In this Data Protection Statement, the terms below have the following meaning:
“Data Breach” means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, Personal Data transmitted, stored or otherwise Processed.
“Data Controller” means the entity which, alone or jointly with others, determines the purposes and means of the processing of Personal Data.
“Data Processor” means the party that Processes Personal Data on behalf of the Data Controller (for example, a payroll service provider).
“Data Protection Law” means the General Data Protection Regulation (No 2016/679) (“GDPR”) and the Data Protection Acts 1988 to 2018 and any other laws which apply to the HBFI in relation to the Processing of Personal Data.
“European Economic Area” or “EEA” means Austria, Belgium, Bulgaria, Croatia, Republic of Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Iceland, Liechtenstein, and Norway.
“Personal Data” is any information relating to an identified or identifiable living individual (“Data Subject”). Personal Data can include:
- a name, an identification number;
- details about an individual’s address or contact details;
- data related to the delivery a service by HBFI;
- any other information that is specific to that individual.
“Processing” means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. “Process” and “Processing” are interpreted accordingly.
“Special Categories of Personal Data” are types of Personal Data that reveal any of the following information relating to an individual: racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership. Special Categories of Personal Data also include the Processing of genetic data, biometric data for the purposes of uniquely identifying an individual (for example, fingerprints), health data, data concerning sex life or sexual orientation. Personal Data relating to criminal convictions or offences are also considered sensitive and specific restrictions apply to the processing of such data.