Data Protection

Data protection policy

In order to carry out its assigned tasks, GastroSocial has to capture the personal data of the affiliated companies and insured. Only the data required for its business operations and its dealings with customers and insured is captured.

GastroSocial only stores data for the time it is obliged to do so by law or for as long as it is relevant to the purpose for which it was captured.

GastroSocial does not release any of the data managed by it for the identification of persons without the explicit consent of its customers or insured, nor does it forward any data to other institutions or organisations. Exceptions: Data has to be released by force of law or under an official order, or if it is required for business purposes and the provision of services to customers.

GastroSocial undertakes to comply with the applicable law on the protection of data and to continuously improve data protection efficacy.

GastroSocial implements the technical and organisational security measures that are needed to protect the data managed by it from unauthorised or wrongful access as well as unintentional loss, destruction or damage.

EU General Data Protection Regulation (GDPR)

The EU’s General Data Protection Regulation (GDPR) has been in force for all EU member states since 25 May 2018. As far as we are aware, the GDPR does not apply to the data processing practices of GastroSocial. Nevertheless, we have aligned our obligations to provide information with the GDPR and have also integrated a consent management system.