I. POLICY FOR THE PROTECTION OF PERSONAL DATA
May 25, 2.018
Tama Automobile SARL is an organization in which the processing of personal data activities are given, which has assigned a major responsibility for the design and organization of procedures so that they are aligned with the legal compliance in this area.
In carrying out these responsibilities and in order to establish the general principles that should govern the processing of personal data in society approves this political protection of personal data, inform its employees and offers of all its interest groups.
Protection of personal data policy is a measure of proactive responsibility aims to ensure compliance with the legislation in force in this area and in this regard, respect for the right to honor and privacy in the processing of personal data. personal nature of all persons related to society.
Develop the provisions of this policy of protection of personal, organizational and security data that the data subjects are set that the principles governing the data processing in the organization and are therefore, procedures and This policy is committed to implementing in their area of responsibility. To this end Tama Automobile SARL with VAT Community No. FR31814003216, residing at 24Bd Marcel Dassault 64200 Biarritz (FRANCE) will be assigned the responsibilities of the personnel involved in the data processing operations.
3. Principles of the treatment of personal data
As a general rule, the company scrupulously respects the legislation on the protection of personal data and must be able to demonstrate (“proactive responsibility” principle), paying particular attention to those treatments that are likely to have a greater impact. risk for the rights of those affected (principle of risk approach).
Tama Automobile SARL will ensure the respect of the following principles:
➔ Legality, loyalty, transparency and limitation of purpose. Data processing must always be informed by the party concerned, through clauses and other procedures; and it will not be considered legitimate if there is consent to the processing of data (with special attention paid by minors), or to another valid and purposeful legitimization, it is in accordance with the regulations.
➔ Data minimization. The processed data must be adequate, relevant and limited to what is necessary for the purposes of the treatment.
➔ Precision. The data must be accurate and, if necessary, updated. In this respect, the measures necessary to delete or correct without personal data of delay are inaccurate concerning the object of a treatment.
➔ Limitation of the retention period. The data will be kept in such a way as to allow the identification of the interested parties for the duration necessary for the treatment.
➔ Integrity and confidentiality. The data will be such that the adequate security of personal data is guaranteed, including protection against unauthorized or unlawful processing against loss, destruction or accidental damage, by applying appropriate organization techniques or.
➔ Data transfers. buying or obtaining personal data from illegitimate sources or in cases where such data has been collected or transferred in violation of the law or is not sufficiently guaranteeing its legitimate origin is prohibited.
➔ Hiring suppliers with access to data. Only suppliers offering sufficient safeguards to apply appropriate technical and security data processing measures will be selected for hiring. With these third parties will be duly documented in this regard.
➔ International data transfers. Any processing of personal data subject to European data transfer rules outside the European Economic Area should be conducted in strict accordance with the requirements of applicable law
4. Worker engagement
Workers are aware of this policy and they are aware that personal information is an asset of society and, in this respect, they adhere to it by committing themselves to:
* Conduct awareness training on data protection that the company puts at your disposal
* Apply user-level security measures that apply to your work, without prejudice to the design and implementation responsibilities that may be assigned to you depending on your role within Tama Automobile SARL
* Use the formats established for the exercise of the Rights by the persons concerned and immediately inform the Company so that the answer is effective.
* Inform the Company, as soon as it becomes aware, of exceptions to the provisions of this Policy, in particular “breaches of the security of personal data”, using the format established for this purpose.
5. Monitoring and evaluation
An annual audit, evaluation and evaluation will be carried out or, whenever significant changes are made to the data processing, the effectiveness of the technical and organizational measures to ensure the security of the processing.
Tama Automobile SARL