General Data Protection Regulation (GDPR) was introduced following concerns by the public over how their private data is used. With the internet becoming a more prominent marketplace for business transactions, the previous Data Protection Directive had become obsolete. GDPR is designed to ensure protection for personal data and privacy of citizens making transactions within the EU, personal data exported to outside of the EU, and how information is collected, stored and transferred by new business entities.
The Strivenn Group of Entities (“we”, or “us” or “our”) are committed to ensuring the security and protection of the personal information that we process, and to provide a compliant and consistent approach to data protection. We maintain a consistent level of data protection and security across our organization and are fully compliant with the GDPR as of May 25, 2018.
We undertake industry standard level data protection measures. Accountability and governance measures are in place to ensure that we understand and adequately disseminate and evidence our obligations and responsibilities; with a dedicated focus on privacy by design and the rights of individuals.
We take the privacy and security of individuals and their personal information very seriously and take reasonable industry measures and precautions to protect and secure the personal data that we process. We have robust information security policies and procedures in place to protect personal information from unauthorized access, alteration, disclosure or destruction and have several layers of security measures, including but not limited to: password/encryption policies, authentication measures, SSL and access restrictions and controls.
Our breach procedures ensure that we have safeguards and measures in place to identify, assess, investigate and report any personal data breach at the earliest possible time.
We carry out strict due diligence checks with all recipients of personal data to assess and verify that they have appropriate safeguards in place to protect the information, ensure enforceable data subject rights and have effective legal remedies for data subjects where applicable.
Our users have a right to know what information about them we hold and have a right to request erasure of personal data (where applicable). Further, users have a right to seek legal remedy from us and made aware of who to contact for such action.
We have consent mechanisms for obtaining personal data, ensuring that individuals understand what they are providing, why and how we use it and giving clear, defined ways to consent to us processing their information.
If you have any questions relating to this General Data Protection Regulation Statement, please contact us at [email protected]