2. Who we are
3. Personal data we may collect about you
5. How we use your personal data
6. Disclosure of personal data
7. International transfers
8. Personal data security
9. Your data protection rights
10. Changes to this privacy notice
11. Contact details
ANNEX A: CATEGORIES OF PERSONAL DATA PROCESSED AND RECORDS RETENTION SCHEDULE
ANNEX B: PURPOSE & LEGAL BASIS OF PROCESSING
1.1 This website is owned by Les Gaz Industriels Ltd (hereafter “LGI”, “we”, “us”, and “our”) and is operated and maintained by OXO Agency.
1.2 This notice applies where we are acting as a data controller with respect to the personal data of our website visitors, customer, suppliers, shareholders, directors, physical site visitors and potential job candidates that we process.
1.3 We are committed to protecting your personal data. As a result, we would like to inform you regarding the way we would use your personal data, as is required by the European Union General Data Protection Regulation (hereafter the “GDPR”) where applicable and the Data Protection Act 2017 (hereafter the “DPA”).We recommend you read this Privacy Notice so that you understand our approach towards the use of your personal data.
1.4 Our Privacy Notice sets out the types of personal data we collect, how we collect and process that data, who we may share this information with and the rights you have in this respect.
1.5 By using our website, you acknowledge that you have read and understood the terms of this Privacy Notice.
2.1 Les Gaz Industriels Limited (LGI), founded in 1952 in Mauritius, manufactures, sells, and distributes medical and industrial gases in bulk and cylinders, as well as welding products.
2.2 We are registered in Mauritius under registration number 2128306.
2.3 Our principal place of business is at Bell Village, Pailles Road, GRNW
2.4 LGI is registered with the Data Protection Office and appears on the Data Protection Office Register as a controller of personal data and this registration is valid for a period of 3 years. The Registration Number of LGI is C44.
2.5 Our principal place of business is at Bell Village, Pailles Road, GRNW.
3.1 Personal data is any data from which you can be identified, and which relates to you. It includes (but is not limited to) your name, email address, date of birth, national identification number, bank details, CV, qualifications and sensitive personal data.
3.2 The type of data we collect will depend on the purpose for which it is collected and used. We will only collect data that we need for that purpose.
3.3 We may collect your personal data in the following ways:
(a) When you give it to us directly for e.g., for using our products and services, you participate in our marketing campaigns, correspond with us and provide us with your information via email, via the Contact Us form on our website or via WhatsApp, you act as or in the representation of LGI’s corporate shareholder and/or director, when you apply for a job at LGI or you visit our premises.
(b) When we obtain it indirectly such as through social media platforms and when information is shared with us by third parties. In the latter case, the third party must confirm that you have consented to the disclosure of your personal data to us.
(c) When it is publicly available. For example, on your website or other online sources (i.e., information relating to your contact details).(d) When you browse and/or interact on our website.
3.4 The types of personal data that we may collect and process are detailed in Annex A.
5.1 LGI will only use your personal data for the purposes for which it was collected or agreed with you. We will not use your personal data for any automated individual decision-making which will have a significant impact on you.
5.2 We have set out below the legal basis of processing for each purpose. All purposes of processing and their legal basis are detailed in Annex B.
5.3 In addition to any specific purposes for which we may process your personal data, we may also process any of your personal data where such processing is necessary for compliance with legal and regulatory requirements which apply to us, or when it is otherwise allowed by law, or when it is in connection with legal proceedings.
6.1 We may need to share your personal data with third parties which assist us in fulfilling our responsibilities regarding our business relationship with you and for the purposes listed above. LGI may disclose your personal data to the following third parties:
a) We may also make certain personal data available to third-party service providers and agents who provide services to us (such as our cloud service providers and, marketing companies). When we share with these third parties, we do so on a need-to-know basis and under clear contractual terms and instructions for the processing of your personal data. These include:
• Microsoft for Microsoft Office apps, cloud storage, email and communications;• Oxo Agency as our Marketing service providers; and• Sage, which provides us with our accounting software necessary for conducting our financial reporting.
b) We may also be required to disclose your personal data to other third parties such as lawyers, bankers, consultants, insurers, auditors as well as public and government authorities for purposes mentioned in Section 5 or where:
• We have a duty or a right to disclose in terms of law or for national security and/or law enforcement purposes;• We believe it is necessary to protect our rights;• We need to protect the rights, property, or personal safety of any member of the public or a customer of our company or the interests of our company; or• You have given your consent.
6.2 We require our service providers and other third parties to keep your personal data confidential and that they only use the personal data in furtherance of the specific purpose for which it was disclosed We intend to have written agreements in place with our processors to ensure that they comply with these privacy terms.
7.1 We may transfer personal data outside Mauritius as may be necessary for the purposes mentioned above. LGI uses the services of a cross-border recipients, Microsoft Azure, to store our back up data and archives. Microsoft is an EU GDPR complaint company and has all the appropriate security measures in place to protect your personal data.
7.2 If you would like further details on the transfer of your personal data outside Mauritius, please contact our Data Protection Officer by referring to Section 11.
8.1 We are legally obliged to provide adequate protection for the personal data we hold. We have put in place appropriate security measures to prevent your personal data from being subject to any accidental or unlawful destruction, loss, alteration, and any unauthorised disclosure or access.
8.2 We have also put in place procedures to deal with any suspected data security breach and will notify you and the Data Protection Office of a suspected breach where we are legally required to do so.
8.3 We will, on an ongoing basis, continue to review our security controls and related processes to ensure that your personal data is secure.
8.4 Our security policies and procedures cover:
• Access to personal data• Encryption• Computer and network security• Backup of data• Incident management• Use and misuse of IT assets• Physical security• Protection of physical records
8.5 When we contract with third parties, we impose appropriate security, privacy and confidentiality obligations on them to ensure that the personal data that we remain responsible for is kept secure.
8.6 We will ensure that anyone to whom we pass your personal data agrees to treat your data with the same level of protection as we are obliged to.
Under the GDPR and the DPA, you have rights we need to make you aware of. The rights available to you depend on our reason for processing your information.
9.1 Your right of access to your personal dataYou have the right to request a copy of the personal data we hold about you. You will not have to pay a fee to access your personal data (or to exercise any of your other rights). However, we may charge a reasonable fee if your request is unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
9.2 Your right to rectification of your personal dataYou have the right to ask us to update or correct your personal data if you think it is inaccurate or incomplete. We will take all reasonable steps to confirm your identity before making changes to the personal data we may hold about you.
9.3 Your right to erasure of your personal data
You have the right to ask us to delete your personal data in certain circumstances:
• When we no longer need your personal data;• If you initially consented to the use of your personal data, but have now withdrawn your consent;• If you have objected to us using your personal data, and your interests outweigh ours;• If we have collected or used your personal data unlawfully; and• If we have a legal obligation to erase your data.Where we collect personal data for a specific purpose, we will not keep it for longer than is necessary to fulfil that purpose, unless we have to keep it for legitimate business or legal reasons. Upon the determined expiry date, we will securely destroy your personal data. Retention periods are indicated in Annex A.
9.4 Your right to restriction of processing
Subject to exceptions, you have the right to ask us to limit how we use your data. If necessary, you may also stop us from deleting your data.
9.5 Your right to object to processing
Subject to exceptions provided under GDPR and DPA, you also have the right to object to us processing your personal data for example for direct marketing purposes.
9.6 Your right to data portability
The right to data portability allows you to ask for transfer of your personal data from one organisation to another, or to you. The right only applies if we are processing information based on your consent or performance of a contract with you, and the processing is automated.
9.7 Your right to withdraw consent
To the extent that the legal basis for our processing of your personal information is consent, you have the right to withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing before the withdrawal.To obtain more information on your rights under the DPA and GDPR and/or to exercise the privacy rights available to you, please contact our Data Protection Officer (refer to Section 11).
We may update this notice from time to time to reflect best practices in data management, security and control and to ensure compliance with any changes or amendments made to the DPA and any laws or regulations thereof. The latest version will be available of this Privacy Notice on our website.
11.1 The primary point of contact for questions relating to this privacy notice, including any requests to exercise your legal rights, is our Data Protection Officer who can be contacted:
(a) by post, to Pailles Road, GRNW, Mauritius ;
(b) by telephone, on 2128306
(c) by email, at [email protected]
11.2 If you believe we have not handled your request in an appropriate manner, you have the right to complain to the Data Protection Office.
As a general rule, the maximum retention period is  years.
The table below sets the different types of personal data being processed by LGI and their retention period:
3. Website User
Occupation or profession, CV and employment history, nature of ownership or control and related financial information (share purchases, dividend entitlements and payments, shareholder options), date on which you became a beneficial owner, or you ceased to be a beneficial owner of LGI.
Votes, exercise conditions, shareholder agreement, electronic signature
A copy of information processed for organising annual and special meetings (and reported in minutes)
Information required to fill in KYC forms, credit history, source of funds/wealth, and information received from anti-fraud databases (where applicable)
5. Physical site visitors
In case you visit our office premises:
CCTV footage, visitors’ logbook, vehicle registration number
6. Job Candidate
Certificate of character containing information about criminal convictions/ allegations and offences (only for vetting purposes, where permissible and in accordance with applicable law)
Data concerning your health.
Data concerning your race and ethnic origins.
The table below sets out the legal basis for processing for each purpose.
Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your personal data. To have more information on the purpose and legal basis for processing your personal data, you may contact our Data Protection Officer (refer to section 11 above).
For the purposes of offering, supplying and selling relevant goods and/or services to you, sale and pre-sale purposes as well as for portfolio follow-up
· Performance of a contract between you and us and/or taking steps, at your request, to enter into such a contract
· Legitimate interests, namely the proper administration of services.
For the purposes of conduct market or customer satisfaction research, for statistical analysis, or for analysing the effectiveness of our advertisements, competitions and promotions.
For analysing the use of our website and services
Legitimate interests, namely the proper administration of our website and business
· Legitimate interests namely for proper administration of our business and communication with users.
To manage your shareholder interest in LGI and our relationship with you, including:
– for screening and due-diligence obligations,
– to allow you to exercise your rights and powers as per your functions,
– to make dividend payments,
– to communicate with you, and
to produce and maintain shareholder records, reports, and other statements.
· Performance of a contract between the shareholder and us
· For compliance with a legal obligation to which we are subject to, for instance under the Companies Act 2001
· Legitimate interests of LGI to conduct its business effectively.
As required for the recruitment process at LGI:
· for communicating with you,
· to analyse your qualifications and references,
· to conduct candidate screening and assess candidate credibility
· to set out your job conditions,
· to know whether there are previous criminal convictions recorded against you,
· to assess whether you are medically fit for duty, and
· to cater for special accommodations in case you provide us with additional data about your health condition
· Consent for collecting past employment references and for performing psychometric test.
· The processing is necessary to fulfil a contract or to take steps at your request, before entering into a contract, namely your contract of employment.
· For our legitimate interests, namely for the proper administration of our business and to ensure appropriate job candidates are being recruited.
· The processing is necessary for the assessment of the working capacity of an employee.
Copyright 2023 – All rights reserved
Click on the links below to download the Technical Sheets