The EU GDPR regulation requires (i) that personally identifying information on EU persons may only be collected by a company if there is a valid business purpose for collection such data; (ii) the person must consent to the collection of such data; (iii) companies must dispose of such information when it is no longer required for that business purpose, or upon request of the person; and (iv) there must be a simple and effective way for persons to opt out of receiving further communications from the company.
For the purposes of the policy, the following definitions apply:
EU Persons – Any person that resides, is located or has citizenship within the European Union (“EU”) or the European Economic Area (“EEA”).
Personally Identifiable Information – Any information that can be used to identify the particular individual or that persons physical location. This includes home address, links to current location (What’s App…), personal phone or mobile phone numbers, credit card information, identification numbers (Social Security, Driver License or other identifying numbers), etc.
Sensitive Personal Information – Includes any information that identifies information regarding a person’s ethnicity, age, medical history, gender, sexual preference, religion, political affiliations or beliefs.
Fiberguide will only collect Personally Identifying Information when there is a valid business purpose and shall document that purpose with the GDPR Consent Statement signed by the person and delivered to the GPDR Officer.
Fiberguide shall not collect Sensitive Personal Information, unless it is required by law or for the provision of employment benefits for employment of that person.
All requests to expunge Personally Identifiable Information shall be delivered to the GDPR officer immediately and such information shall be immediately deleted from the Company’s records.