Workplace responsibilities and measures

  1. There must be a relevant reason for the collection and processing of personal data
  2. The storage time is always limited and determined by the purpose of processing
  3. A written processing agreement must be signed with the personal data processor
  4. We keep computer technology as well as physical documents secure, passwords, encryption, locks, access restrictions, etc.
  5. We log in to the information system only under our own name and we do not pass on our access to anyone, we revise rights and access according to current job positions
  6. We try to pseudonymize the databases (eg replace the name with an ID and keep their combinations elsewhere) or if they are not necessary and it is enough, eg anonymous data about shipments, delete personal data in the databases and anonymize the data, eg for statistical and analytical purposes.
  7. No documents containing personal data may be rolled anywhere (at printers, at depots, in meeting rooms, etc.)
  8. We do not throw documents with personal data in the trash, but in containers designated for this purpose or we shred.
  9. We maintain the so-called rule of a clean table and a blank screen.
  10. We do not publish any personal data outside of our website or without the consent or any legal reason for bulletin boards, etc.