Your data, your rights, your choices
At xim, we want to make sure you find it easy to access and amend the data we hold about you. Subject to limitations, you can also make certain requests about that data. Please contact us using the details set out below if you wish to exercise your data rights, or contact the data protection regulator to find out more about them.
The right to be informed:
You have the right to be provided with clear, transparent and easily understandable information about how we use your information and your rights. This is why we’re providing you with the information in this Privacy Notice.
The right of access:
You have the right to obtain access to your information (if we’re processing it), and certain other information (similar to that provided in this Privacy Notice). This is so you’re aware and can check that we’re using your information in accordance with data protection law.
The right to rectification:
You are entitled to have your information corrected if it is inaccurate or incomplete.
The right to erasure:
This is also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of your information that we hold.
The right to restrict processing:
You have rights to ‘block’ or suppress further use of your information. When processing is restricted, we can still store your information, but will not use it further.
The right to object to processing:
You have the right to object to certain types of processing, including processing for direct marketing (i.e. receiving information about xim’s products and services which may be of interest to you via email or post).
The right to data portability:
You have the right to obtain and reuse your information for your own purposes across different services. To our best ability we will provide your information in an easily accessible format.
The right to lodge a complaint:
You have the right to lodge a complaint about the way we handle or process your information with the national data protection regulator.
The right to withdraw consent:
If you have given your consent to anything we do with your information (i.e. we rely on consent as a legal basis for processing your information), you have the right to withdraw that consent at any time.
Please note that withdrawing your consent does not make unlawful what we have done with your personal data up to that point (when your consent was active).
If you believe that we hold any incomplete or inaccurate data about you, you have the right to ask us to correct and/or complete the information and we will strive to do so as quickly as possible; unless there is a valid reason for not doing so, at which point you will be notified.
You also have the right to request erasure of your personal data or to restrict processing (where applicable) in accordance with the data protection laws; as well as to object to any direct marketing from us. Where applicable, you have the right to data portability of your information and the right to be informed about any automated decision-making we may use.
If we receive a request from you to exercise any of the above rights, we may ask you to verify your identity before acting on the request; this is to ensure that your data is protected and kept secure.