GDPR

Last updated on 26 November 2024

1. Introduction

Ohsome Agency ("we," "us," or "our") is committed to protecting the privacy and security of your personal data. This GDPR Compliance Policy outlines how we comply with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

2. Data Processing Principles

We process your personal data in accordance with the following principles:

• Lawfulness, fairness, and transparency: We process your personal data lawfully, fairly, and in a transparent manner.
• Purpose limitation: We collect and process your personal data for specified, explicit, and legitimate purposes.
• Data minimization: We collect and process only the personal data necessary for the specific purpose.
• Accuracy: We take reasonable steps to ensure that your personal data is accurate and up-to-date.
• Storage limitation: We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected.
• Integrity and confidentiality: We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, use, disclosure, alteration, or destruction.

3. Data Subject Rights

As a data subject, you have the following rights:

• Right of access: You have the right to obtain confirmation as to whether or not personal data concerning you is being processed, and, where that is the case, access to the personal data and certain other information.
• Right to rectification: You have the right to obtain rectification of inaccurate or incomplete personal data.
• Right to erasure: You have the right to erasure of your personal data under certain circumstances.
• Right to restriction of processing: You have the right to restrict the processing of your personal data under certain circumstances.
• Right to data portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format and transmit it to another controller.
• Right to object: You have the right to object to the processing of your personal data under certain circumstances.
• Right to lodge a complaint: You have the right to lodge a complaint with a supervisory authority.

4. Data Transfers

We may transfer your personal data to countries outside the European Economic Area (EEA). When we transfer your personal data to countries outside the EEA, we ensure that appropriate safeguards are in place to protect your personal data.

5. Security Measures

We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, use, disclosure, alteration, or destruction. These measures include:

• Encryption of data
• Secure access controls
• Regular security audits
• Employee training on data protection

6. Data Breach Notification

In the event of a data breach, we will notify the relevant supervisory authority and affected individuals, as required by law.

7. Contact Us

If you have any questions or concerns about this GDPR Compliance Policy or your personal data, please contact us at legal@beohsome.co.za.