The processing of personal data is limited to data that is required to operate a functional website and for the provision of content and our services. The processing of personal data of our users is based on the purposes agreed or on a legal basis (GDPR). We only collect personal data that is necessary to implement and process our tasks and services or that you provided voluntarily.
1. Responsible person
The responsible person according to the General Data Protection Regulation (GDPR) is NUMERI GmbH, Zollstrasse 16, 9494 Schaan, Liechtenstein, E-Mail: firstname.lastname@example.org, T +423 340 33 77
2. Data processing regarding clients
We process our clients’ personal data for the following purposes: preparation of offers for our services, providing our professional services, administration of our business relationships, documentation, exercising and defending our legal rights, complying with our legal and regulatory obligations such as the due diligence act (DDA) and any other purposes expressly and individually agreed upon.
We may collect and process the following categories of personal data about you: client and adress data, identification data, contact details, biographical data including nationality and date of birth, tax reporting data, correspondence, information on assets and additional information which is relevant and necessary for providing our professional services in accordance with your mandate.
The personal data mentioned above is gathered and processed based on the following legal basis:
- on the basis of our contractual relationship with our clients (Article 6(1)(b) of the GDPR);
- in order to fulfil a legal obligation (Article 6(1)(c) of the GDPR);
- to carry out a task in the public interest or in the exercise of official authority (Article 6(1)(e) of the GDPR); or
- for the purposes of the legitimate interests pursued by the data controller or a third party (Article 6(1)(f) of the GDPR).
Legitimate interests may include interal administration, evaluations, marketing, direct marketing and defending against unjustified claims.
3. Recipients and sources of personal data
For providing our services in fulfillment of our contractual obligations it may be necessary to share personal data with third parties (counterparties, sub-contractors, insurances, service providers, courts and authorities, etc.). We only transfer personal data in accordance with applicable law (GDPR, Liechtenstein Data protection act), in particular for fulfilling our contractual obligations or with our pervious consent.
Please also be informed that we may receive information regarding a case from third parties, such as courts and authorities. Some of the above mentioned recipients of your personal data may be located abroad or process the data abroad.
If we transfer clients’ personal data to other countries, it is protected and transferred in accordance with the statutory provisions. Transmission of data outside of the European Economic Area is done with the following guarantees:
- The country to which we are transmitting the personal data has assured the European Commission of an appropriate level of protection of personal data.
- The recipient has signed a contract based on the Standard Contractual Clauses confirmed by the European Commission, undertaking to protect personal data.
- If the recipient is located in the USA, the recipient is a certified member of the EU-US Privacy Shield Framework.
Additional information about the protection of personal data when it is transmitted outside the European Economic Area can be provided on request.
4. Storage periods
Personal data will be processed and stored for the duration of the business relationship within the framework of the statutory provisions. Once the business relationship has been terminated, these data are retained for 10 years on the basis of statutory provisions (PGR, DDA, Liechtenstein Civil Code [Allgemeines bürgerliches Gesetzbuch – ABGB]). Longer retention periods will be enforced only on the basis of statutory or contractual requirements to retain data or for the purpose of maintaining evidence within any applicable statutory limitation periods.
5. Data processing regarding job applicants
On receipt of your application we process personal data such as your name, title, address, telephone number, date of birth, education, work experience, salary expectations and any data and images that are contained in the accompanying letter, CV, letter of motivation, certificates and other documents and records that you send to us, for the purpose of personnel selection.
We process your personal data in the scope of our recruitment process on the basis of Section 1173a Article 28a of the Liechtenstein Civil Code (Allgemeines bürgerliches Gesetzbuch – ABGB) and of Article 6(1)(b) of the GDPR. If an applicant wishes their information to be retained in a pool of applicants for the purpose of potential subsequent cooperation, we require consent for this in accordance with Article 6(1)(a) of the GDPR.
Your data will not be transferred to third parties without your consent. If no appointment is made, we will retain your data for up to six months for the purposes of documentation in any eventual legal proceedings before erasing it.
6. Your rights (rights of the persons affected)
You have the right to request information about any of your personal data we process. In particular, you have the right to request information about the purpose of the processing, the categories of personal data, the categories of recipients who will have access or were disclosed with your data, the duration periods for saving the personal data, the data source in cases where we did not if not collected through us and information on whether we apply automated decision-making technologies including profiling.
Further you have the right to adjust/correct, erase, restrict or object data processing as well as transmission of data (in the latter case provided that it does not cause a disproportionate effort to transmit these data).
Additionally, you have the right to revoke a previously granted consent to use your personal data at any time without affecting the legality of previous data processing. A revocation notice can be sent by informal letter or e-mail to us (NUMERI GmbH, Zollstrasse 16, 9494 Schaan, Liechtenstein; email@example.com).
If you believe that the processing of your personal data is inconsistent or contradicts the applicable data protection laws you have the possibility to lodge a complaint with the data protection office (www.datenschutzstelle.li).
7. Automated decision-making (Art. 22 GDPR)
We do not apply automated decision-making technologies regarding personal data. If such technologies are applied in a specific case affected individuals will be informed in accordance with legal provisions.
8. Website, electronic communication
We do not perform any web analysis on our website and do not use any web analysis tools (e.g. Google Analytics). The user and visitor data will not be evaluated or analyzed.
For optimizing this website regarding system-performance, usability and provision of useful information on our services the website provider gathers and stores information automatically in so-called server-log-files. This information includes IP-addresses, browser and language settings, operating system, referrer URL, internet service provider and date and time and is transmitted to us automatically. The data will not be merged with personal data sources. We reserve the right to subsequently assess the data if concrete indications for illegal use arise.
Our website uses Google Maps (provided by LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) to display an interactive map and to create directions. Google Maps is provided by. Thereby IP addresses and location data of users can be processed if you agree to that (usually this agreement is given within the framework of your device settings). The date may be processed in the USA.
If you send us an e-mail or a message via another telecommunication channel your data will only be stored and used for dealing with your request and related questions. The legal basis for using data for dealing with your requests is Article 6(1)(b) GDPR. We will delete your e-mail address after completion of your request.
9. Necessity of the data (Article 13(2)(e) of the GDPR)
Provision of the data listed above is mandatory in order to allow us to offer our clients the services they require and fulfil our statutory obligations. In addition to possible statutory reporting obligations to the responsible supervisory authorities, failure to provide data will result in the non-establishment or termination of the business relationship.
10. Data Security
Your personal data is protected by the implementation of technical and organizational measures. Those measures include in particular protection against unauthorized, illegal or accidental access, processing, loss, use or manipulation.
Notwithstanding our efforts to continually maintain an appropriately high standard in due diligence we cannot completely eliminate the risk that other persons might see and use information that you send us by e-mail or other electronic communication.
Therefore, please note that we cannot accept liability of any kind for disclosure of information caused by third party mistakes in data transmission and / or unauthorized access by third parties (e.g. hacker attacks).
11. Currency and validity of this privacy statement
This privacy statement is up-to-date and valid as of September 2021. Legislative developments and developments in our website and offers may bring upon the necessity to change this privacy statement.