This page sets out how Nodrakor.me complies with the General Data Protection Regulation (GDPR).
What is GDPR?
The GDPR is a regulation in EU law on data protection and privacy for all individuals within the European Union (EU) and the European Economic Area (EEA). It came into effect on May 25, 2018, and it applies to all organizations that collect and process personal data of EU residents, regardless of where the organization is located.
Our GDPR Principles
At Nodrakor.me, we take our GDPR obligations seriously. We have implemented the following principles to ensure we comply with the regulation:
- Lawfulness, fairness, and transparency: We only collect personal data that is necessary for our legitimate business purposes and we are transparent about what we do with that data.
- Purpose limitation: We only collect personal data for specified, explicit, and legitimate purposes and we do not process that data in any way that is incompatible with those purposes.
- Data minimization: We only collect personal data that is necessary for our purposes and we do not keep that data for any longer than is necessary.
- Accuracy: We take reasonable steps to ensure that personal data we collect is accurate and up-to-date.
- Storage limitation: We do not keep personal data for any longer than is necessary for our purposes.
- Integrity and confidentiality: We take appropriate technical and organizational measures to ensure the security of personal data and to protect against unauthorized or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.
- Accountability: We maintain records of our processing activities and we are able to demonstrate compliance with GDPR.
Our Data Processing Activities
As an organization that collects and processes personal data, we have certain obligations under GDPR. These obligations include:
- Data protection officer (DPO): We have appointed a DPO who is responsible for overseeing our GDPR compliance.
- Lawful basis for processing: We only collect and process personal data when we have a lawful basis for doing so. This may include consent, legitimate interest, or contractual necessity.
- Data subjects’ rights: We respect the rights of data subjects under GDPR, including the right to access, rectify, erase, restrict processing, data portability, and object to processing.
- Data transfers: We ensure that any transfers of personal data outside of the EU/EEA are subject to appropriate safeguards.
- Data breaches: We have procedures in place to detect, report, and investigate personal data breaches.
- Data protection impact assessments (DPIAs): We conduct DPIAs when we carry out processing activities that are likely to result in a high risk to the rights and freedoms of data subjects.
Cookies and GDPR
If you have any questions about our GDPR compliance or our use of personal data, please contact us at contact US.