SAMSUNG PRIVACY NOTICE FOR E-SIGNING
Privacy Notice may be updated to let you know about changes in how we collect and process your information in e-signing services or changes in related laws. The date when the document was last updated is shown at the top of this Privacy Notice.
We collect and maintain the following information about you:
1) Full name;
2) Email address;
3) Mobile number;
5) The company you work for; and
Categories 1-5 are collected in our dialogue with you or your colleagues, when discussing an agreement. Your IP-address is collected by the e-signing service as part of verifying that the right person is e-signing the agreement.
We will use the personal data listed above for the following purposes: A) to send you requests for your e-signature; B) to keep track of who has signed which agreement, and when; and C) to use the agreement that you have signed.
Samsung’s legal basis to process the personal data is Samsung’s legitimate interest to manage our contracts and signatures in a digital way (it really saves us from a lot of administration) (GDPR Article 6(1)(f). If you want to know more about how we have reasoned and balanced our interests with your interests and rights and freedoms, please contact us using the details in Section 7 below.
We will disclose your personal data internally within our business to all relevant teams such as, without limitation, the customer services team, the legal team, and the finance team. We will also disclose your personal data to the following entities but only for the purpose described above:
• Service Providers: carefully selected companies that provide services for or on behalf of us. These entities are committed to protecting your information. The e-signing service is provided by GetAccept AB, a Swedish limited liability company with an office at Södergatan 13, 211 34 Malmö, Sweden, which is a data processor bound by contractual data protection provisions, allowing it to engage sub-processors.
• Other parties when required by law or as necessary to protect the e-signing services: for example, it may be necessary by law, legal process, or court order from governmental authorities to disclose your information. They may also seek your information from us for the purposes of law enforcement, national security, anti-terrorism, or other issues that are related to public security;
Your personal data is only kept for as long as needed for the purposes for which it was collected. This means that your personal data will be destroyed or erased from our systems when it is no longer required. Normally, your personal data will be deleted from the e-signing solution after the agreement has been stored in our contract management system which usually takes up to 90 days but sometimes longer.
The agreements stored in our contract management system are stored for a longer period of time, usually for ten years after the expiry of the agreement’s term – however, depending on the nature of the agreement, we may have to store it for a longer time.
We take appropriate steps to ensure that we process and retain information about you based on the following logic:
1. at least the duration for which the personal data is used to provide you with the Service;
2. as required under law, a contract, or with regard to our statutory obligations; or
3. only for as long as is necessary for the purpose for which it was collected, is processed, or longer if required under any contract, by applicable law, or for statistical purposes, subject to appropriate safeguards.
Your use of our Services will involve the transfer, storage, and processing of your personal data outside of your country of residence, to the U.S. where GetAccept AB has service providers, and to Korea, consistent with this policy. In addition, your use of the Services may also involve the transfer, storage, and processing of your personal data to other countries; such countries include, without limitation, countries in the European Economic Area, China, Singapore, Vietnam, India, Canada, the Philippines, and Japan. All international data transfers are subject to legal requirements to ensure that your personal information is processed safely and as you would expect.
We will take appropriate measures, in compliance with applicable law, to ensure that your personal data remains protected. Such measures include the use of Standard Contractual Clauses to safeguard the transfer of data outside of the EEA. For more information, or to obtain a copy of the contractual agreements in place, please contact us by visiting our Privacy Support Page (https://www.samsung.com/request-desk) or by sending an email to firstname.lastname@example.org.
You have the right to request details about the data we collect about you and to request us to correct inaccuracies in that information, to object to or request the restriction of processing, and to request access to, or the erasure or portability of your information. Under the laws of some jurisdictions, we may decline to process requests that are unreasonably repetitive, require disproportionate technical effort, jeopardise the privacy of others, are extremely impractical, or for which access is not otherwise required by local law. To make a request concerning your rights or to make an inquire, contact us. See the CONTACT US section 7 below.
If you have any specific questions, please contact our European Data Protection Officer at:
European Data Protection Officer
Samsung Electronics (UK) Limited
Samsung House, 1000 Hillswood Drive, Chertsey, Surrey KT16 0PS
If you would like to contact us to exercise your rights, please visit our Privacy Support page (https://www.samsung.com/request-desk) or via email@example.com. You may lodge a complaint with the relevant supervisory authority if you consider that our processing of your personal data infringes applicable law. Contact details for all EU Supervisory Authorities can be found here.