Privacy Notice
Information on Data Protection for Customers, Suppliers and other Data Subjects
Logen Solutions takes the privacy of your information seriously. We are committed to ensuring that information relating to you and from which you can be identified (known as “personal data”) is protected in accordance with our legal obligations under the EU General Data Protection Regulation (“GDPR”) and other applicable national data protection laws. With this Privacy Notice, we would like to give you an overview of the processing of your personal data by us and your rights under data protection law. Which data exactly are processed and the manner in which they are used is principally determined by the services requested or agreed. Therefore, not every element of this information may be applicable to you.
Who is responsible for data processing?
The responsibility lies with Logen Solutions Korea. For further information on the controller role please contact: dataprotection@logen.co.kr
What kind of personal data do we hold?
We may have received personal data directly from you. We collect different kinds of personal data on you, for example:
-
Name and contact details (e.g. name, email address, company name and/or postal address, telephone number(s))
-
Payment details (e.g. bank details, credit card details, VAT no. or other tax ID)
-
Information on your preferences, including communication channels and frequency
-
Data provided to us e.g. by filling out forms, during events in which you participate or by answering questions of a survey
-
Data relating to our products or services
For which purpose do we process your personal data and why is this justified?
We process personal data in accordance with the provisions of the GDPR and other applicable national data protection laws.
As a result of your consent, Art. 6 (1) (a) GDPR
To the extent, you have consented to the processing of personal data by us for certain purposes (such as marketing, and mailing newsletters), such processing is legitimate based on your consent. Consent once given may be revoked at any time. This also applies to the revocation of declarations of consent given to us before the effective date of the GDPR, i.e. before 25 May 2018. Revocation of consent has an effect only for the future and does not affect the legitimacy of the data processed until revocation.
In order to comply with contractual obligations, Art. 6 (1) (b) GDPR
Personal data are processed for the purpose of providing services in connection with the performance of our agreements with our customers or for performing pre-contractual measures as a result of queries. The purposes of data processing are primarily determined by the specific agreements regarding services or products (such as the purchase of software licenses, subscriptions, or maintenance services) and may, among other things, include administration of contracts.
Within the scope of the balancing of interests, Art. 6 (1) (f) GDPR
To the extent necessary, we will process your personal data beyond the scope of the actual performance of the contract so as to protect the justified interests of our own and of third parties. Please note that, when processing your personal data on this basis, we always seek to maintain a balance between our legitimate interests and your privacy. Examples:
-
Improvement of our products and services
-
Advertising or marketing and opinion research unless you have objected to the use of your data
-
Ensuring IT security and IT operations
-
Prevention and investigation of criminal acts
-
Measures for securing buildings and systems (such as admission control)
-
Measures to protect our domiciliary right
-
Measures for business management and advanced development of services and products.
Who will receive my data?
Within Logen Solutions, those departments will be granted access to your data which require them in order to comply with our contractual and statutory obligations. Further, we may transfer personal data within the Logen Solutions group. Team members responsible for technical support may receive personal data from us.
Will the data be transferred to a third country or an international organization?
No.
For how long will my data be stored?
We process and store your personal data as long as this is required to meet our contractual and statutory obligations. If the data are no longer required for the performance of contractual or statutory obligations, these will be erased on a regular basis unless – temporary – further processing is necessary for the following purposes:
-
Compliance with obligations of retention under commercial or tax law. In general, the time limit specified for respective retention or documentation is two to 15 years.
-
Preservation of evidence under the statutory regulations regarding the statute of limitations. These statutes of limitations may be up to 30 years.
What are my rights under data protection law?
Every data subject has the right of access pursuant to Art. 15 GDPR, the right to rectification pursuant to Art. 16 GDPR, the right to erasure pursuant to Art. 17 GDPR, the right to restriction of processing pursuant to Art. 18 GDPR, the right to object pursuant to Art. 21 GDPR and the right to data portability pursuant to Art. 20 GDPR. Moreover, there is a right to appeal to a competent data protection supervisory authority (Art. 77 GDPR).
Your consent to the processing of personal data granted to us may be revoked at any time by informing us accordingly. This also applies to the revocation of declarations of consent given to us before the effective date of the GDPR, i.e. before 25 May 2018. Please keep in mind that such revocation will be effective only for the future with no impact on processing carried out before the date of revocation.
Am I obliged to provide data?
Within the scope of our business relationship, you are obliged to provide such personal data which are required for commencing, executing and terminating a business relationship and for compliance with the associated contractual obligations. Without these data, we will generally not be able to enter into an agreement with you, to perform under such an agreement or to terminate it.
Information About Your Right to Object Pursuant to Art. 21 GDPR
Right to object based on individual cases
You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you which is based on Art. 6 (1) (f) GDPR (data-processing on the basis of the balancing of interests).
If you do object, we will no longer process your personal data unless we have compelling justified reasons for such processing which take precedence over your interests, rights and freedom or, alternatively, such processing serves to assert, exercise or defend legal claims.
Right to object to processing for the purpose of direct marketing
In individual cases, we will process your personal data for the purpose of direct marketing. You have the right to object at any time against the processing of your personal data for the purposes of such marketing; this also applies for profiling to the extent it is connected to such direct marketing.
If you do object to processing for the purposes of direct marketing, we will refrain from using your personal data for such purposes in the future.
Recipient of an objection
Any objection may be submitted informally under the heading "objection" indicating your name, your email address and should be addressed to: