Personal Data Protection Policy

1. Purpose of the Policy

This policy ensures that METAL BRIDGE:

• processes personal data lawfully, fairly, and transparently,

• protects individuals’ rights and freedoms,

• implements appropriate technical and organizational security measures,

• prevents unauthorized access, loss, or misuse of personal data.

---

2. Scope

This policy applies to:

• all employees, contractors, suppliers, customers, partners, and visitors whose data the company may process,

• all METAL BRIDGE business processes and information systems that collect, store, transmit, or handle personal data.

---

3. Categories of Personal Data Collected

Depending on the nature of cooperation, METAL BRIDGE may collect:

a) Identification & Contact Information

• name, surname, role, company name,

• telephone numbers, email addresses, office addresses.

b) Business & Contractual Information

• tax identification numbers,

• business registrations,

• KYC/AML documentation,

• signatures and authorization details.

c) Financial & Transactional Data

• bank details (where required for payments),

• invoicing information,

• transaction records.

d) Website & Communication Data

• information submitted through contact forms,

• email communications,

• technical metadata required for website functionality.

Personal data of minors is not processed.

---

4. Legal Basis for Processing

METAL BRIDGE processes personal data based on:

• Contractual necessity (to enter or perform agreements),

• Legal obligations (tax, accounting, AML/KYC compliance),

• Legitimate interests (business communication, security, fraud prevention),

• Consent (where explicitly required).

---

5. Purpose of Processing

Data is processed strictly for legitimate purposes, including:

• managing commercial relationships,

• issuing contracts, invoices, and documentation,

• performing KYC/AML checks,

• providing customer support and communication,

• ensuring compliance with laws and regulations,

• logistics coordination and operational planning,

• securing IT systems and preventing fraud.

6. Data Retention

• Personal data is retained only for as long as necessary to fulfil legal, contractual, or operational obligations.

• Certain documents (invoices, contracts, compliance records) may be stored for legally required periods.

• Once no longer required, data is securely deleted or anonymized.

---

7. Data Sharing & International Transfers

Personal data may be shared with:

• banks, auditors, accountants, and legal advisors,

• logistics providers, inspection bodies, and customs authorities,

• IT service providers operating under confidentiality obligations,

• public authorities where legally required.

No data is sold to third parties.

Any international transfers are made in compliance with GDPR safeguards.

---

8. Data Security Measures

The company applies appropriate technical and organizational measures to protect data, including:

• access control and authentication,

• encryption and secure communication channels,

• periodic backups and recovery systems,

• firewalls and anti-malware protection,

• staff training and awareness programs.

Only authorized personnel have access to personal data.

---

9. Rights of Data Subjects

Individuals have the right to:

• access their personal data,

• request correction, deletion, or restriction of processing,

• object to processing based on legitimate interest,

• withdraw consent at any time (where applicable),

• request data portability,

• lodge a complaint with data protection authorities.

Requests will be addressed promptly and in accordance with legal requirements.

10. Contact for Data Protection

For any questions or requests regarding personal data, individuals may contact:

METAL BRIDGE S.M.P.C.
Email: desk@metalbridge.eu

 

METAL BRIDGE S.M.P.C. is fully committed to lawful, transparent, and secure processing of personal data, ensuring privacy, trust, and compliance in all business operations.