GDPR POLICY
Our company focuses on the development, manufacture and sale of climbing equipment.
We process various forms of personal data relating to our employees, guests, business partners or other persons. This means that we must comply with Regulation (EU) 2016/679 of 27 April 2016 General Data Protection Regulation (“GDPR”).
Our goal is to secure and prevent the misuse of the personal data provided by employees, business partners and other entities. Within this context, we are implementing the GDPR not just as a mandatory statutory requirement, but also as a means by which to achieve the stated goal. RP Climbing has therefore adopted the following mission:
To guarantee the security of the personal data of its employees and partners, business or otherwise.
To fulfil this mission we are committed to adhering to the following measures in relation to the following areas of interest:
- Personal data security management system: We will implement the GDPR as a coherent system with linked management documents (policies, directives and guidelines) and records.
- Employee data: We will only keep those employee records absolutely necessary for the performance of personnel and payroll functions. Employees will be made aware of which personal data we process.
- CRM System: We will process all the information necessary for marketing and business activities in a structured form, including personal data.
- Business relations: We will only keep that data on our clients, suppliers (owners and employees) and tradesmen that is absolutely necessary for the processing of complaints, for the purpose of organising repairs, revisions, purchases and logistics, as well as the provision of customer services.
- Electronic and direct communications: We will only keep that data on our clients with whom we communicate through the web, social networks and e-shop that is absolutely necessary for the purposes of data collection, feedback and the processing of e-shop orders.
- Ambassadors: Where athletes are concerned who are not employees of the company, but who work for RP Climbing as ambassadors, only that data will be kept that is absolutely necessary to connect marketing activities and to verify the outputs of our design and development activities.
- CCTV: The CCTV system is in place to protect the lives and health of visitors and employees, to prevent damage to property and to provide evidence of any events that take place during company operations.
- Financial accounting: We will only keep that data on our business partners (owners and employees) and tradesmen that is absolutely necessary for financial accounting purposes, especially the processing of incoming invoices.
- Software products: We have assessed used and will assess new software products with regards to the recording of personal data. We will demand GDPR support during their use, including functions for the execution of data subjects’ rights (deletion of data, anonymization of data, etc.), from suppliers.
This GDPR Policy represents the commitment of the management of RP Climbing to fulfil the principles of personal data protection. Employees of the company are regularly informed about their responsibility for complying with and fulfilling this GDPR Policy.
This GDPR Policy is adopted for an indefinite period of time.
The validity of any aspect of this GDPR Policy can be reviewed at any time, but at least once a year.