EXTERNAL DATA PROTECTION AND INTERNAL PRIVACY POLICY

1. INTRODUCTION

This Data Protection and Privacy Policy sets out how Company LEO Limited (“we”, “our”, “us”, “CCA”) handle the personal data we collect from the following categories of data subjects:

• LEO Member Organizations’ employees and senior employees/officers (“Reps”)   (including LEO Directors, Working Group members.)

• Service providers, professional advisors or suppliers (e.g. Ameyo) (“Suppliers”)

This Policy applies to all personal data we process regardless of the media on which that data is stored or whether it relates to past or present data subjects. It is important that you read this privacy notice together with any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This privacy notice supplements the other notices and is not intended to override them. The business of LEO is as a trade organization to support and to represent the interests of its Member Organizations Reps and LEO considers that all personal data is collected and processed for the purpose of promoting that business and that therefore it has a legitimate interest to collect and process such personal data.

2. SCOPE AND CATEGORIES OF PERSONAL DATA COLLECTED

Protecting the confidentiality and integrity of personal data is a critical responsibility that we take seriously at all times.

a. LEO collects the following categories of personal data about Vodafone customer data (where appropriate in each case):

• Identity Data includes first name, last name or similar identifier, employer, date of birth, contact details.

• Contact Data includes billing address, delivery address, email address, residential address and telephone numbers.

b. Personal Data on representatives of Outside Bodies is limited to Identity Data and Contact Data.

3. CONTACT DETAILS

 LEO is the controller and responsible for your personal data. We have appointed a data privacy manager who is responsible for overseeing questions in relation to this privacy notice.

If you have any questions about this privacy notice, please contact the data privacy manager using the details set out below.

Our full details are:

Full name of legal entity: LEO Trading Agency

Name or title of data privacy manager: Head of Operations

Email address: rartin@leo-eg.com

Postal address: 11757 Mohamed Adel AbulMaaty-Nozha-Cairo

4. PERSONAL DATA PROTECTION PRINCIPLES

We adhere to the principles relating to processing of personal data set out in applicable law

(Particularly GDPR) which requires personal data to be:

 (a) Processed lawfully, fairly and in a transparent manner.

 (b) Collected only for specified, explicit and legitimate purposes.

 (c) Adequate, relevant and limited to what is necessary in relation to the purposes for which it is processed.

 (d) Accurate and where necessary kept up to date.

 (e) Not kept in a form which permits identification of data subjects for longer than 3 days.

(f) Processed in a manner that ensures its security using appropriate technical and organizational measures to protect against unauthorized or unlawful Processing and against accidental loss, destruction or damage.

(h) Made available to data subjects and data subjects allowed to exercise certain rights in relation to their personal data.

(i) We are responsible for and must be able to demonstrate compliance with the data protection principles listed above.

 5. PURPOSE LIMITATION

The business of LEO is as a trade organization to support and represent its Member COMMUNICATION Organizations and LEO considers that all personal data is collected and processed for the purpose of promoting that business and that therefore it has a legitimate interest to collect and process such personal data.

a. LEO collects and processes personal data about Reps for the following purposes:

• Keeping Reps up to date with information which may be of interest to them

•Providing Rep management and administration

•Event management, administration, minuting and reporting

•Account management

•Providing reports to Member Organizations

• Supporting network and security system

• Auditing

• Detecting and preventing fraud

• Complying with legal obligations

6. HOW WE USE YOUR DATA

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

• Where we need to, to perform the contract we are about to enter into or have entered into with you.

• Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.

• Where we need to comply with a legal or regulatory obligation.

Generally, we do not rely on consent as a legal basis for processing your personal data other than in relation to sending third party direct marketing communications to you via email or text message.

You have the right to withdraw consent to marketing at any time by contacting us.

We will get your express opt-in consent before we share your personal data with any third-party company for marketing purposes.

  9. DATA SECURITY

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way, altered, or disclosed. In addition, we limit access to your personal data to those who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

Join Us
Join Us