elseco regards the lawful and correct treatment of personal information as very important to its successful operations and to maintaining confidence between elseco and those with whom it carries out business. elseco ensures that it treats personal information lawfully, correctly and securely.
THE PRINCIPALS OF DATA PROTECTION
elseco is fully committed to compliance with the requirements of data protection laws, which stipulate that anyone processing personal data must comply with the following principles of good practice:
Lawfulness, fairness and transparency – personal data shall be processed lawfully, fairly and in a transparent manner.
Purpose limitation – personal data shall be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes.
Data minimization – personal data shall be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.
Accuracy – personal data shall be accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay.
Storage limitation – personal data shall be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed.
Integrity and confidentiality – personal data shall be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures.
HANDLING OF PERSONAL DATA
Through appropriate management and the use of strict criteria and controls:
· elseco observes fully conditions regarding the fair collection and use of personal information;
· elseco meets its legal obligations to specify the purpose for which information is collected and used;
· elseco collects and processes appropriate information and only to the extent that it is needed to fulfill operational needs or to comply with any legal requirements;
· elseco ensures the quality of information used is correct and up to date;
· elseco ensures that personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes;
· elseco takes appropriate technical and organizational security measures to safeguard personal information; and
· elseco ensures that the rights of people about whom the information is held can be fully exercised under the data protection laws.
All elseco employees are fully aware of this policy and of their duties and responsibilities under the data protection laws.
All contractors, consultants, partners or other servants or agents of elseco must ensure that they and all of their staff who have access to personal data held or processed for or on behalf of elseco, are aware of this policy and are fully trained in and are aware of their duties and responsibilities under the data protection laws.
elseco has appointed a Data Protection Officer. The implementation of this policy will be led and monitored by the Data Protection Officer.
The Data Protection Officer can be reached at elseco limited, Level 7, Gate Village Building 8, DIFC, Dubai, UAE, PO Box 506639 or firstname.lastname@example.org.
VARIATION OF POLICY
elseco reserves the right to amend this policy in line with legislation and business needs.
 Data Protection Law DIFC Law No. 1 of 2007 amended by DIFC Law No. 1 of 2018; Regulation (EU) No. 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data where applicable.