For Supplier, Customers & Vendor Date
- Vship Express employees are expected to handle confidential information carefully.
- In particular, security and all proprietary information and data processing, including personal data, must be confidential and safe following applicable laws and regulations.
- The purpose of our BCR (Binding corporate rules) is clear and should be provided advertising on personal data protection to provide an adequate level of protection of data for customers, suppliers, and vendors are generated from webpage processed in Vship Express worldwide.
- BCRs relate to personal data of natural persons who are customers or employed, Vship Express suppliers, and vendors. BCRs does not apply to other corporate-related data, organizational or government customer, supplier or seller, except where required by local law,
- If not, the BCRs bind to Vship Express as a data controller and do not apply when operating as a Vship Express data controller processor for a third party.
- In addition, BCRs apply only to personal data that arise, customers, suppliers, and, regardless of nationality or location of our Vendors.
- BCR can be replaced by other mechanisms that are compatible with BCR.
- All the Vship Express data Safety policies and notices that do not comply with the BCR or apply lower limit requirements are replaced by BCRs.
Local laws and conflicts
- Vship Express must always comply with any applicable law relating to personal data.
- People have the rights and remedies under applicable local law.
- Therefore, only BCRs apply where it provides ancillary protection compared to local law. Some requirements are eligible the words “local law is required if applicable.” If this qualifier is included in the BCR clause and there is a similar provision in local law, BCR or local law must be strictly followed.
- The BCR is maintained and interpreted under the law and complaints must be overseen by the High Data Protection Authority, which also has the power to advise Vship Express.
- Application at all times on BCR, any complaint or claim by any person regarding the subsidiary rights under the BCR is always redirected to local Vship Express legal entity or directly to the corporate.
- Individuals can choose to file complaints or claims regarding affiliation rights with the local competent supervisory authority or with the Data Protection Authority.
- Individuals may choose to sue in advance competent jurisdiction or competent jurisdiction of the local Vship Express law firm in the European Union.
- Additional protections, rights, or remedies granted under the BCR are granted and enforced against them.
- We will only be liable for damages directly incurred by an individual as a result of the infringement
- BCR where individuals can demonstrate that they have been harmed and establish facts show that there is a possibility of loss as a result of BCR violation.
- Vship Express will prove that our Company is not responsible for the BCR violation.
- All Vship partner companies confidently inquire and assist each other with complaints from individuals regarding non-compliance with BCR.
Data protection and security impact assessment (PSIA)
- If personal data is likely to present a high level of risk to rights and freedoms.
- Individuals, Vship Express assesses the expected processing impact.
- The assessment includes an assessment of the damages to the rights and freedoms of the individual,
- Measures designed to address accidents, defenses, defenses, and mechanisms protection of personal data and compliance with BCR.
- Vship Express adopts internal policies and applies appropriate actions.
- The data protection principles are highly and smartly designed by default. This means:
A) Implement appropriate technical and organizational measures and policies tool stabilization time and processing time BCR compliance.
B) Implementation of mechanisms to ensure that only personal data is processed for each specific purpose, these are required in terms of amount and data and their storage time. In particular, those mechanisms should ensure that personal data is available, not available to an indefinite number of people.