The protection of individuals’ personal data is a priority for PI Import Sa, and more importantly a legal obligation (the GDPR came into effect on 25/5/2018) that PI Import prioritises.
In this section on data protection, we want to explain how we protect the rights and liberties of the individuals, clients and employees in question (“data subjects”) when we process personal data, including hard copies and electronically.
We pay particular attention to the riskier processing of personal data, such as (if applicable) using data for specific purposes, taking appropriate technical and organisational measures when processing, sharing this data with other parties etc. We also monitor the processing of our staff’s and other stakeholders’ personal data. Particularly when we use technology which, without any protection, could result in a privacy breach.
The provision of quality products and/or services is an absolute priority for PI Import. An important aspect here is the high quality processing of personal data. PI Import’s management pursues this policy to make sure that everybody’s rights and liberties are always respected when processing personal data.
In practical terms, the following objectives are pursued insofar as they apply.
PI Import Sa
- Is transparent when it comes to the personal data that it processes. Is transparent about the purpose of the processing, both with the individual concerned and with their supervisor. Communication is authentic, easily accessible and understandable. The principle of transparency also applies when personal data is shared.
- Only processes data that is relevant in terms of carrying out tasks. Any task involving the processing of personal data is lawful. This means, among other things, that the processing complies with PI Import’s legal and statutory objectives. An assessment is carried out whenever a new type of processing is identified.
- only processes personal data that is strictly necessary for the completion of activities.
- Oversees the integrity of personal data throughout the processing cycle.
- Does not keep data any longer than necessary. The necessity is looked at in relation to the legal obligations and the rights and freedoms of the data subject.
- reports any breaches resulting from the processing of personal data. Information security, data protection when it comes to design and parameters that respect privacy by default are the tools used for this. When a breach occurs, it is reported in accordance with the rules in force.
- is able to enforce all the applicable rights of a data subject, such as the right to access, copy and, if necessary, delete. PI Import hereby monitors any restrictions applicable to these rights.
- actively makes sure that the processing of personal data for specific purposes and the rights and freedoms (for example the right to portability) of the data subject remain protected.
- processes the data in accordance with the rights and freedoms that apply within the European Economic Area and controls their application when the data is shared externally. PI Import therefore complies with all legal and regulatory frameworks (namely Walloon, Flemish, Federal and European rules) when it comes to processing personal data, and, to this end, has demonstrated its responsibility as far as personal data is concerned. PI Import also monitors and applies the codes of conduct in force in the industry.
- can demonstrate that it complies with all the objectives of the GDPR policy and regulations, in accordance with legal provisions. This accountability is enforceable in accordance with the legal principles in force.