Data Protection Policy

Effective Date: 1 Jan 2020

1. Introduction

At Agiledrop, we are committed to protecting the personal and client data we handle in our web design, development, and maintenance services. This policy outlines our approach to data protection in accordance with the General Data Protection Regulation (GDPR) and other relevant laws. It applies to all forms of data we manage, including both digital and paper records.

2. Data Protection Principles

Agiledrop adheres to the GDPR principles, ensuring that personal data is:

  • Processed lawfully, fairly, and transparently.
  • Collected for specified, explicit, and legitimate purposes.
  • Limited to what is necessary in relation to the purposes for which it is processed.
  • Accurate and, where necessary, kept up to date.
  • Kept in a form which permits identification of data subjects for no longer than necessary.
  • Processed in a manner that ensures appropriate security of the personal data.

3. Roles and Responsibilities

  • The Data Protection Officer (DPO) is responsible for overseeing data protection strategies and ensuring compliance with GDPR requirements. Contact details of the DPO will be available to all employees and clients.
  • All employees are responsible for observing this policy and related procedures, especially those in roles directly managing or processing personal data.

4. Rights of Data Subjects

Agiledrop respects the rights of data subjects, including:

  • The right to access their personal data.
  • The right to correct inaccurate data.
  • The right to delete their data.
  • The right to restrict processing of their data.
  • The right to data portability.
  • The right to object to data processing.

Data subjects can exercise their rights by contacting our DPO.

5. Data Collection and Processing

We collect data essential for providing our services, including contact information, user data from websites, and other relevant personal data. Data is processed on legal grounds such as consent, contractual necessity, or legitimate interest. Consent is obtained explicitly for specific purposes, particularly in web forms and cookies.

6. Data Sharing and Transfers

Data may be shared with trusted third parties or subcontractors who comply with data protection laws. In case of international data transfers, we ensure adequate protection measures are in place.

7. Data Security

We employ robust security measures like encryption and access controls to protect data. These measures are regularly reviewed and updated to address new security challenges.

8. Data Breach Response and Notification

In the event of a data breach, we will promptly take necessary steps to mitigate the breach's impact and notify the relevant authorities and affected individuals in accordance with GDPR requirements.

9. Training and Awareness

Employees receive regular training on data protection. We maintain a culture of awareness to ensure that data protection is a key consideration in our operations.

10. Policy Review and Updates

This policy will be reviewed and updated regularly to reflect changes in laws, technologies, and our business practices. Stakeholders will be consulted as part of the review process.

11. Approval and Implementation

This policy has been approved by the top management of Agiledrop and is effective from the date specified at the top of this document. All employees and relevant parties are required to adhere to its terms.

For any inquiries or concerns regarding our Data Protection Policy, please contact our Data Protection Officer at legal@agiledrop.com.