Information security and privacy global policy statement
Efsp.eu is a website offering online English language courses for business professionals
We collect and use personal data to offer people information, products and services. This policy will apply in all locations where we operate, to all forms of information and to all systems used to collect, store, process or transfer information.
Efsp.eu applies the EU Data Protection legislation as a global privacy standard together with local data protection law in the countries where it operates. In countries where the Eu Data Protection legislation conflicts with local law, local law that meets internationally accepted privacy principles will take precedence.
Under no circumstances will Efsp.eu sell or otherwise transfer our user’s personal data to third parties for advertising purposes. Data will only be used and retained where necessary to provide our legitimate services. Our business model in no way relies on the sale of personal data.
Efsp.eu is committed to:
- performing privacy impact assessments to protect the privacy and rights and freedoms of its customers and employees
- protecting the confidentiality, integrity and availability of the information it collects, stores, transfers and processes in accordance with EU law and international good practice, and to meeting its legal requirements and contractual obligations
- explaining why it needs personal information, only asking for the personal information it needs and only sharing personal information within Efsp.eu and with other organisations as necessary or where the person concerned has given their consent
- clearly and openly communicating to its customers and employees the purposes for processing their personal information, including the legal bases for processing and limiting the purposes to only what has been communicated or where there is a legal obligation
- allowing people to request access to the personal information it holds on them and to complain if they believe their information has been mishandled
- not keeping personal information for longer than necessary
- taking measures to protect the rights and freedoms of individuals whose personal information may be transferred to countries with differing data protection laws
- ensuring that actual or suspected breaches of information security are reported and investigated
- assessing the maturity of its information security controls annually
- applying these standards to its supply chain and delivery partners.
We will provide adequate and appropriate resources to implement this global policy statement and will ensure it is communicated and understood.
Efsp.eu will review this global policy statement annually to reflect new legal and regulatory developments and ensure good practice.
This global policy statement was approved by the owners of Efsp.eu October 2021 and is due for review in October 2022.