Privacy Statement
PRIVACY POLICY
The Institute for Certification System-ICS (hereinafter "we", "us", "our", etc.) is the owner of the website www.ics-norm.com ("website"). We have created this Policy as our privacy statement to demonstrate that we care about the privacy of our users and to inform them about how personal/personal information is collected and processed on this website.
Please read this Statement carefully to learn how we collect, process, protect or otherwise use your personal/personal information.
Institute for System Certification - ICS is a partner for system certification, verification, validation, assessment, training, and certification for individuals. The key advantage of ICS is its competencies as a national market leader for Integrated Management Systems, which helps to ensure and increase business excellence.
Who is responsible for data processing and who can I contact?
Institute for the Certification of Sistema doo - ICS
Džemala Bijedića 129, Novi Grad
71,000 Sarajevo, Bosnia, and Herzegovina
Phone: (+387) 33 831 550
E-Mail: selma.causeivc@ics-norm.com
info@ics-norm.com
What sources and data do we use?
When providing our services in the field of certification, verification, and validation of systems, and certification and education of individuals and additional education, we process personal/personal data that the interested party (the party ordering the ICS service, including the contact person or the person participating in the service) leaves to us available, as well as the data we have acquired during the provision of certification services (e.g. during audits). According to the defined rules, ICS cannot provide the desired services without this data. Relevant personal/personal data includes details (e.g. name and surname, address and other contact details, date and place of birth), and contact details (e.g. verification documentation, event documentation, certificate information, accounting information, bank information).
Why do we process your data (purpose of data processing) - based on which legal bases?
The personal/personal data that we collect when providing the service will be processed to draw up a contract according to the most important contractual documents and our Terms and Conditions, as well as for the necessary documentation by normative requirements (primarily ISO / IEC 17021-1) and possible additional model requirements which need to be verified at the client's order), for bookkeeping and accounting, for the establishment and defense of legal claims, as well as for the management of client relationships, including the creation of offers for further ICS services (eg recertification and additional certificates or relevant training).
The legal basis for processing is Article 6.1(b) GDPR (execution of the contract, as long as the data owner is a signatory to the contract), Article 6.1(f) GDPR (legitimate interests between ICS and the applicant to ensure the agreed services to increase quality) and Article 6.1(c) GDPR (legal obligations of ICS). In direct advertising for our range of services, we use the customer's personal information (name, address, contact information, service order information) for our own advertising and marketing purposes to send information about customers, their services and products, news, and another user with information that could be of interest to the client, as long as the consumer has not objected to the processing for direct advertising. If you have given us consent to process personal data for specific purposes (e.g. participation in events, the transmission of information), the legality of this processing will be given based on your consent. Consent can be revoked at any time. This also applies to the cancellation of declarations of consent that were given before the entry into force of the GDPR.
Who will get my data?
Within ICS, only certain employees need your data to fulfill contractual and legal obligations or for processing due to legitimate interest. To provide the service requested by the client, ICS will transfer data to auditors, trainers, assessors, and technical experts acting as contract processors. ICS uses services provided by external IT service providers. According to the Accreditation Act and relevant standards (especially ISO / IEC 17021-1), ICS is obliged to provide a publicly available list of certificates or make it available upon request. Based on normative requirements, ICS will further be obliged to provide information on services available to accreditation bodies and/or grant these bodies access upon request. In this process, it is also personal/personal data that can be transferred to accreditation bodies.
In addition, ICS may transfer personal/personal data to additional recipients (eg public authorities) to fulfill legal reporting obligations.
PRIVACY POLICY
The Institute for Certification System-ICS (hereinafter "we", "us", "our", etc.) is the owner of the website www.ics-norm.com ("website"). We have created this Policy as our privacy statement to demonstrate that we care about the privacy of our users and to inform them about how personal/personal information is collected and processed on this website.
Please read this Statement carefully to learn how we collect, process, protect or otherwise use your personal/personal information.
Institute for System Certification - ICS is a partner for system certification, verification, validation, assessment, training, and certification for individuals. The key advantage of ICS is its competencies as a national market leader for Integrated Management Systems, which helps to ensure and increase business excellence.
Who is responsible for data processing and who can I contact?
Institute for the Certification of Sistema doo - ICS
Džemala Bijedića 129, Novi Grad
71,000 Sarajevo, Bosnia, and Herzegovina
Phone: (+387) 33 831 550
E-Mail: selma.causeivc@ics-norm.com
info@ics-norm.com
What sources and data do we use?
When providing our services in the field of certification, verification, and validation of systems, and certification and education of individuals and additional education, we process personal/personal data that the interested party (the party ordering the ICS service, including the contact person or the person participating in the service) leaves to us available, as well as the data we have acquired during the provision of certification services (e.g. during audits). According to the defined rules, ICS cannot provide the desired services without this data. Relevant personal/personal data includes details (e.g. name and surname, address and other contact details, date and place of birth), and contact details (e.g. verification documentation, event documentation, certificate information, accounting information, bank information).
Why do we process your data (purpose of data processing) - based on which legal bases?
The personal/personal data that we collect when providing the service will be processed to draw up a contract according to the most important contractual documents and our Terms and Conditions, as well as for the necessary documentation by normative requirements (primarily ISO / IEC 17021-1) and possible additional model requirements which need to be verified at the client's order), for bookkeeping and accounting, for the establishment and defense of legal claims, as well as for the management of client relationships, including the creation of offers for further ICS services (eg recertification and additional certificates or relevant training).
The legal basis for processing is Article 6.1(b) GDPR (execution of the contract, as long as the data owner is a signatory to the contract), Article 6.1(f) GDPR (legitimate interests between ICS and the applicant to ensure the agreed services to increase quality) and Article 6.1(c) GDPR (legal obligations of ICS). In direct advertising for our range of services, we use the customer's personal information (name, address, contact information, service order information) for our own advertising and marketing purposes to send information about customers, their services and products, news, and another user with information that could be of interest to the client, as long as the consumer has not objected to the processing for direct advertising. If you have given us consent to process personal data for specific purposes (e.g. participation in events, the transmission of information), the legality of this processing will be given based on your consent. Consent can be revoked at any time. This also applies to the cancellation of declarations of consent that were given before the entry into force of the GDPR.
Who will get my data?
Within ICS, only certain employees need your data to fulfill contractual and legal obligations or for processing due to legitimate interest. To provide the service requested by the client, ICS will transfer data to auditors, trainers, assessors, and technical experts acting as contract processors. ICS uses services provided by external IT service providers. According to the Accreditation Act and relevant standards (especially ISO / IEC 17021-1), ICS is obliged to provide a publicly available list of certificates or make it available upon request. Based on normative requirements, ICS will further be obliged to provide information on services available to accreditation bodies and/or grant these bodies access upon request. In this process, it is also personal/personal data that can be transferred to accreditation bodies.
In addition, ICS may transfer personal/personal data to additional recipients (eg public authorities) to fulfill legal reporting obligations.
n