GDPR Compliance

This website is not intended for children (individuals under 21 years old) and we do not knowingly collect data relating to children.

Quest Global Holdings and any of its dependent and fully-controlled affiliates and subsidiaries are strongly committed towards international compliance with data protection laws.  Ensuring data protection is the foundation of trustworthy business relationships and is the cornerstone of Quest Global Holdings reputation. The success of our business depends on our ability to maintain the trust of our clients. We would like to inform you about the type of information we gather, what we do with it and how you can correct or modify the information you entrust us with.

I. Scope

This Policy applies to Quest Global Holdings and its employees and extends to all processing of personal data, relating to an identified or identifiable person. Anonymized or pseudonymized data is not subject to this Policy.

II. National Laws

This Policy comprises the accepted international and European data privacy principles without replacing existing national laws. It supplements national data privacy laws in each jurisdiction where Quest Global Holdings operates. The relevant national law will take precedence in the event of a conflict with this Policy or where it has stricter requirements. The Policy must also be observed in the absence of corresponding national legislation.

III. Principles for Processing

All processing carried out by Quest Global Holdings or its employees shall be carried out in accordance with the principles enshrined in the GDPR, is the following:

  1. Fairness and lawfulness
  2. Limited to the purpose of collection (Purpose Limitation)
  3. Transparency
  4. Data minimization
  5. Storage Limitation & Deletion
  6. Factual accuracy
  7. Confidentiality and integrity of Personal Data
  8. Accountability

IV. Data processing

Processing personal data is permitted only under the following legal bases. One of these legal bases is also required if the purpose of processing personal data is to be changed from the original purpose.

  1. The processing connected to contractual relationships:
    • Personal data of the clients can be processed to establish, execute or terminate a contract.
  2. Data processing for advertising purposes:
    • Personal data can be processed for advertising purposes or market and opinion research, provided that this is consistent with the purpose for which the data was originally collected. Providing data for this purpose is voluntary and data subjects have an absolute right to object to such processing.
  3. Consent to data processing:
    • Data processing pursuant to legal authorization
  4. Data processing pursuant to legitimate interests:
    • Before data is processed on this basis, it is necessary to determine whether there are any data subject interests that merit protection and whether these override Quest Global Holdings legitimate interests.
  5. Processing of sensitive data:
    • Sensitive personal data can be processed only if the law authorizes it or the data subject has given explicit consent.
  6. User data and internet:
    • Data subjects are informed of all personal data collected, processed and used on websites or in software or where user profiles (tracking) are created. Such may only be effected if permitted by law or with data subject consent.

V. Use of cookies

Quest Global Holdings uses cookies to collect information for record-keeping, the comfort of use and website improvement and optimization.

VI. Disclosure of Data

Quest Global Holdings employees, directors, officers, and representatives treat personal data as confidential and may not pass on or use any such data without valid legal grounds; as indicated under Section IV.

VII. Transmission of Personal Data

Transmission of personal data to recipients by Quest Global Holdings, both internally or externally, is subject to the authorization requirements and pursuant to defined purposes. Personal data transmitted to a recipient outside the EEA must be subject to protection at least equivalent to that sought by the GDPR. Intragroup transfers of personal data to third countries are subject to the GDPR and the standards set forth therein.

VIII. Data Subject Rights

Every data subject has the following rights in relation to the processing of their personal data:

  1. Right of Access
  2. Right of Rectification
  3. Right to Data Portability
  4. Right to Erasure
  5. Right to Restrict Processing
  6. Right to Object to Processing

IX. Security Measures

Personal data is safeguarded from unauthorized access and unlawful processing or disclosure, as well as accidental loss, modification or destruction; through state-of-the-art technical and organizational measures. These are adjusted and updated continuously in tandem with technical developments and organizational changes. Additionally, data protection audits and other controls are carried out on a regular basis.

X. Data Protection Officer (the “DPO”)

Data subjects may contact the Quest Global Holdings Data Protection Officer (the “DPO”) at info@questglobal-holdings.com regarding any queries relating to issues of data protection, to exercise any of their rights indicated under Section VIII or to request a copy of the full Quest Global Holdings Data Protection Policy.