At Webhelp, we believe that protecting Personal Data is not only a matter of security or compliance with a particular legal framework. Itis a matter of individual and organisational commitment. Webhelp standards are when processing personal data are described in our Binding Corporate Rules (“BCRs”) which also constitutes Webhelp Global Privacy Policy.

Note that in the course of its activities, Webhelp Webhelp may process the Personal Data on its own behalf (i.e., as Controller) or on behalf of its Clients (i.e., as Processor). Hence, Webhelp has adopted both BCRs for Processor activities and BCRs for Controller activities. Whatever our role (Controller or Processor), Webhelp committed to implement appropriate technical, physical and administrative measures and controls. Such controls shall ensure that the whole organisation is Processing Personal Data in compliance with the General Data Protection Regulation 2016-679 (“GDPR”) and in a consistent manner, disregarding the nature and/or place of Processing.

In particular, Webhelp will process data in accordance with the following principles:

  • Lawfulness–Personal Data shall be collected and Processed with the Data Subject having given consent to the Processing or when Processing is legitimate or necessary in accordance with Applicable Data Protection Legislation;
  • Fairness–Personal Data Processing shall take into account the specific circumstancesand context in which such Personal Data is Processed;
  • Transparency-Information and communication relating to the Processing of Personal Data shall be easily accessible, easy to understand, clear and in plain and simple language;
  • Purpose limitation–Personal Data shall be collected for specified, explicit and legitimate purposes and not further Processed in a manner that is incompatible with those purposes;
  • Data minimisation–Collected Personal Data shall be adequate, relevant and limited to what is necessary in relation to the purposes for which they are Processed
  • Accuracy –Personal Data shall be accurate and, where necessary, kept up to date. Every reasonable step must be taken to ensure that Personal Data that is inaccurate, having regard to the purposes for which it is processed, is erased or rectified without undue delay;
  • Storage limitation –Personal Data shall be kept in a form which permits identification of Data Subjects for no longer than is necessary for the purposes for which the Personal Data is Processed or any other lawful retention;
  • Integrity and confidentiality –Personal Data shall be Processed in a manner that ensures appropriate security of the Personal Data, including protection against unauthorised or unlawful Processing and against accidental loss, destruction or damage, using appropriate technical, physical and administrative measures;

Through these BCRs Webhelp intends to share and specify the detail and the principles applicable to all Webhelp Entities and provide certain group-wide standards allowing the implementation of the BCRs. Furthermore, Webhelp may make available specific, local or sectorial policies.

As the BCRs aim at ensuring an adequate and consistent approach throughout the entire Webhelp organisation regarding Personal Data Processing, exceptions which could result from applicable legislations are not reflected in this BCRs. As a consequence, local legislation shall be considered as an enforceable exception to the BCRs and will be recorded and documented accordingly.