EU General Data Protection Regulation (GDPR)

EU General Data Protection Regulation (GDPR)

Compliance Checklist

The protection and security of your personal information is of critical importance to us. As such, all necessary policies and procedures are in place for compliance with the EU GDPR, as outlined below. Additional information can be found in our Data Protection and Privacy Policy.

Item Description IES Status
Data Protection Policy This policy explains what personal data we collect and store and how this data is protected in accordance with data protection law (including but not limited to the GDPR). Compliant
Data Processing Agreement An agreement in place between relevant data controllers and us (as the data processor). The agreement is aligned with the EU commissions Standard Contractual Clauses and states the rights and obligations of each party concerning the protection of personal data during data processing activities. Compliant
Data Protection Officer (DPO) We have an appointed DPO responsible for the maintenance and regular monitoring of data security and protection. Compliant
Data Privacy Design All data processing and management processes are designed with privacy protection as a priority and the processes are automatically applied with the release of new products and services. We have extensive technical and organizational security measures in place to protect the personal data we collect, process and store. Compliant
Data Privacy Assessment Our data processes are assessed and audited at regular intervals to prevent internal and external breaches. Compliant
Customer rights We support customers to exercise their rights in relation to their personal data. This includes requesting changes to and the erasure of, their personal data. Compliant
Data Breach Obligations In the case of a data breach, we are equipped to notify regulators and affected individuals within the stipulated time frames. Compliant

Legal Basis for processing personal data

We will only collect and process personal information where there is a legal basis for doing so under the applicable EU laws. As such, we rely on the legal basis of Article 6 of the GDPR when processing personal information, specifically Article 6(1)(a), (b) and (f). This includes that we process your personal information to provide you with the products you have requested, where you have given us your consent to do so for specific purposes or to satisfy a legitimate interest that is not overridden by your data protection interests or rights.

If you have any questions or requests related to data privacy and your personal information, please contact us on