GDPR Compliance
General Data Protection Regulation - Your Privacy Matters
What is GDPR?
The General Data Protection Regulation (GDPR) is a comprehensive data protection law that came into effect on May 25, 2018, across all European Union (EU) member states. GDPR strengthens and unifies data protection for individuals within the EU and addresses the export of personal data outside the EU.
GDPR gives individuals greater control over their personal data and imposes strict rules on organizations that collect, process, and store personal information. It applies to all companies processing the personal data of EU residents, regardless of the company's location.
PixelDMP's GDPR Commitment
At PixelDMP, we take data protection and privacy seriously. We are fully committed to GDPR compliance and have implemented comprehensive measures to ensure the security and privacy of all personal data we process.
Our Commitment: We process personal data lawfully, fairly, and transparently. We only collect data that is necessary for our services and ensure it is used solely for the purposes for which it was collected.
Your Rights Under GDPR
As a data subject, you have the following rights under GDPR:
1. Right to Access
You have the right to obtain confirmation as to whether or not personal data concerning you is being processed, and access to that personal data along with certain information about how it is being used.
2. Right to Rectification
You have the right to have inaccurate personal data corrected and incomplete personal data completed.
3. Right to Erasure ("Right to be Forgotten")
You have the right to request the deletion of your personal data when it is no longer necessary for the purposes for which it was collected, or when you withdraw your consent.
4. Right to Restrict Processing
You have the right to request the restriction of processing of your personal data in certain circumstances, such as when you contest the accuracy of the data.
5. Right to Data Portability
You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another controller.
6. Right to Object
You have the right to object to processing of your personal data for direct marketing purposes or when processing is based on legitimate interests.
7. Rights Related to Automated Decision Making
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
How We Protect Your Data
Technical Measures
- Encryption: All data in transit is encrypted using industry-standard TLS/SSL protocols
- Access Controls: Strict access controls ensure only authorized personnel can access personal data
- Data Minimization: We only collect and process data that is necessary for our services
- Regular Security Audits: We conduct regular security assessments and vulnerability testing
- Secure Infrastructure: Our infrastructure is hosted on secure, compliant cloud platforms
Organizational Measures
- Privacy by Design: Data protection is considered at every stage of our product development
- Staff Training: All employees receive regular training on data protection and GDPR compliance
- Data Protection Officer: We have designated personnel responsible for data protection
- Incident Response: We have procedures in place to detect, report, and investigate data breaches
- Third-Party Audits: We regularly audit our third-party service providers for compliance
Data Processing and Legal Basis
We process personal data based on the following legal bases under GDPR:
- Consent: When you have given clear consent for us to process your personal data
- Contract Performance: When processing is necessary for the performance of a contract
- Legal Obligation: When we are required to process data to comply with legal obligations
- Legitimate Interests: When processing is necessary for our legitimate business interests, provided these do not override your rights and freedoms
Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by law. When data is no longer needed, we securely delete or anonymize it in accordance with our data retention policies.
International Data Transfers
When we transfer personal data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as:
- Standard Contractual Clauses approved by the European Commission
- Adequacy decisions by the European Commission
- Other legally recognized transfer mechanisms
Data Breach Notification
In the event of a data breach that poses a risk to your rights and freedoms, we will:
- Notify the relevant supervisory authority within 72 hours of becoming aware of the breach
- Inform affected individuals without undue delay if the breach is likely to result in a high risk to their rights
- Provide clear information about the nature of the breach and recommended protective measures
Exercising Your Rights
To exercise any of your GDPR rights, please contact us at:
Email: privacy@pixeldmp.com
Subject Line: GDPR Request - [Your Request Type]
We will respond to your request within one month. If your request is complex or we receive multiple requests, we may extend this period by an additional two months, and we will inform you of this extension.
Updates to This Policy
We may update this GDPR information page from time to time to reflect changes in our practices or legal requirements. We encourage you to review this page periodically. The "Last Updated" date at the bottom of this page indicates when the information was last revised.
Contact Us
If you have any questions, concerns, or requests regarding GDPR compliance or our data protection practices, please don't hesitate to contact us:
PixelDMP Data Protection
Email: privacy@pixeldmp.com
General Inquiries: dpo@pixeldmp.com