Data protection STATEMENT and information provided in accordance with the EU General Data Protection Regulation (“GDPR“)
Models INC LLC Belgrade the protection of your personal data and the processing of this data in a manner compliant with data protection principles very seriously. In this data protection declaration we will explain how we, as the controller for data processing activities, collect personal data about you, use it and in certain circumstances may pass it on to third parties; and how you may exercise your rights as a person affected. If you have any questions about our usage of your personal data, please contact us at one of the following contact address: firstname.lastname@example.org
Types of personal data and processing purpose
The data that you provide to us voluntarily and that we obtain from you within the framework of our business relationship (e.g. in conjunction with an application for a product, contact form, registration, direct communications with you online or by telephone, or as part of you using our services) comes under the following categories:
- “Personal information” such as preferred form of address, title, name, contact information (telephone number, email address, postal address), date/place/country of birth, marital status, profession/employer information, nationality etc.
- “Identification data”
- Data from public registers if they egzist
- Images,video and recorded data, such as video, photo etc.
- Information from electronic interactions (e.g. through our website, apps etc.), such as the IP address, user name (where applicable), date and time of access, as well as technical data on the pages/objects viewed;
- File names of any attachments, message size, risk classification with respect to spam/sender status
- Data to comply with statutory and regulatory requirements
- Marketing data
Data which we obtain from external sources
We may occasionally obtain personal data relating to you from external sources, e.g. data from publicly accessible registers, from information published on websites and the media, or when information about you is relayed to us by subsidiaries or business partners. In such cases we check that these third parties have obtained your consent or are in some other way legally entitled or obliged to disclose your personal data.
Data which we capture automatically – cookies and similar technologies
We may be able to automatically capture certain data from your device when you visit our website. This data may constitute personal data, such as IP address, device type, one-off device identification numbers, browser type and other technical data. We can also capture data on how your device interacted with our website, e.g. which pages were viewed and which links clicked on.
By capturing this data we are better able to understand who is visiting our website, where the visitors come from and what content on our website they are interested in. We use this data for internal analysis purposes and for the purpose of improving the quality of our website and aligning it more closely to the interests of our visitors. We can also use the data for ensuring network and data security.
The personal data is processed for the purposes of
- developing and managing the business relationship
- answering messages, complaints or queries that you send to us
- verifying the correctness of the data we hold on you
- complying with the statutory and regulatory obligations we have
- running, administering, analysing and improving our website
- providing technical user support
- ensuring network and data security.
We may pass on your personal data to the following categories of recipients:
Our employees, who require it to comply with contractual and legal obligations as well as legitimate interests; external service providers (e.g. IT service providers) and business partners that provide us with data processing services or process personal data in some other way for the purposes described in this data protection declaration or who will be notified to you if we capture your personal data.
Public authorities, such as supervisory or security authorities, or public offices, courts or other third parties where disclosure is necessary (i) because of existing laws and regulations, or (iii) to protect your legitimate interests or the legitimate interests of another person
Another person, where you have consented to the disclosure.
Legal basis for the processing of personal data
The legal basis for the capture and processing of personal data depends on the specific context in which we capture it.
To fulfil contractual obligations
Your personal data is processed in order to initiate and process contracts with you, and to execute your instructions as part of our services.
The specific purpose of the data processing will be notified to you in the relevant contract documentation.
Based on your consent
If we have your consent, we will processes your data in line with the consent given. You may withdraw your consent – which will then affect future transactions/interactions – at any time.
To safeguard legitimate interests
We may, additionally, process your data on the basis of the legitimate interests of us or a third party. These legitimate interests cover, in particular:
- Surveillance and other protection measures that can provide evidence of fraud or criminal activities, and protect employees, customers and property
- Measures connected to the prosecution of illegal acts.
Mandatory provision of certain data
If data that is required to be able to complete or process a contract or that we are legally obliged to collect is not provided, it will not be possible to perform/provide the contract or the services required and an existing contract may have to be terminated.
International transfer of data
Your personal data may be transmitted to, and processed in, countries outside the EU/EEA which have not (yet) been judged by the EU Commission to provide an appropriate level of data protection and which possibly do not offer the same high levels of protection. Personal data may be made available to local authorities or courts due to local laws and regulations.
In particular, your data may be transmitted to Serbia, Montenegro, and Bosnia and Herzegovina as well as to external service providers and partners in order to fulfil one of the purposes described here.
We have, however, taken appropriate security measures and precautions to ensure your personal data will be protected in accordance with this data protection declaration.
We store your personal data for the duration of our business relationship provided this is necessary for the purposes of the business relationship; and for as long as our legal obligations or other legitimate interests dictate that we must retain the data.
As soon as no legitimate reasons for continuing to store the personal data remain it will either be deleted or anonymised. If this is not possible (because, for example, your personal data is stored in back-up archives) we will store your personal data securely and ensure it cannot be used in any further processing activities until such time as it can be deleted.
Rights of data subjects
The Regulation provides for a data subject’s right to information, rectification, erasure, restriction of or an objection to processing, data portability and the right to lodge a complaint with the relevant supervisory authority.
If we process your personal data based on your consent you can withdraw this consent at any time.
If personal data is processed for direct marketing purposes and the basis for processing has not been provided through your consent, you have the right to object to the processing of your personal data for the purposes of such marketing at any time; this also applies to profiling where this is linked to direct marketing.
Please write to us at the (email) address below if you wish to exercise these rights. We will examine your request and answer accordingly.
Updates to this data protection declaration
We may update this data protection declaration from time to time in the light of new legal, technical or business developments. We will use appropriate measures to inform you of the changes made, depending on their importance.
For every significant change to the data protection declaration we will ask you for your consent where and to the extent this is required by the relevant data protection laws. You will find the “Date last updated” at the end of this data protection declaration.