GDPR is a privacy and data protection law that regulates how European Union residents' data is protected by companies and enhances the control the European Union residents have over their data shared over any platform.
The GDPR is relevant to any globally operating company which may be accessible to the European Businesses or Citizens of the European Union directly or indirectly. The customers’ data shared on our platform is important irrespective of where the customer is based out of, which is why as a responsible platform, we have implemented GDPR controls as our baseline standard for all our operations across the Globe. GDPR has taken effect from 25th May 2018.
Any data that relates to an identifiable or identified individual, which may include but is not limited to Name, Age, Date of Birth, E-mail ID etc.
GDPR covers a broad spectrum of information that could be used on its own, or in combination with other pieces of information, to identify a person. Personal data extends beyond a person’s name or email address. Additionally, it shall also include financial information, political opinions, genetic data, biometric data, IP addresses, physical address, sexual orientation, and ethnicity.
The Company has ensured that the platform shall be GDPR compliant as well as protect its user’s through the platform.
As a responsible platform, we have constituted an Information Asset Register (IAR), which holds all details including but not limited to all the persona information or such other financial information shared across by you on our platform, which we will be treating it as an asset. The Register shall also provide details on various categories of personal data processed while you are using the platform and which shall be accessible by the Company or any particular department and the purpose for which the data has been made accessible. It has comprehensive coverage of all our processes and procedures. We have also appointed a Data Protection Officer (DPO).
As a platform serving a wide range of clients across the globe, we will be conducting Data Protection Impact Assessments (DPIA) promptly post the incorporation of the platform. Based on the results we achieve, we have put in place appropriate controls on data processing and management on a timely basis. We as a platform will be conducting internal audits of our products, processes, operations, and management to identify the problems and work on the solutions.
Based on the DPIAs and internal audits, we will thoroughly look into and work on our data security methods and processes over time as and when required.