ALON ASH CONSULTING
PRIVACY POLICY
The purpose of this privacy policy (hereinafter referred to as the Policy) is to provide an individual - a data subject - with information about the purpose, scope, protection, and duration of personal data processing at the time of receiving the data and in the course of processing the personal data of the data subject. The data we process depends on the services you use. We also ask for data when communicating with you online, sending emails, or phone calls. The personal data entrusted by you allow us to serve you in accordance with your wishes, as well as provide individual support and advice.
TERMS AND DEFINITIONS
The data subject (hereinafter referred to as the Subject) means any natural or legal person who has communicated his personal data to the Administrator and whose data is processed by the Administrator (Alon Askenazi) in accordance with the general principles of personal data processing.
Personal data (hereinafter referred to as the Data) - data about the Subject that the Subject has communicated to the Administrator through the use of the Administrator's website www.alonash.com including online forms, cookies, registration to receive news or other services of the Administrator, via electronic by mail or by phone. This data includes the name, surname, telephone number, email address, and other personally identifiable information of the Subject.
Processing of personal data - any activity carried out with the Data, including the collection, registration, organization, storage, modification, provision of access, viewing and retrieval, use of personal data, transfer to third parties (in order to start and provide services, as well as to perform and provide obligations established by the contract), mutual use, deletion or destruction of personal data or some of the above actions, regardless of how the activity is carried out or what means are used.
Third-party means any natural or legal person, with the exception of the Subject, the Administrator, or the person who processes the data on behalf of the Administrator.
PURPOSES AND PRINCIPLES OF PERSONAL DATA PROCESSING
The Policy is applied to ensure the confidentiality and protection of personal data: a) individuals - customers and their legal representatives (including potential, former and current), as well as third parties who, in connection with the provision of services to an individual, receive or transmit any information to the Administrator (including contact persons, payers, etc.); b) visitors of websites and mobile applications supported by the Administrator.
The Administrator takes care of the confidentiality and protection of the personal data of the Subjects, respects the right of the Subjects to legality of the processing of personal data in accordance with the Regulation of the European Parliament and of the Council No. 2016/679 of April 27, 2016, on the protection of individuals with respect to the processing of personal data and their free circulation, as well as others applicable privacy and data processing regulations.
The Policy applies to data processing regardless of the form and/or in which environment the Subject provides personal data (on the Administrator's home page, in mobile applications, in print or by phone) and in which systems of the Administrator or in print they are processed.
Additional specific rules may be established about specific methods of data processing (for example, the processing of cookies, etc.), the environment and purposes of the processing, of which the Subject is notified at the time of providing the relevant data to the Administrator.
The Administrator processes the Data:
for the general management of relationships with the Subjects in order to provide the necessary products, provide quality services and their convenient use;
to improve the quality of their products and services by polling the Subjects;
for advertising purposes, which occurs only with the written permission of the Subjects, for the development of the industry and the opportunity to offer new products and services;
for administrative purposes, in order to create and maintain the internal processes of the Administrator and ensure the workflow in the necessary and sufficient volume for this; for planning and analytics of commercial activities: statistics and business analysis, planning and accounting, preparation of reports, conducting surveys of the Subjects; to provide information to government bodies and subjects of operational activities in the cases and to the extent specified in external regulations;
for other specific purposes, about which the Subject will be informed when providing the relevant data to the Administrator;
The Administrator processes the Data of the Subject on the basis of legal grounds: to conclude and execute an agreement in order to conclude an agreement at the request of the Subject and ensure its execution; to comply with regulations in order to fulfill the obligations specified in external regulations that are binding on the Administrator; in accordance with the consent of the Subject; within the framework of legitimate (legitimate) interests in order to realize the legitimate (legitimate) interests of the Administrator, arising from the obligations existing between the Administrator and the Subject, or the concluded agreement or in accordance with the law. The legitimate (legitimate) interests of the Administrator are: conducting commercial activities; provision of services; verification of the identity of the subject prior to the conclusion of the contract; ensuring the fulfillment of contractual obligations; storage of applications and applications of the Subjects for the provision of services, other applications, and applications, notes to them, including those made orally, through calls, on the home Internet page; analysis of the work of the Administrator's home website, websites and mobile applications, development and implementation of their improvements;
for more efficient service delivery; service design and development; advertising their services by sending commercial messages; sending other reports on the progress of the execution of the contract and events related to the execution of the contract, as well as conducting surveys of the Subjects regarding the services and experience of their use; ensuring effective management processes for the Administrator's company; ensuring and improving the quality of services; payment management; late payment management; appeal to government bodies and operational activities, as well as to the court to protect their legitimate interests; informing the public about its activities. The Administrator undertakes not to transfer or lease the Data to third parties (unless the transfer of data is necessary to fulfill mutual obligations).
When processing the Data, the Administrator undertakes to comply with the principles set out in the Personal Data Protection Law and the EU General Data Protection Regulation.
CONSENT OF THE DATA SUBJECT
The data is processed on the basis of the consent of the Subject in accordance with Section 7 (1) of the Personal Data Protection Act and Article 6 (1) of the EU General Data Protection Regulation.
The Subject voluntarily agrees to the Administrator for the collection and processing of Data, the commencement, and provision of services, as well as for the fulfillment and maintenance of contractual obligations in accordance with these principles and the purposes of the Administrator. By filling out and sending printed questionnaires, online applications, or transmitting their Data by e-mail or phone, the Subject confirms its consent to the Administrator for the collection and processing of Data.
The granting of consent is a precondition for cooperation with the Subject, and refusal of consent means that the Administrator cannot perform the service requested by the Subject.
The subject has the right to revoke his prior consent at any time by notifying the Administrator by email. Withdrawal of consent does not affect the legality of the processing based on the consent of the Subject prior to withdrawal.
PROTECTION OF PERSONAL DATA AND LIABILITY
The Administrator must ensure the protection of the data using the capabilities of modern technologies, taking into account the existing risks to confidentiality and organizational, financial, and technical resources reasonably available to the Administrator. The Administrator confirms that the processing of the Data is limited to the minimum necessary to achieve the purpose of the Data processing.
The Administrator does not disclose to third parties the personal data of the Subject or any information obtained during the provision of services and the term of the contract, including information about the services received, if: her according to the law; in accordance with the clear and unambiguous consent of the Subject; to persons provided for by external regulatory enactments, upon their reasonable request in the manner and scope established by external regulatory enactments in cases stipulated by external regulations, to protect the legitimate interests of the Administrator, for example, by applying to a court or other state authorities against a person who has violated the legitimate interests of the Administrator.
In some cases, in accordance with the requirements of regulatory enactments, the personal data owned by the Administrator is available to service providers located in third countries (i.e. countries outside the European Union and the European Economic Area) (within the meaning of the EU General Data Protection Regulation - transfer to third countries) as data controllers.
The Administrator stores and processes the personal data of the Subject if at least one of the following criteria exists: only as long as the agreement concluded with the Subject is in effect; while, in accordance with the procedures specified in external regulations, the Administrator or the Entity may pursue their legitimate interests (for example, submit complaints or file and support a claim in court); as long as one of the parties has a legal obligation to retain the data; as long as the consent of the Subject to the respective processing of personal data is valid, if there are no other legal grounds for the processing of the data. After the end of the circumstances specified in clause 17, the personal data of the Subject will be deleted. The Subject has the right to demand that, taking into account the needs of the Subject, the Administrator transfer the personal data of the Subject that are at the disposal of the Administrator, another administrator.
If the Subject has agreed to the processing of the Data in connection with the requested service, the Data is stored until the Subject withdraws the consent.
Access to the Data of the Subject is available only to the employees of the Administrator who have the right to process the Data to the extent necessary to achieve the purposes of the Data processing.
The administrator is responsible for compliance with the requirements set out in the Personal Data Protection Act and the EU General Data Protection Regulation) after their entry into force.
The Administrator is not responsible for any unauthorized access and/or loss of the Subject's Data if they are outside the control of the Administrator, for example, due to an error and/or negligence of the Subject.
PROTECTION OF THE RIGHTS OF THE DATA SUBJECT
The Subject has the right to access their Data stored by the Administrator and receive additional information about the processing of their Data.
The Subject has the right to revoke the agreement for the processing of their Data at any time by notifying the Administrator in writing by sending an email. The changes will not affect the legality of the Data processing prior to the receipt of the Subject's refusal specified in this clause.
If the Subject believes that the Administrator does not respect the Subject's rights when processing the Data, or the Subject requests the deletion or restriction of the processing of his Data, the Subject has the right to request termination of the violation or deletion of his Data from the Administrator by email. To protect his rights, the Subject has the right at any time to contact the data processing supervisory authorities.