Office Global, bookkeeping and financial management

Menu

Privacy Policy

Note: This Privacy Policy was drafted and updated in accordance with the legal provisions in force on 16.08.2023.

 

Privacy Policy applied by www.nice-to-work.com

This Privacy Policy governs the collection, storage and processing of data by the administrators and representatives of www.nice-to-work.com (hereinafter referred to as “we”/ “us”/ “Office Global”). We take the protection of your data seriously and therefore take strict measures, both organizational and technical, to ensure its security.

1. Preamble
Since by using our website, we may directly or indirectly come in contact with your personal data within the meaning of EU Regulation 679/2016 (GDPR), as well as of Personal Data Protection Act No. 9 of 2022, Sri Lanka, we have drafted this Privacy Policy, with the aim of informing data subjects about the data collected, the purpose and the method of processing, as well as about the rights and obligations of both us and data subjects.

www.nice-to-work.com is a web page based in Europe, aimed mainly at people in Sri Lanka. As operators of this web page and acting as data collectors, we treat your data with discretion and particular care, and in accordance with both the relevant regulations and this Privacy Policy.

On 22nd February 2022, a Joint Declaration was released by the European Union, Australia, Comoros, India, Japan, Mauritius, New Zealand, the Republic of Korea, Singapore, Sri Lanka on privacy and the protection of personal data. Although at the moment, Sri Lanka does not enjoy an adequacy decision from EU, its privacy laws closely follow trends set by GDPR. Thus, although this Policy follows applicable laws both in the EU and Sri Lanka, provisions mostly overlap and there are no significant differences to be accounted for.

We would like to draw your attention to the fact that this Privacy Policy exclusively applies to the original content on the website. Our website may contain plug-in links to other operators in the form of access buttons. By accessing external internet pages or applications, you become a data subject of those controllers. These entities are responsible for their own privacy policies. Office Global assumes no liability for damages caused by such third parties.

Please read this Policy carefully; if you have any complaints in this regard, please contact us at info@nice-to-work.com.

 

2. Holder of the Undertaking expressed in this Privacy Policy

The commitment expressed by this Policy belongs to Office Global PVT LTD, a Sri Lankan legal entity, with registered office Sri Lanka, Galle Wackwella Road, Sandvick Building, Second Floor No. 212, registered at the Trade Register Office Democratic Socialist Republic of Sri Lanka, email info@nice-to-work.com.

 

3. Principles governing the processing of personal data

In accordance with the provisions of EU Regulation 679/2016, the processing of personal data is carried out in compliance with the following principles:

a. Lawfulness, fairness, and transparency

Lawfulness is an essential principle that characterizes any conduct of the individual in society, and in the case of processing of personal data implies a processing of personal data under legal provisions that are part of the acquits communities that correlates with the stated purpose for processing and the legal grounds among those allowed by the GDPR Regulation.

Fairness implies moral and ethical values, a fair processing being one carried out on the basis of the same objective and honest criteria, without discrimination.

Transparency implies that any information and communication relating to the processing of personal data is easily accessible and understandable and that plain and simple language is used when transmitting such information/communication.

b. Limitations on the purpose of data collection

Personal data must be collected for specified, explicit and legitimate purposes and further processing in a way incompatible with those purposes is prohibited, except where further processing is carried out for archiving purposes in the public interest, for scientific or historical research purposes or for statistical purposes.

Setting purposes in such a way that they are determined, explicit and legitimate contributes to transparency and provides predictability, protecting the data subject by setting limits on how controllers may use their personal data and reinforces the fairness of the processing of personal data.

Personal data must be collected for specified, explicit and legitimate purposes and further processing must not deviate from these purposes.

c. Limitations on data storage

Data must be kept only for as long as necessary for the purposes for which they are collected. Longer storage periods are exceptions and usually result from the law (e.g., obligation to keep records for a certain number of years, keeping data for research or statistical purposes).

d. Proportionality – minimizing the data collected

By this principle, controllers are advised that any collection of personal data must be carefully considered before the actual collection of the data, which must be as relevant as possible and strictly limited to what is absolutely necessary for the purposes for which it is processed.

e. Checking the accuracy of the data and keeping it up to date

Operators must take all measures to ensure the validity of data, and those found to be inaccurate must be promptly updated or deleted. In this regard, the data subject has the right to request that inaccurate data be amended or deleted.

f. Integrity and confidentiality – data security

The processing of personal data must be carried out under the most appropriate security conditions, including protection against unauthorized or unlawful processing and against accidental loss, destruction or accidental damage, by taking appropriate technical or organizational measures.

We have described the principles as they result from the Regulation in order to understand the conditions under which personal data may be processed.

Based on these principles, we have implemented procedures applicable to our employees and collaborators, as well as technical and organizational measures to ensure compliance with all these principles.

 

4. Legal basis and purpose

This Policy is drawn up in accordance with and as a result of the measures required by the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of the European Union of 27 April 2016 on the protection of individuals with regard to the collection and processing of personal data and on the free movement of such data (GDPR), as well as of Personal Data Protection Act No. 9 of 2022, Sri Lanka (PDPA).

In accordance with Art. 6 of the GDPR and Section 7 of PDPA, Office Global stores only necessary data, data to which you have given your consent, and keeps it only on the basis of a legitimate interest.

Office Global undertakes to collect and process your data only to the extent that this action is necessary for the proper administration of the website and the provision of our services, as well as for the fulfilment of their legal obligations, including tax and archiving obligations.

In this regard, www.nice-to-work.com collects, stores and processes only those data necessary for the proper functioning of this website, data over which it has a legitimate interest, or data over which the owner has expressed its consent.

 

5. Categories of data collected and collection methods

As a general rule, it is possible to use our website without providing Office Global direct access to your personal data. Where our website offers or will offer services that require your identification, personal data will be collected only when there is a legal basis to proceed.

Note: Please be aware that the online transfer of data may be subject to digital attacks and thus may present security risks. An absolute guarantee of protection of your data against illicit access by a third party is impossible.

The data collected automatically when accessing these websites are generally not of a personal nature, except for your IP. They mainly concern:

– the type and version of browser used

– your operating system

– the originating URL (in case you access the page from another website)

– date and time of access

– geographical data

– time spent on the page

– information about the sections accessed

– type of device used

– behavioural data

Data collected through the contact form: the data you provide when filling in the form is collected by Office Global administrators and processed for the purpose of your request. By sending a message via the contact form, you consent to the collection and processing of the related data. Data is only stored to the extent necessary to process your request. We do not sell your data to third parties.

Data collected through comments: In the event that nice-to-work.com implements a comments section in the structure of the website, we inform you that the data thus provided will be collected and processed by the Office Global administrators. In addition, there is a possibility that both the IP and the user-agent string will be used to prevent spam messages. The user-agent string is an anonymized string created from your email address; it can be sent to Gravatar to verify your use of this service. Upon approval of your comment, your profile picture will be publicly visible in the context of the comment left. Gravatar’s privacy policy can be read here (https://automattic.com/privacy ).

Image data: In the event that Office Global implements a technology to transmit and upload images via this page, please note that most images contain “EXIF data” which includes, among other things, the GPS coordinates of the image. Once the image is made public, anyone who can access it can download the EXIF data. Please note that EXIF data is not necessary for the proper functioning of this website, so please remove it before uploading the image.

In addition, we may use third party analytics tools to measure site traffic and usage trends and to ensure a good understanding of our users’ profiles. We may contract with third party advertising companies to provide you with targeted advertising based on your browsing history.

This data cannot be attributed to a specific person and does not facilitate your identification. If there are concrete suspicions of misuse, we reserve the right to check this data retrospectively.

Accessing this website may also involve the collection of personal data via IP address, WIFI or wireless internet configuration (e.g., IP and computer name used to access the website). The collection and storage of this data is elaborated in the Cookies Policy.

Other personal data may also be collected if you contact us other than through this page, following your express consent to do so or when there is a legal basis to do so (e.g.: our legitimate interest to protect our network).

The personal data that nice-to-work.com may possibly collect concerns:

– Your name and surname

– User name

– Date of birth

– Contact details

– Nationality

– Legal status

– Address, when provided by you;

– Place of work, when provided by you;

– Tax information, when provided by you with a specific purpose in mind;

– Bank information, when provided by you with a specific purpose in mind;

Data about your preferences and interests are collected based on your selected preferences in the context of marketing communications, as well as in the Cookies settings banner.

The data attached to your social media profiles may become accessible to Office Global when you interact with us through various social media networks (e.g., following or sharing content on social media). This website may contain social media features such as like or share buttons on Facebook, LinkedIn etc or other related widgets. These social media companies may recognise, collect, and store information about your visit. These companies have interest-based advertising programs that allow us to target ads to users who have shown an interest in our services and products while these users are on the social media platform or to groups of other users who have similar traits, such as commercial and demographic interests. These ads are governed by the privacy policies of those media companies that provide them; we do not have the ability to verify, monitor or change the privacy policies of these companies; they are, however, subject to the same legal data protection regulations.

All this data is collected in a variety of ways. In addition to data provided by you with your express consent, this site may also contain several tracking technologies, including cookies, Flash objects, pixel, web beacons, embedded scripts, location tracking technologies, and other tracking technologies. Tracking technologies facilitate marketing communications tailored to your preferences, improving both our services and your digital experience, and fulfilling other legitimate purposes.

Collection of data through tracking technologies may be accepted or restricted by adjusting your device settings, unless necessary for the proper functioning of the site. The information we collect automatically may be combined with other personal information we collect directly.

Note: Our website does not collect and process personal data qualified by the GDPR or PDPA as sensitive data, respectively:

– Racial origin

– Ethnicity

– Political opinions

– Religious and philosophical orientations

– Sexual orientation

– Data on health or medical condition

– Criminal history

– Trade union membership

– Genetic or biometric data;

– information on children;

 

6. Data storage

Personal data collected via our website is stored in accordance with the relevant regulations in force, in particular GDPR and PDPA, in an encrypted drive with limited access. All our devices are provided with up-to-date anti-virus licenses to prevent third parties from gaining illicit access to your data.

Personal information collected and processed for any stated legitimate purpose will be retained only for a reasonable period necessary to fulfil the related purpose or purposes. Such data will be erased or made anonymous as soon as it no longer serves any legitimate purpose or after a period of three years.

After this period, anonymised data will be used only for statistical, academic, innovation or marketing purposes.

Notwithstanding the above, personal data may be kept for a different period of time:

– Where the basis for processing is your consent; in this case, processing will be carried out until the date on which consent is withdrawn or declared to be vitiated by the competent bodies, but no longer than 5 years from the date of your last interaction with us;

– to the extent that we are required to do so by law;

– where they may serve ongoing or future legal proceedings;

– to establish, exercise or defend our legal rights (including providing information to third parties for the purposes of fraud prevention and credit risk reduction);

– Cookies and consent-based technologies are held for a different period of time depending on your cookie settings (with the exception of session cookies and other similar technologies which are held for the period for which you are in that browser).

 

7. Rights and obligations of users

a. Users are required to provide complete and accurate information. If the information provided by the user does not comply with this obligation, Office Global shall disclaim any damage thus caused.

b. Users are required, before disclosing to us the personal data of a third party, to obtain the consent of the third party for both the disclosure and the processing of such data in accordance with this Policy and the legal regulations in force. Failure to comply with this provision by the user does not render Office Global liable for any damage thus caused, nor does it become a party to any litigation arising therefrom.

c. Visitors and users of our website may request a copy of their personal data stored by us at any time by contacting info@nice-to-work.com.

d. Visitors and users of our website may request at any time the modification of personal data, in accordance with the GDPR and with Section 15 of PDPA, by contacting info@nice-to-work.com.

e. Visitors and users of our website may request the deletion of their personal data at any time in accordance with Art. 16 GDPR and with Section 16 of PDPA, by contacting info@nice-to-work.com.

f. Should they have given prior consent in this regard, users of our website may at any point choose to discontinue marketting communication with us, by contacting info@nice-to-work.com.

Note: Please note that the rights mentioned in this section are not absolute. They are subject to exceptions; therefore, it is necessary to analyse user requests on a case-by-case basis in order to determine the grounds for the request. Unfounded requests will be refused; users have the right to obtain a justification for the refusal and to be informed of their right to lodge a complaint.

 

8. Rights and obligations of Office Global

a. Office Global has the right to collect, process, store and disseminate visitors and users’ personal data in accordance with this Policy, the Cookie Policy, and the relevant legal provisions in force;

b. Office Global undertakes not to share the collected information with third parties (including authorized bodies) except to the extent necessary to achieve the stated legitimate purposes.

c. Any User Generated Content (UGC) remains the property of Office Global and is not subject to copyright or intellectual property rights for the benefit of the user;

d. Office Global undertakes to transmit, modify, or delete on request the personal data of the users within a maximum of 30 days from the registration of the request;

e. Office Global undertakes to take technical measures to ensure the security of the data collected, to monitor their collection and processing, to carry out security tests and to periodically renew the site’s administrative passwords;

f. Office Global undertakes to take steps to ensure, within reasonable limits, that your personal data is not collected, nor processed outside of either Sri Lanka or the European Economic Area (EEA); if such a transfer is necessary, we will ensure that it is legitimate, based on your explicit consent or other legal basis. Exceptionally, user data may leave Sri Lanka and/or the EEA area as a result of your consent to data processing through marketing partners such as Google, Facebook, LinkedIn.

g. In the event of a data breach that could result in an increased risk of unlawful restriction of users’ rights and freedoms, Office Global undertakes to inform users of the breach without delay and within a reasonable time and to take all necessary measures to remedy the situation.

h. Office Global undertakes to update this Policy in accordance with any future legal provisions regarding the collection, storage, processing, and dissemination of data. If you have any objections to this Policy or future changes, please contact info@nice-to-work.at.

 

9. Jurisdiction

In the event in which an user has submitted a request regarding non-compliance with this Policy and the situation has not been remedied within a reasonable time by Office Global, they may lodge a complaint either with the Austrian Data Protection Authority (DSB)

 

10. Jurisdiction and applicable law

This Privacy Policy is governed by and shall be construed in accordance with the laws applicable both in the EU and Sri Lanka.