GDPR Compliance

General Data Protection Regulation

This page outlines our commitment to protecting the personal data of individuals within the European Economic Area in accordance with the General Data Protection Regulation.

Legal Basis for Processing

We process personal data under the following legal bases:

• Consent: When you provide explicit consent for specific processing activities
• Contract Performance: To fulfill our contractual obligations when providing services
• Legitimate Interests: For business operations that do not override your rights and freedoms
• Legal Obligations: To comply with applicable laws and regulations

Your Rights Under GDPR

As a data subject, you have the following rights:

Right to Access

You have the right to obtain confirmation about whether we process your personal data and to access that data.

Right to Rectification

You can request correction of inaccurate or incomplete personal data we hold about you.

Right to Erasure

You may request deletion of your personal data under certain circumstances, including when the data is no longer necessary for the purposes for which it was collected.

Right to Restrict Processing

You can request that we limit the processing of your personal data in specific situations.

Right to Data Portability

You have the right to receive your personal data in a structured, commonly used format and to transmit it to another controller.

Right to Object

You may object to processing of your personal data based on legitimate interests or for direct marketing purposes.

Right to Withdraw Consent

Where processing is based on consent, you have the right to withdraw that consent at any time.

Right to Lodge a Complaint

You have the right to lodge a complaint with your local data protection authority if you believe your rights have been violated.

Data Protection Officer

For questions regarding GDPR compliance or to exercise your rights, you may contact our data protection representative:

Email: [email protected]

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including:

• Active client relationships and ongoing projects
• Legal, accounting, or reporting requirements
• Dispute resolution and enforcement of agreements

When personal data is no longer required, we securely delete or anonymize it.

International Data Transfers

When transferring personal data outside the European Economic Area, we ensure appropriate safeguards are in place, such as:

• Standard contractual clauses approved by the European Commission
• Adequacy decisions regarding the destination country
• Other legally recognized transfer mechanisms

Automated Decision-Making

We do not engage in automated decision-making or profiling that produces legal effects or similarly significant effects on individuals.

Data Security Measures

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit and at rest
• Access controls and authentication procedures
• Regular security assessments and updates
• Employee training on data protection practices

Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach. We will also notify affected individuals without undue delay when the breach is likely to result in a high risk to their rights.

Exercising Your Rights

To exercise any of your GDPR rights, please submit a request to:

Email: [email protected]
Subject: GDPR Rights Request

We will respond to your request within one month. In complex cases, this period may be extended by an additional two months, and we will inform you of any such extension.

Updates to GDPR Information

We may update this GDPR information to reflect changes in our practices or legal requirements. Material changes will be communicated through our website.