GDPR Data Protection Policy
The General Data Protection Regulation (GDPR) is an EU legislative initiative aimed at giving EU people more rights and responsibility over personal data. Organizations that manage statistics on EU individuals will be required to follow data and privacy guidelines under this bylaw.
Changes to the Privacy Policy are one of the GDPR’s fundamental obligations, and EDMarkTech has approved and amended the policy to match GDPR regulations.
We also follow its primary law, which requires companies to keep EU people aware about how they collect, use, share, secure, and treat their personal data.
The General Data Protection Regulation (GDPR) is an EU legislature that objects to giving the citizens of the EU better power and authority over their data. Under this by-law, organizations that handle statistics of EU citizens will have to obey data and privacy instructions.
One of the key necessities according to the GDPR is changes to the Privacy Policy and the same has been accepted and updated by EDMarkTech to reflect GDPR requirements. We also abide by its key law i.e. to keep EU citizens informed of how industries gather, use, share, protect and process their personal data.
In order to firmly and fully comply with GDPR, we make sure that we adhere to the concept of transparency, which calls for all forms of information to be accurate, readily available when needed, simple to read, and expressed in plain, intelligible language. Additionally, pictures and drawings should be included to make the information clearer and easier to grasp. Additionally, this information must to be made accessible at reliable and convenient sources.
It is necessary for EDMarkTech to gather and use specific personal data about people.
These may include vendors, clients, workers, clients, business contracts, and other persons the organisation works with or would need to get in touch with.
The GDPR policy outlines how this personal data must be gathered, managed, and kept in accordance with the law and the company’s data protection requirements.
EDMarkTech are protected by the GDPR policy.
- Respects good practises and the data protection regulation
- Protects the rights of the employees, clients, and colleagues
- Is transparent about how it collects, uses, and protects personal data.
- Protects itself against the risks of a data leak.
To comply with GDPR, organisations must obtain, manage, and keep personal information in accordance with the Data Protection Act of 1998.
These guidelines apply whether data is kept electronically, on paper, or on other materials.
Personal information must be gathered and utilised fairly, preserved properly, and not released unlawfully in order to comply with the law.
The GDPR statute is supported by eight key principles. According to this, personal data must:
- To be handled fairly and lawfully.
- Only obtained for certain, legal purposes
- Be satisfactory, relevant, and not excessive.
- Be accurate and adhere to the standards.
- Should not be kept for any longer than necessary.
- Shielded in accordance with the data subject’s rights.
- Protect yourself in appropriate ways.
- Should not be transferred beyond the European Economic Area (EEA) unless that nation or territory likewise provides an adequate degree of security.
The GDPR policy applies to the following locations:
- The headquarters of EDMarkTech
- All EDMarktech branches
- All workers and volunteers of EDMarkTech
- All contractors, suppliers and other persons operating on behalf of EDMarkTech
GDPR also applies to all data that a company has about recognised persons, even if that data technically falls outside of the Data Protection Act of 1998. This might include:
- Names of persons
- Residential addresses
- Email addresses
- Telephone numbers
- Together with any other information on individuals
EDMarkTech are protected by the GDPR policy from a number of very serious data security threats, such as:
- Compromises of privacy.
- For instance, the incorrect distribution of information.
failing to provide options. - For instance, everyone should have the option to decide how the company utilises the data connected to them.
- Reputational
For instance, if hackers successfully obtained access to intricate data, the business may suffer.
In especially when it comes to GDPR, everyone who works for or with EDMarkTech has some responsibility for ensuring that data is gathered, retained, and managed lawfully.
Individual data must be handled and managed in accordance with the GDPR policy and data protection principles by each team that handles it.
These individuals do, however, have important roles to play: The board of directors is ultimately in charge of making sure that EDmarkTech complies with the law.
- The Data Protection Officer is responsible for:
- Keeping the board efficient on data protection responsibilities, dangers and matters.
- Reviewing all data protection measures and related strategies, in line with an agreed timetable.
- Positioning data protection training and information for the people covered by this policy. Taking and answering data protection questions from staff and anyone else covered by this policy.
- Taking and answering data protection questions from staff and anyone else covered by this policy.
- Dealing with wishes from individuals to see what EDMarkTech holds about them [subject access requests].
- Examining and approving any contracts or agreements with third parties that may handle the company’s sensitive data.
- The IT & Data Administrator is responsible for:
- Ensuring all organizations, facilities and equipment used for storing data meet acceptable security standards.
- Performing timely checks and scans to ensure security hardware and software is functioning adequately.
- Assessing any third-party services the company is considering using to store or process data. For instance, cloud computing services.
- The Marketing Personnel is responsible for:
- Approving any data protection declarations connected to communications such as communications and letters.
- Addressing any data protection questions from press or media outlets like newspapers.
- Where critical, working with other staff to make sure marketing initiatives stick by data protection principles.
The only people able to access data enclosed by this policy should be those who need it for their work.
- Data should not be shared amongst people informally.
- When access to private information is required, employees can demand it from their line managers.
- EDMarkTech will provide training to all workers to help them understand their errands when taking data.
- Employees should keep all data safe, by taking sensible protection and following the guidelines below.
- In particular, strong passwords must be used and they should never be made public.
- Personal data should not be disclosed to unlawful people, either within the company or externally.
- Data should be regularly studied and reorganized if it is found to be out of date. If no longer obligatory, it should be erased and disposed of.
- Employees should appeal for help from their line manager or the data protection officer if they are not sure about any feature of data protection.
These rules symbolize how and where data should be safely kept and are also laid down as per GDPR. Queries about storing data safely can be directed to the IT manager or data controller.
When data is stored on paper, it should be kept in a protected place where illegal people cannot see it.
These rules also apply to information that is usually kept electronically but has been published for some reason:
- When not required, the paper or files should be kept in a protected drawer or filing cupboard.
- Workers should make sure paper and printouts are not left where unofficial people could see them, like on a printer.
- Data copies should be shredded and disposed of firmly when no longer required.
When data is stored automatically, it must be protected from unlawful access, accidental removal and malicious hacking attempts: - Data should be sheltered by strong passwords that are changed frequently and never shared among workers.
- If data is kept on detachable media (like a CD or DVD), these should be kept locked away safely when not being used.
- Data should only be stored on selected drives and servers, and should only be uploaded to support cloud computing services.
- Servers containing individual data should be sited in a secure site, away from general office spaces.
- Data should be backed up regularly. Those backups should be tested frequently, in line with the company’s standard backup procedures.
- Data should never be saved straight to laptops or other mobile devices like tablets, iPad or smartphones.
- All servers and systems containing data should be protected by permitted security software and a firewall.
EDMarkTech don’t value privately owned information unless the company can utilise it. However, it is when private data is improved and utilized that it can be at the utmost risk of damage, exploitation or stealing:
- When working with personal data, employees should make sure that the screens of their computers are always protected when left unattended.
- Private data should not be shared informally. In particular, it should never be sent by email, as this form of messages is not secure.
- Data must be encoded before being shifted electronically. The IT manager can demonstrate how to send data to official external contacts.
- Private data should never be moved outside of the European Economic Area.
- Employees should not save duplicates of personal data to their own systems. Continuously access and keep up-to-date the main copy of any information.
The law requires EDMarkTech to take rational steps to ensure data is kept correct and up to date when it comes to GDPR.
The more significant it is that the personal data is accurate, the greater the effort EDMarkTech should put into safeguarding its accuracy.
It is the responsibility of all employees who work with data to take judicious steps to safeguard it is kept as accurate and up to date as possible.
- Data will be held in a few places as needed. Staff should not create any pointless additional data sets.
- Workers should take every chance to make sure that the data is updated. For instance, by authorizing a customer’s details when they call.
- EDMarkTech will make it easy for data subjects to update the data EDMarkTech holds about them. For instance, via the company website [www.edmarktech.com]
- Data should be reorganized as inaccuracies are discovered. For instance, if a customer can no longer be reached on their stored telephone number, it should be eliminated from the database.
- It is the marketing manager’s duty to ensure marketing databases are checked against company-suppression files every six months.
All individuals who are the subject of individual data held by EDMarkTech are entitled to:
- Ask what evidence the company holds about them and why.
- Ask how to gain admission to it.
- Be knowledgeable about how to keep it up to date.
- Be knowledgeable about how the company is meeting its data protection responsibilities.
If any person contacts the company requesting for this information, this is called a subject access request.
Subject access requests from individuals should be made by email, addressed to the data controller at info@edmarktech.com the data supervisor can supply a standard request form, although other persons do not have to use this. Entities will be charged £10 per topic access request. The data controller will aim to deliver the relevant data within 14 days.
The data controller will always confirm the individuality of anyone making a subject access request before passing over any information.
In certain conditions, GDPR allows personal data to be disclosed to law enforcement agencies without the agreement of the data subject.
Under these circumstances, EDMarkTech will disclose demanded data. However, the data controller will ensure the request is genuine, seeking assistance from the board and from the company’s legal guide where essential.
The Interlocutors aims to ensure that persons are conscious that their data is being handled and that they understand:
- How the data is being used
- How to exercise their privileges
To these ends, the company has a confidentiality statement, setting out how data connecting to individuals is used by the company.
The Data Protection Officer at EDMarkTech is accountable for assisting the business with internal compliance and also notifies and advises the company about its data protection obligations provides important references regarding any Data Protection Impact Assessments and acts as a go-to person for data subjects and the Information Commission Office (ICO).
EDMarkTech privacy policy document is structured for use in relation websites which gather and processes various kinds of private information. Our sole purpose here is to help website operators meet their requirements under the GDPR norms.
The GDPR policy covers, amongst other things, the following matters:
- Several groups of personal information that has been composed and stored by the website;
- information about cookies used by the site;
- facts of how private information is used;
- certification of the legal bases for dispensation personal data;
- details of precise situations in which personal data may be disclosed to third parties;
- information about the transmission of personal data; and
- information about data holding guidelines.
Those on EDMarkTech website and all its clients are requested to kindly read the notes related with the privacy policy very judiciously. In relation to cookies, our privacy policy also states that the users’ agreement is required to take and store cookies.
If you or any of your industries deal with EDMarkTech, we make sure you have all the below-mentioned rights in accordance with GDPR:
- The right of Admittance: When it comes to EDMarkTech, every client or member has the right to obtain information from us concerning whether or not personal data is being used, along with where and how the utilization is happening, making sure people have the right to appeal and get access to their personal data.
- Right to Alteration: Clients have the right to attain from us the alteration of imprecise personal data and also the right to provide extra personal data to complete any partially-provided private data.
- Right to Removal: In certain cases, clients have the right to get from us the elimination of their personal data, for whatsoever reason.
- Right to Constraint of Usage: Clients definitely have the right to obtain from us limit of data use and processing that is appropriate for a certain period and/or for crucial situations.
- Right to Portability of Data: Clients have the right to obtain from us in a prepared format their personal data and also have the right to convey such personal data to another organizer.
- Right to Object: In certain cases, clients have the right to object to the dispensation of their personal data, including with regards to profiling. They also have the right to object any further processing of any private data, such as data that has been gathered for direct marketing means.
- Right to Individual Decision-Making: As per GDPR, clients have the right to not be subject to a choice based solely on automatic processing.
- Right to Filing Complaints: One also has complete rights to file grievances with the official data protection authority on the processing of any of their personal data.
- Right to Compensation of Damages: In case there is any breach applicable legislation on the processing of personal data, one also has the right to claim recompenses from us for any costs such breach may be caused.
Get a full stack solution for all of your B2B requirements.
Bypass the burden of finding high-quality prospects and sales appointments, instead let us help you grow the success of your business.