Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors
  • English
    • Albanian

Privacy Policy TÜV AUSTRIA in Albania

Your privacy is important to us.

Please take a moment to read this Privacy Policy (hereinafter “Policy”) and be informed on the way, the company “TÜV AUSTRIA Hellas (DEGA SHQIPËRI)”, based in Rr. Ibrahim Rugova Leskova Bldg. Kati 7-të, Zyra 30, Kutia postare: 1019, Tirana, Albania, tel. +355 4 4500523, email: info@tuv.al  (hereinafter referred to as ” TÜV AUSTRIA in Albania” or “we” or “us”), as Data Controller, collects, stores, uses and generally processes the personal data you submit during your visit, use of the website (www.tuv.al) or upon conclusion and performance of a contract with us.

1. A few words about TÜV AUSTRIA in Albania. (Who we are?)

TÜV AUSTRIA in Albania is an independent organization providing integrated control, training, inspection and certification services for safety, quality, environment, and resource management. Its service portfolio focuses on serving the needs of customers to benefit the quality and competitiveness of products, services, and their human resources. The clientele of the company includes companies from all sectors of the economy such as agri-food, tourism, industry, the sector of elevators and lifting equipment, energy, construction, etc. At the same time, it focuses on the educational part, through its educational center, which is recognized as a level II Lifelong Learning Center.

2. Who can you contact for privacy questions or concerns?

If you have questions or comments about this Privacy Notice or how we handle personal data, please direct your correspondence to:

  • email:  info@tuv.al (in attention to whom it may concern)
  • letter: Rr. Ibrahim Rugova Leskova Bldg. Kati 7-të, Zyra 30, Kutia postare: 1019, Tirana, Albania, (addressed to whom it may concern).

We aim to respond within 30 days from the date we receive privacy-related communications.

We will acknowledge your email within 14 days and seek to resolve your concern within 1 (one) month of receipt. Where the concern is complex or we have a large volume of concerns, we will notify you that the concern will take longer than 1 (one) month to resolve and we will seek to resolve your concern within 3 (three) months of the concern being first raised. We may accept your concern (and in that case implement one of the measures set out in the ‘Your Rights’ section below), or we may reject your concern on legitimate grounds.

In any event, you always have the right to lodge a complaint with the competent data protection state authority to report concerns you may have about our data handling practices at:

For Albania

Commissioner for Personal Data Protection of the Republic of Albania

Postal address: Rr. “Abdi Toptani”, Nd. 5, Kodi postar 1001, Tirana

E-mail: info@idp.al           

Internet: https://www.idp.al/  

For Kosovo

Information and Privacy Agency of the Republic of Kosovo

Postal address: Rruga “Luan Haradinaj” Nr. 36 10 000 Prishtine

3. Key Definitions

Data controller: A natural or legal person, public authority, agency, or any other body, which alone or jointly with others determines the purposes and means of processing of personal data, in compliance with the laws and applicable secondary legislation, responsible for the fulfilment of obligations defined by the law provisions.

Data processor: A natural or legal person, public authority, agency, or other body, which processes personal data on behalf of the data controller.

Personal data: Any information relating to an identified or identifiable natural person, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to their physical, physiological, mental, economic, cultural, or social identity.

Sensitive data: Any information related to a natural person and referring to their racial or ethnic origin, political opinions, trade union membership, religious or philosophical beliefs, criminal record, as well as with data concerning their health and sexual life.

Health data: Information related to the physical or mental health of a natural person, including the provision of health care services, which reveal information about the past, current, or future physical or mental health status.

Biometric data: Information resulting from biological features, physical, psychological, and behavioural characteristics of a natural person, which are unique and consistent, such as facial images or dactyloscopic data.

Pseudonymisation: The processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.

Data subject: Any natural person whose personal data are being processed.

4. What Data do we collect?

At TÜV AUSTRIA in Albania we try to collect only the strictly necessary Data required for the intended purpose.

Specifically, we collect:

  • Your contact details (phone, landline and mobile, email, contact address, P.C.)
  • Tax identifiers (TIN, Social Insurance Institute number, Manpower Employment Organization card)
  • Identity information (Name, Father’s name, Mother’s name, ID number, passport number)
  • Financial information (bank account information, IBAN),
  • Information related to the professional qualification (job, work experience, qualifications, professional certifications, curriculum vitae)
  • Special categories of data (dietary preferences, gender, presumption of disability)

4.1 How do we collect personal data?

Directly. We obtain personal data directly from individuals in a variety of ways, including obtaining personal data from individuals who provide us their business card, complete our online forms, subscribe to our newsletters and preference centre, register for webinars, attend meetings or events we host, visit our offices, apply for open positions at our companies or client’s organizations or provide reference for job applicants. We may also obtain personal data directly when, for example, we are establishing a business relationship, performing professional services through a contract, or through our hosted software applications.

Indirectly. We obtain personal data indirectly about individuals from a variety of sources, including recruitment services and our clients. We may attach personal data to our customer relationship management records to better understand and serve our business clients, subscribers and individuals, satisfy a legal obligation, or pursue our legitimate interests. 

  • Public sources — Personal data may be obtained from public registers (such as Commercial Register), news articles, sanctions lists, and Internet searches.
  • Social and professional networking sites — If you register or login to our websites using social media (e.g., LinkedIn, Google, Facebook, or Twitter) to authenticate your identity and connect your social media login information with us, we will collect information or content needed for the registration or login that you permitted your social media provider to share with us. That information may include your name and email address and depending on your privacy settings, additional details about you, so please review the privacy controls on the applicable service to set how much information you want shared with us.
  • Business clients — Our business clients may engage us to perform professional services which involves sharing personal data they control as part of that engagement. For example, we will review payroll data as part of an audit, and we often need to use personal data to provide certain advisory and other professional services. Our services may also include processing personal data under our clients’ control on our hosted software applications, which may be governed by different privacy terms and policies.
  • Suppliers, partners, sub-contractors — We may obtain personal data about representatives and contact persons of our suppliers, partners, sub-contractors for the purposes of execution and performance of the relevant agreement.

5. For what purpose do we process your data?

TÜV AUSTRIA in Albania collects your Data for the following processing purposes, in the context of the Agreement either between us or after your express and special consent, per provided service of the Company and for your general convenience. In particular, we use your Data for the purposes set out below:

In particular, we use your Data in order to:

  • For the conclusion of a contract, at the request of the interested party within the provided Certification / Inspection / Control / Training services
  • For the issuance of inspection, control, certification and training documents
  • For the services provided for compliance with the requirements of the rules of recognition, accreditation or inclusion in schemes by the relevant Recognition or Accreditation Bodies in Greece or abroad (as defined by the respective certification and / or training scheme) including sending data to Competent Authorities and / or other Control Bodies
  • For the issuance of service documents by TÜV AUSTRIA in Albania
  • For information on services, events, products and news of TÜV AUSTRIA in Albania as well as other companies of TÜV AUSTRIA GROUP
  • To meet our legislative, regulatory and fiscal obligations
  • To submit a CV

6. What is the legal basis for the processing of your Data by TÜV AUSTRIA in Albania?

  • Personal data may only be collected lawfully.
  • Personal data must be processed in accordance with the principle of good faith;
  • Personal data cannot be processed except for the final purpose that was determined before the collection, that is provided by law or that follows from the circumstances.
  • Data must be processed proportionately.
  • The request to inform about the processing, concretizes the principle of good faith and thus aims to make the processing more transparent

7. Who are the recipients of your Data?

The recipients of your Data are our agents and / or subcontractors, in order to support, promote and execute our business relationship. As a rule, TÜV AUSTRIA in Albania does not transmit your Data to third parties except when clearly required by the Legislation / Regulatory framework or when we act as “intermediaries”. The above transmission takes place to the extent required for the provision of our services. Such third parties may be official Supervisors / Government Bodies or/and the TÜV AUSTRIA Group, when we are required to comply with the legislation / regulations on Certification / Training Bodies or/and to prevent us and against our Customers illegal actions (eg fraud, insult, infringement of personality rights, etc.).

Also, access to your Data has the absolutely necessary staff of TÜV AUSTRIA in Albania, which is committed to maintaining confidentiality.

8. How do we ensure that our associates/ representatives/ subcontractors respect your Data?

Our associates/ representatives/ subcontractors have agreed with the Company and are contractually bound in writing:

To keep confidentiality, and bind their staff, with the respective obligations

  • not to transfer data to third parties without our written permission
  • undertake organizational and technical data security measures for the protection of Data
  • inform us of any incident relating to the breach of your Data
  • delete or/and return your Data to us, upon the termination of our contract
  • comply with the legal framework for the protection of Personal Data, in particular with the General Data Protection Regulation (GDPR).

9. Do We transfer your Data abroad?

TÜV AUSTRIA in Albania imposes contractual restrictions on its associates, which ensure that they comply with applicable national and European legislation on personal data. In the context of our services, we may need to transfer your information to other countries [basically within and outside the European Economic Area (EEA)], on the basis of EU adequacy decisions, corporate binding rules, standard contracts and approved codes of conduct.

10. For how long we retain your Data and when do we erasure them?

We keep your Data only for the time required to fulfill the purpose for which we have collected them unless a time extension is required due to our legal claims or legal obligations. In case of termination of the contract, for any reason, TÜV AUSTRIA in Albania will retain the Personal Data based on the company retention policy, according to the nature of the data and the purpose of processing, in conjunction with the current legislation for the Institutions Certification / Education, but also the general tax and other legislation and Regulatory framework, based on the respective purpose of processing.

We erase the Data collected by Cookies, in accordance with the Cookies Policy.

11. Is Your Data Safe and Secure?

Your Data is only allowed to be processed by people authorized by us, employees and associates exclusively for the purposes stated above.

We have taken all the necessary and appropriate organizational and technical measures to secure and protect your Data from any form of accidental or fraudulent processing both physically and at a reasonable security level (for example physical security procedures, classified access to data, software).

The above measures shall be reviewed and amended as necessary.

12. What are your rights?

You have the following rights:

  • Access to your Data
  • Rectification of inaccurate Data
  • Erasure / right to be forgotten
  • Data portability
  • Restriction of processing
  • Object / withdraw your consent to the processing of your Data

13. How can you exercise your rights?

You can contact by email at info@tuv.at (addressed towhom it may concern) or by post at the address of the company: TÜV AUSTRIA in Albania, Rr. Ibrahim Rugova Leskova Bldg. Kati 7-të, Zyra 30, Kutia postare: 1019, Tirana, Albania

14. Links to third party websites

The website of TÜV AUSTRIA in Albania may contain links that lead to other websites of third parties, independent bodies, such as e.g. of Accreditation Bodies, which operate exclusively by them as well as social media websites of the company. Therefore, TÜV AUSTRIA in Albania is not responsible for the content, actions or policies of these websites. We urge you to carefully read the current data protection policies on the websites you visit.

15. Do we make decisions based solely on automated processing, including profiling when processing your Data?

We do not make decisions, nor do we make profiling, based on the automated processing of your Data unless you use “Cookies” on our website www.tuv.al always under the condition of your prior information and consent.

16. Which law applies to the processing of your Data?

The principal legislation is as follows:

  • Constitution of the Republic of Albania.
  • Law no. 9887, dated 10.03.2008 “On personal data protection” (“the Law”) as amended.
  • Decision of the Parliament no. 211, dated 11.09.2008 “On the appointment of the Commissioner for the protection of personal data”.
  • Decision of the Parliament no. 225, dated 13.11.2008 “On approving of the structure, staff and classification of the working positions in the office of the Commissioner for the protection of personal data”.
  • Decision of the Commissioner for the protection of personal data no. 8, dated 31.10.2016 “On the countries with an adequate level of protection for personal data” as amended.
  • Decision of the Commissioner for the protection of personal data no. 4, dated 27.12.2012 “On exceptions to the obligation to notify the processing of personal data”.

17. Where can you go to check if your rights have been respected?

You have the right to file a complaint with the Data Protection Commissioner (“the Commissioner”) https://www.idp.al/, if you think that the processing of your Personal Data violates the current national and regulatory legal framework for the protection of personal data.

18. How will you be informed on any changes to this Policy?

We may revise or update this Privacy Policy from time to time and in any case where necessary. Any changes to this Privacy Policy will take effect upon issuance of the revised Privacy Policy. We update this Policy whenever necessary. If there are significant changes in the Policy or in the way we use your Personal Data, we will publish on our website (www.tuv.al) the update of this before the changes are made in force and we will notify you in any convenient way. We encourage you to read this Policy regularly to know how your Data is protected.

Date of last modification

08/11/2022