- Home
- Privacy policy
Privacy policy
Introduction
This Global Privacy Police (the «Policy») explains how Tenet (we, Tenet) collect, use and disclose your personal information. We believe it is our duty to ensure the necessary protection and appropriate use of personal data received from you directly or through authorized third parties. When collecting and processing your personal data in accordance with this Policy, we do so as authorized under applicable data privacy laws, whether as data controller or joint controller, or data processor (similar terms may be used under applicable law).
This Policy does not apply to your use of any third-party sites linked to from our website.
Tenet reserves the right to amend or change this policy anytime to ensure that it reflects the way we process your personal data.
Principles of data protection
When processing your personal data we are guided by the following basic data protection principles:
| Principle | Explanations |
|---|---|
| Lawfulness, fairness and transparency | Your data will be processed lawfully, fairly and in a transparent manner in relation to individuals; |
| Purpose limitation | We only collect your personal data for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes |
| Data minimisation | The procession should be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed |
| Accuracy | Your personal data will be processed accurate and, where necessary, kept up to date. We shall not take decisions involving the use of your personal information solely by automated means; |
| Storage limitation | Your personal data will be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in order to safeguard the rights and freedoms of individuals; |
| Integrity and confidentiality (security) | Personal data will be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures |
Collecting of personal data
When collecting your personal data, we rely on the following legal grounds:| Legal ground | Description |
|---|---|
| Conclusion and performance of contract with the data subject: | The processing of your personal data is necessary to conclude a contract (including an employment contract) and/or perform our obligations thereunder. |
| Legal obligations: | Collection of your personal data is necessary to enable us to meet our legal and regulatory obligations, for example, to keep records for tax purposes or to provide information to a government body or a law enforcement agency. |
| Legitimate interests: | If allowed by applicable law, the processing of your personal data is necessary to enable us to pursue our legitimate commercial interests, provided that your interests or the fundamental rights and freedoms are not infringed by such procession. For example, it may be used for operating our business or for managing and development of our relationships with counterparties; for improving our services, etc. |
| Consent: | In certain cases we shall rely on your consent for procession of your personal data, and in such cases your personal data shall be processed only if your consent is obtained. You have the right to withdraw your consent at any time for any processing based on that consent. |
Personal data procession
We process your personal data only when it is required to achieve a predetermined purpose, is required by law or professional standards.
We process personal data if you provide it to us directly or through third parties authorized by you. But in some cases, we may already have personal data (for example, if you are a former employee of Tenet or you already have business relations with Tenet), but they are not processed for longer than the purposes or laws require.
The information we collect about you depends on the nature of your relationship with Tenet and the purpose of processing. Below you may get acquainted with our data procession purposes clustered in major groups.
| Purpose of procession of personal information | Types of personal information | Legal basis |
|---|---|---|
| Managing our business relations | Personal and contact information, professional or employment related information, payment information | Legitimate interest or consent (if required) |
| Newsletters, alerts and events | Personal and contact information, professional or employment related information | Consent |
| Employment | The information on the purposes, categories of personal data processing and legal grounds is provided in the Company’s internal regulations. | |
| Legal compliance and legal actions | Will depend on the certain legal requirement | Legal obligations |
| Visiting our website | Analytic information | Consent |
Personal data related to children
Sensitive personal data
We may process sensitive personal data (such as biometrical data or special category or criminal offence data) only when it strictly required for maintenance of our business, on the consent basis and in accordance with applicable law.Personal data transfer
We operate on worldwide basis therefore we reserve right to transfer your personal data to Tenet entities, service providers and third parties when it is necessary to accomplish the specific business purposes for which personal data were collected, in particular, to manage our services or to improve our business operations, or required by law, or in other cases, acceptable under applicable data privacy legislation. When transferring your personal data, we always rely on your consent or other legal grounds provided by applicable legislation for such transfer. If provided by applicable legislation, we would also implement guarantees for such transferring, including SCC guarantees.
In particular, we may transfer your personal information to the following third parties:
- Our service providers: for example, (IT) systems providers, our hosting providers, payroll providers, legal advisers, and other goods and services providers. We shall only transfer your personal information to them when ensure that they meet our standards on data processing and security and only in amount that is required for them to provide services.
- Successors of the business: We will also disclose personal information in connection with the sale, assignment, or other transfer of any element of Tenet’s business to which the personal information relates.
- Courts, tribunals, law enforcement or regulatory bodies: We will disclose personal information when it is necessary to comply with requests of courts, tribunals, government or law enforcement agencies.
- Auditors: We will disclose your personal data information where necessary for the conduct of company audits or to investigate a complaint or security threat.
Insurance market participants: In order to make the insurance program work effectively, the insurance market participants will require that we disclose personal information about you to them. The information will be used by the them in the underwriting and ongoing administration of the insurance program, where there is a claim that you are relevant to and to allow the insurance market participants to comply with their legal and regulatory obligations.
We shall endeavor that such transfer complies with any applicable laws and regulations, to ensure safety and confidentiality of your personal information, and we also implement technical, organizational or contractual measures to ensure an adequate level of protection for your personal information.
When transferring your personal information to Tenet entities, we rely on specific data protection laws and regulations, provided by applicable local and native laws for each operating country.
Your rights
When processing your personal data, Tenet guarantees compliance with following rights:- Right to be informed: you can request information on the processing of your personal data, and we shall provide it to you in a structured and accessible format;
- Right to access and portability: if such right is provided to data subject by applicable law, you anytime may access and inspect your personal information being held about you in a structured, commonly used and machine-readable format and have the right to transmit those data to another data controller.
- Right to object: you always may object to the use of your personal information, if you believe that there are no longer sufficient legitimate grounds for procession;
- Right to erasure and blocking: you may anytime request us to erase some or all of your personal data from our systems, and if the data are incomplete, outdated, inaccurate, illegally obtained or do not correspond to the purpose of processing, you may request us to limit or stop processing of your personal data;
- Right to rectify: We rely on the availability of accurate personal data in order to provide services to you and operate our business. If you believe that any personal data that we keep about you are inaccurate or incomplete, you should request that we correct or supplement the data;
- Right to comply: if you believe that the Company violates your rights or interests, you should raise this with us by contacting us using the details set out in Section 10, however, if you are not satisfied by the way we handled your compliant, you may file a complaint to the relevant data protection regulator in your country;
- Withdrawal of consent: Where the processing of personal data is based on consent, you have the right to withdraw your consent at any time. Withdrawal of consent does not affect the lawfulness of consent-based processing prior to withdrawal of consent