GDPR Policy
At thetechangel.com, we take the privacy and protection of personal data seriously. We are committed to complying with the requirements set forth by the General Data Protection Regulation (GDPR) to ensure that the personal data of individuals is processed lawfully, transparently, and securely.
Data Collection and Purpose
- Consent: We will obtain explicit consent before collecting and processing their data. Permission will be requested for specific purposes and will be documented and stored securely.
- Lawful Basis: We will process personal data only when there is a lawful basis, such as fulfilling contractual obligations, legal compliance, protecting vital interests, performing a task in the public interest, or obtaining consent.
- Purpose Limitation: Personal data will be collected and processed for specified and legitimate purposes. We will communicate the purpose of data collection to individuals and ensure that it aligns with our business activities.
Data Minimization and Accuracy
- Data Minimization: We will only collect and retain personal data necessary for the intended purpose. We will avoid collecting excessive or irrelevant information.
- Data Accuracy: We will take reasonable steps to ensure that the data we hold on you, or you a business, is accurate, complete, and up-to-date. Clients will have the right to rectify or update their data if inaccuracies are identified.
Data Security
- Security Measures: We will implement appropriate technical and organizational measures to protect personal data from unauthorized access, loss, destruction, alteration, or disclosure. These measures will be regularly reviewed and updated.
- Confidentiality: We will ensure that all employees and third parties involved in data processing are bound by confidentiality obligations and understand the importance of maintaining data security.
Data Subject Rights
- Access and Portability: Individuals have the right to access their personal data and request a copy of it in a structured, commonly used, and machine-readable format.
- Rectification and Erasure: Individuals have the right to request the rectification of inaccurate data and the erasure of their data under certain circumstances.
- Objection and Restriction: Individuals have the right to object to the processing of their data and request restrictions on its processing, subject to applicable legal requirements.
Data Transfers and Third-Party Processors
- Transfers: If personal data is transferred outside of Great Britain, we will ensure that appropriate safeguards are in place to protect the data following the GDPR.
- Third-Party Processors: When engaging third-party processors, we will carefully assess their data protection practices and ensure that appropriate contractual arrangements are in place to safeguard personal data.
Data Breach Notification
- a. Reporting: In case of a breach that risks clients’ data, we will promptly assess and report the violation to the relevant supervisor and affected individuals, as required by the GDPR.
Data Protection Officer
- Designation: We have appointed a Data Protection Officer (DPO) responsible for overseeing GDPR compliance and serving as a point of contact for data protection matters.
- Contact Information: Clients can contact the DPO at thetechangel.com for any concerns, inquiries, or requests about personal data and data protection.
This GDPR policy outlines our commitment to protecting personal data and complying with the GDPR. It will be reviewed periodically to ensure ongoing legal and regulatory requirements compliance.
If you have any questions or concerns regarding our GDPR policy, please contact us with our Data Protection Officer.
Thank you for entrusting us with your data.