Effective Date: August 9, 2024
Last Reviewed: August 9, 2024
Next Review Date: August 9, 2025
Version: 1.0
Purpose
The purpose of this Data Protection Policy is to ensure that Syma R&M Solution Kft.. complies with all applicable data protection laws and regulations, including the General Data Protection Regulation (GDPR) and the UK Data Protection Act 2018. This policy outlines the principles and practices we follow to protect the personal data of our customers, employees, and other stakeholders.
Scope
This policy applies to all employees, contractors, and third-party service providers of Syma R&M Solution Kft.. who have access to or process personal data. It covers all personal data processed by the organization, including data related to customers, employees, contractors, and business partners.
Definitions
- Personal Data: Any information relating to an identified or identifiable natural person. This includes, but is not limited to, names, addresses, email addresses, identification numbers, and financial information.
- Data Subject: The individual to whom the personal data relates.
- Data Controller: The entity that determines the purposes and means of processing personal data.
- Data Processor: The entity that processes personal data on behalf of the Data Controller.
- Processing: Any operation or set of operations performed on personal data, such as collection, storage, use, transfer, or deletion.
- GDPR: General Data Protection Regulation, a legal framework that sets guidelines for the collection and processing of personal information from individuals who live in the European Union (EU).
- Policy Statement
Syma R&M Solution Kft. is committed to safeguarding the privacy and security of personal data. We process personal data in a manner that ensures its confidentiality, integrity, and availability, in compliance with applicable data protection laws.
Data Protection Principles
Syma R&M Solution Kft. adheres to the following data protection principles:
- Lawfulness, Fairness, and Transparency: Personal data will be processed lawfully, fairly, and in a transparent manner in relation to the data subject.
- Purpose Limitation: Personal data will be collected for specified, explicit, and legitimate purposes and not further processed in a manner that is incompatible with those purposes.
- Data Minimization: Personal data collected will be adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed.
- Accuracy: Personal data will be accurate and, where necessary, kept up to date. Inaccurate data will be corrected or deleted without delay.
- Storage Limitation: Personal data will be kept in a form that permits identification of data subjects for no longer than is necessary for the purposes for which the personal data is processed.
- Integrity and Confidentiality: Personal data will be processed in a manner that ensures appropriate security, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical or organizational measures.
- Data Subject Rights
Data subjects have the following rights regarding their personal data:
- Right to Access: Data subjects have the right to access their personal data and obtain information about how it is being processed.
- Right to Rectification: Data subjects have the right to request the correction of inaccurate personal data.
- Right to Erasure: Data subjects have the right to request the deletion of their personal data in certain circumstances.
- Right to Restriction of Processing: Data subjects have the right to request the restriction of processing of their personal data in certain circumstances.
- Right to Data Portability: Data subjects have the right to receive their personal data in a structured, commonly used, and machine-readable format and to transfer it to another data controller.
- Right to Object: Data subjects have the right to object to the processing of their personal data in certain circumstances.
- Data Security
Syma R&M Solution Kft. implements appropriate technical and organizational measures to protect personal data against unauthorized access, loss, or misuse. These measures include:
- Access Controls: Limiting access to personal data to authorized personnel only.
- Encryption: Encrypting personal data both in transit and at rest.
- Regular Audits: Conducting regular security audits and vulnerability assessments.
- Incident Response: Implementing an incident response plan to handle data breaches or other security incidents.
- Data Processing Agreements
Syma R&M Solution Kft. will enter into Data Processing Agreements (DPAs) with all third-party service providers who process personal data on our behalf. These agreements will ensure that data processors comply with applicable data protection laws and follow the same standards of data protection as Syma R&M Solution Kft..
Data Breach Notification
In the event of a data breach, Syma R&M Solution Kft.. will follow the procedures outlined in our Data Breach Response Plan. We will notify the relevant supervisory authority and affected data subjects without undue delay if the breach is likely to result in a high risk to their rights and freedoms.
Training and Awareness
All employees and contractors of Syma R&M Solution Kft.. who have access to personal data will receive regular training on data protection principles and practices. Training will cover topics such as data subject rights, data security, and the importance of compliance with data protection laws.
Policy Review
This policy will be reviewed annually or more frequently if necessary to ensure its effectiveness and compliance with applicable laws and regulations.
Compliance
Non-compliance with this policy may result in disciplinary action, up to and including termination of employment or contracts.
Contact Information
For any questions or concerns regarding this policy, please contact:
Syma R&M Solution Kft.
Email: support@syma-creators.com
Phone: +44 7488 813802