Data Protection Policy

Introduction

Global Media Systems SA is committed to protecting your personal data and respecting your privacy. This Data Protection Policy explains how we collect, use, process, and store your personal information when you use our DEEP ALARMIS platform.

This policy complies with the EU General Data Protection Regulation 2016/679 (GDPR) and relevant Luxembourg data protection laws.

Data Controller

Global Media Systems SA acts as the data controller for the DEEP ALARMIS platform. Our contact details are:

Global Media Systems SA
212, route de Thionville
L-2610 Luxembourg
Phone: +352 48 28 11
Email: gdpr@gms.lu

Data Protection Officer

We have appointed a Data Protection Officer (DPO) who is responsible for overseeing questions regarding this privacy policy. Contact details for our DPO:

Steve Ludovicy
Phone: +352 48 28 11
Email: dpo@gms.lu

Types of Personal Data We Process

When you use the DEEP ALARMIS platform, we may collect the following types of personal data:

  • email
  • mobile phone number
  • alarms sent

Purposes and Legal Basis for Processing

We process your personal data for the following purposes:

  • To provide and maintain the DEEP ALARMIS service
  • To notify you about changes to our service
  • To ensure the security of our platform
  • To respond to your inquiries and provide customer support

The legal bases for our processing of your personal data are:

  • Performance of a contract – processing necessary for the performance of a contract with you
  • Legitimate interests – processing necessary for our legitimate interests, provided these interests do not override your fundamental rights and freedoms
  • Legal obligation – processing necessary to comply with a legal obligation

Data Retention

We will retain your personal data only for as long as necessary to fulfill the purposes for which we collected it, including for the purpose of satisfying any legal, accounting, or reporting requirements.

In particular, we undertake to delete all information relating to customers in the event of inactivity for a period of 3 years from the last business relationship.

However, we may retain certain data for longer periods due to legal obligations (such as accounting and litigation requirements) in a more restricted-access database.

Data Security

We have implemented appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

  • Encryption of personal data where appropriate
  • Ensuring ongoing confidentiality, integrity, availability, and resilience of processing systems
  • Ability to restore access to personal data in a timely manner in the event of an incident
  • Regular testing and evaluation of the effectiveness of technical and organizational measures

Data Sharing and Transfers

We do not share your personal data with third parties except in the following circumstances:

  • When required by law
  • To enforce our terms of service
  • To protect our rights, privacy, safety or property

All data processing is carried out exclusively within the European Union (EU) or European Economic Area (EEA).

Your Rights

Under the GDPR, you have the following rights:

  • Right to access – You have the right to request copies of your personal data.
  • Right to rectification – You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.
  • Right to erasure – You have the right to request that we erase your personal data, under certain conditions.
  • Right to restrict processing – You have the right to request that we restrict the processing of your personal data, under certain conditions.
  • Right to data portability – You have the right to request that we transfer the data we have collected to another organization, or directly to you, under certain conditions.

If you wish to exercise any of these rights, please contact our Data Protection Officer.

Complaints

If you have a complaint about our use of your personal data, please contact our Data Protection Officer in the first instance. You also have the right to lodge a complaint with the Luxembourg data protection authority:

National Commission for Data Protection
15, Boulevard du Jazz
L-4370 Belvaux
Website: https://cnpd.public.lu

Changes to This Policy

We may update this privacy policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any material changes by posting the new policy on this page and updating the "last updated" date.

This Data Protection Policy was last updated on 04 March 2025.