Privacy Policy

Version 3.0 from 1st of July 2021


GERNE Technology SARL (hereinafter referred to as “we',' “our”, “us” or the “Company”) is a Luxembourg company, with registered address at 17, rue Edmond Reuter, L-5326, Contern, Luxembourg, operating from the website www.gerne.lu (hereinafter referred to as the “Website”). The Company is committed to providing software development services, IT security services and technical support operations in IT.

This Policy details our commitment to protecting the privacy of individuals who visit our Website (“Website Visitors”), who register to use the products and services (available at www.gerne.lu (the “Service(s)”).

The company is committed to protecting your privacy and handling your data in an open and transparent manner. The personal data that we collect and process depends on the product or service requested and agreed in each case.

Effective as of May 18, 2018, GERNE Technology SARL have updated our Privacy Policy ("Policy").

Definitions

Controller – "controller" means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing, are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;

Processor – "means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller";

Personal data – "means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person";

DPO (Data Protection Officer) – "a person appointed by the Company that takes formal responsibility for data protection compliance within an organisation";

Data Protection Authority – "means an independent public authority that is legally tasked with overseeing compliance with applicable data protection laws".

What we need

Our Personal Data Protection Policy governs the use and storage of your data.

GERNE Technology SARL is a Controller of the personal data you provide to us. We only collect basic personal data about you.

Subscriber’s personal data (meaning any information about You from which You can be personally identified, such as Your name, address, telephone number or email address, and which is referred to in this Privacy Notice as "Your Information"), will be processed by GERNE Technology SARL (which include its agents and employees), and (where appropriate) our partners and subcontractors in order to be able to provide the full range of the Services to the Subscriber. Subscriber’s Information is collected when the Subscriber registers to open an account with GERNE Technology SARL; or when the Subscriber submits a written query to GERNE Technology SARL.

Whether you have an obligation to provide us with your personal data

In order that we may be in a position to proceed with a business relationship with you, you must provide your personal data to us which are necessary for the required commencement and execution of a business relationship. We are furthermore obligated to collect such personal data given the provisions of the money laundering law which require that we verify your identity before we enter into a business relationship with you or the legal entity for which you are the authorized representative / agent or beneficial owner. You must, therefore, provide us at least with your identity card/passport, your full name, place of birth (city and country), and your residential address so that we may comply with our statutory obligation as mentioned above.

Kindly note that if you do not provide us with the required data, then we will not be allowed to commence or continue our business relationship either to you as an individual or as the authorized representative/agent or beneficial owner of a legal entity.

Why we need it

We need your personal data in order to provide you with the following services:

Provide Personal meeting – collection of name and email for the purposes of arranging personal meeting and getting feedback from the GERNE Technology SARL team. 

Provide Feedback – collection of visitors name, email and telephone number for the purpose of contacting GERNE Technology SARL representatives and receive feedback. 

Provide Client Maintenance and Support – collecting of clients email, name, phone number for the purpose of performing incoming support for the product end user, handling incoming requests. 

Provide IT Support – collecting of user IP, name for the purpose of monitoring and IT support of web servers, dns, application servers, business reports, etc.

Provide emergency Service – collecting of name and telephone for the purpose of providing emergency services. 

Website and Web Application Analytics – usage of Google Analytics and Amplitude Analytics: collection of information about users visiting our website and web application, IP addresses, pages visited, duration of visit, type of browser and operating system for the purpose of improving our website and web application. For more information, please refer to Google Analytics and Amplitude Terms of Service and Google and Amplitude Privacy Policy.

Website cookies – we use cookies. This technology provides us with personal information: information about devices and networks you utilize to access our Website. For detailed information about the use of cookies in the Website and Web application, please read and review our Cookie Policy.

Who receives your personal data for processing

Data Processors list:

    Your personal data is processed in: GERNE Technology SARL, located at 17, rue Edmond Reuter, L-5326, Contern, Luxembourg. DPO Email addrress: [email protected] Software development and storage of Personal Data.

We will never not disclose or sell any personal information to any company outside the list of Data Processors (6.1) above and except to help prevent fraud and/or unlawful usage, or if required to do so by law.

Transfer of your personal data to a third country or to an international organisation

Your personal data may be transferred to third countries [i.e. countries outside of the European Economic Area] using Signed Standard Contractual Clauses for other third countries according to Article 46 Section 2 lits. c, d GDPR.

Processors in third countries are obligated to comply with the European data protection standards and to provide appropriate safeguards in relation to the transfer of your data in accordance with GDPR Article 46.

How long we keep your personal information for

Personal Data will be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes or defending any legal rights.

Your data protection rights

You have the following rights in terms of your personal data we hold about you:

  • Receive access to your personal data. This enables you to e.g. receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
  • Request correction of the personal data we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected. 
  • Request erasure of your personal information. This enables you to ask us to erase your personal data [known as the ‘right to be forgotten’] where there is no good reason for us continuing to process it. 
  • Object to the processing of your personal data where we are relying on a legitimate interest and there is something about your particular situation which makes you want to object to processing on this ground. If you lodge an objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms. 
  • Withdraw the consent that you gave us with regard to the processing of your personal data at any time. Note that any withdrawal of consent shall not affect the lawfulness of processing based on consent before it was withdrawn or revoked by you.

In the event that you wish to complain about how we handle your personal data, please contact GERNE Technology SARL DPO.

Valid Data Subjects Access Requests listed below will be responded up to 30 days:

  • Know whether a data controller holds any personal data about them. 
  • Receive a description of the data held about them and, if permissible and practical, a copy of the data. 
  • Be informed of the purpose(s) for which that data is being processed, and from where it was received. 
  • Be informed whether the information is being disclosed to anyone apart from the original recipient of the data; and if so, the identity of those recipients. 
  • Be informed of the data storage period. 
  • If the data is being used to make automated decisions about the data subject, to be told what logic the system uses to make those decisions and to be able to request human intervention.

According to Article 12 (3) GDPR we will provide a request under Articles 15 to 22 to the data subject without undue delay and in any event within one month of receipt of the request. That period may be extended by two further months where necessary, taking into account the complexity and number of the requests. 

If any of your personal data we hold is incorrect or incomplete, you can request on legitimate grounds to have the information corrected, restricted or removed by writing to the DPO at GERNE Technology SARL at the above address. 

To exercise any of your rights, or if you have any other questions about our use of your personal data, please contact the DPO at GERNE Technology SARL at the above address and by completing the Data Subject Consent Withdrawal Form.

Right to lodge a complaint

If after complaining to DPO you still feel that your personal data has not been handled appropriately according to the law, you can lodge complaints with a Data Protection Authority regarding the Processing of your Personal Data by us or on our behalf:

National Commission for Data Protection
15, Boulevard du Jazz
L-4370 Belvaux

Tél.:(+352)2610601
Website: https://cnpd.public.lu
Email: [email protected]

Changes to this privacy statement

We may modify or amend this privacy statement from time to time.

We will notify you appropriately when we make changes to this privacy statement and we will amend the revision date at the top of this page. We do however encourage you to review this statement periodically so as to be always informed about how we are processing and protecting your personal information.


Contact Us

Headquarters in Contern, Luxembourg

Our Headquarters is located in Contern and are 11 minutes drive time (about 8km) from Luxembourg International Airport and 15 minutes drive time (about 10km) from Luxembourg City Center.

Phone:

+352 20 331 755

Email:

[email protected]

Mailing Address:

GERNE Technology SARL 17 rue Edmond Reuter,
L-5326, Contern
Luxembourg