GDPR
Protecting Your Privacy: Our Commitment to GDPR Compliance
At Assuza Incorporation, we prioritize the protection of personal data and adhere to the requirements set forth in the General Data Protection Regulation (GDPR). This policy outlines our commitment to collecting, using, and safeguarding personal data in compliance with GDPR standards.
Data Controller and Data Protection Officer:
Assuza Incorporation acts as the data controller responsible for the collection and processing of personal data. Our designated Data Protection Officer (DPO), reachable at dpo@assuza.com, oversees our GDPR compliance efforts, including ensuring adherence to GDPR principles and addressing data protection inquiries.
Types of Data Collected:
We collect and process personal data, including but not limited to names, email addresses, phone numbers, and payment information, in accordance with GDPR guidelines. We may also collect non-personal information such as IP addresses and device data as necessary for our business operations.
Legal Basis for Processing Data:
Our data processing activities are conducted lawfully and transparently, based on lawful grounds such as consent, contractual obligations, or legitimate interests. We ensure that the data collected is relevant, accurate, and utilized only for specified purposes.
Data Subject Rights:
Under GDPR, data subjects have rights including access, rectification, erasure, restriction, and objection to the processing of their personal data. Assuza Incorporation respects these rights and facilitates their exercise through our DPO.
Data Security Measures:
We implement robust technical and organizational measures to protect personal data from unauthorized access, disclosure, alteration, or destruction. Our security measures include encryption, access controls, and regular security assessments.
Data Breach Notification:
In the event of a personal data breach, we promptly notify affected individuals and relevant authorities in compliance with GDPR requirements. We maintain incident response procedures to mitigate the impact of breaches and prevent recurrences.
Data Processing Agreements with Third-Party Providers:
Assuza Incorporation enters into Data Processing Agreements (DPAs) with third-party providers to ensure GDPR compliance and data protection standards are maintained throughout our partnerships.
International Data Transfers:
Any international data transfers outside the European Economic Area are conducted with appropriate safeguards, such as Standard Contractual Clauses, to uphold GDPR requirements.
Retention of Personal Data:
We retain personal data only for the duration necessary to fulfill business purposes and comply with legal obligations. Upon fulfillment of these purposes, we securely delete or anonymize personal data.
Complaints and Dispute Resolution:
Data subjects may address complaints or disputes regarding personal data processing to our DPO, who will investigate and respond accordingly. We are committed to resolving such matters fairly and efficiently.
Changes to the GDPR Compliance Policy:
Assuza Incorporation may update this policy periodically, with notifications provided to affected parties. Continued use of our services signifies acceptance of policy revisions.
For inquiries or concerns regarding our GDPR compliance practices, please contact us at info@assuza.com.