General Data Protection Regulation
Personal Data Inquiries
Under the European Union’s General Data Protection Regulation (GDPR), you as the data subject have certain rights with regard to the processing of your personal data, including the right to request that organizations who process your personal data provide you with information regarding that processing.
Under GDPR, there are two types of organizations that process personal data. Organizations that determine the purpose and means of the processing of your personal data are called ‘data controllers’. Organizations that carry out processing on behalf of a data controller are called ‘data processors’. Only data controllers are obliged to comply with a personal data access request from a data subject. It is important to note that PTI Security could be either a data controller or data processor with respect to the processing of your personal data.
Examples of PTI Security as the data controller:
– You are a current or former employee of PTI Security or one of its affiliates
– You are a business contact at one of PTI Security’s partners or customers
– You are a visitor to one of PTI Security’s websites
Examples of PTI Security as the data processor:
– You are an employee of a customer using PTI Security’s products or services
– You are a user of a PTI Security provided product or service purchased through one of our authorized distributors
Where PTI Security is the data processor, personal data inquiries should be submitted to the data controller.
Where PTI Security is the data controller of your personal information, you can request to obtain:
– confirmation that your data is being processed;
– access to your personal data;
– purpose of the processing;
– categories of personal data concerned;
– the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations;
– where possible, the period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
– the existence of the right to request from PTI Security rectification or erasure of personal data or restriction of processing of personal data concerning you or to object to such processing;
– where the personal data is not collected from you, any available information as to the source;
– the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) of the GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and the possible consequences of such processing for the data subject.
How do I make a request?
If you believe PTI Security is the data controller of your personal data and you would like more information, please send an email to firstname.lastname@example.org, including the following information:
– SAR or Personal Data Inquiry in the subject line
– Your full name, address and contact telephone number;
– Any information used by PTI Security to identify or distinguish you from others of the same name (account numbers, unique ID’s, etc.);
– Details of the specific information you require, any relevant dates, and the action you wish PTI Security to perform with respect to your data.
The above personal data you provide is necessary in order to fulfill your request and for PTI Security to verify your identity and personal data we have about you.