Data Protection Policy

of BigMat International

This policy sets out the management approach and procedure followed by the website www.bigmat.com (“BigMat” or the “Website”) when treating the personal data of Website users. This information is governed by article 13 of Decree Law 196 of 30 June 2003 (the “Personal Data Code”).

  1. The Data Controller
    • 1.1 The Data Controller is BigMat International, with registered offices at 25 Route d’Esch, 1470 Luxembourg, Grand Duchy of Luxembourg. It can be contacted by completing the contact form found on the Website.
  2. Type of data treated
    • 2.1 The Data Controller treats the following personal data of data subjects independently and autonomously: full name and email address.
    • 2.2 Information relating to cookies can be found in the relevant Cookies Policy.
    • 2.3 Users will remain responsible and liable for any third-party data published or shared through the website and shall ensure that they are entitled to communicate or disclose any such data, thus releasing the Data Controller from any liability as before third parties.
  3. Types of treatment
    • 3.1 The Data Controller shall adopt the relevant security measures stipulated in Appendix B of the Personal Data Code when treating the personal data of users so as to prevent any unauthorised access, disclosure, modification, or destruction of such data.
    • 3.2 Data may be treated electronically and in paper form using both online and offline equipment, and using organisational methods and software strictly related to the purposes stated so as to ensure that the personal data remains suitably protected.
  4. Site of treatment
    • 4.1 Data will be treated at the head offices of the Data Controller and at any other venue or site where the parties may legitimately and lawfully carry out such treatment.
  5. Data storage periods
    • 5.1 Data will be treated for the time needed to provide the service requested by the user or to fulfil the purposes described in this document. Users may request the interruption of the treatment or erasure of their data at any time and may exercise the rights enshrined in article 7 of the Personal Data Code.
  6. Purposes of the treatment
    • 6.1 The data provided by users may be treated for the following purposes:
      • a. To meet any kind of obligation envisaged in the applicable law, regulations or rules of the European Union.
      • b. To respond to requests made by users sent via the contact form, which can be found under the “Contacts” section of the Website.
      • c. For disclosure to subsidiaries, parent companies and associates for administrative and accounting purposes.
  7. Mandatory or optional nature of the disclosure
    • 7.1 Refusal or failure to furnish data will not limit or restrict use of the service.
    • 7.2 Users shall enjoy full discretion when deciding whether to disclose their personal data.
  8. Data Controllers and Data Processors
    • 8.1 In addition to the Data Controller itself, certain employees of and other persons present at the Data Controller (administrative, sales, marketing and legal staff, as well as system administrators), including authorised external personnel (such as suppliers of third-party technical services, couriers, web hosting suppliers, IT companies, communication agencies), may sometimes be privy to the personal data. When necessary, the Data Controller shall appoint such persons as Data Processors. An up-to-date list of Data Controllers and Data Processors may be requested from the Data Controller at any time.
  9. Rights of Users
    • 9.1 The individuals to whom the personal data belongs (Data Subjects) are entitled at any time to seek and obtain confirmation of the existence or non-existence of such data from the Data Controller and to know its content and origin, to verify its accuracy or to request the integration, erasure, updating, rectification, rendering anonymous, or freezing of the personal data treated should that treatment infringe or breach applicable law. They may also challenge the treatment of their data for any lawful reason. Any such request or instruction must be addressed to the Data Controller by writing to the address indicated above.
    • 9.2 The right of users to oppose treatment of their personal data, exercised through any automated means or channel of contact, extends to both traditional channels, without prejudice to the User’s right to partially exercise that right in accordance with art. 7.4. d) of the Personal Data Code.
  10. Modifications to this Data Protection Policy
    • 10.1 The Data Controller reserves the right to modify this Data Protection Policy at any time by notifying users via this page. Users are therefore asked to consult this page or section of the website periodically, taking as reference the date of the last modification as indicated at the bottom of this page. Should they not accept the modifications made to the current Data Protection Policy, they must stop using the service and may instruct the Data Controller to erase their personal data. Unless stated otherwise, the terms of this Data Protection Policy will continue to govern any personal data gathered or compiled up until that time.

Definitions

Cookie

Small amount of data stored on the User’s computer.

Personal Data (or Data)

Personal data includes any information relating to a natural person, whether directly or indirectly identified or identifiable, by reference to any other information, including a personal identity number.

 

Treatment (of Data)

Any one or more actions or operations relating to the gathering, recording, organisation, custody, consultation, preparation, modification, selection, extraction, comparison, use, interconnection, freezing, communication, disclosure, cancellation, or destruction of data, including data that is not recorded in a database.

Data Controller (or Controller)

The legal persons, including when acting jointly with another Data Controller, who are competent to make decisions concerning the purposes and methods for treating personal data and the tools to be employed, including the security profile, in relation to the functioning and use of the Website. Unless stated otherwise, the Data Controller is the owner of the Website.

Data Processor (or Processor)

The legal persons appointed by the Data Controller to treat the personal data under the terms of the current data protection policy.

 

Other Persons Authorised to Process Data

The natural persons authorised to treat personal data by the Data Controller or the Data Processor.

User or Data Subject

The natural person to whom the Personal Data refers.

 

 

 

Last updated on: 11-11-2016.