COMMITMENT TO DATA PROTECTION
GENERAL DATA PROTECTION REGULATION EU 2016/697 COMPLIANCE STATEMENT
1.Scope of application
This policy applies to all ExpertLogic Limited employees and collaborators. Furthermore, it applies to ExpertLogic Limited’s services and software products which can be accessed via www.expertlogic.co.uk.
2. Definitions
I. All definitions, as processing, controller, processor, data, sensitive data, used in this Commitment shall have its regular meaning as set forth by the General Data Protection Regulation.
II. Sub-processor means any person or a third party appointed by or on behalf of Processor to conduct actions on personal data.
III. Service means software
IV. User and customer mean respectively any person who uses ExpertLogic’s services with the access to an active account regardless of version (trial or premium).
3. Aim
I. This Data Protection Statement is unilaterally binding upon ExpertLogic Limited and shall be understood as a policy applicable to the enterprise as a whole.
II. ExpertLogic Limited declares that it is aware of internal risks arising out of data processing and shall devote its time and resources to minimize any risk concerning data entered into the system.
III. This Data Protection Commitment amounts to be a proof of ExpertLogic Limited being GDPR compliant.
IV. Agreement between ExpertLogic Limited and customer means Terms of Service.
4. Opening statements
ExpertLogic Limited, registered in the UK under registration number 2511416 as a company with limited liability. ExpertLogic Limited is aware of responsibilities arising from General Data Protection Regulation and dedicates itself to accomplish goals set forth in the regulation.
The ExpertLogic Limited Team, represented by Directors Alban, June & Christopher Barroccu, undertook steps to comply with the requirements and hereby by this document expresses its affirmation to the abovementioned principles which becomes binding on us by a unilateral declaration.
I. Managing users data in a mutually agreed manner;
II. Managing users data shall be transparent;
III. Ensuring information assets and processing facilities are protected against unauthorized access or misuse;
IV. Ensuring that all crucial security-related legal obligations shall be fulfilled;
V. Creation of procedures adjusting data protection reporting;
VI. An obligation to investigate all known breaches of data security unconditionally if it is factual or suspected;
VII. Conducting risk assessment and employing potential techniques to minimize the occurrence of data protection breach;
VIII. Ensuring that all relevant security communications are made both internally and externally to inform, advise, and encourage best practices in data protection;
IX. Develop, adjust, and constantly improve data protection to address newly arising concerns of our users;
X. Provide transparent Terms of Service complaint with General Data Protection Policy;
XI. Provide transparent Safety and Security which explains data storage and security policy compliant with General Data Protection Regulation
XII. Provide guidelines for our customers in conducting a risk assessment.
5. Data Protection Policy
I. ExpertLogic Limited acts as both, data controller and processor. In case of data of customers or users, ExpertLogic Limited acts as a data controller with the ability to define aim and purpose of processing. In case of any other data entered to the system by an end user or our customer, with a special focus on prospects database, IMAP server data, campaign, ExpertLogic Limited acts as a processor which takes actions on data on behalf of a controller, by providing automation service.
II. ExpertLogic Limited acting as a controller declares that data of EU citizens shall be stored on EU located servers.
III. ExpertLogic Limited acting as a processor declares that it will not transfer data of the customer to any third country which does not fulfill security standards.
IV. The main aim of data collection is to establish subscription agreement, enable account functioning, provide technical support and maintenance, monitor activities what raises protection security, ensure proper account functioning, maintain access via API standard method or provide invoices.
V. ExpertLogic Limited indicated that in case of any complaint or doubt concerning data security, it is willing to reply to every concern. Any complaint, data deletion request, data modification request, data return request shall be sent to ExpertLogic Limited christopher@expertlogic.com.
VI. Due to technical inability, ExpertLogic Limited as a processor, shall not be responsible for data in the content of conversations apart from its full dedication to ensure adequate technical security measures.
VII. To ensure data confidentiality, ExpertLogic Limited declares that is will not lease, sell, or exchange any data concerning customers or end-users with any third party, with the exclusion of processors and sub-processors employed by ExpertLogic Limited, or if otherwise required by law.
VIII. To limit data access or request additional information, user or client shall submit a written request via christopher@expertlogic.com.
IX. Data processing of customers or users’ data is based upon consent.
X. Data processing of content, prospects’ database, and campaigns is based upon the agreement between ExpertLogic Limited (processor) and a customer or user (controller).
XI. As a company dedicated to data security, relevant data protection security training sessions were conducted internally.
XII. All staff of ExpertLogic Limited has Non-disclosure agreements signed and is allowed to process data only to the extent which is necessary to ensure maintenance and support for customers.
6. Dispute solving
I. ExpertLogic Limited is willing to participate in amicable dispute settlement or mediation in case of a dispute.
II. If such a solution is not possible, ExpertLogic Limited as a company registered in the UK is obliged to solve disputes on the grounds of British jurisdiction.
