Website Policy

Introduction

This Website Policy ("Policy") sets out how JSC Global uses your personal data when you visit this website.

This website (http://www.jscglobalaccountingservices.com) is administered and operated by JSC Global, 10 George St. North, Brampton, Ontario, L6X1R2, Canada. JSC Global is the data controller with respect to your personal data used on this website.

JSC Global reserves the right to change (sections of) this Policy at any time and without notice. It is recommended that you review this Policy periodically for changes.

Personal data JSC Global collects

The personal data JSC Global collects about you when you visit and use this website include the following:

Information you provide to TMF Group. We collect data that you choose to provide to JSC Global when filling out enquiry forms on this website, when subscribing to e-mail alerts (eAlerts), when downloading publications or other documents from our websites or when otherwise corresponding with JSC Global on this website. Such data includes your first name and surname, job title, email address, telephone number, geographic region and information about your preferences and interests (such as topics and services).

Information automatically collected. Whenever you visit or interact with this website, we automatically collect data about your visit. Such information includes IP address and other unique identifiers for the computer, mobile or other device you use to access this website and any referring website. We gather such information through cookies and other web technologies. More information on the use of cookies can be found in our Cookie Policy below.

Purpose for which JSC Global uses personal data

JSC Global collects and uses your personal data for the purposes described below and on the following lawful bases:

For our legitimate (business) interests. Our legitimate interests include to analyse visits to and use of this website, to improve and develop our services, to administer this website, to give you a better user experience, for internal operations including troubleshooting, to understand and measure the effectiveness of advertising, to deliver relevant advertising, data analysis, statistical and survey purposes,  to generate aggregated statistics, to ensure the security of our services and website and to prevent fraud, hacking and spamming.

Based on your consent. We use your personal data based on your consent when you sign up to receiving our marketing communications through our website (e.g. through eAlerts) or otherwise expressly consent to the use of your personal data. You can withdraw your consent at any time by sending an email to dataprotection@jscglobalaccountingservices.com or by opting-out by following the opt-out instructions in the relevant marketing communication.

How JSC Global shares your personal data

JSC Global does not share your personal data other than as described below:

Data controllers within JSC Global. Your personal data will be shared between the responsible JSC Global companies that may use your personal data as described in this Policy. An overview of the relevant responsible JSC Global companies can be found here.

Website hosting partners and processors. JSC Global engages third party vendors, service providers, and affiliated entities to provide services to JSC Global on behalf of TMF Group, such as support for the internal operations of this website, technical services (e.g. technical support), as well as related offline support services, data storage and other services.

Third parties in case of legal requirement. JSC Global also discloses your personal data if disclosure is required by law or in the context of an investigation, regulatory requirement, judicial proceeding, court order or legal process served on TMF Group, or to protect the rights, We or safety of the website, JSC Global or its affiliated companies.

Third parties with consent. JSC Global also discloses information about you, including personal data, to any other third party, where you have expressly consented or requested JSC Global to do so.

Third parties in case of a corporate transaction. In addition, your personal data may be disclosed as part of any merger, sale, transfer of TMF Group's assets, acquisition, bankruptcy, or similar event.

Security measures taken by JSC Global

In order to protect your personal data JSC Global has implemented various security measures. Your personal data is contained behind secured networks and is only accessible by a limited number of people, who have special access rights and are required to keep the information confidential.

Please keep in mind that no website or internet transmission is completely secure. Therefore, JSC Global cannot guarantee that unauthorized access, hacking, data loss, or other breaches will never occur. JSC Global urges you to take steps to keep your personal data safe, such as closing your web browser when finished using this website.

Data retention

JSC Global will retain the personal data processed through this website for as long as necessary for the purposes for which the data was originally collected, unless a longer retention period is applicable under any applicable laws.

International transfers

JSC Global may transfer and process any personal data you provide to JSC Global through this website to countries other than your country of residence. The laws of these countries may not afford the same level of protection to your personal data. JSC Global will therefore seek to ensure that all adequate safeguards are in place and that all applicable laws and regulations are complied with in connection with such transfer. More in particular for data transferred from the EU to countries outside the EU, JSC Global will ensure that it has entered into legally necessary contracts with recipients of your data, including standard contractual clauses as approved by the European Commission or other supervisory authority where required. The internal data transfers within JSC Global to countries that do not provide an adequate level of protection are covered by JSC Global's Binding Corporate Rules, which can be found here.

Third party websites

This website contains links to third-party websites; if you follow these links, you will exit this website. While these third-party websites are selected with care, JSC Global cannot accept liability for the use of your personal data by these organizations. For more information, please consult the website policy of the website you are visiting (if such a policy is provided).

Your rights

To the extent applicable under laws, you can access the following rights by means of sending an email to dataprotection@jscglobalaccountingservices.com: right of access, right of rectification, right to erasure, right to object, right to restrict data processing and your right to data portability. Whenever reasonably possible and required under applicable laws, we will strive to grant these rights within one month.

You may revoke your consent for receiving marketing communications at any time, free of charge by following the instructions in any marketing communication. JSC Global will then stop sending you marketing communications.

In case you may have a question or complaint about how JSC Global processes your personal data, you can send an email to dataprotection@jscglobalaccountingservices.com. Alternatively, you may consider lodging a complaint with a supervisory data protection authority.

Cookie Policy

Introduction

This Website Policy ("Policy") sets out how JSC Global uses your personal data when you visit this website.

This website (http://www.jscglobalaccountingservices.com) is administered and operated by JSC Global, 10 George St. North, Brampton, Ontario, L6X1R2, Canada. JSC Global is the data controller with respect to your personal data used on this website.

JSC Global reserves the right to change (sections of) this Policy at any time and without notice. It is recommended that you review this Policy periodically for changes.

What are cookies?

JSC Global Accounting Services uses cookies on its website. A cookie is a small text file that is sent to your internet browser. Your internet browser (either through your computer or other internet enabled device, such as a smartphone or tablet) will save the cookie. A cookie is usually a unique number with which data can be associated.

Cookies may be either "persistent" cookies or "session" cookies. A persistent cookie consists of a text file sent by a web server to a web browser, which will be stored by the browser and will remain valid until its set expiry date (unless deleted by the visitor before the expiry date). A session cookie, on the other hand, will expire at the end of the visitor session, when the web browser is closed.

Why does JSC Global Accounting Services use cookies?

JSC Global Accounting Services uses cookies to ensure you have the best possible user experience on our website and can navigate the website quickly and efficiently. JSC Global Accounting Services also deploys cookies to determine where JSC Global Accounting Services can improve the website to make it even quicker and easier for you to find what you are looking for. Lastly, JSC Global Accounting Services uses cookies to provide you with relevant information and offers.

What types of cookies does JSC Global Accounting Services use?

JSC Global Accounting Services uses the following types of cookies on its website:

1. Functional cookies: these cookies are essential in order to ensure that this website operates properly. They are used to save preferences, detect misuse of our website and services and to distribute the load on our servers, which keeps our website available. Certain services you requested cannot be provided without these cookies.

2. Web statistics cookies: these cookies are used to determine which parts of this website visitors are most interested in. This enables us to make the structure, navigation, and content of our website as user friendly as possible. Specifically, these cookies are used to (i) keep track of the number of visitors to our web pages; (ii) keep track of the amount of time each user spends on our web pages; (iii) determine the order in which a visitor visits the various pages of our website; (iv) assess which parts of the website need to be changed; and (v) optimise the website. Software from third parties (such as Google Analytics) may be used for these purposes. 

More detailed information about the types of cookies we use, for which purposes and the expiry date of the cookies can be found below under "Overview cookies used".

What does JSC Global Accounting Services do with the cookies?

JSC Global Accounting Services uses the cookies for various reasons:

1. to study how users or group of users use the website, so that JSC Global Accounting Services can improve the website;

2. to be able to inform you better of JSC Global Accounting Services services;

3. to make analyses for research and statistics;

4. to improve the website, making it easier for you to find what you are looking for; and

5. to remember your settings and preferences. This makes your subsequent visits to the website easier.

How can I accept cookies?

You can accept cookies by clicking the Accept and Close button on the cookie pop up that is shown on the home page of this website. The next time that you will visit the website, the cookie pop up will not be showed.

What am I accepting if I accept cookies?

If you accept the cookie pop up, you are accepting all cookies used on this website and you consent to the use of cookies as described in this policy.

How to manage cookies?

If you do not want our website to store cookies on your device, you can change your browser settings so that you receive a warning before certain cookies are stored. You can also adjust your settings so that your browser refuses most of our cookies or only certain cookies from third parties. You can also withdraw your consent to cookies by deleting the cookies that have already been stored.

Please be aware that if you do not want to accept any cookies, we cannot guarantee that our website will function properly. It may be that several functions will be unavailable to you or that you will even be unable to view certain parts of the website.

Please note that you will have to change your settings for each browser and device you use. Moreover, such methods will not work with respect to certain non-cookie online tracking technologies.

The procedures for changing your settings and cookies differ from browser to browser. If necessary, use the help function on your browser or click on one of the links below to go directly to the user manual for your browser.

Internet Explorer

Mozilla Firefox

Google Chrome

Safari

Opera

There are also software products available that can manage cookies for you. You can also use www.ghostery.com to accept or refuse each cookie used on our websites.

To find out more about cookies, including how to see what cookies have been set and how to manage or delete them, visit www.allaboutcookies.org.

Overview of cookies used

More information on the types of cookies on our website can be found in our Cookie List.

Privacy Statement



1. Introduction and Scope

This Privacy Statement sets out how JSC Global Accounting Services uses your Personal Data in connection with any services provided to you ("Services”). For purposes of this Privacy Statement, "Personal Data" means any information through which we can identify you as an individual, as further described below under paragraph 3 (Personal Data we collect).

This Privacy Statement only applies to the usage of Personal Data of (prospective) clients for which JSC Global Accounting Services is responsible and qualifies as Controller under the General Data Protection Regulation (2016/679/EU) ("GDPR"), as further described in this Privacy Statement. This type of Personal Data is collected through various channels, such as in a sales process, via telephone calls, via forms you submit to us, via email or via business events. This Privacy Statement does not apply to corporate company information if no personal data from individuals can be derived from such corporate information.

For our usage of Personal Data in our capacity as Processor under the GDPR, we have a separate Personal Data Protection Policy. We also have a separate Website Privacy Statement which sets out how we use your personal data when you visit our website.

2. Who we are

When we refer to ourselves as “JSC Global Accounting Services” or "we", we mean each JSC Global Accounting Services’s entity that is responsible for using your Personal Data. This will depend on the JSC Global Accounting Services’s entity(/ies) that you intend to or have entered into a contract with for the provision of Services. An overview of the locations JSC Global Accounting Services’s entities operate in can be found here.

3. Personal Data we collect

The Personal Data we collect about you when you use our Services include the following:

Your contact details. Your name, address, telephone number, email address and any other contact details you provide to us.

Your personal characteristics. Including your gender, profession, job title, marital status (if shown on national identification cards) or other personal characteristics that are requested to identify you as a client or client representative.

Recording of video footage. When you enter our buildings or premises, you are recorded by our video surveillance systems (CCTV). You can also be recorded on video footage during events, such as seminars, that we host.

Your communication data. Your requests, any complaints you may have and any other data that we receive if we communicate with you via email, telephone or otherwise.

Any other personal data. This includes any personal data that you disclose to us during the course of your contractual relationship with us, either voluntarily or upon request.

KYC information. JSC Global Accounting Services is required by law to conduct "know your client" identification procedures. To comply with our legal obligation, we also collect the following information from the Ultimate Beneficial Owners (UBOs) of our clients: first and family name, copy of ID, nationalities, tax residence, private/residential address, phone number, email address, date of birth, marital status, profession and actual function, range of annual income, range of estimated wealth, the source of wealth and (where applicable) an U.S. or other Taxpayer Identification Number.

4. Purposes for which we use your Personal Data

JSC Global Accounting Services collects and uses your Personal Data for the purposes below and on a lawful basis. Insofar we already hold information about you, we may use that information for the same purposes.

For the performance of our agreement with you: We use your Personal Data in order to carry out our obligations arising from any agreements entered into between you and us, and to provide you with the information and services that you request, including managing and handling your requests, inquiries or complaints.

Use of information based on your consent: If you are a prospective client: we use your Personal Data to send you marketing communications (such as newsletters, promotions, news or service updates) via email or other electronic means or via telephone, but we will only do so after we have received your explicit consent to do so. You can withdraw your consent at any time; see paragraph 9 (Your rights) below.

To comply with our legal obligations: Any information referred to above under Paragraph 3 (Personal Data we collect) may be used to comply with a legal obligation to which we are subject, such as maintaining appropriate business records, conducting Know Your Client identification procedures, complying with lawful requests by governmental agencies and public authorities and to comply with applicable laws and regulations or as otherwise required by law.

For our legitimate commercial interests:

If you are an existing client: we use your Personal Data (both on aggregated and on individual basis), such as your contact details and your electronic identification data for the purpose of advertising our Services that may be of interest to you (based on the Services you previously used), making contact with you for marketing or other commercial purposes.

We use your Personal Data for client administration purposes, such as client Services agreements administration, internal administration of work done under client Services agreements;

We use your Personal Data for analysing and improving the quality of our Services and to understand you as a customer (customer optimization). This enables us to assess what may interest you, to measure or understand the effectiveness of advertising we serve to you and others and to deliver relevant advertising. In addition, based on your historical use of our Services we may target you with advertisement or other marketing materials that are customized to your personal preferences and experiences.

In addition, we use your Personal Data for our other legitimate commercial interests such as, to operate and expand our business activities, to develop and improve or modify our Services, to generate aggregated statistics about the users of our Services; to assist in security and fraud prevention; to administer our website and for internal operations, including troubleshooting, data analysis, testing, research, and statistical purposes.

We also use your Personal Data for system integrity purposes (for example the prevention of hacking, spamming etc.); to facilitate our business operations, to operate company policies and procedures; to enable us to make corporate transactions, such as any merger, sale, reorganization, transfer of JSC Global Accounting Services’ assets or businesses, acquisition, bankruptcy, or similar event; or for other legitimate business purposes permitted by applicable law.

5. How we share your Personal Data

We share your Personal Data with the following parties:

Data controllers within JSC Global Accounting Services. Your Personal Data will be shared between the JSC Global Accounting Services entities that may use your Personal Data as described in this Privacy Statement for internal administrative purposes, management purposes, analytical purposes and other business-related purposes. Your Personal Data will only be used by JSC Global Accounting Services’s companies for marketing purposes if you have given your explicit consent thereto and/or where we have legitimate interest to do so. An overview of the locations JSC Global Accounting Services’s entities operate in can be found here.

 Service Providers and Processors. We engage third party vendors to provide Services on our behalf, which may have access to your Personal Data, including:

Business partners (such as law, tax and audit firms or finance providers), including subcontractors which are engaged to perform (part of) the Services under client services agreements;

Suppliers (such as IT service providers);

Marketing and advertising companies that carry out marketing activities on our behalf;

Analytics and search engine providers that assist us in the improvement and optimisation of our website, such as Google Analytics.

In providing their services, they will access, receive, maintain or otherwise process Personal Data on our behalf. Our agreements with these service providers do not permit use of your Personal Data for their own (marketing) purposes. Consistent with applicable legal requirements, we take commercially reasonable steps to require third parties to adequately safeguard your Personal Data and only process it in accordance with our instructions.

Third parties in case of legal requirement. We will disclose your Personal Data if disclosure is required by law or in the context of an investigation, regulatory requirement, judicial proceeding, court order or legal process served on us, or to protect the rights or safety of the website, us or our affiliated companies.

Corporate transaction. In addition, information about our clients, including Personal Data, may be disclosed as part of any merger, sale, transfer of JSC Global Accounting Services’s assets, acquisition, bankruptcy, or similar event.

With consent. We also disclose information about you, including Personal Data to any other third party, where you have consented or requested that we do so.

6. International Transfers of your Personal Data

Due to the global presence of our business operations, JSC Global Accounting Services transfers Personal Data you provide to us to countries other than your country of residence. The laws of these countries may not provide the same level of protection to your Personal Data. JSC Global Accounting Services or third parties we use will therefore seek to ensure that all adequate safeguards are in place and that all applicable laws and regulations are complied with in connection with such transfer, in particular for Personal Data transferred to countries outside the European Economic Area (EEA).

Intra-group data transfers within JSC Global Accounting Services take place on the basis of our Binding Corporate Rules, which can be found on the JSC Global Accounting Services website. For data that is transferred to third parties outside the EEA, we enter into legally required agreements with these third parties, including standard contractual clauses as approved by the European Commission or other supervisory authority where required. You are entitled to receive a copy of any documentation showing the suitable safeguards that have been taken by making a request via the local JSC Global Accounting Services entity which collected your data or  dataprotection@jscglobalaccountingservices.com

7. Security

JSC Global Accounting Services will take reasonable steps to ensure that your Personal Data are properly secured using appropriate technical, physical, and organizational measures, so that they are protected against unauthorised or unlawful use, alteration, unauthorised access or disclosure, accidental or wrongful destruction, and loss.

We take steps to limit access to your Personal Data to those persons who need to have access to it for one of the purposes listed in this Privacy Statement. Furthermore, we contractually ensure that any third party processing your Personal Data equally provide for confidentiality and integrity of your data in a secure way.

8. Data Retention

We retain your Personal Data for as long as required to satisfy the purpose for which they were collected and used (for example, for the time necessary for us to provide you with client Services) unless a longer period is necessary for our legal obligations or to defend a legal claim. The Personal Data that we collect of ultimate beneficial owners is retained for ten (10) years to cover the different requirements under national legislation of the countries where such data is collected.

9. Your Rights

Subject to the conditions set forth in the applicable law, you have the right to request, review, correct, update, suppress, restrict or delete Personal Data that you have provided to us or if you would like to request to receive an electronic copy of such personal data for purposes of transmitting it to another company, by sending an email to the local JSC Global Accounting Services entity which collected your data or dataprotection@jscglobalaccountingservices.com specifying your request. We will respond to your request consistent with applicable law.

In your request, please tell us what Personal Data you would like to have changed, whether you would like to have it suppressed from our database, or otherwise let us know what limitations you would like to put on our use of it. We will try to comply with your request as soon as reasonably practicable.

Please note that we may need to retain certain Personal Data for recordkeeping purposes and/or to complete any transactions that you began prior to requesting a change or deletion.

In the event your personal data is processed on the basis of your consent, you can withdraw your consent at any time by sending an email to the local JSC Global Accounting Services entity which collected your data or dataprotection@jscglobalaccountingservices.com  specifying your request, without affecting the lawfulness of processing based on consent before its withdrawal.

You may lodge a complaint with a supervisory authority, in particular in your Member State of residence, if you consider that the collection and use of your Personal Data infringes this Privacy Statement or applicable law.

10. Changes to this Privacy Statement

This Privacy Statement may be revised from time to time. If a fundamental change to the nature of the use of your personal data is involved or if the change is in any other manner relevant to you, we will ensure that information is provided to you well in advance of the change actually taking effect.

11. Contact Us

If you have any queries about this Privacy Statement or our handling of your Personal Data in general, or if you want to exercise your rights, please email us at dataprotection@jscglobalaccountingservices.com and be sure to indicate the nature of your query.

Personal Data Protection – JSC Global Accounting Services

1. Introduction and scope 

This Personal Data Protection Policy ("Policy") describes the privacy practices of JSC GLOBAL ACCOUNTING SERVICES regarding the Processing of Personal Data of the directors, officers and employees and – to the extent applicable – the customers of the Client and/or the relevant Client Affiliates, as part of the provision of JSC GLOBAL ACCOUNTING SERVICES’ Services to its Clients. This Personal Data can be stored on JSC GLOBAL ACCOUNTING SERVICES systems, Client systems or third-party systems to which JSC GLOBAL ACCOUNTING SERVICES is provided access to for the provision of Services. Where JSC GLOBAL ACCOUNTING SERVICES provides Services to its Clients, JSC GLOBAL ACCOUNTING SERVICES will be acting as Processor and the Client will be acting as Controller. This Policy applies globally to any and all Services provided by JSC GLOBAL ACCOUNTING SERVICES to its Clients.

JSC GLOBAL ACCOUNTING SERVICES Processes Personal Data on behalf of the Client in accordance with Data Protection Laws. Insofar necessary, the Service Agreement will be supplemented with an Addendum to set out any additional matters that are specific to the Client and cannot be regulated in this Policy.

This Policy does not apply to the collection of Personal Data through our website or through cookies with respect to which Personal data JSC GLOBAL ACCOUNTING SERVICES can be considered Controller; we refer to our separate Website Policy and  Cookies Policy for more information in this regard.

This Policy is available through the JSC Global Accounting Services website at the following link: https://www.JSCGlobal Accounting Services.com/en/legal/data-protection/. JSC GLOBAL ACCOUNTING SERVICES reserves the right to update this Policy without consulting or pre-informing its Clients. 

2. Definitions

The capitalized terms listed below have the follow meaning in this Policy:

a.   “Client” means the counterparty to the Service Agreement with JSC GLOBAL ACCOUNTING SERVICES; b.   “Client Affiliate” means any legal entity affiliated to the Client; c.   “Client Data Subjects” shall mean the former and current directors, officers and employees and customers of the Client and Client Affiliates; d.   “Controller” shall mean the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data; e.   “Data Protection Laws” means in relation to any Personal Data which is Processed in the performance of the Service Agreement, the General Data Protection Regulation (EU) 2016/679 ("GDPR") together with all implementing laws and any other applicable data protection, privacy laws or privacy regulations; f.    “Personal Data” means any information through which a Client Data Subject can be identified directly or indirectly; g.   “Processing” means any operation or set of operations which is performed upon Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction; h.   “Processor” shall mean the party, which Processes Personal Data on behalf of the Controller; i.    “Services” means services JSC GLOBAL ACCOUNTING SERVICES provides to the Client under the Service Agreement; j.    “Service Agreement” means any written contract, any written statement of work, or any other written binding agreement, including any annexes thereto, between JSC GLOBAL ACCOUNTING SERVICES and the Client; k.   “Subprocessor” means any data processor appointed by Processor to process Personal Data on behalf of the Controller; l.    “JSC GLOBAL ACCOUNTING SERVICES” means JSC GLOBAL ACCOUNTING SERVICES Affiliate that is the contracting entity to the Service Agreement; m.  “JSC GLOBAL ACCOUNTING SERVICES Affiliate” means with respect to any specified person or entity, any other person or entity directly or indirectly controlling or controlled by or under direct or indirect common control with such specified person or entity. For the purpose of this definition, “control”, when used with respect of any specified person or entity means the power to direct or cause the direction of the management or policies of such person or entity, whether through ownership of voting securities or by contract or otherwise. The terms “controlling” and “control” have meaning correlative to the foregoing. Specifically excluded from this definition are the shareholding companies controlling JSC Global Accounting Services B.V.

3. Personal data processed by JSC Global Accounting Services

The details of the Personal Data that will be Processed by JSC GLOBAL ACCOUNTING SERVICES on behalf of the Client, including the duration, purpose and categories of Personal Data, will be set out in (the Addendum to) the Service Agreement.

4. Use of personal data

JSC GLOBAL ACCOUNTING SERVICES shall not process, transfer, modify, amend or alter the Personal Data or disclose or permit the disclosure of the Personal Data to any third party other than:

as necessary to process Personal Data to provide the Services and/or otherwise in accordance with the documented instructions of Client, or

as required to comply with Data Protection Laws or other laws to which JSC GLOBAL ACCOUNTING SERVICES is subject, in which case JSC GLOBAL ACCOUNTING SERVICES shall (to the extent permitted by law) inform Client of that legal requirement before processing the Personal Data.

In addition, JSC GLOBAL ACCOUNTING SERVICES is allowed to use aggregated data – to the extent this can no longer be considered Personal Data - for analysing purposes, for website and for internal operations, including troubleshooting, data analysis, testing, research, for statistical purposes and for improving the quality of its Services.

5. Subprocessing

JSC GLOBAL ACCOUNTING SERVICES may be required to appoint certain third parties to provide part of the Services to the Client or assist with providing technical support, such as IT service providers or other suppliers. By signing the Service Agreement, the Client authorises JSC GLOBAL ACCOUNTING SERVICES to subcontract the Processing of Personal Data to Subprocessors. Subprocessors are in each case subject to the terms between JSC GLOBAL ACCOUNTING SERVICES and the Subprocessor which are no less protective than those set out in this Policy and the Service Agreement. JSC GLOBAL ACCOUNTING SERVICES will inform the Client of the details of such Subprocessor(s) upon written request from the Client. JSC GLOBAL ACCOUNTING SERVICES will inform the Client in advance of any intended changes concerning the addition or replacement of Subprocessors and thereby give the Client the opportunity to object to such changes. If the Client does not object in writing within five (5) days of receipt of the notice, the Client is deemed to have accepted the new Subprocessor. If the Client does object in writing within five (5) days of receipt of the notice, JSC GLOBAL ACCOUNTING SERVICES and the Client will discuss possible resolutions.

6. Confidentiality and security

JSC GLOBAL ACCOUNTING SERVICES shall keep the Personal Data confidential and will instruct its staff and Subprocessors to the same. JSC GLOBAL ACCOUNTING SERVICES shall implement appropriate technical and organisational measures to ensure a level of security of the Personal Data appropriate to the risk required pursuant to applicable Data Protection Laws and, where the Processing concerns personal data of EU residents, shall take all measures required pursuant to article 32 GDPR. In assessing the appropriate level of security, JSC GLOBAL ACCOUNTING SERVICES shall take account in particular of the risks that are presented by Processing, in particular from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to Personal Data transmitted, stored or otherwise processed. The security measures are further described and specified in the document "Statement of Continuity", which is published on the JSC GLOBAL ACCOUNTING SERVICES website (https://www.JSC Global Accounting Services.com/en/legal/data-protection/) and forms an integral part of this Policy. 

7. Co-operating with requests of the client

JSC GLOBAL ACCOUNTING SERVICES shall, upon request and to the extent required under Data Protection Laws, co-operate with requests of the Client that relate to the Processing of Personal Data. In particular, JSC GLOBAL ACCOUNTING SERVICES shall co-operate with requests that relate to Client Data Subject rights, Data Protection Impact Assessments and audit rights as described below.

Client Data Subject rights: JSC GLOBAL ACCOUNTING SERVICES shall co-operate as requested by the Client to enable the Client to comply with any exercise of rights by a Client Data Subject in respect of Personal Data and comply with any assessment, enquiry, notice or investigation under Data Protection Laws. Provided in each case that the Client shall reimburse JSC GLOBAL ACCOUNTING SERVICES in full for all costs (including for internal resources and any third party costs) reasonably incurred by JSC GLOBAL ACCOUNTING SERVICES performing its obligation under this section.

Data Protection Impact Assessment: JSC GLOBAL ACCOUNTING SERVICES shall provide reasonable assistance to the Client with any data protection impact assessments which are required under Article 35 GDPR and with any prior consultations to any Supervisory Authority of the Client which are required under Article 36 GDPR, in each case in relation to Processing of Personal Data by JSC GLOBAL ACCOUNTING SERVICES on behalf of the Client and taking into account the nature of the processing and information available to JSC GLOBAL ACCOUNTING SERVICES.

Audit rights: On reasonable request and notice and at the Client's expense, JSC GLOBAL ACCOUNTING SERVICES will co- operate in the conduct of any audit or inspection, reasonably necessary to demonstrate JSC GLOBAL ACCOUNTING SERVICES's compliance with the obligations laid down in this Policy, provided always that this requirement will not oblige JSC GLOBAL ACCOUNTING SERVICES to provide or permit access to information concerning: (i) Supplier internal pricing information; (ii) information relating to JSC GLOBAL ACCOUNTING SERVICES's other Clients; (iii) any of JSC GLOBAL ACCOUNTING SERVICES non-public external reports; (iv) JSC GLOBAL ACCOUNTING SERVICES confidential information, or (v) any internal reports prepared by JSC GLOBAL ACCOUNTING SERVICES's internal audit function.

The Client’s requests provided in this section 7. will be fulfilled in close co-operation with and under supervision of JSC GLOBAL ACCOUNTING SERVICES's Chief Information Security Officer, JSC GLOBAL ACCOUNTING SERVICES’s Chief Privacy Officer, or similar JSC GLOBAL ACCOUNTING SERVICES local officials.

8. Deletion or return of client personal data

JSC Global Accounting Services will, at the choice of the Client, delete or return the Personal Data at the end of the provision of the Services relating to Processing, to the extent reasonably possible and unless (i) Data Protection Laws, (ii) any law, statute, order, regulation, rule, requirement, practice and guidelines of any government, regulatory authority or self-regulating organization that applies to the Services in the country where those Services are being provided (“Applicable Law”), or (iii) competent court, supervisory or regulatory body, require the retention of such Personal Data by JSC Global Accounting Services.

9. Incident management

JSC GLOBAL ACCOUNTING SERVICES shall notify the Client without undue delay after becoming aware of a personal data breach, providing the Client with sufficient information which allows the Client to meet any obligations to report a data breach under Data Protection Laws. Upon request by the Client and at the full expense of the Client for all costs incurred by JSC GLOBAL ACCOUNTING SERVICES (including for internal resources and any third party costs), JSC GLOBAL ACCOUNTING SERVICES shall fully co-operate with the Client and take such reasonable steps as are directed by the Client to assist in the investigation, mitigation and remediation of each data breach, in order to enable the Client to (i) perform a thorough investigation into the data breach, (ii) formulate a correct response and to take suitable further steps in respect of the data breach in order to meet any requirement under the Data Protection Laws. 

10. International transfers of client personal data

In the event of international transfers of Personal Data between JSC GLOBAL ACCOUNTING SERVICES and any Subprocessor, the following shall apply (insofar relevant):

a.  The Personal Data may, at the discretion of JSC GLOBAL ACCOUNTING SERVICES, be transferred to (i) one or more of JSC GLOBAL ACCOUNTING SERVICES's Affiliates in either one or more Member States of the European Economic Area ("EEA") or Switzerland on the basis of Data Protection Laws, or to (ii) one or more of the JSC GLOBAL ACCOUNTING SERVICES's affiliates in one or more third countries on the basis of the Binding Corporate Rules, which are published on the website of JSC Global Accounting Services (https://www.JSC Global Accounting Services.com/en/legal/data-protection/). The Client or the relevant JSC GLOBAL ACCOUNTING SERVICES Affiliate shall upon request of the Client Data Subject, provide the Client Data Subject with a copy of such Binding Corporate Rules and this Policy (without any business sensitive or confidential information). Where permitted by Data Protection Laws, JSC GLOBAL ACCOUNTING SERVICES shall obtain all relevant authorizations or permits for such transfer of Personal Data based on such Binding Corporate Rules. Where Data Protection Laws do not allow JSC GLOBAL ACCOUNTING SERVICES to obtain such authorization or permit for itself, the Client shall in a timely manner issue a power of attorney to the relevant JSC GLOBAL ACCOUNTING SERVICES Affiliate to obtain such authorization or permit on behalf of the Client. Where the use of a power-of-attorney is not accepted under Data Protection Laws, the Client warrants that it has obtained all necessary authorizations or permits to allow JSC GLOBAL ACCOUNTING SERVICES to share the personal Data with JSC GLOBAL ACCOUNTING SERVICES's Affiliates in a third country.

b.  The Personal Data may (i) be transferred to one or more Subprocessors (other than JSC GLOBAL ACCOUNTING SERVICES's Affiliates) in one or more Member States of the EEA or Switzerland on the basis of Data Protection Laws pursuant to the Clients permission ex section 5 of this Policy, or (ii) to one or more such Subprocessors in one or more third countries on the basis of an exception under Data Protection Laws, or (iii) on the basis of adequate safeguards added either, insofar as allowed under Data Protection Laws, by JSC GLOBAL ACCOUNTING SERVICES to ensure the protection of the Personal Data, or by the Client, in which case JSC GLOBAL ACCOUNTING SERVICES shall cooperate with the Client to seek an adequate basis for the cross-border transfer of Personal Data to such Subprocessor. At the Client's request, JSC GLOBAL ACCOUNTING SERVICES shall inform the Client of the applicable basis for the cross-transfer of the Personal Data.

c.   Where the data protection or privacy law of any country outside the EEA or Switzerland applies to the Personal Data, the Client warrants that any cross-border transfer of Personal Data from JSC GLOBAL ACCOUNTING SERVICES to a Subprocessor shall be allowed, by implementing additional safeguards pursuant to Data Protection Laws or as otherwise permitted by Data Protection Laws.

11. Indemnification

The Client warrants that all Personal Data processed by JSC GLOBAL ACCOUNTING SERVICES on behalf of the Client has been and shall be Processed by the Client in accordance with Data Protection Laws including without limitation: (a) ensuring that all notifications to and approvals from regulators which are required by Data Protection Laws are made and maintained by the Client; and (b) ensuring that all Personal Data is Processed fairly and lawfully, is accurate and up to date and that a fair notice is provided to Client Data Subjects which described the processing to be undertaken by JSC GLOBAL ACCOUNTING SERVICES pursuant to the Services agreed upon in the Service Agreement.

By signing the Service Agreement, the Client shall indemnify and hold JSC GLOBAL ACCOUNTING SERVICES harmless against all claims, actions, third party or Supervisory Authority claims, losses, damages and  expenses arising from any breach by the Client of this Policy.

The exclusions and limitations of the liability of JSC GLOBAL ACCOUNTING SERVICES set out in the Service Agreement shall also apply to this Policy.

Prochatr