BABYLON TRANSLATIONS PRIVACY NOTICE

Babylon Translations is a provider of language and translation services operating in full compliance with all applicable legislation. In view of the entry into force of the General Data Protection Regulation (GDPR) in May 2018 the company has upgraded its policies, procedures and practices regarding personal data protection. In all our activities we abide strictly by the requirements of the GDPR, the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework.

These regulations require that all controllers, processor and sub-processors ensure the best possible protection of personal data. We at Babylon Translations achieve this by appropriate organizational and technical measures, by endorsing policies and procedures aiming at adequate data protection by all our staff, sub-processors and freelancers.

  1. Applicability

Babylon Translations collects, processes and retains personal data only on the as-needed principle in order to comply with the applicable legislation and to perform its services. The data collected from our clients and sub-processors normally include business contact data but when personal data are present in documents such as agreements, these documents are handled within the best data security practices.

The personal data collected from our staff and freelancers are necessary to meet specific legal requirements and the need to perform our obligations regarding payment to these persons and reporting to the relevant authorities.

Personal data of third parties may be available in the documents given to us for translation and in many cases these personal data cannot be de-identified (e.g., the nature of the document may relate to personal data such as an educational certificate, or the document may be provided only in scanned format). In all cases, these documents and their translations are treated with full confidentiality and are given back to the client, deleted or destroyed, as appropriate, upon completion of the job.

  1. Disclosure to third parties

Personal data may be disclosed to third parties only when required by the law enforcement authorities or other public authorities which have legal right of access to these data. Disclosure to any other parties may be done only with the explicit permission of the data subject.

Whenever possible, personal data in documents such as CVs are de-identified by pseudonymization or other appropriate methods. Whenever personal data are transferred to countries outside the European Union or the Privacy Shield areas, the same level of data security is demanded by all processors (e.g., freelancers). Whenever personal data are processed by Babylon Translations individual employees and contractors, where applicable, these data are subjects to the highest possible confidentiality obligations.

  1. Personal data protection

Babylon Translations has developed appropriate policies and procedures to ensure compliance with all applicable laws and regulations regarding data security and personal data protection. These include the following, but are not limited to:

  • Organizational and technical security measures regarding data collection, processing and retention of hard copies and electronic files.
  • GDPR-compliant Information Security Policy and Data Protection Policy with specific guidance to Babylon Translations employees and contractors.
  • Non-disclosure and confidentiality agreements with employees and contractors (sub-processors and freelancers).
  • Providing guidance and demanding from our contractors full compliance with the best possible data protection measures.
  • Appropriate procedures and methods of data transfer via secure channels of communication and additional measures such as encryption.
  • Appropriate policies for retention of documents containing personal data and deletion upon completion of the job related to a particular document.
  • Adequate measures to ensure the preservation of documents from loss or destruction.
  • Continuous review of data security practices to ensure full compliance with the applicable legislation and the client requirements set forth in agreements or specific instructions.
  • Procedures to meet all obligations under the GDPR such as providing access and allowing data subjects to exercise their rights under the GDPR, including the right of notification in case of actual or suspected personal data breach.
  1. Information and complaints

The law which governs this Notice and all disputes arising under it is the GDPR and the Bulgaria Data Protection Act. All disputes of whatsoever nature including failure to perform and performance shall be determined by the courts of the Republic of Bulgaria. Any claims may be raised to the Committee for Personal Data Protection at No. 2, Tsvetan Lazarov Street, 1592 Sofia, Bulgaria (www.cpdp.bg).

Babylon Translations has appointed a Responsible Person for Data Protection who is available to provide any additional information and explanations regarding personal data protection and accept any claims regarding data security. His contact is phone +359 32 260 754 and any change will be subject to immediate update.

Last updated: May 2018