The Bona Life Information and Security Privacy Policy outlines the high level requirements to prevent Personal Information about individuals or juristic entities being used in an inappropriate manner (including loss, theft, unauthorised access), and ensure compliance with legal and regulatory requirements for information privacy.
In line with this, Bona Life shall adhere to the following:
Choice and Consent
Bona Life shall describe the choices available to the individual and, if it cannot justify the collection, use and disclosure under one of the processing grounds specified in the legislation, shall obtain implicit or explicit consent with respect to the collection, use and disclosure of Personal Information.
Collection
Bona Life shall collect Personal Information only for the purposes identified in the notice (a Privacy or Fair Processing Notice).
Use, Retention and Disposal
Bona Life shall limit its use of Personal Information to the purposes identified in the notice and for which the individual has provided implicit or explicit consent, or for which the local legislation allows. Bona Life shall retain Personal Information for only as long as necessary to fulfil the stated purposes or as required by law or regulations and thereafter appropriately dispose of such information.
Access
If a formal request is made by an individual then Bona Life shall provide that individual with access to their Personal Information for review and update, subject to the legislation.
Disclosure to Third Parties
Bona Life shall disclose information to third parties only for the purposes identified in the notice and with implicit or explicit consent of the individual or as allowed by legislation.
Security
Bona Life shall appropriately protect Personal Information against unauthorised access (both physical and logical).
Quality
Bona Life shall take reasonable steps to maintain accurate, complete and relevant Personal Information for the purposes identified in the notice.
Monitoring and Enforcement
Bona Life shall monitor its compliance with the privacy policies and procedures and have procedures to address privacy related inquiries, complaints, disputes and incidents.