Like most businesses, we collect, store and process personal data such as names, e-mail addresses, CVs for job candidates, etc. At S[&]T, we value and respect everyone's privacy — that of our staff, our clients, our visitors and everyone else we come in contact with. We take extensive steps to ensure that we only collect and store the data that we really need, and no longer than necessary. Of course, we use modern IT methods to protect the data that we hold in our possession.

On May 25, 2018 the General Data Protection Regulation (GDPR) went into effect across Europe. The GDPR has very detailed requirements on how companies interact with personal data. This page is meant to inform you thoroughly and transparently about our personal data processing, and also to comply with the GDPR requirements.

Exercising your data rights

Under the GDPR, if S[&]T has data about you, then you have a lot of rights to decide how we deal with this data. To help you exercise your rights, and to help us respond quickly and completely, we have created the following web forms to facilitate your rights requests:

• Data Access Request- when you want to know which digital data we have about you, and when you want to receive a copy of this digital data.

• Data Removal Request - when you want us delete (some or all) data we have about you

• Data Correction Request - when data we have about you is incorrect and you want us to correct it

• Data Transfer Request - when you want us to transfer your digital data to another organization

• Objection to Data Processing - when you want us to stop collecting, storing and processing your data

When you apply to exercise your data rights, we need to establish your identity to prevent your data from falling into the wrong hands. In the web forms, we ask you to supply proof of ID and proof of address. More information on how to provide this and what we do with this data is provided on the Proof of identity page.