The Board of Directors of ROOX determines that data processing shall be subject to the following principles:
- determination, prior to data collection, of the purposes for which the data is to be used, as well as its conservation and deletion;
- identification of data subjects (personal and non-personal) and determination of their interests and rights;
- providing information to the data subjects on the specific purposes for which the data are to be used, on the limitation and interruption of use, on rectification and storage, on erasure of data and on the right to object, where the data subjects are not aware of the information
- obtaining the consent of the data subject to their use, in particular when the data are or may be used to offer goods and services, even free of charge, or to analyse and monitor their behaviour;
- interruption of the processing of data which have ceased to fulfil the purposes for which they were collected or when requested by their holders;
- erasing data when it is no longer used or at the request of the owners, subject to the applicable legal/tax permissions.
- data protection by means of logical, physical and other security measures.
These principles apply to data collected directly (personal and telephone contacts) or indirectly (postal correspondence, own Internet sites and social networks), whether in verbal and/or written forms (registration/information forms; postal mail, advertising, emails, posts and others).
The Board of Directors of ROOX determines that all data held and kept by the organisation must be processed lawfully, fairly and transparently, within the principles of security and responsibility defined internally.