NSSG SUPPORT Mobile App
Last update: 29th of March 2022
The aim of this Privacy Policy is to provide the users of the NSSG SUPPORT Mobile App with the relevant information on how and why NSSG collects and processes their personal data, as well as the rights the user have related to the processing of their personal data.
WHO IS PROCESSING YOUR DATA?
North Star Support Group („NSSG”) is an international risk-management company globally providing a wide range of risk-mitigation and crisis support services.
We value and respect the privacy of your data thus we integrated privacy principles and policies in our daily work flow. Our privacy policies focus on legally processing, stocking and, if needed, accordingly exchanging personal data.
NORTH STAR SUPPORT GROUP S.R.L. is a Romanian company headquartered in Bucharest, 26 Grigore Alexandrescu Street, Romania, Zip code 010626, registered under national no. J40/14475/2017 and European no. ROONRC.J40/14475/2017, VAT no. RO 38106808, contact info +40 21 795 7601, servicedesk@nssg.global, hereinafter referred to as ”NSSG”.
DEFINITIONS
“Personal data”, “Personal information” means any information regarding a physical identified or identifiable natural person.
“Controller” means the natural or legal person that determines the purposes and means of the processing of personal data processing – in this Privacy Policy, NSSG.
“The user” means the natural person who has and uses the user account on the Mobile App, being the data subject to whom this Privacy Policy addresses.
“Processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, storage, adaptation, consultation, use, disclose or deletion.
”The Mobile App” or ”The App” means NSSG SUPPORT Mobile App.
“The GDPR” means REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
HOW DOES NSSG COLLECT DATA?
NSSG collects the personal data directly from the App’s user or from the user’s employer or relatives, depending on the existent contractual relationship with NSSG, in order to create the user account and provide the access credentials.
Once the user account is created, the personal data is collected directly from the user through the App and the device.
CHILDREN AND SENSITIVE USER DATA
NSSG App and services are not intended for individuals below the age of 16. NSSG does not solicit and collect personal information from this category of audience.
NSSG does not intentionally collect personal information from children below the age of 16. If you are the parent or guardian of a child below the age of 16, and believe your child has provided NSSG with personal information, please contact us to request the deletion of these personal data. If we confirm that we have collected this kind of personal information, we will delete that information as soon as possible.
NSSG does not collect personal data regarding racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.
WHY, HOW AND WHAT PERSONAL DATA DOES NSSG PROCESS?
In this section there is provided the information concerning the personal data processing activities such as processing purposes, personal data categories, legal grounds and retention periods.
- Provide access in the App and to the App’s functionalities
- Purpose: Create the user account
Categories of Personal Data: name, surname, employer or the company the Data Subject is connected to, username and password
Legal ground: the legitimate interest pursued by NSSG, according to Article 6 par. (f) of the GDPR, regarding the execution of the contracts with our clients by providing access in the App.
- Purpose: Activate the “call” function
Categories of Personal Data: phone number
Legal ground: the legitimate interest pursued by NSSG, according to Article 6 par. (f) of the GDPR, regarding the execution of the contracts with our clients by providing access to the functionalities of the App. In order to initiate a call, the App will ask for the User’s approval.
- Providing the services using the App, according to our commercial contracts
- Purpose: Providing the services using the App
Categories of Personal Data: username, employer or the company the Data Subject is connected to, phone number, geographical location, status, movement and speed of movement, image (in case the Users chooses to send photos containing an individual’s image), device information such as device type, brand, model, operating system and its version
Legal ground: the legitimate interest pursued by NSSG, according to Article 6 par. (f) of the GDPR, regarding the execution of the contracts with our clients using the dedicated App.
Refusal to provide the personal data leads to the impossibility to provide services.
In order to collect the personal data, the User needs to give the App access to the specific functions or applications of the device such as GPS, walk tracking, image gallery, camera, e-mail app or calls.
Particularities of each functionality:
- SOS button
Categories of Personal Data: username, geographical location, date and time of alert activation
- Initiate a call
Categories of Personal Data: phone number
The App will ask for User’s approval to initiate a call.
- Chat
Categories of Personal Data: username, message, date and time of the message
- Send image
Categories of Personal Data: username, image (in case the Users chooses to send photos containing an individual’s image), location where the photo was taken, time and date of sending the photo
- Scan QR code
Categories of Personal Data: geographical location, scanning date and time
- Send location
Categories of Personal Data: username, geographical location, movement and speed of movement
- Trouble shooting or send e-mail
Categories of Personal Data: device information such as device type, brand, model, operating system and its version necessary to make the connection to the e-mailing application. The personal data is used only for the connection and not further stored or otherwise processed. The e-mail address will be processed by NSSG through the e-mail application, not through the App.
Further processing: Personal data collected through the App will further be processed for the quick interventions when needed (announcing the quick intervention team when SOS button is activated), reporting to the client and keep records in order to execute and prove the execution of the commercial contracts.
Moreover, NSSG will process the Personal Data in order to defend its rights and interests in front of the courts, arbitral tribunals or any other public institutions and authorities.
HOW LONG DOES NSSG STORE THE PERSONAL DATA?
NSSG stores the Personal Data collected and processed through the App for the period necessary for the execution of the contract and to prove the execution of the contract.
NSSG will keep the Personal Data for the period necessary to defend its rights and interests in front of the courts, arbitral tribunals or any other public institutions and authorities.
When applicable, NSSG will store the Personal Date for the time period necessary in order to comply with the legal obligations which it is subject to.
AUTOMATED DECISION MAKING
NSSG does not make decisions based solely on automated personal data processing (including profiling) that would have legal effects on the data subjects or that would affect the data subjects in a similar way to a significant extent.
PERSONAL DATA TRANSFERS AND DISCLOSURE
NSSG discloses personal data to the App provider, to the clients and to our business partners such as the quick intervention team. The disclosure of Personal Data only takes place when it is necessary for the processing purpose and it is limited to what data is strictly necessary to be disclosed according to the purpose.
When the client or the user is located outside the EEA, the Personal Data will be transferred between the European Union and country where the client or the user is located.
The Personal Data may be disclosed to NSSG collaborators, providers, partners and to the courts, arbitral tribunals or any other public institutions and authorities according to the legal obligations NSSG is subject to.
As a rule, the transmission of your personal data to the above recipients will be done in accordance with applicable law and only based on a commitment of confidentiality and ensuring an adequate level of security on their part, which guarantees that personal data is kept secure.
HOW DOES NSSG PROTECT PERSONAL DATA?
The security of your Personal Data is important to us. Therefore, NSSG maintains a variety of appropriate technical and organizational measures to protect your Personal Data from loss, misuse, and unauthorized access or disclosure. We limit access to Personal Data to employees who we believe reasonably need to retrieve that information to provide our services. Considering the current state of technology, we have implemented reasonable physical, electronic, and procedural safeguards designed to protect your Personal Data, such as limiting encrypting or anonymizing it or storing it on secure media.
No method of transmission over the Internet, method of electronic storage or other security methods are one hundred percent secure. Despite our best efforts, we cannot always guarantee the effectiveness of the security measures implemented, and therefore we cannot guarantee the absolute security of Personal Data.
DATA SUBJECT’S RIGHTS
Under the applicable law, you have the following rights:
Right of access: You have the right to obtain confirmation from us that your Personal Data are processed by us, as well as information on the specifics of processing, such as: purpose of processing, categories of data processed, recipients of personal data, period for which the data is kept, if it is transferred abroad and how we protect it, the source of your Personal Data.
Right to rectification: At any time, you have the right to request the rectification of your Personal Data. In the event of errors, after notification, we will immediately rectify your Personal Data.
Right to erasure: You have the right to request the deletion of Personal Data, provided that your request comply with applicable legal requirements. Personal Data will be erased when the legal requirements are met.
Right to restriction of processing: If the applicable legal provisions are met, you can request that we restrict the processing of Personal Data.
Right to data portability: If the applicable legal provisions are met, you have the right to provide Personal Data in a structured, commonly used and automatically readable format and the right to transmit it to another data controller.
Right to object: In certain situations, such as when we process Personal Data based on legitimate interest, you have the right to object to the processing of your Personal Data by us.
Right to not be subject to decisions based solely on automated processing: If the applicable legal provisions are met, you have the right not to be subject to a decision based solely on automatic processing, including profiling, which has legal effects on you or affects you similar to a significant extent.
Right to address to the Supervisory Authority: You have the right to file a complaint with the competent Supervisory Authority, in connection with any violation of your rights regarding the processing of your Personal Data.
Contact details for the Romanian Supervisory Authority:
National Supervisory Authority for Personal Data Processing
address: 2830 Gen. Gheorghe Magheru Street, Bucharest, District 1, zip code 010336
phone: +40.318.05.92.11
email: anspdcp@dataprotection.ro
website: www.dataprotection.ro
If you want to contact other representatives of the EU national data protection authorities, you can click: Our Members | European Data Protection Board (europa.eu)
Consent withdrawal: To the extent that we process your Personal Data based on your given consent, you can withdraw your consent at any time, without affecting the legality of the processing based on the consent before its withdrawal.
Right to object to receiving commercial messages: You may also object to the processing of your Personal Data for the purpose of sending commercial messages.
UPDATES
NSSG has the right to change and update this Privacy Policy from time to time. Accordingly, we urge our users to review this page periodically to stay updated with how we use your Personal Data. If we are to change this Privacy Policy, we will make available on the App the last updated version and we will update the date in the „Last update” section. Any changes to this Privacy Policy will be effective upon posting on this page, except the changes where your consent is expressly needed, in which case the changes will apply from the date of your consent.
CONTACT US
Email: support@nssg.global
Mobile phone: +40 742 156 186
Landline: +40 21 795 7601
Website: www.nssg.global