- 08 May 2023
- 2 Minutes to read
GDPR Compliance Statement
- Updated on 08 May 2023
- 2 Minutes to read
What is GDPR?
GDPR is a comprehensive data protection law that came into effect on May 25, 2018, designed to strengthen the rights of individuals and regulate the processing of personal data within the European Union (EU) and European Economic Area (EEA).
Axiad's Commitment to GDPR
As an organization committed to protecting the privacy and data rights of our customers and users, we at Axiad adhere to the requirements of the General Data Protection Regulation (GDPR).
We recognize the importance of data privacy and is committed to ensuring the lawful and transparent collection, use, and protection of personal data. We have implemented robust data protection practices and procedures to comply with GDPR.
Lawful Basis for Data Processing
We ensure that we have a lawful basis for processing personal data, as defined by GDPR. We only process personal data when we have a legitimate reason to do so, such as with the consent of the data subject, to fulfill a contract, to comply with legal obligations, or to pursue legitimate interests.
Transparency and Consent
We provide clear and concise information about how personal data is collected, used, and shared, including the purpose and legal basis for processing. We obtain explicit consent from data subjects when required by GDPR and provide mechanisms for individuals to withdraw their consent at any time.
Data Subject Rights
We respect the rights of data subjects as granted under GDPR, including the right to access, rectify, erase, restrict processing, object to processing, and data portability. We have processes in place to respond to data subject requests in a timely and compliant manner.
Data Minimization and Security
We collect and process only the personal data that is necessary for the purposes for which it is collected. We implement appropriate technical and organizational measures to ensure the security, confidentiality, and integrity of personal data, and to protect against unauthorized access, loss, destruction, or alteration of data.
We ensure that any transfers of personal data to countries outside the EU/EEA comply with GDPR requirements for lawful data transfers, such as through the use of appropriate safeguards, such as Standard Contractual Clauses or Binding Corporate Rules.
Data Breach Notifications
We have procedures in place to detect, investigate, and report any data breaches in accordance with GDPR requirements. We notify the appropriate supervisory authorities and affected data subjects without undue delay, as required by law.
Data Protection by Design and Default
We integrate data protection principles into our business processes, systems, and services from the outset, and ensure that privacy and data protection are considered by default.