third party IT providers, etc. When theOptionlounge outsources the processing of personal data to data processors, theOptionlounge ensures that said company as a minimum implements the same degree of security measures for the protection of personal data protection as theOptionlounge . If this cannot be guaranteed, theOptionlounge will choose another data processor. The processing by a data processor is governed by a data processing agreement. support@Protradecloud.com
When theOptionlounge Group processes, including collects and registers personal data about data subjects, theOptionlounge Group is obligated to inform such persons about the following: The purposes of the processing for which the personal data are intended as well as the legal basis for the processing; the categories of personal data concerned; the legitimate interests pursued by theOptionlounge Group, if the processing is based on a balancing of interests; the recipients or categories of recipients of the personal data, if any; where applicable, the fact that theOptionlounge Group intends to transfer personal data to a third country and the legal basis for such transfer; the period for which the personal data will be stored, or if that is not possible, the criteria used to determine that period; the existence of the right to request from theOptionlounge Group access to and rectification or erasure of personal data or restriction of processing concerning the data subject or to object to processing as well as the right to data portability; where the processing is based on the data subject’s consent, the existence of the right to withdraw consent at any time, however, without affecting the lawfulness of processing based on consent before its withdrawal; the right to lodge a complaint with theOptionlounge Group via the correct procedure or with a supervisory authority; whether the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract, as well as whether the data subject is obliged to provide the personal data and of the possible consequences of failure to provide such data; the existence of automated decision-making, including profiling, and meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.