PRIVACY NOTICE


Buffer Group is a company incorporated in the United States of America (here and after ‘Buffer Group’, ‘we’, ‘us’).

This Privacy Notice describes the information that we gather on or through the services provided, how we use and disclose such information, and the steps we take to protect such information. By visiting the site, or by purchasing or using the services, you accept the privacy practices described in this Notice.

This Notice is incorporated into, and is subject to, the Buffer Group Privacy Policy.

This Privacy Notice ensures the level of data protection prescribed by EU Regulation No 2016/679 (General Data Protection Regulation or GDPR) and provides one of the necessary framework conditions for data processing. This Notice applies to all Buffer Group’s affiliated companies and their employees and is based on globally accepted, basic principles on data protection. This notice does not form any part of the contract to provide services.



PRINCIPLES OF PERSONAL DATA PROCESSING


We have to collect and use (to process) certain types of information (Personal Data) that relates to the people (Data Subjects) who we come into contact with in order to carry out our business.

We are confident that when processing personal data, the individual rights must be protected, which means that all personal data must be collected and processed in a legal and fair manner.

Therefore we presume and agree that Personal data shall be:

(a) processed lawfully, fairly and in a transparent manner in relation to the data subject (‘lawfulness, fairness and transparency’)

(b) collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes (‘purpose limitation’)

(c) adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (‘data minimisation’);

(d) accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay (‘accuracy’);

(e) kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed (‘storage limitation’);

(f) processed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures (‘integrity and confidentiality’).

We may impose a restriction on your access to our services if it’s necessary to protect our staff from unacceptable behavior.



LAWFULNESS OF PROCESSING


We collect different types of information from or through our activity. The legal basis for Buffer Group’s processing of personal data are primarily that the processing is necessary for providing the services and that the processing is carried out in Buffer Group’s legitimate interests. We may also process data upon your consent, asking for it as appropriate.

Buffer Group will only use your personal information for the purposes for which it was collected, unless it reasonably considers that it needs to use it for another reason that is compatible with the original purpose. If Buffer Group needs to use your personal information for an unrelated purpose, Buffer Group will notify you and explain the legal basis which allows Buffer Group to do so.

To make processing compliant, we should ensure it has at least one legitimate reason for processing (collecting, using, managing or disclosing) personal data.

According to Article 6 (1) of EU Regulation No 2016/679 (General Data Protection Regulation or GDPR) such reasons could be:


  • the data subject has given consent to the processing of his or her personal data for one or more specific purposes;
  • processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
  • processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.

Please note, that in some circumstances prior consent is not necessary.



HOW DO WE COLLECT YOUR PERSONAL INFORMATION


We use different methods to collect data from and about you including through direct interactions, automated technologies or publicly available sources.

These are the main ways we collect your information:


  • you contact us directly to request information about our services.
  • you contact us directly to apply for a vacancy.
  • we acquire your personal data from other sources, such as social media sites.
  • from your use of Buffer Group website.

We do not provide services directly to children or proactively collect their personal information. However, we are sometimes given information about children while handling a complaint or conducting an investigation. The information in the relevant parts of this notice applies to children as well as adults.

If you are under 18, please do not provide us with any of your information unless you have the permission of your parent or guardian.

Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you



WHAT PERSONAL DATA MAY BE COLLECTED


Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).

The following types of personal information about you may be collected:


  • name,
  • address,
  • contact details e.g. street address, email address, telephone number,
  • location,
  • work experience,
  • job title,
  • professional certifications,
  • education & qualifications,
  • skills,
  • career history,
  • salary range,
  • right to work status/citizenship,
  • any other information you provide us voluntarily when you communicate with us.

In order to track and analyze website traffic and users’ interaction with Buffer Group website as well as to improve visitors’ experience, Buffer Group collects details of your visits by using Google Analytics. Nevertheless, this information does not relate to you directly and could not identify your personality so it could not be treated as personal data.

We do not generally collect any special categories of personal data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offenses. In the limited cases where we do process such data, we do this in accordance with the applicable legislation.



HOW DO WE KEEP PERSONAL DATA SAFE


We use technical and organizational security measures including encryption and authentication tools to protect your personal information, against manipulation, loss, destruction, and access by third parties. Our main security measures are:


  • restricted access to your data on a “need to know” basis
  • transfer of data only in encrypted form
  • secure IT systems to prohibit unauthorized access
  • permanently monitored access to IT systems to detect and stop any misuse.


HOW DO WE USE YOUR PERSONAL DATA


  1. Purposes related to the provision of our services. This may include sharing your personal data with service providers in terms necessary to fulfill our business under our legitimate interest, to our customers within stuffing services under your consent.
  2. Please be assured that such access to your Data will be strictly on a “need to know” basis and will be subject to our internal privacy policy and an obligation of confidentiality.
  3. Purposes related to compliance with regulations under the law and the fight against fraud.
  4. Purposes to fulfill contract with you or to accomplish actions required before contract conclusion.
  5. Purposes related to the promotion of our services and opportunities. This may include signing you up for our newsletters, communicating with you about our latest updates, services, and open job positions.
  6. Purposes related to the analysis and improvement of our services. This may include conducting troubleshooting, Data analysis, testing, research, statistical and survey analysis.
  7. Purposes related to processing your data privacy requests.

We only keep your Data for the time necessary for the purposes described above. We retain your Data for the duration of your communication with us. We may keep your Data in an intermediate archive for 5 years following the first contact if no contract concluded with purposes related to the promotion of our services and opportunities, to the analysis and improvement of our services and in order to comply with our legal and contractual obligations or to protect ourselves from any potential disputes (as required by laws applicable to record-keeping and to have proof and evidence concerning our relationship, should any legal issues arise following the termination of our communication). Personal Data provided before contract conclusion or within the duration period of the contracts can be retained for the time periods under the conditions of the law and no less than 5 years after contract termination.



YOUR RIGHTS


Buffer Group allows you to access your personal information, edit or obtain data collected about you by filling in your request here (link).

Every data subject is guaranteed the following rights. Their assertion is to be handled immediately by the responsible unit and cannot pose any disadvantage to you.


  • Right of Access by the Data Subject: You shall have the right to receive information from us regarding the processing of your personal data.
  • Right to Rectification: You shall have the right to demand that we correct your personal data which are incorrect and/or incomplete.
  • Right to Erasure: You shall have the right, in the event that the requirements specified in Art. 17 of the GDPR have been met, to demand the deletion of your data. Thus, in accordance with this Art. 17, for example, you may demand the deletion of your data insofar as these data are no longer required for the purposes for which they were collected. Furthermore, you may demand the deletion of these data if we process your data based upon the consent which you have granted and you then withdraw this consent. In order to use this right please fill in the form here (link).
  • Right to Restriction of Processing: You shall have the right to demand the restriction of the processing of your data if the requirements specified in Art. 18 of the GDPR have been fulfilled.
  • Right to Object: If the processing is based upon an overriding interest or your data are used for the purposes of direct advertising, you shall have the right to object to the processing of your data.
  • Right to Data Portability: Insofar as the data processing is undertaken based upon a consent or a fulfilment of a contractual agreement and this is also undertaken while using an automated processing system, you shall have the right to receive your data in a structured, commonplace and machine-readable format and to transfer these data to another data processing service provider.
  • Right of Revocation: If the data processing is undertaken based upon a consent, you shall have the right to withdraw your consent for the data processing, with effectiveness for the future, at any time and upon a free-of-charge basis, by filling in the form here (link).
  • Right to Complain: You shall also have the right to complain to a government supervisory authority regarding our processing of your data.

If you have given us your consent, you may withdraw that consent at any time for future processing. This will not affect the lawfulness of the processing prior to the withdrawal of consent.

We would like to remind you that it is your responsibility to ensure, to the best of your knowledge, that the data you provide us, are accurate, complete and up-to-date. Furthermore, if you share with us data of other people, it is your responsibility to collect such data in compliance with local legal requirements. For instance, you should inform such other people whose data you provide to us, about the content of this Notice and obtain their prior consent.



SHARING OF INFORMATION


Buffer Group may disclose your personal information to the following categories of recipients:


  • to its professional advisers, third party services providers and partners who provide data processing services to Buffer Group, or who otherwise process personal information for purposes that are described in Privacy Notice or notified to you when Buffer Group collects your personal information.
  • to any competent law enforcement body, regulatory, government agency, court or other third party where Buffer Group believes disclosure is necessary (a) as a matter of applicable law or regulation, (b) to exercise, establish or defend its legal rights, or (c) to protect your vital interests or those of any other person.
  • to any other person with your consent to the disclosure.

You consent that, if it was necessary, the processing of your Personal Data could be held on a server located in the country different from the country of your residence. These countries may have data protection laws that are different to the laws of your country. However, we have taken all appropriate safeguards to guarantee that your Personal Data will remain protected in accordance with this Privacy Notice.

Due to our global nature, data you provide to us may be transferred to or accessed by our affiliates and trusted third parties from many countries around the world. As a result, your data may be processed outside the country where you live, if this is necessary for the fulfillment of the purposes described in this Notice.



USE OF COOKIES


Buffer Group doesn't use cookies, but this can be changed with time. We recommend you to check this Notice on a regular basis.



CHANGES TO THE PRIVACY NOTICE


We reserves the right to amend this General Privacy notice and specific privacy notices at any time, for any reason, without notice to you, other than the posting of the amended privacy notices on this website. You must review this Privacy Notice from time to time for any amendments.



CONTACT US


If you have any additional questions about our privacy practices, or if you feel your privacy was not treated in accordance with our Privacy Notice, please feel free to contact us via email at:

data@buffergroup.com