Liberia HR Jobs Board

2
AA

Data Protection Policy

Parous Group – Data Protection Policy

Version: 1.0
Effective Date: 05- 09 -2019
Last Reviewed: 05 – 09 – 2024
Approved by: Management

1. Purpose

This Data Protection Policy outlines how Parous Group manages personal data in compliance with global data protection laws, including but not limited to the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other regional privacy laws applicable to our global clientele.
It ensures the security, confidentiality, integrity, and lawful handling of personal data throughout its lifecycle.

2. Scope

This policy applies to:

  • All employees, contractors, vendors, and third parties with access to personal data
  • All business operations of Parous Group across all jurisdictions
  • All personal data processed, including that of employees, clients, and platform users

3. Definitions

  • Personal Data: Any information relating to an identified or identifiable person.
  • Processing: Any operation performed on personal data, including collection, storage, use, disclosure, or deletion.
  • Data Subject: The individual whose personal data is being processed.
  • Data Controller: Parous Group, determining the purposes and means of processing.
  • Data Processor: Any third party processing data on our behalf.

4. Data Protection Principles

Parous Group adheres to the following principles:

  1. Lawfulness, Fairness & Transparency
  2. Purpose Limitation
  3. Data Minimization
  4. Accuracy
  5. Storage Limitation
  6. Integrity and Confidentiality
  7. Accountability

5. Types of Data Collected

We may collect the following:

  • Identity data (Name, National ID, Passport number)
  • Contact data (Email, Phone number, Address)
  • Employment data (Job title, Department, Attendance)
  • Biometric data (face/fingerprint, where used)
  • Device and usage data (IP address, device logs)

6. Legal Basis for Processing

We process data based on:

  • Consent
  • Contractual necessity
  • Legal obligations
  • Legitimate interests (e.g. system security, analytics)
  • Vital interests (e.g. emergency contact data)

7. Data Subject Rights

We ensure that individuals can exercise the following rights:

  • Right to access
  • Right to rectification
  • Right to erasure (“right to be forgotten”)
  • Right to restrict processing
  • Right to object
  • Right to data portability
  • Right to lodge a complaint with a supervisory authority

8. International Data Transfers

Where data is transferred outside the region (e.g., EU to US/Africa/Asia), we ensure appropriate safeguards:

  • Standard Contractual Clauses (SCCs)
  • Data Processing Agreements (DPAs)
  • Our Data Center is hosted in GDPR-compliant infrastructure, Hetzner, Germany

9. Data Security

Parous Group implements appropriate technical and organizational measures:

  • End-to-end encryption of sensitive data
  • Role-based access controls
  • Firewall and intrusion detection systems
  • Periodic vulnerability assessments
  • Staff training on data handling

Our infrastructure is hosted on Hetzner dedicated servers with enterprise-grade security.

10. Data Retention and Disposal

Data is retained only as long as necessary for the purposes stated. Upon expiry:

  • Data is securely deleted or anonymized
  • Backups are purged in compliance with policy
  • Retention periods as longer you are using our platforms.

11. Third-Party Processors

All third-party processors are:

  • Vetted for compliance
  • Bound by Data Processing Agreements
  • Audited periodically for security posture

12. Data Breach Notification

In the event of a breach:

  • We will notify supervisory authorities within 72 hours (where required)
  • Affected data subjects will be informed as per applicable law
  • A post-mortem and remediation plan will be documented

13. Employee Responsibilities

All staff must:

  • Handle data responsibly
  • Report breaches or suspicious activities immediately
  • Attend mandatory privacy training
  • Comply with this policy at all times

14. Governance & Review

This policy is reviewed annually or when significant changes occur in:

  • Legislation
  • Business processes
  • Data processing technologies

15. Contact & Compliance

Data Protection Unit (DPO):
Linda Pratt
📧 info@liberiahrjobs.com
📞 231770-426-071