Defining the policy in place at Asian Absolute Limited (“we”, “us”, “our”) to protect the privacy and security of personal data.
As a UK headquartered-company we comply with the General Data Protection Regulation (GDPR). This means your information is being securely protected, processed and stored. This policy will tell you what, how, why, where and when we interact with data recognized as Personal Identifiable Information (PII).
Asian Absolute Limited, as a GDPR compliant organization will make sure to:
- Always treat your data lawfully
- Store you data securely
- Keep your information securely for as long as it is needed by contract or by law
- Keep records of who accesses your data
- Give you access to your data and give you the right to request changes in how we use your data
- Report any data breaches
At Asian Absolute Limited we adopted the European standards as a benchmark for best practice company-wide, but where required we adapt our practices for the laws of the different countries in which we operate.
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data). There are certain types of more sensitive personal data, which require a higher level of protection, such as information about a person’s health or sexual orientation. Information about criminal convictions also warrants this higher level of protection.
We may collect, store, and use relevant personal information about you if you are an employee, a client or a supplier.
We collect personal information about employees and suppliers through the application and recruitment process, either directly from candidates or sometimes from an employment agency or background check provider. We may sometimes collect additional information from third parties including former employers, credit reference agencies or other background check agencies.
We will also collect and process personal information in the course of job-related activities throughout the period of your contract with us.
We will only use your personal information when the law allows us to. Most commonly, we may use your personal information in the following circumstances:
- Where we need to perform the contract we have entered into with you.
- Where we need to comply with a legal obligation.
- Where it is necessary for legitimate interests pursued by us or a third party and your interests and fundamental rights do not override those interests.
We collect and process data primarily to allow us to perform our contract with you and to enable us to comply with legal obligations. In some cases we may use your personal information to pursue legitimate interests, if we had to do so, we would contact you to state what the legitimate interest is.
We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
All data is securely stored on Asian Absolute servers or company-owned computer and digital storage media all data is reliably erased from the device prior to its transfer out of company control, and/or the media must be destroyed, using current best practices for the type of media.
For each device and server we have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, suppliers and other third parties who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality and non-disclosure agreements
We may only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. Generally, we will retain data for the period set out in our Data Retention Policy or the time necessary in order for us to complete a contract with you. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
We may share your personal information with third parties where required by law, where it is necessary to administer the working relationship with you or where we have another legitimate interest in doing so.
“Third parties” includes third-party service providers. The following activities are carried out by third-party service providers: IT services, auditing services, secured Cloud storage and hosting services, email server.
All our third-party service providers are required to take appropriate security measures to protect your personal information in line with our policies. We do not allow our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions.
Transferring information outside EU
We may need to disclose potential personal data contained in the documents relevant to the work we are quoting for to third parties linguists outside the EEA in order to perform the contract we have entered into with you. We have strict non-disclosure agreement and contracts in place with all our sub-contractors abroad.
Before sending personal data outside the EEA, we consider the below:
- Do we need to transfer personal data abroad?
- Have we complied with all the other data protection principles?
If we conclude that there is a necessity for the completion of the work we are contracted for to send the documents outside the EEA, we ensure the same degree of protection than the data kept in the EEA and all the same safeguards are implemented.
Rights of access, correction, erasure, and restriction
You have to right to contact us at any time to request access if you have any concerns regarding the data we hold, please don’t hesitate and get in touch with us. We’ll answer all your questions and make the necessary changes as per your request.