GDPR Compliance Policy
Introduction
KF Consulting s.r.o. and it's subsidiary Exero Social, are committed to protecting the privacy and data rights of individuals. This policy outlines how we comply with the General Data Protection Regulation (GDPR) and the measures we take to ensure the protection of personal data.
1. Data Protection Principles
KF Consulting s.r.o. adheres to the following data protection principles:
1. Lawfulness, Fairness, and Transparency: We process personal data lawfully, fairly, and in a transparent manner.
2. Purpose Limitation: We collect personal data for specified, explicit, and legitimate purposes and do not process it in a manner that is incompatible with those purposes.
3. Data Minimization: We ensure that personal data is adequate, relevant, and limited to what is necessary in relation to the purposes for which it is processed.
4. Accuracy: We take reasonable steps to ensure personal data is accurate and, where necessary, kept up to date.
5. Storage Limitation: We retain personal data only for as long as necessary for the purposes for which it is processed.
6. Integrity and Confidentiality: We process personal data in a manner that ensures its security, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical or organizational measures.
7. Accountability: We take responsibility for complying with the GDPR and can demonstrate our compliance through appropriate measures and documentation.
2. Data Subject Rights
KF Consulting s.r.o. respects and upholds the rights of data subjects, including:
1. Right to be Informed: Individuals have the right to be informed about the collection and use of their personal data.
2. Right of Access: Individuals have the right to access their personal data and obtain information about how it is being processed.
3. Right to Rectification: Individuals have the right to have inaccurate personal data rectified or completed if it is incomplete.
4. Right to Erasure: Individuals have the right to request the deletion or removal of their personal data in certain circumstances.
5. Right to Restrict Processing: Individuals have the right to request the restriction or suppression of their personal data in certain circumstances.
6. Right to Data Portability: Individuals have the right to obtain and reuse their personal data for their own purposes across different services.
7. Right to Object: Individuals have the right to object to the processing of their personal data in certain circumstances.
8. Rights Related to Automated Decision-Making and Profiling: Individuals have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning them or similarly significantly affects them.
3. Data Collection and Use
KF Consulting s.r.o. collects and uses personal data for the following purposes:
1. Providing Services: To provide and improve our social media intelligence services.
2. Communication: To communicate with clients, users, and other stakeholders.
3. Marketing: To send marketing communications, where permitted by law.
4. Compliance: To comply with legal obligations and regulatory requirements.
5. Security: To ensure the security of our systems, prevent fraud, and protect our business interests.
4. Data Security
KF Consulting s.r.o. implements appropriate technical and organizational measures to ensure the security of personal data, including:
1. Encryption: Using encryption to protect personal data during transmission and storage.
2. Access Controls: Restricting access to personal data to authorized personnel only.
3. Data Anonymization: Anonymizing or pseudonymizing personal data where possible.
4. Regular Audits: Conducting regular audits and assessments of our data protection practices.
5. Incident Response: Having procedures in place to respond to data breaches and other security incidents.
5. Data Transfers
KF Consulting s.r.o. ensures that any transfer of personal data to third countries or international organizations complies with the GDPR and is subject to appropriate safeguards.
6. Third-Party Processors
KF Consulting s.r.o. uses third-party processors to process personal data on our behalf. We ensure that these processors comply with GDPR requirements and enter into data processing agreements with them.
7. Data Protection Officer (DPO)
KF Consulting s.r.o. has appointed a Data Protection Officer (DPO) to oversee our GDPR compliance efforts and act as a point of contact for data subjects and supervisory authorities.
8. Training and Awareness
KF Consulting s.r.o. provides regular training and awareness programs for employees to ensure they understand their data protection responsibilities and our GDPR obligations.
9. Policy Review
This policy is reviewed regularly and updated as necessary to ensure ongoing compliance with the GDPR and other relevant data protection laws.
Contact Information
If you have any questions or concerns about this policy or our data protection practices, please contact our Data Protection Officer at:
Data Protection Officer KF Consulting s.r.o. zc.gnitlusnocfk%40rpd
Updated: 01 January 2023