GDPR

General Data Protection Regulation (GDPR)

Introduction

The General Data Protection Regulation (GDPR) is a regulation in European Union (EU) law that aims to protect the personal data and privacy of EU citizens. It sets guidelines for the collection, processing, and storage of personal data by businesses and organizations.

Your Rights under GDPR

  • Right to Access: You have the right to request access to the personal data that we hold about you.
  • Right to Rectification: If you believe that the personal data we hold about you is inaccurate or incomplete, you have the right to request its correction or completion.
  • Right to Erasure: Also known as the "Right to be Forgotten," you have the right to request the deletion or removal of your personal data when there is no compelling reason for us to continue processing it.
  • Right to Restrict Processing: You can request the restriction or suppression of your personal data under certain circumstances.
  • Right to Data Portability: You have the right to obtain and reuse your personal data for your own purposes across different services.
  • Right to Object: You can object to the processing of your personal data for direct marketing purposes or based on legitimate interests.
  • Right to Lodge a Complaint: If you believe that your data protection rights have been violated, you have the right to lodge a complaint with a supervisory authority.

Data Protection Officer

We have appointed a Data Protection Officer (DPO) to oversee our data protection activities and ensure compliance with GDPR. If you have any questions or concerns regarding the processing of your personal data, you can contact our DPO at [DPO email address].

Lawful Basis for Processing

We will only process your personal data if we have a lawful basis for doing so. This may include your consent, the necessity of processing for the performance of a contract, compliance with a legal obligation, protection of vital interests, the performance of a task carried out in the public interest or in the exercise of official authority, or legitimate interests pursued by us or a third party.

Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours after becoming aware of the breach, unless the breach is unlikely to result in a risk to your rights and freedoms.

Retention of Personal Data

We will retain your personal data for as long as necessary to fulfill the purposes for which it was collected, unless a longer retention period is required or permitted by law.

Updating Our GDPR Policy

We may update this GDPR policy from time to time to reflect changes in our data processing practices or legal obligations. We encourage you to periodically review this page for the latest information.

Post a Comment