GDPR

GDPR, the full form, is the General Data Protection Regulation, a new updated version of the older data protective directive regulations developed in [95/46/EC] year 1995. It was upgraded to offer more detailed rights and security to data subjects.

The establishment of fresh GDPR took place on May 23, 2018, in collaboration with the European Parliament, the Council of the European Union (EU), and the European Commission as a whole.

The main aim of developing a new General Data Protection Regulation (GDPR) is to bring more attention to the protection of the subject’s database and rights within the limitations of the EU territory and outside. The law is majorly applicable to all those EU and non-EU organizations that working and team up with private data management of EU citizens, irrespective of their geographical locations.

GDPR – Rights to Subjects

There are various rights and authorities provided to the subject by GDPR. Some of them are mentioned below:

gdpr rights

    • Right to Rectification: The subject holds the right to rectify any inaccurate personal information without drawing any permission from the controller. By understanding the purpose of processing the data, the subject has the right to fill in any incomplete personal details, by all means, as mentioned in article 16 of GDPR.
    • Right to Information: This right provides the subject the authority to share a code of transparency and clarity. Regarding the use of data, the EU citizens are allowed to exercise their right to be informed of what causes and in what manner their data shall be put to use. The subject has the right to be immediately be informed about the intent the controller holds for the usage of data. Also, the right to information includes the details about the duration of data storage and the ability to withdraw whenever wanted.
    • Right to Access: GDPR handover the right to access to the subjects as it plays an essential role in the business. The subject must be allowed to access the purpose and the data that is upheld with the controller. The right to access is about the processing purposes, and information like planned duration of the data storage, cause of business, any kind of changes, etc.
  • Right to Data Removal: The subject shall have the power to erase their data concerning him or her without seeking any permission from the controller. There shouldn’t lie any obligations to erase the personal information. It can be done on the following conditions:

         – The personal data is no longer serving the purpose for which it was collected.

         –Personal information has been unlawfully stored and processed.

         –The data can be erased or removed in compliance with the legal union.

  • Right to Data Portability: The subject holds the right to receive the personal data that was earlier provided by him or her to the controller. The right allows the data subject to transmit the information from one controller to another at their feasibility.
  • Right to Object: The subject has the right to object or be reluctant in any situation at any time if it concerns him for a cause that does not go well. The subject can object to the controller for any compelling ground where his or her personal information is exercised for the illegal cause.
  • Right to Restriction of Processing Data: The data subject has the power to restrict any process that happens from the controller’s end.

       If the process is unlawful or the subject opposes the cause, the right to restriction can be put to use.

       –If the subject feels unsure of the accuracy of personal data, he or she can restrict the process and ask to verify first.

       –The subject can refuse to process any personal information if the claims are illegitimate or illegal.

  • Right to rectification: The data subject can use the right to rectify any inaccurate personal data. By considering the purpose of processing the data, he or she has the right to complete or correct any flawed information by all means.

Code of Conduct – Guidelines 

There are multiple codes of conduct guidelines been drawn by the member states, the supervisory authorities, the board, and the commission members, intending to have a proper and channeled mode of processing data for micro, macro, small, and medium-sized companies. Such as:

  • Clean and transparent processing
  • Legitimate intent of the controller
  • Organized collection of personal data
  • Exercise of the rights in a proper manner by the data subject
  • Authentic information provided by public
  • Complete consent of the data holder
  • Transfer of personal data to the third party
  • Cordial opt-out method

Are InfoCleanse Services GDPR Compliant?

InfoCleanse is a known company in the B2B marketing industry. We are keen on following the rules and regulations laid down by GDPR. Unlike the previous regulations, GDPR clearly states the security of data and focuses on protecting the subject’s information. It brings all protect clause and B2B opportunities altogether under the jurisdiction of ‘GDPR Compliance.’

Therefore, data processors and controllers engaged in health data processing have to follow GDPR compliance guidelines at all times. Our legal team works their best towards following the norms at all times.

Our team has adopted essential steps to ensure that the data we offer is GDPR compliant:

  • The contact information of prospects we provide comes from trusted sources like market surveys, seminars, conferences, websites, business listings, etc.
  • We cross-check and validate every data through email and telephone verification process before delivering.
  • We update, cleanse, and certify our database on a regular basis.
  • All information is stored with proper protection in place.
  • We have designed our policies in the focus of giving priority to data privacy.
  • We make sure only permissioned based data enters our database.

How InfoCleanse Aims to Secure Your Data?

At InfoCleanse, we religiously follow GDPR and protect your data by the following ways:

  • All the information we process takes place in a legitimate and compliant manner.
  • We are quick to initiate any customer request pertaining to data removal or portability.
  • We have a DPO who is responsible for monitoring and tracking the use of every data.
  • We give training to our employees to promote data compliance culture with our company.
  • We take proper permission from our clients before beginning any business communication.
  • We ensure that the third-party vendors we work along must follow our security obligations.
  • We encourage our customers to follow systematic security practices and take responsibility for their data.
  • Our systems and policies are designed, keeping the security checks as a motive.
  • Our data usage policies are trusted and transparent as we inform our customers prior to any data usage.
  • We store data in an encrypted formation that is protected with passwords for security clauses.