Personal data AGR collects
Personal data is any information about an identified or identifiable individual. An individual is considered to be personally identifiable if he or she can be identified, directly or indirectly, by reference to identifiers such as name, ID number, location data, and online identity or one or more factors that characterize an individual physically, physiologically, genetically, mentally, materially, culturally, or socially.
AGR collects data from you through our interactions with you and through our products. You provide some of this data directly, and we get some of it by collecting data about your interactions, use, and experiences with our products. The data we collect depends on the context of your interactions with AGR and the choices you make, including your privacy settings and the products and features you use.
When we ask you to provide personal data, you can decline. Many of our products require some personal data to provide you with a service. If you choose not to provide data required to provide you with a product or feature, you cannot use that product or feature. Where AGR needs to collect personal data by law or to enter into or carry out a contract with you, and you do not provide the data, we will not be able to enter into the contract.
We ensure that all our activities are in accordance with current legislation on data protection and the processing of personal data, particularly Act No. 90/2018. Data protection is important to us, and we strive to follow all laws and regulations connected to data privacy and protection.
In principle, AGR acts as a processor on behalf of those customers that have entered into service agreements with AGR. AGR’s customers are controllers of processing within the meaning of personal data protection legislation.
AGR can also act as a controller. For example, AGR is the controller of communication with its customers in connection with existing or planned transactions by collecting contact information that the customer provides to AGR or is public. As the controller, AGR may only process personal information based on clear authorisations contained in personal data protection legislation. Such processing is based on the consent of individuals, contracts or legitimate interests.
How is the security of personal information ensured?
We may only collect, process and share personal information in a fair and lawful manner and only for specifically defined purposes. As a processor, AGR takes appropriate technical and organizational measures to ensure the adequate security of personal information. Personal information is stored and processed securely in accordance with AGR’s information security and data protection policies.
Retention of personal information
Personal information will only be stored for as long as necessary unless otherwise permitted or required by law. AGR stores personal information as a processor for as long as processing agreements stipulate and in accordance with the law.
Changes in policy