Planet Languages Limited (subsequently referred to as “we”) greatly respects your privacy. As a result, we take the responsibility of protecting your personal information such as name, address, email address, telephone number, etc., very seriously.
A cookie is a small data file that certain websites write to your hard drive when you visit them. The only personal information a cookie can obtain is information a user supplies themselves. A cookie cannot read data from your hard disk or read cookie files created by other sites. Cookies, however, enhance our website performance in a number of ways, including providing a secure way for us to verify your identity during your visit to our website and personalising your experience on our site, making it more convenient for you.
2. Data minimisation and avoidance
We will observe the principles of data minimisation and data avoidance. That means that we will collect, process and use as little personal data as possible.
3. Personal data and consent
We will collect, process and use your personal data only if this is necessary for substantiating, implementing or terminating a contractual customer relationship or similar.
In the remainder of cases, we will only collect, process and use your personal data following your prior consent. Your personal data will only be used for the purpose and to the extent to which you have consented. For example, we will only inform you of our products and services once your consent has been received.
You can ask us to update the information we hold for you or withdraw your consent at any time. On receipt of your request, we will update your information accordingly, or stop processing and/or delete your data (subject to compliance with our legal obligations or overriding legitimate interest). Requests to update or to delete your information, or to withdraw your consent, should be sent to: firstname.lastname@example.org
4. Automatically generated data
As you browse the pages on our website, personal data may be automatically processed. Typically, this relates to the name of your internet provider, your IP address, the browser you are using, your operating system, the web pages you visited on our website and the domain from which you accessed our website. In all the above-mentioned cases the processing of such data is carried out anonymously, which means that it is impossible for us to assign and therefore identify any individual person from this data.
5. Third party access to your personal data
Any collection of personal data will be carried out by us, not a third party supplier, and we will never sell your data to any third parties. We always strive to ensure that any service providers or subcontractors we employ to help us fulfil our contractual obligations to you also adhere to the relevant legal data protection regulations and the resulting obligations from this Privacy & Data Protection Policy notice.
We have put technical and organisational measures in place to protect your data against loss, alterations, theft or access by unauthorised third parties.
The collection of personal data relating to persons under the age of 18 years is not within our interests. Should it come to our attention that such data has been passed to us without the approval of the parents or legal guardian, this data will be deleted immediately.
8. Deletion and blocking
We will delete your personal data when the associated business objective ceases to apply or when the relevant legal data protection regulations call for this. For example, we will delete the data collected for a competition if you have not consented to your data being collected, processed and used for any other purpose. In cases of consent being given, we will delete your data following the retraction of your approval or the discontinuation of the purpose of your consent (see item 3 above).
If requested, we will totally block or partially block your personal data. With regard to this, you will need to inform us of the extent and the duration that this should be carried out for. As long as this is technically possible, you will be able to exclude your data from being processed and used for certain purposes.
Our web pages may contain hyperlinks to other websites. These are electronic cross-references that allow web pages from other organisations to be accessed. Please note that this Privacy & Data Protection Policy notice does not apply on these linked websites. Please consult the data protection regulations for that particular website.
10. Revisions to this Privacy & Data Protection Policy notice
We keep this Privacy & Data Protection Policy notice constantly up-to-date, to ensure compliance with current UK and EU legislation. As a result, it may be necessary to revise this Privacy & Data Protection Policy notice to accommodate any factual or legal changes to our conditions. By continuing to access our website we will assume that you have consented to these revisions.
Planet Languages’ Commitment to Compliance with the General Data Protection Regulation (GDPR)
What is the GDPR?
The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in EU law, effective 25 May 2018, that establishes a single set of rules for every European Union (EU) Member State to protect personal data. It builds upon and updates the current EU data protection framework, and also addresses the export of personal data outside the EU. Under the GDPR, companies processing personal data must continue to ensure they have proper controls over the processing and security of personal data, according to the data protection principles in the GDPR. They must continue to control how data is stored, kept up to date, accessed, transferred and deleted.
GDPR defines personal data as any information relating to an identified or identifiable natural person who can be directly or indirectly identified in particular by reference to an identifier.
This new legislation sets out specific administrative requirements for how data is handled and data holders must fulfil requirements to communicate with data subjects about the data they hold on them. GDPR means that individuals will have much more control about who holds what information about them, and how that information is used.
Clients employing Planet Languages as a translation provider act as a ‘data controller’; Planet Languages acts as a ‘data processor’. Clients should audit any data they share with us for personal or sensitive information. Where relevant, they should ensure they have the data subject’s consent and/or a lawful basis for processing it; we will always assume that the data subject’s consent has been obtained and will process content in accordance with existing or required confidentiality agreements.
We carefully manage and restrict access to confidential and, in particular, personal data. The Planet Languages employees, suppliers or subcontractors who do access it only do so as part of their work, to help us ensure we fulfil the contractual requirements agreed with our clients and suppliers.
At your request, we will stop processing and/or delete (subject to compliance with legal obligations or legitimate interest, as applicable) your personal data and all associated information, in accordance with GDPR.
The privacy and security of client information and personal data when working with Planet Languages is our utmost priority. We use the latest internet technologies and strict policies to provide maximum security to our clients, suppliers and employees alike.
As part of our commitment to continuously strengthening our guard against cyber threats, we are currently working towards certification with Cyber Essentials, a UK-government backed scheme that helps protect organisations against a whole range of common cyber-attacks.
Planet Languages has defined safeguards and processes in place to a) support our clients fulfil the GDPR requirements, b) respond to a Subject Access Request (SAR), c) maximise security in order to avoid a data breach, as well as d) deal with any future, unforeseen data breach.
Planet Languages always strives to ensure that any service providers, suppliers or subcontractors we employ to help us fulfil our contractual obligations also adhere to the relevant UK and EU data protection regulations.
Content for translation presents a particular challenge as it may contain personal data. We routinely treat all documents for translation as confidential and have defined safeguards and processes to ensure confidentiality and to protect your content.
In order to fulfil our clients’ requirements and provide translated content of the highest quality, Planet Languages relies on a carefully selected network of suppliers (sub-processors) that may be based abroad, including in countries outside the EU/EEA and those not deemed to have adequate Data Privacy laws under the GDPR.
This situation is common to all Language Service Providers and a fundamental feature of the translation and localization industry. We are working on practical solutions to address this issue and expect to provide a GDPR compliant pathway for translation content in due course.
In the meantime, you can be assured that we have contractual agreements in place with all our suppliers guaranteeing strict data security policies.
Preparation, training & ongoing compliance with GDPR
We have appointed an internal GDPR team to learn, implement, and enforce compliance within Planet Languages. This, combined with a rigorous training program for all employees and suppliers, will increase the company’s security culture.
We are registered with the Information Commissioner’s Office under the registration number ZA418347.
Planet Languages will implement an annual audit program to ensure long-term compliance.
We provide regular training for all team members on the care, security and appropriate handling of personal data. In addition, we provide additional targeted training on specific data protection and privacy practices to employees whose roles frequently require handling of customer or other personal data.
At the same time, we are assessing the latest solutions in the fields of data security and data protection, to establish how we can apply them to our processes, infrastructure solutions, and future endeavours.
If you require our support in order to ensure compliance with GDPR, please do not hesitate to contact us at email@example.com. We are eager to help meet your needs.
Should you have any specific questions relating to the collection, processing and utilisation of your personal data, you are very welcome to contact us at: firstname.lastname@example.org
Call Planet Languages: +44 (0)1252 713 444
Revised 22 May 2019