Premier | Data Protection Policy

Data Protection Policy

342

wp-singular,page-template-default,page,page-id-342,wp-theme-bridge,bridge-core-2.0.2,mega-menu-top-navigation,ajax_fade,page_not_loaded,,qode-title-hidden,qode-theme-ver-19.0.2,qode-theme-bridge

[vc_row row_type=”row” use_row_as_full_screen_section=”no” type=”full_width” angled_section=”no” text_align=”left” background_image_as_pattern=”without_pattern” row_negative_margin=”disable_negative_margin” css_animation=””][vc_column][vc_empty_space height=”15px”][vc_column_text]

Data Protection Policy

8. PERSONAL DATA – PROTECTION RIGHTS, INCLUDING RIGHT TO BE FORGOTTEN

Premier will comply with requests from an Individual to exercise their rights under data protection laws, and from 25 May 2018, GDPR. Individual’s rights in relation to their personal data include:

The right to object to the processing of their Personal Data.

The right to request that the processing of their Personal Data is restricted.

The right to request their Personal Data is rectified if inaccurate.

The right to request erasure of their Personal Data.

The right of portability in relation to their Personal Data and

The right to object to processing which involves automated decision making or profiling.

All Individuals have the right to be informed what information Premier holds about them and to request copies of that information (also known as “Subject Access Request”). Any Individual wishing to submit a Subject Access Request should contact privacy@

premierdestinationservices.com.

Any Premier staff, consultant and/or contractor who receives a request from an Individual to exercise the above rights under data protection laws and GDPR must escalate such request to the DPO and Compliance Committee immediately via privacy@

premierdestinationservices.com.

Premier staff, consultants and/or contractors are responsible for cooperating with the DPO and the Compliance Committee to ensure that Premier can comply with an Individual’s request.

Premier at all times will promptly inform the Data Processor who authorized Premier of such service (when applicable) about the Individual’s request and will be copied on all steps taken in order to comply with the Individual’s request.

9. PERSONAL DATA – PREMIER & STAFF

All Premier staff, consultants and/or contractors are responsible for checking the information they provide to Premier in connection with or related to their employment, supplier’s role and/or agreement is accurate and up to date.

Any changes to Personal Data provided (including, but not limited to change of address, etc.) must be promptly notified, in writing, to Premier via privacy@

premierdestinationservices.com or the appropriate channel according to supply chain instructions. Premier will not be held responsible for errors unless staff, consultants and/or contractors have properly informed Premier about them.

10. PERSONAL DATA – SECURITY & BREACHES

Premier will always use appropriate measures to keep Personal Data secure at all points of the processing. Keeping Personal Data secure includes protecting it from unauthorized or unlawful processing, or from accidental loss, destruction or damage.

Premier has implemented security measures which provide a level of security which is appropriate to the risks involved in the processing. Measures include but are not limited to technical and organizational security procedures, encryption, cyber security and data minimization (i.e. not keeping Personal Data for longer than necessary).

In assessing what measures are the most appropriate, Premier has taken into account the following:

Security measures quality and effectiveness.

Implementation Costs.

Nature, scope, context and purpose of Personal Data Processing; and

Risk assessment to the safeguards of Individuals’ Personal Data, including data breach.

Premier’s security measures include, without limitation:

Technical systems security features, including secure server and software programs, password protected files, encrypted information, double authentication, digital fingerprints, etc.

Restrictions (both physically and digital) to minimize access to Personal Data.

Restoration of systems and availability of Personal Data in the event of an incident and/or emergency.

Physical security or information at Premier’s premises.

Management and organizational guidelines, in the form of policies, procedures, training and/or audits.

Continuous testing and evaluation of Premier’s security measures effectiveness.

Personal Data breaches means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Data transmitted, stored or otherwise processed.

Premier will comply with requests from an Individual to exercise their rights under data protection laws, and from 25 May 2018, GDPR. Individual’s rights in relation to their personal data include:

The right to object to the processing of their Personal Data.

The right to request that the processing of their Personal Data is restricted.

The right to request their Personal Data is rectified if inaccurate.

The right to request erasure of their Personal Data.

The right of portability in relation to their Personal Data; and

The right to object to processing which involves automated decision making or profiling.

premierdestinationservices.com.

premierdestinationservices.com. Premier staff, consultants and/or contractors are responsible for cooperating with the DPO and the Compliance Committee to ensure that Premier can comply with an Individual’s request.

11. PERSONAL DATA – CONFIDENTIALITY

Premier’s use of Personal Data is subject to data secrecy. Premier treats this data as confidential on a personal level and secured with suitable organizational and technical measures to prevent unauthorized access, illegal processing or distribution, as well as accidental loss, modification or destruction.

12. PERSONAL DATA – DELETION & DESTRUCTION

Personal Data that is no longer needed by Premier (including Premier staff, consultants and/or contractors) after the finalization of a service and/or expiration of legal or business process-related periods must be deleted and/or destroyed.

From time to time, there will be instances in which such Personal Data is deemed significant for the continuance of Premier’s service offering pertaining certain Individuals. If so, such Personal Data must be kept on file until the interests that merit protection have been made clear, or Premier’s corporate archive has examined the Personal Data to determine whether it must be retained for historical purposes.

13. PERSONAL DATA – DIRECT MARKETING

Premier will comply with the rules set out in data protection laws, including GDPR and other any laws, which may amend or replace the regulations around direct marketing. This includes, without limitation, when Premier makes contact with Individuals by post, email, text message, social media messaging, telephone (both live and recorded calls), fax, and any other means.

Premier deems direct marketing as any kind of communication of any advertising or marketing material, which is directed or addressed to Individuals. This does not need to be for selling or advertising purposes. It includes contact made by organizations to individuals for the purposes of promoting the organization’s aims.

Any direct marketing material that Premier sends will identify Premier as the sender and will describe how people can object to receiving similar communications in the future. If an Individual exercises their right to object to direct marketing Premier will immediately stop this.

14. COMPLIANCE

Compliance with this Policy and any data protection laws –including from May 2018, GDPR- is responsibility of all Premier staff, consultants and/or contractors and all must comply with the rules and procedures set out in this Policy and any other set by Premier.

It is a condition of being part of Premier staff, consultants and/or contractors that all Premier rules and regulations (including but not limited to, this Policy) are fully complied with.

Any breach of this Policy by Premier’s staff, consultants and/or contractors may result in disciplinary action, including but not limited to, denied access to Premier’s system, immediate termination of their agreement with Premier and any other Premier deems necessary.

Serious or deliberate breaches of data protection laws can result in a criminal prosecution. Any breach of GDPR by Premier (including Premier’s staff, consultants and/or contractors) may result in a substantial fine or actions imposed upon Premier by Data Processors.

15. OTHER

This Policy applies regardless of where Personal Data is held and or the equipment used if the Processing is for purposes of Premier services offering. Further, this Policy applies to all Personal Data, Special Category Data held in any form whether manual paper records or electronic records.

Questions about the interpretation or operation of this Policy should be taken up with the DPO via privacy

@premierdestinationservices.com.

Any individual who considers that this Policy has not been followed in respect of Personal Data about themselves should also raise the matter with the DPO via privacy
@premierdestinationservices.com.

This Policy can be amended and/or update at any time by the DPO and Compliance Committee. Any changes will be posted online and, where appropriate, we will notify changes by email.

From time to time, Premier may carry out risk assessments pertaining Personal Data Processing. This include situations when Premier process Personal Data relating to vulnerable, high profile or politically exposed people, using new technology, and/or transferring data from outside the EU. Any decision on conducting a risk assessment will be recorded by the DPO and the Compliance Committee.

Further information, including guidance for Premier’s staff, consultants and/or contractors about data protection laws, including GDPR can be found on Premier’s website.

[/vc_column_text][vc_empty_space height=”42px”][/vc_column][/vc_row]