1. Introduction

Sourcing & Co is committed to protecting the privacy and security of personal data that we collect, process, and store. This Data Protection and Privacy Policy outlines our commitment to safeguarding personal information, complying with data protection laws and regulations, and upholding the privacy rights of individuals.

​

2. Scope

This policy applies to all personal data collected, processed, and stored by Sourcing & Co in the course of our business operations, including data from our customers, suppliers, partners, employees, and other stakeholders.

​

3. Data Protection Principles

Sourcing & Co adheres to the following data protection principles:

​

a. Lawfulness, fairness, and transparency: We process personal data lawfully, fairly, and transparently, providing clear information about our data processing activities.

b. Purpose limitation: We collect personal data for specified, explicit, and legitimate purposes and do not process it in a manner incompatible with those purposes.

c. Data minimization: We collect only the personal data necessary for the specified purposes and avoid collecting excessive or irrelevant information.

d. Accuracy: We take reasonable steps to ensure that personal data is accurate and, where necessary, kept up to date.

e. Storage limitation: We retain personal data for no longer than necessary to fulfill the purposes for which it was collected or as required by law.

f. Integrity and confidentiality: We implement appropriate technical and organizational measures to protect personal data against unauthorized access, disclosure, alteration, or destruction.

​

4. Individual Rights

Sourcing & Co respects the rights of individuals under data protection laws, including the right to access, correct, delete, restrict, or object to the processing of their personal data, and the right to data portability. We provide mechanisms for individuals to exercise their rights and respond to their requests in a timely manner, as required by law.

​

5. Data Security

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, disclosure, alteration, or destruction. These measures include physical and digital security, access controls, encryption, and regular security assessments.

​

6. Data Breaches

In the event of a data breach, Sourcing & Co will promptly investigate the incident, notify affected individuals and relevant authorities as required by law, and take appropriate steps to mitigate the impact of the breach and prevent its recurrence.

​

7. Data Transfers

Sourcing & Co ensures that personal data transferred to third parties or across international borders is adequately protected, in compliance with applicable data protection laws and regulations.

​

8. Policy Updates and Compliance

We regularly review and update our Data Protection and Privacy Policy to ensure ongoing compliance with applicable laws, regulations, and industry best practices. We provide training and raise awareness among our employees to promote compliance with this policy and data protection laws.

​

This Data Protection and Privacy Policy is a reflection of Sourcing & Co's commitment to protecting personal data and upholding the privacy rights of individuals. All employees, suppliers, and partners are expected to adhere to the principles outlined in this policy and to conduct themselves in a manner consistent with these principles at all times.