Customer portal

Privacy Policy

These websites, www.7-steel.com, www.7-steelnordic.com and www.7-steeluk.com (hereinafter as “the websites”) are operated by Sev.en Global Investments a.s., ID number: 07905114, registered office at: V celnici 1031/4, Nové Město, 110 00 Prague 1, Czech Republic, incorporated in section B, insert 24217 of the Commercial Register kept by Municipal Court in Prague (hereinafter as the “Sev.en Global Investments a.s.”), Sev.en Steel Nordic AS, ID number: 834 948 222, registered office at: Vitaminveien 5B, 0485 Oslo, Norway (hereinafter as the “Sev.en Steel Nordic AS”) and Sev.en Steel UK Ltd, ID number: 16308046, registered office at: 30 Crown Place, Earl Street, London, United Kingdom, EC2A 4ES (hereinafter as the “Sev.en Steel UK Ltd”).  

Personal data processing in the company Sev.en Global Investments a.s., Sev.en Steel Nordic AS and Sev.en Steel UK Ltd (hereinafter as “the companies”).

It is a top priority for the companies to create, document, apply, and maintain a system for managing natural persons’ personal data to satisfy the requirements for the confidentiality of such personal data at a high level of quality, while protecting such persons’ interests, rights and freedoms.

All personal data processing activities are carried out in line with the corporate social responsibility based on mutual economic and social benefits while respecting change management, which the companies regard as an ongoing commitment.

The companies declare that they process personal data in compliance with the EU’s law, in particular Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and with other generally applicable regulations as a long-term process where its efficiency and personal involvement have to be improved continuously.

The companies provide resources for ensuring a high standard of personal data protection and create conditions for continuous improvement.

The companies hereby declare the following commitments for pursuing the above strategic decisions and declarations regarding personal data protection:

  • Perform the requirements of the personal data protection legislation at a high standard.
  • Create, document and apply a system for managing personal data protection, leveraging the group’s existing experience.
  • Systematically apply and promote a responsible approach to natural persons’ personal data.
  • Base the corporate culture on three key areas: communication, process management, and infrastructure.
  • Ensure and continuously raise the standard of personal data protection and of the professional competence of the group’s employees for personal data processing.
  • Store personal data solely for the necessary period in accordance with the relevant legislation.
  • Maintain and promote relationships with eligible personal data controllers based on a clear specification of the purposes and means of processing and high requirements for the quality and prospects of cooperation.
  • Comply with the following standards for personal data processing at all times:
    • lawfulness, fairness and transparency;
    • purpose limitations;
    • data minimization;
    • accuracy;
    • storage limitation;
    • integrity and confidentiality; and
    • accountability.
  • Taking into account the nature, scope, context and purposes of personal data processing as well as the risks of varying likelihood and severity for the rights and freedoms of natural persons, implement appropriate and adequate technical and organizational measures to ensure and to be able to demonstrate that processing is performed in accordance with the applicable legislation at all times.
  • Within the companies, promote the awareness of the gravity and importance of understanding and fully accepting the requirements of the system for managing personal data protection, which is being created and applied at stages.
  • Develop the above-outlined principles of personal data protection into specific and measurable targets of personal data protection, with specified responsibility and dates for meeting them.
  • Review the system for personal data protection in the companies on set dates with a view to its continuous improvement and updating and to ensuring the resources required for its maintenance.

The company’s customers and employees have the following rights, without limitation:

  • The right to obtain confirmation as to whether their personal data are being processed, and, where that is the case, then:
  • The right of access to information on the purposes of processing, the categories of personal data concerned, the recipients or categories of recipient, the period for which the personal data will be stored, information as to their source, information on the existence of automated decision-making, including profiling, and information and safeguards concerning the transfers of personal data to third countries or international organizations;
  • The right to file a complaint with the competent supervisory authority (listed below);
  • The right to obtain copies of the personal data undergoing processing;
  • The right to rectification in case the company is processing outdated or inaccurate personal data (such as Have you changed your address of residence? Please inform us.); the company will rectify the personal data;
  • The right of deletion. In some cases set out in the law, the company is obliged to erase personal data at the data subject’s request. However, each of such requests is subject to individual evaluation, and the company may have an obligation or legitimate interest to continue processing the personal data;
  • The right to withdraw consent to personal data processing at any time;
  • The right to restriction of processing in accordance with the relevant legislation;
  • The right to personal data portability in accordance with the relevant legislation;
  • The right to object to personal data processing in accordance with the relevant legislation.

Additional key information about the conditions and circumstances of personal data processing in the companies:

At all times, the personal data controller is such company, to which the personal data have been provided as part of mutual communication or which has received the data from the data subject to fulfil the relevant purpose. 

The companies process solely the personal data that are necessary for the provision of the relevant services as part of their business or other contacts. These include, without limitation, the identification and contact data of the data subject concerned. 

The purpose and the legal basis for processing obtained personal data depend on the nature of the mutual relationship at all times. The purposes of personal data processing include, without limitation, mutual communication with customers and trade partners, exercise of the rights and performance of the obligations under the relevant contractual relationships, the proper performance of accounting and tax duties, keeping records of business contracts, and the performance of other obligations arising for the companies from generally applicable legislation. 

All personal data obtained by any of the companies will be only stored for as long as the personal data are necessary. The criteria applied to determine the period of personal data storage depend on the nature of the relationship between the company concerned and the data subject concerned. In general, we store data for one calendar year from the moment when the purpose for their processing ceased to exist. However, in a number of cases the period for storing the relevant personal data is laid down directly in the legislation (including, without limitation, tax regulations, labour regulations, archiving and destruction rules, etc.). Personal data that are undergoing processing on the basis of the data subject’s consent are stored for the period for which the data subject validly gave such consent.

Contact information:

All rights related to personal data protection and processing and any questions and comments can be exercised and raised: 

  • electronically at notices@7gi.com;
  • in writing to the Sev.en Global Investments a.s. mailing address at V Celnici 1031/4, 110 00 Praha 1;
  • in writing to the Sev.en Steel UK Ltd mailing address at 30 Crown Place, Earl Street, London, United Kingdom, EC2A 4ES;
  • in writing to the Sev.en Steel Nordic AS mailing address at Vitaminveien 5B, 0485 Oslo, Norway.

The companies will provide their opinion and, if applicable, information about the measures adopted as soon as possible but within one month at the latest. The companies may extend this period by two further months where necessary, taking into account the complexity and number of the requests. The companies will inform the data subject of any such extension, together with the reasons, without undue delay.

Suggestions and complaints in respect of personal data protection can also be lodged with the competent supervisory authority:

  • Czech Republic: the Office for Personal Data Protection, having its registered office at Pplk. Sochora 27, 170 00 Praha 7, tel. +420 234 665 111, uoou.cz

     

  • UK: the Information Commissioner’s Office, having its registered office at Wycliffe House Water Lane Wilmslow Cheshire SK9 5AF, tel. + 44 0303 123 1113, ico.org.uk

     

Norway: Datatilsynet, having its registered office at P.O. Box 458 Sentrum
NO-0105 Oslo, www.datatilsynet.no