Machines And Cloud henceforth referred to as (‘MAC’) strives to comply with applicable laws and regulations related to personal data protection in countries where the company operates. This policy sets forth the basic principles by which the company processes the personal data of customers/clients, candidates, contractors, employees and other individuals, and indicates the responsibilities of its business departments and employees while processing personal data. The policy reflects Machines And Cloud’s commitment to protect the personal information and handle it responsibly to meet business, legal and regulatory requirements related to personal data.
Machines And Cloud shall obtain consent from individuals when required or appropriate. Machines And Cloud should also clearly communicate any choices available when personal data is collected or used by a third party, or disclosed by Machines And Cloud to such parties.
Specifically, when consent is required or appropriate, Machines And Cloud shall:
Consent should be obtained in accordance with EU-U.S Privacy Shield and Swiss-U.S privacy shield laws and regulations (e.g., explicit and/or implicit consent). Additional safeguards that may be required, along with the definition of sensitive or special category of personal data, may vary.
For sensitive information (i.e personal information specifying medical or health conditions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union member-ship or information specifying the sex life of the individual), Machines And Cloud shall obtain affirmative express consent (opt in) from individuals of such information is to be (i) disclosed to the third party or (ii) used for the purpose other than those for which it was originally collected or subsequently authorized by the individuals through the exercise of opt-in choice. In addition, Machines And Cloud shall treat as sensitive any personal information received from a third party where the third party identifies and treats it as sensitive.