Legislative and Regulatory Framework:
NGBS is committed to processing personal data in a responsible, fair and transparent manner, in accordance with Moroccan Law No. 09-08 on the protection of individuals with regard to the processing of personal data, as well as the General Data Protection Regulation (GDPR) where applicable.
Core Principles:
NGBS applies the following principles when processing personal data:
- Purpose limitation: data is collected for specified, explicit and legitimate purposes.
- Minimization: only data necessary for the defined purposes is collected.
- Confidentiality: access to personal data is limited to authorized persons.
- Security: data is protected through appropriate technical and organizational measures.
- Transparency: data subjects are informed about the processing of their data and their rights.
- Limited retention: data is retained only for as long as necessary for the relevant purposes or applicable obligations.
Data Subjects’ Rights:
In accordance with applicable regulations, data subjects may exercise their rights of access, rectification, objection and, where applicable, erasure or restriction of processing.
Requests may be sent to: dpo@ngbsgroup.com
Security and Confidentiality:
NGBS implements appropriate security measures to protect personal data against unauthorized access, loss, alteration, disclosure or unlawful use. These measures include access limitation, staff awareness, confidentiality of processed information and traceability of actions where applicable.
Incident and Data Breach Management:
In the event of an incident that may affect the confidentiality, integrity or availability of personal data, NGBS assesses the incident, implements the necessary measures and, where required by applicable regulations, notifies the competent authorities and/or affected data subjects within the required timeframe.