Website www.levelmzl.pro is operated by LEVEL MZL LTD a company registered at 7 Rival street, Tel Aviv, Israel, (“Level MZL”). In order to service our clients Level MZL (hereinafter “we” or “us”) needs to collect personal data from our clients and /or potential clients and employees.
Considering the above, Level MZL wants to ensure a high level of data protection as privacy is a cornerstone in gaining and maintaining the trust of our clients, employees and suppliers and thus, ensuring company’s business in the future.
The protection of personal data requires that appropriate technical and organisational measures are taken to demonstrate a high level of data protection. We have adopted a number of internal and external data protection policies, which must be adhered to by employees of Level MZL
Additionally, we will monitor, audit and document internal compliance with the data protection policies and applicable statutory data protection requirements, including the General Data Protection Regulation (“GDPR”).
Level MZL will also take the necessary steps to enhance data protection compliance within the organisation. These steps include the assignment of responsibilities, raising awareness and training of staff involved in processing operations. Please note that this Privacy Policy will be reviewed from time to time to take into account any new obligations and that any personal data we hold will be governed by our most recent policy.
This Privacy Policy, along with guidelines for processing of personal data, constitutes the overall framework for processing of personal data within Level MZL.
“Personal data” is any information which may be related to an identified or identifiable natural person (“data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, location data, phone number, age, gender, an employee, a job applicant, clients, suppliers and other business partners. This also includes special categories of personal data (sensitive personal data) and confidential information such as health information, account number, identification number, location data, an online identifier or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Although, information regarding companies/businesses is not as such, personal data, please note that information relating to contacts within such companies/businesses, e.g. name, title, work email, work phone number, etc. is considered personal data.
Level MZL collects and uses personal data for a variety of legitimate business purposes, including establishment and management of customer and supplier relationships, completion of purchase orders, recruitment and management of all aspects of terms and conditions of employment, communication, fulfilment of legal obligations or requirements, performance of contracts, providing services to clients, etc.
Personal data shall always be:
1.Processing of personal data requires a legal basis. The most predominant legal basis for processing personal data within Level MZL are:
1.If the collection, registration and further processing of personal data on clients, suppliers, other business relations and employees are based on such a person’s consent to the processing of personal data for one or more specific purposes, we shall be able to demonstrate that the data subject has consented to processing of such personal data.
Consent shall be: freely given, specific, informed and unambiguous. The data subject must actively consent to the processing of personal data by a statement or by a clear affirmative action, to him/her.
A request for consent shall be presented in a manner, which is clearly distinguishable from other matters, in an intelligible and easily accessible form, using clear and plain language.
To process special categories of personal data (sensitive personal data) the consent shall also be explicit.
The data subject is entitled to withdraw his/her consent at any time and upon such withdrawal, we will stop collecting or processing personal data about that person unless we are obligated or entitled to do so based on another legal basis.
It will be legitimate to collect and process personal data relevant to the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract. This applies to all contractual obligations and agreements signed with Level MZL., including the pre-contractual phase irrespective of the success of the contract negotiation or not.
Level MZL comply with various legal obligations and requirements, which have basis in Union or Member State law. Such legal obligation, to which Level MZL is subject, may be sufficient as a legitimate basis for processing of personal data.
Such legal obligations include obligations to collect, register and/or make available certain types of information relating to employees, clients, etc. Such legal requirements will then form the legal basis for us to process the personal data, however, it is important to note whether the provisions allowing or requiring Level MZL to process certain personal data also set out requirements in relation to storage, disclosure and deletion.
Data will only be processed where it is necessary for the purposes of the legitimate interests pursued by Level MZL., and these interests or fundamental rights are not overridden by the interests of the data subject. Level MZL will, when deciding to process data ensures that the legitimate interests override the rights and freedoms of the individual and that the processing would not cause unwarranted harm. For instance, it is a legitimate interest of Level MZL to process personal data on potential client in order to expand the business and develop new business relations. The data subject must be given information on the specific legitimate interest if a processing is based on this provision, see section 4.1 below.
Level MZL as Data Controller
Level MZL will be considered a data controller to the extent that we decide by which means the data subject’s personal data shall be processed e.g. when a data subject signs an agreement with Level MZL
Use of data processors
An external data processor is a company, which processes personal data on behalf of Level MZL and in accordance with company’s instructions, e.g. in relation to HR systems, third party IT providers, etc. When Level MZL outsources the processing of personal data to data processors Level MZL ensures that said company as a minimum applies the same degree of data protection as Level MZL If this cannot be guaranteed, Level MZL will choose another data processor.
Disclosure of personal data
Before disclosing personal data to others, it is the responsibility of Level MZL to consider whether the recipient is employed by us or not. Furthermore, we may only share personal data within Level MZL., if we have a legitimate business purpose in the disclosure.
It is Level MZL’s responsibility to ensure that the recipient has a legitimate purpose for receiving the personal data and to ensure that sharing of personal data is restricted and kept to a minimum.
Level MZL must show caution before sharing personal data with persons, data subjects or entities outside of Level MZL Personal data shall only be disclosed to third parties acting as individual data controllers if a legitimate purpose for such transfer exists. If the recipient is acting as a data processor, please refer to clause 3.2 above.
Duty of information
When Level MZL collects and registers personal data on data subjects Level MZL is obligated to inform such persons about:
• The period for which the personal data will be stored, or if that is not possible, the criteria used to determine that period;
The existence of the right to request from Level MZL access to and rectification or erasure of personal data or restriction of processing concerning the data subject or to object to processing as well as the right to data portability;
Where the processing is based on the data subject’s consent, the existence of the right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal;
Whether the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract, as well as whether the data subject is obliged to provide the personal data and of the possible consequences of failure to provide such data;
The existence of automated decision-making, including profiling, and meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.
Right to access
Any person whose personal data Level MZL is processing, including, but not limited to, Level MZL. Concierge employees, job applicants, external suppliers, clients, potential clients, business partners, etc. has the right to request access to the personal data which Level MZL processes or stores about him/her.
If Level MZL processes or stores personal data about the data subject, the data subject shall have the right to access the personal data and the reasons for the data to be processed in relation to the criteria set out in 4.1.1.
The data subject shall have the right to obtain from Level MZL without undue delay the rectification of inaccurate personal data concerning him or her.
The data subject shall have the right to obtain from Level MZL the erasure of personal data concerning him or her and Level MZL shall have the obligation to erase personal data without undue delay, unless required by law to retain any information for a prescribed period of time, for example, by financial regulators or tax authorities.
The data subject shall have the right to obtain from Level MZL restriction of processing, if applicable.
The data subject shall have the right to receive the personal data registered in a structured and commonly used and machine-readable format, if applicable.
The data subject shall have the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her which is based on a balancing of interests, including profiling.
Any requests received from a data subject to exercise the rights in this clause will be answered as soon as reasonably possible, and no later than 30 days from receipt. Requests shall be forwarded without delay to Level MZL Service Centre.
New products, services, technical solutions, etc. must be developed so that they meet the principles of data protection by design and data protection by default.
Data protection by design means that when designing new products or services due consideration to data protection is taken.
Level MZL. will consider the state of the art, the cost of implementation and the nature, scope, context and purposes of processing as well as the risks of varying likelihood and severity for rights and freedoms of natural persons posed by the processing.
Level MZL shall, both at the time of the determination of the means for processing and at the time of the processing itself, implement appropriate technical and organisational measures, such as pseudonymisation, which are designed to implement data protection principles, such as data minimisation, in an effective manner and to integrate the necessary safeguards into the processing in order to meet data protection requirements and protect the rights of data subjects.
Data protection by default requires that relevant data minimisation techniques are implemented.
Level MZL shall implement appropriate technical and organisational measures for ensuring that, by default, only personal data which is necessary for each specific purpose of the processing is processed.
This minimisation requirement applies to the amount of personal data collected, the extent of their processing, the period of their storage and their accessibility.
Such measures shall ensure that by default personal data is not made accessible without careful consideration.
Personal data shall be deleted when Level MZL no longer has a legitimate purpose for the
continuous processing or storage of the personal data, or when it is no longer required to store the personal data in accordance with applicable legal requirements.
If Level MZL processes personal data that is likely to result in a high risk for the persons whose personal data is being processed, a Data Protection Impact Assessment (“DPIA”) shall be carried out.
A DPIA implies that Level MZL will, considering the nature, scope, context and purposes of processing as well as the risks of varying likelihood and severity for the rights and freedoms of natural persons, implement appropriate technical and organisational measures to ensure and to be able to demonstrate that processing is performed in accordance with data protection requirements.
The technical and organisational measures shall be reviewed and updated where necessary and no later than every 6 months.
Adherence to approved codes of conduct or approved certification mechanisms may be used as an element by which to demonstrate compliance with the appropriate technical and organisational measures pursuant to this clause.
If you have any questions regarding the content of this policy or any complaint you want to express, please contact Level MZL at www.levelmzl.pro
This website is owned and operated by LEVEL MZL LTD
a company registered at 7 Rival street, Tel Aviv, 6777840, Israel.
Copyright © 2023, All Right Reserved
GoDaddy Destekli
We use cookies to personalise content and ads, to provide social media features and to analyse our traffic.