BATIMEX LIMITED GENERAL PRIVACY NOTICE
1.
Introduction
1.1 In this General Privacy Notice, “BMX” refers to Batimex Limited and all the words and expressions used in this General Privacy Notice shall be interpreted and construed
in line with the definitions used in BMX’s General Data Protection Policy.
1.2.
This General Privacy Notice should be read and interpreted in conjunction with
and subject to BMX’s General Data Protection Policy that governs all the
personal data processing activities of BMX.
1.3.
This General Privacy Notice is relevant to all persons (“data subjects”) whose
personal data is collected by BMX in line with the requirements of the European
General Data Protection Regulation 2016 (“GDPR”) and the Mauritius Data
Protection Act 2017 (“DPA”).
1.4.
Users of BMX’s website as well as BMX’s customers and potential customers are
likely to be data subjects in as much as BMX may collect their personal
information whether by automated or non-automated means.
2.
Responsibilities
2.1.
BMX is responsible for ensuring that this General Privacy Notice is made
available to data subjects prior to CJ collecting/processing their personal
data.
2.2.
All Employees of BMX who interact with data subjects, both employees and non-
employees are responsible for ensuring that:
2.2.1.
this General Privacy Notice is drawn to the data subject’s attention prior to
processing the latter’s personal data; and
2.2.2. they obtain the consent of the data subjects
prior to the processing of their data wherever consent is required under either
the GDPR or the DPA.
3.
Privacy Statement
3.1.
Who is BMX and what does BMX do?
3.1.1.
BMX is a private company duly registered and validly existing under the laws of
Mauritius.
3.1.2. BMX has its registered office situated at 38
Royal Street, Port Louis 11602, Mauritius and its administrative headquarters
situated at 19-21 Louis Pasteur Street, Port Louis 11602, Mauritius. BMX’s
other contact details are as follows:
Telephone
Number(s): +230 650 6400 Email address: info@batimex.mu
3.1.3. More information on BMX is contained in its
General Data Protection Policy.
3.1.4. Although established, based and domiciled in
Mauritius, BMX’s business activities go beyond the jurisdiction of Mauritius
including but not limited to parts of the European Union and/or the United
Kingdom.
3.1.5. In the light of paragraph 3.1.4 above, BMX is
likely to process personal data both under the GDPR and the DPA.
3.1.6. The contact details of the Data Protection
Officer are as follows:
Postal
address: Batimex Limited, 19-21 Louis Pasteur Street, Port Louis
Email
address: info@batimex.mu
Telephone
No.: 6506400
3.1.7. The personal data BMX is likely to collect
from you and process includes any information about an individual from which
that person can be identified. Such data includes contact information (for e.g.
name, home address,telephone numbers, email address, date of birth, identity
and passport documentation), financial information (for e.g. bank details and
payment card details). The personal data referred to is not an exhaustive list
and can be updated for legitimate business or legal purposes.
3.1.8. The personal data BMX collects from you will
be used for such purposes as may be related, directly or indirectly, to our
business activities. Your data may be used in the course of our business
operations, for the purpose of the contract you have entered with us and for
compliance with any legal and regulatory obligations.
3.1.9. In any event, BMX is committed to ensuring
that the information it collects and uses is appropriate for the purpose for
which it was collected, and does not constitute an invasion of your privacy.
3.1.10. From time to time, BMX would like to use your
name and contact details to send you either through telephone calls, messaging
services, emails, post, or social media platforms, information about our
offers, promotions, products, surveys and services, as well as those of our subsidiaries
and affiliates, that we believe may be of interest to you, but we will only do
so with your consent.
If
you have agreed to receive direct marketing, you may always opt out at a later
stage by following the unsubscribed instructions on each of our marketing
communications.
You
have the right at any time to stop BMX from contacting you for direct marketing
purposes.
3.2. Consent
3.2.1. By using BMX’s website (as a user of BMX’s
website) you are giving BMX permission to process your personal data
specifically for the purposes identified above.
3.2.2. BMX will request your consent prior to
processing any of your sensitive or special categories of personal data.
3.2.3. Sensitive or special categories of personal
data is information about racial origin, ethnic origin, political opinion,
religious belief, philosophical belief, trade union membership, genetic data,
biometric data, health data, criminal record, data concerning sex life and/or
sexual orientation.
3.2.4. You may withdraw consent at any time by
informing BMX and/or BMX’s Data Protection Officer in writing of your wish to withdraw
your consent without having to assign any reason for your decision.
3.2.5. BMX may exceptionally process sensitive or
special categories personal data without your consent if such processing is
required by law and/or a Court order or where the information is already in the
public domain.
3.3. Disclosure and Transfer
3.3.1. BMX may pass your personal data on to
third-party service providers contracted by BMX in the course of dealing with
you. Any third parties that BMX may share your data with are obliged to keep
your details securely, and to use them only to fulfil the service they provide
you on BMX’s behalf. When they no longer need your data to fulfil this service,
they will dispose of the details in line with BMX’s procedures.
3.3.2. Basically, BMX will not pass on your personal
data to third parties unless it has obtained your consent or such disclosure is
necessary for the processing activities of BMX in furtherance of a contractual
relationship to which you are privy as a customer or potential customer of BMX
or from which you will be deriving a personal interest.
3.3.3. BMX will not transfer your personal data to a
different country without having carried out an adequacy test as explained in
BMX’s General Data Protection Policy.
3.4. Third Party Websites
The
BMX website may contain links to other websites, apps, content, services or
resources of interest, which are operated by third parties. If you access
websites, apps, content, services or resources using the links provided and you
have left the BMX website, you must be aware BMX does not have any control over
the other websites apps, content, services or resources. BMX is not responsible
for the protection and privacy of any information you provide whilst visiting
such websites, apps, content, services or resources and they are not governed
by this Privacy Notice.
3.5. Use of Cookies
We
use cookies that identify your browser. When you visit the BMX website, BMX may
collect information from you automatically through cookies or similar
technology. BMX may collect and store information about how you use the BMX
website, as well as provide you with a better service and experience when
browsing, and for analytics. The personal data we collect through these
technologies will also be used to manage your session.
3.6. Report of Breach
Whenever
BMX is on notice that a breach of personal data has been committed or
reasonably suspects that a breach of personal data is likely to be committed,
BMX shall as soon as reasonably practicable inform the relevant supervisory
authority about the same. You shall also be informed about the same where such
a breach is likely to impact on your rights and freedoms as a data subject.
3.7. Retention Period
3.7.1. Subject to paragraph 3.7.2 below, BMX will
process and store your personal data for no longer that is required for the
purpose for which it is initially collected.
3.7.2. Notwithstanding paragraph 3.7.1 above, BMX
may store your personal data for such period as may be necessary for BMX’s
compliance with legal obligations and for BMX’s legitimate interests such as
the defence by BMX of legal claims that may be brought before it.
3.8. Your rights as a data subject
At
any point, while BMX is in possession of or processing your personal data, you,
the data subject, have the following rights:
(a) Right of access to your personal data;
(b) Right of rectification to correct data
that BMX holds about you that is inaccurate or incomplete;
(c) Right to erase personal data from BMX
records;
(d) Right to restriction of processing –
where certain conditions apply to have a right to restrict the processing;
(e) Right of personal data portability;
(f) Right to object – you have the right to
object to certain types of processing such as direct marketing;
(g) Right to object to automated processing
of your personal data, including profiling; and
(h) Right to complain against BMX.
3.9. Complaints
In
the event that you wish to make a complaint about how your personal data is
being processed by BMX, or how your requests under paragraph 3.8 above have
been handled, you have the right to lodge a complaint directly with the
relevant supervisory authority and BMX’s Data Protection Officer.
3.10. What does BMX hold about you?
3.10.1. At any point in time, you can find out the
personal data that the organisation holds about you, if any.
3.10.2. Upon a written request being received, BMX can
confirm what information it holds about you and how it is processed.
3.10.3. Where BMX holds your personal data, you can
request the above from BMX who will provide the information in accordance with
the provisions of the Data Protection Act.
3.10.4. When making a written request to BMX pursuant
to this paragraph 3.10, you will need to provide to BMX an appropriate form of
identification (“ID”) in order to have access to the information. An
appropriate form of ID is either your National Identity Card or your passport
(provided the same has not expired).