We collect and maintain the following information about you:

1) Full name;
2) Email address;
3) Title;
4) The company you work for; and
5) Device information (such as operation system, web browser); and
6) IP-address.

Categories 1-5 are collected in our dialogue with you or your colleagues, when discussing an agreement. Your IP-address is collected by the e-signing service as part of verifying that the right person is e-signing the agreement.

We will use the personal data listed above for the following purposes: A) to send you requests for your e-signature; B) to keep track of who has signed which agreement, and when; and C) to use the agreement that you have signed.

Samsung’s legal basis to process the personal data is Samsung’s legitimate interest to manage our contracts and signatures in a digital way (it really saves us from a lot of administration) (GDPR Article 6(1)(f). If you want to know more about how we have reasoned and balanced our interests with your interests and rights and freedoms, please contact us using the details in Section 7 below.

We will disclose your personal data internally within our business to all relevant teams such as, without limitation, the customer services team, the legal team, and the finance team. We will also disclose your personal data to the following entities but only for the purpose described above:

• Affiliates. Your personal data is going to be shared among Samsung affiliates for the purposes described in this Privacy Notice (i.e. purpose C above, the use of the agreements). The term ‘affiliates’ refers to companies related to Samsung Electronics Co., Ltd. by common ownership or control. Our affiliates include companies with the Samsung Electronics name. Affiliates may also include other companies related by common ownership or control, such as Samsung SDS Co., Ltd.

• Service Providers: carefully selected companies that provide services for or on behalf of us. These entities are committed to protecting your information. The e-signing service is provided by GetAccept AB, a Swedish limited liability company with an office at Södergatan 13, 211 34 Malmö, Sweden, which is a data processor bound by contractual data protection provisions, allowing it to engage sub-processors.

• Other parties when required by law or as necessary to protect the e-signing services: for example, it may be necessary by law, legal process, or court order from governmental authorities to disclose your information. They may also seek your information from us for the purposes of law enforcement, national security, anti-terrorism, or other issues that are related to public security;

Your personal data is only kept for as long as needed for the purposes for which it was collected. This means that your personal data will be destroyed or erased from our systems when it is no longer required. Normally, your personal data will be deleted from the e-signing solution after the agreement has been stored in our contract management system which usually takes up to 90 days but sometimes longer.

The agreements stored in our contract management system are stored for a longer period of time, usually for ten years after the expiry of the agreement’s term – however, depending on the nature of the agreement, we may have to store it for a longer time.

We take appropriate steps to ensure that we process and retain information about you based on the following logic:

1. at least the duration for which the personal data is used to provide you with the Service;

2. as required under law, a contract, or with regard to our statutory obligations; or

3. only for as long as is necessary for the purpose for which it was collected, is processed, or longer if required under any contract, by applicable law, or for statistical purposes, subject to appropriate safeguards.

Your use of our Services will involve the transfer, storage, and processing of your personal data outside of your country of residence, to the U.S. where GetAccept AB has service providers, and to Korea, consistent with this Privacy Notice. In addition, your use of the Services may also involve the transfer, storage, and processing of your personal data to other countries; such countries include, without limitation, countries in the European Economic Area, China, Singapore, Vietnam, India, Canada, the Philippines, and Japan. All international data transfers are subject to legal requirements to ensure that your personal information is processed safely and as you would expect.

We will take appropriate measures, in compliance with applicable law, to ensure that your personal data remains protected. Such measures include the use of Standard Contractual Clauses to safeguard the transfer of data outside of the EEA. For more information, or to obtain a copy of the contractual agreements in place, please contact us by visiting our Privacy Support Page (https://www.samsung.com/request-desk) or by sending an email to dataprotection.sena@samsung.com.

You have the right to request details about the data we collect about you and to request us to correct inaccuracies in that information, to object to or request the restriction of processing, and to request access to, or the erasure or portability of your information. Under the laws of some jurisdictions, we may decline to process requests that are unreasonably repetitive, require disproportionate technical effort, jeopardise the privacy of others, are extremely impractical, or for which access is not otherwise required by local law. To make a request concerning your rights or to make an inquire, contact us. See the CONTACT US section 7 below.

If you request deletion of personal data, you acknowledge that you may not be able to access or use the Service and that residual personal data may continue to reside in Samsung’s records and archives for some time, in compliance with applicable law, but Samsung will not use that information for commercial purposes. You understand that, despite your request for deletion, Samsung reserves the right to keep your personal data, or a relevant part of it, in line with the below section on “Data Retention” and applicable laws. Samsung may suspend, limit, or terminate your access to the website for violating the Samsung Terms of Use when necessary to protect the rights, property, or safety of Samsung, or any of our respective affiliates, business partners, employees, or customers.

If you have any specific questions, please contact our European Data Protection Officer at:

European Data Protection Officer
Samsung Electronics (UK) Limited
Samsung House, 2000 Hillswood Drive, Chertsey, Surrey KT16 0RS

If you would like to contact us to exercise your rights, please visit our Privacy Support page (https://www.samsung.com/request-desk) or via dataprotection.sena@samsung.com. You may lodge a complaint with the relevant supervisory authority if you consider that our processing of your personal data infringes applicable law. Contact details for all EU and EEA Supervisory Authorities can be found here.