WHAT INFORMATION WE COLLECT
To provide its services, MSK Groupneeds to collect and process certain information about you. The data we collect depends on the context of your interactions with MSK Group, the choices you make including the services which are provided to you.
It is to be noted that you have choices about the data we collect. When you are asked to provide personal data, you may decline. If you choose not to provide data that is necessary to provide the service, we may not be able to deliver the service.
CATEGORIES OF DATA PROCESSED
The data we collect and process can include the following, but is not limited to:
- Identification data: we collect data about you such as your first and last name, email address, postal address, phone number, and other similar contact data, date and place of birth, gender, country and preferred language;
- Business contact information: we collect data about you such as job function, job title, department, organisation name, size and location, and whether or not you are acting on behalf of a client;
- Financial information: we collect your financial information, such as financial account information, if needed to take payment or fulfil contractual obligations or for related purposes;
- Contractual information: any information provided by the data subject allowing MSK Groupto perform its contractual duties.
Further to the categories of data mentioned above, MSK Groupguarantees that, except to the limited extent that may be necessary in the context of immigration and in the context of performing a contract with a client, we neither request nor collect special categories of data (i.e., personal information specifying criminal offences/convictions, medical or health conditions, biometric or genetic data, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership or information specifying the sex life of the individual).
HOW WE COLLECT CLIENT`S DATA
WAYS OF COLLECTING DATA
Information that we automatically collect when you use our Website: when you use our Website, we automatically collect, through Cookies, the following information:
- Navigation and click-stream data;
- HTTP protocol elements;
- Search terms.
Personal data that we collect when you do business with MSK Group: we may collect and process your data when you conduct business with us. “Personal data” means information relating to an identified or identifiable natural person that MSK Groupreceives on behalf of the client himself/herself/itself. Examples of categories of such personal data can be found in the previous section.
Personal data we obtain from other sources: we also may periodically obtain both personal and non-personal information about you from MSK Group’s business partners or other third-party sources where they are legally permitted to share such information with us, and add it to the information we already hold about you, such as, but not limited to:
- Updated business address information;
- Identification data;
- Financial information;
- Contractual information.
PURPOSES FOR COLLECTION, USE AND PROCESSING OF CLIENT`S DATA
For processing to be lawful under the General Data Protection Regulation(the “GDPR”), a lawful basis needs to be identified before processing personal data.
We use or may use your personal data for the following purposes (or as otherwise described at the point of collection) in line with the lawful basis under the GDPR:
- To provide you with the service you have requested;
- Processing is necessary for the performance of a contract with the data subject.
- To provide you with information, access to resources or other services that you have requested from us on behalf of you or your organisation;
- Processing is necessary for the performance of a contract with the data subject.
- To send you client service-related communications (marketing);
- Processing is necessary for the purposes of the legitimate interests pursued by the controller.
- To deal with communications that you send to MSK Groupand responding to your queries, requests and complaints;
- Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
- Processing is necessary for compliance with a legal obligation.
- To carry out the recruitment process, if needed;
- Promote our events and conferences via pictures and videos disclosed on our social medias;
- Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party.
- To manage the infrastructure and business operations of MSK Groupand to comply with internal policies and procedures;
- To comply with any applicable rules, laws and regulations, codes of practice or guidelines or to assist in law enforcement and investigations by relevant authorities.
We may contact you by mail, telephone, email or other electronic messaging service to notify you about special events, new features or other information that may be of interest to you in accordance with your interaction with MSK Group. Where required by applicable law, your prior consent will be obtained before sending you direct marketing and you may object or opt out of receiving marketing messages from MSK Group.
MSK Groupdoes not in any way sell, lease or rent your information to third parties.
SHARING PARSONAL DATA
MSK Groupshares your personal data as necessary to render any service you have requested or authorised.
MSK Groupmay also share your personal data with your consent namely for the following purposes:
Assisting with immigration to Luxembourg (third parties namely notaries, domiciliation agents and banks etc).
DISCLOSURE OF YOUR PERSONAL DATA
Service providers: we may disclose/transfer your data with third parties that we refer as service providers solely to the extent necessary to enable such service providers to provide services to MSK Groupand to assist us in providing services to you. MSK Group’s policy is to maintain contracts with all third parties with whom we disclose/transfer personal information that restrict their access, use and disclosure of personal data. Service providers must, in fact, abide by our data privacy and security requirements and are not allowed to use personal data they receive from us for any other purpose.
Third parties: we may disclose/transfer your data with third parties such as administration and public authorities, banking institutions, notaries, domiciliation agents and to professional advisors and auditors of MSK Group.
Safety, security and compliance with law: we will access, transfer, disclose and preserve personal data to comply with applicable law or respond to subpoenas, court orders or other valid legal process, for reasons relating to national security, to defend against legal claims, to protect the rights and safety of MSK Group, MSK Group’s clients, employees or others. This may involve the sharing of your data with law enforcement, government agencies, courts and other organisations.
Consent: we may share your data in other ways and for new purposes if you have asked us to do so and have consented to such sharing.
Those recipients may be located in and outside the European Union. Your personal data will not be transferred to any country outside the European Union which does not ensure an adequate level of protection unless you gave us prior authorization to do so or specific measures (such as adequate contractual arrangements) have been taken by us in order to ensure that the requirements of the applicable data protection law have been fulfilled.
ACCESS TO PERSONAL DATA
MSK Groupseeks to ensure that you are able to exercise your rights at any time. MSK Groupwill address any request within the limits of its technical and organizational means.
- Right to access your personal information:should you want to review the data we hold, collect and process about you, please let us know by contacting us at the contact information provided in the section “HOW TO CONTACT US” of this policy.
- Right to rectification:should the data we hold, collect and process about you be inaccurate or incomplete, you have the right to update such data at any time by contacting us at the contact information provided in the section “HOW TO CONTACT US” of this policy.
- Right to erasure:if at any time you decide you do not want us to retain any personal data we collected from you, you may request we delete your data by contacting us at the contact information provided in the section “HOW TO CONTACT US” of this policy. We will take reasonable measures to comply with your request in accordance with applicable laws.
- Right to restriction of processing:should you wish to exercise this right, please contact us at the contact information provided in the section “HOW TO CONTACT US” of this policy. You should obtain the right to restriction of processing only where in accordance with applicable laws.
- Right to object:should you wish to exercise this right, please contact us at the contact information provided in the section “HOW TO CONTACT US” of this policy. We will consider your objection and we will comply with it unless we have a compelling legitimate ground as permitted by applicable law.
- Right to data portability:you may have the right to have your personal data transmitted directly from us to another controller only when you have asked us to do so and have consented to such sharing, and when technically feasible. Should you wish to exercise this right, please contact us at the contact information provided in the section “HOW TO CONTACT US” of this policy.
- Right to lodge a complaint with the supervisory authority: you have the right to lodge a complaint with the Commission Nationale pour la Protection des Données (the “CNPD”), where you believe that your data is being processed in a way that does not comply with the GDPR.
Please be aware that these rights are not always absolute and there may be some situations in which, technically or legally, MSK Groupmay not be able to comply with your request.
HOW WE PROTECT YOUR DATA
MSK Groupacknowledges your trust and is committed to protecting the data you provide to us. We maintain appropriate organisational, physical and technical security measures (including with respect to personnel, facilities, hardware and software, storage and networks, access controls, monitoring and logging, vulnerability and breach detection, incident response, encryption of personal data) to protect against unauthorised or accidental access, loss, alteration, disclosure or destruction of personal data.
NOTIFICATION OF PERSONAL DATA BREACH
MSK Groupwill notify its client of any personal data breach by MSK Group, its processors, or any other third-parties acting on MSK Group’s behalf without undue delay, only where the personal data breach is likely to result in a high risk to the rights and freedoms of the client.
RETENTION PERIOD OF PERSONAL DATA
MSK Groupwill only retain your personal data:
- For as long as it is necessary for the purpose or purposes for which it was intended, subject always to the legal periods of limitation;
- For the purposes of performing or fulfilling a contractual obligation with you or the organisation that you represent and, therefore, legitimate business purposes;
- For as long as required or permitted by law.
WHAT DO WE EXPECT FROM YOU
We expect you to inform us in writing and without undue delay of changes in the information you provided to us or others about you, so that we can keep it up-to-date.
Personal data that we collect when you apply online for employment: you may submit personal data through the use of our website to be considered for employment at MSK Group. Such information includes, amongst others, your name, your address, your phone number, your email address, experience, education, job skills and other information contained on your curriculum vitae (CV) and/or your cover letter. MSK Group uses such data solely for consideration of your candidacy for employment, to communicate with you and to generate related correspondence, including offer letters and employment agreements. Such data may also be used, subject to applicable local laws, to conduct necessary background checks for compliance and other employment related purposes (including the assessment of your profile in view of the conclusion of a potential employment contract, to the extent permitted by applicable laws and regulations). Finally, MSK Group only retains such data for as long as is necessary to address your employment application and any questions that may arise regarding your application’s processing.
HOW TO CONTACT US
MSK Group S.à r.l.-S.
Attention: Marina Kirchens-Sargsian, Data Protection Officer
Grand Rue 58A, Ettelbruck
Grand Duchy of Luxembourg
*Last update on 12/10/2018