Skip to main content

New 2025 H-1B visa fees are here. EOR offers a simpler, cost-effective alternative > Read more about EOR

Contact us
To purple loops on a dark purple background

Safeguard GDPR Specifications

Contact Person Data Specifications

Effective Date: October 2025

This page outlines the data protection specifications applicable to the personal data of contact persons and representatives exchanged between the parties pursuant to the Master Services Agreement (MSA).

1. Scope and Role of the Parties

Each party (Safeguard Global and the Client) acts as an independent data controller with respect to the personal data of contact persons or representatives it processes under the MSA.

This specification covers contact person data exchanged in connection with the negotiation, conclusion, and performance of the MSA, including communications, contract management, and general business correspondence.

2. Categories of Personal Data

The following categories of personal data may be processed:

  • Full name
  • Job title/role
  • Business contact details (e.g., email address, phone number)
  • Office address/location
  • Company or department
  • Internal reference numbers or user identifiers (where applicable)

3. Purposes and Legal Basis for Processing

Personal data is processed for the following purposes:

  • Contract negotiation, execution, and administration
  • Day-to-day communication and coordination
  • Internal business operations and record-keeping
  • Compliance with legal obligations

The legal basis for processing under the GDPR/UK GDPR includes:

  • Performance of a contract (Article 6(1)(b))
  • Legitimate interests (Article 6(1)(f)), including the efficient administration of the business relationship and service delivery

4. Cross-Border Transfers

Where contact person data is transferred across borders (e.g., between the EEA, UK, or other jurisdictions), such transfers are subject to appropriate safeguards.

Transfers from the EEA or UK are governed by the EU Standard Contractual Clauses (SCCs) – Module 1 (Controller to Controller), and the UK International Data Transfer Addendum, as incorporated by reference in the MSA.

5. Retention of Personal Data

Contact person data is retained in accordance with Safeguard Global’s retention policies and schedules, taking into account:

  • Legal and regulatory requirements
  • Business needs
  • Internal data governance and information security practices

Retention periods may vary by jurisdiction and context but are limited to what is necessary for the purposes described above.

6. Data Subject Rights

Individuals whose data is processed under this specification have rights under the GDPR/UK GDPR, which may include:

  • Right of access
  • Right to rectification
  • Right to erasure
  • Right to restrict or object to processing
  • Right to data portability
  • Right to lodge a complaint with a supervisory authority

For more information about how Safeguard Global handles personal data and supports data subject rights, please refer to our HR Data Privacy Policy.

Questions

If you have any questions or require further clarification, please email privacy@safeguardglobal.com.