Your privacy is of utmost importance to us at Phases, and we are committed to safeguarding your data and ensuring compliance with the General Data Protection Regulation (GDPR).
We collect your information to enhance your user experience, provide relevant content and services, keep you informed about new opportunities, improve search results based on your data, and track recruitment activities for potential candidates or clients.
We process your personal data lawfully, relying on different legal bases such as your consent, contract performance, or legitimate interests, as required under GDPR.
Your personal data is processed by the Phases at Melby Enghavevej 64, 3370, Melby, Denmark.
We may provide access to your data to third-party data processors for specific purposes outlined by us. We work with third-party data processors to assist in providing our services. These processors handle your data as required and are bound by data processing agreements to ensure GDPR compliance.
Here the data processors are mentioned below:
- Phases Innovations
- Citrix Podio
Data Protection Officer
Phases have appointed a Data Protection Officer (DPO), and everyone is always free to contact our DPO with any queries regarding the processing of your personal data. You can always contact our DPO at [email protected]
Data Subject Rights
You have certain rights under the GDPR, including the right to access, rectify, erase, object to processing, data portability, and restrict processing. If you wish to exercise any of these rights, please contact our DPO.
If you believe your data protection rights have been violated, you have the right to lodge a complaint with the appropriate supervisory authority.
Data Security & Retention
We take data security seriously and have implemented measures to protect your data from unauthorized access, disclosure, alteration, or destruction.
We will retain your personal data only as long as necessary to fulfill the purposes for which it was collected, in accordance with our retention policy.
- Processing should be done lawfully, fairly and in a transparent manner. Particularly, for lawful processing – at least one of the prescribed requirements under GDPR are to be met, such as where the Data Subject has consented to the processing; or processing is necessary for the performance of a contract to which the Data Subject is a party; or processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority, etc.
- Personal Data should be collected for specified, explicit and legitimate purposes and not further processed if incompatible with those purposes (except where specifically permitted under GDPR), and it should be adequate, accurate, relevant and limited to what is necessary for relation to the purposes for which they are processed.
- Personal Data should be kept in a form which permits the identification of data subjects for no longer than is necessary.
Laws & Regulations to be followed in GDPR
The GDPR provides appropriate rights to the users about the protection of their personal data. These rights are based on the legal articles stated below,
Article 6 of GDPR states that processing of the user’s personal data is lawful only when the individual gives consent to the processing of the personal data for a specific purpose.
Recital 58 of the GDPR requires you to provide the users with details about how their personal data is going to be put in use. This is also called the principle of transparency.
Recital 85 of the GDPR centers around the security of data. It states on protecting data to prevent a data breach and responding quickly and appropriately in the event of a data breach are requirements of this regulation.
Personal data breach
If a data breach occurs, we'll promptly inform the supervisory authority (within 72 hours) and affected individuals if there's a risk to their rights and freedoms.
We'll document all breaches, including the details and actions taken. As a processor, we'll immediately notify the controller once aware of any data breach.
We will be storing personal data if it serves and fulfills the purpose as mentioned.
Personal data obtained in connection with the business operation will be deleted according to either Phases' internal policy or according to the agreed-upon terms with our suppliers within the purpose of the use of our data.