GDPR (General Data Protection Regulation)
Protection of personal data - a priority for POST Luxembourg
Nothing is more important to POST than the trust of its customers. We earn this trust every day by carrying out our mission, which consists in facilitating communication and making easy the transmission of information, data and content between individuals and companies in Luxembourg. Protecting that data entrusted to us and, particularly personal data is a major challenge underpinning the credibility of everything we do.
What is GDPR?
The GDPR (General Data Protection Regulation) is a European Regulation with two objectives:
- Better protection for citizens, by giving them more rights to control the processing of their personal data;
- Giving greater responsibility to all actors processing personal data, by requiring them to demonstrate greater transparency in the collection and use of these data.
How is GDPR applied at POST?
At POST, the protection of personal data is embedded in our activities. Therefore we are used to handling the data in our possession with every necessary precaution. The privacy of correspondence, the privacy of communications and banking privacy are legal obligations that we have always respected.
A long-standing commitment
We did not wait until 2018 and the entry into force of the GDPR to make a start on compliance regarding our operations. As early as 2016, we have started a global process to adapt our internal policies to the new requirements of the GDPR.
When we process personal data at POST, we do so under the strict framework of the regulations. We ensure respect for and security of our customers’ privacy as well as the data entrusted to us. We collect only the information required, and we only retain that needs-oriented data for a limited period of time.
Good to know
In order to maintain this relationship of trust day after day with its customers, POST undertakes to respect all their rights, so that they can keep control of the treatment of personal data concerning them:
- Right to information
- Right of access and of rectification
- Right to object
- Right to data portability
- Right to challenge decisions taken on the basis of an automated process
- Right to be forgotten
- Right to restriction of processing