For Quest Group, the protection of personal data of natural persons is of paramount importance. For this reason, Quest Group fully complies with the regulatory framework for the protection of personal data, ensuring on a permanent basis that a high level of compliance be maintained.
To this end, we have established a business framework in Quest Group, which, on the basis of our timeless legacy– that is the Group’s dominant values that put people and social progress first– adopts and integrates in its daily operation the processing of personal data fully complying with the principles of lawful processing as defined in the General Data Protection Regulation and in the National Legislation.
Thus, in the context of the Group's business activity, we process personal data only when we have a legitimate reason, respecting the principles of fair and transparent processing in respect of the natural persons; and respecting the principles of purpose limitation, data minimization, accuracy and storage limitation.
Furthermore, the Group, in line with the principles of integrity and confidentiality of personal data, and security of processing thereof, shall apply appropriate technical and organizational measures to ensure their appropriate security protecting, inter alia, personal data against unauthorized or unlawful processing and against accidental loss, destruction or damage. Complying with and respecting the principle of accountability is of paramount importance as regards the Group's operations involving processing of personal data.
In this context, Quest Group has adopted the following Policies and Procedures into which the regulatory requirements for the protection of personal data have been incorporated, and which are updated in order to reflect the adjustments that take place at regulatory level and are applied overall by all companies of the Group.
In Particular, Quest Group applies the following Policies: