Based on the directives set across the General Data Protection Regulation (EU) 2016/679 (“GDPR”) our compliance policy for GDPR sets out the steps that iSN Group (hereinafter referred as iSNGS) is taking to ensure iSNGS complies with the European Union’s new General Data Protection Regulation (GDPR). This regulation is designed to protect an individual’s personal data. In addition to giving citizens control of their personal data, the GDPR also aims to unify data protection laws across the European Union and the European Economic Area (EEA).
In accordance with the directives laid down in GDPR, below are the GDPR principles that iSNGS complies with all the personal data
As per the adherence to GDPR directives – we follow the following procedures. These procedures are set out as a data processor, our responsibilities are limited being a data processor under the Data Protection Act.
As a part of our responsibilities in line with the GDPR directives with reference to Article 5 and Article 6 of the GDPR below are procedures implemented and followed by iSNGS.
We maintain a high level data flow map for all the processing requirements we receive from our client from time to time wherein we act a data processor as per the article 4 of the GDPR. The data flow map help understand our clients how their data flows with the iSNGS environment and how all have access to it.
In accordance with GDPR compliances – it is important for iSNGS and its client to understand what data falls under GDPR and how to handle it appropriately. To address this, iSNGS shall use GDPR Data Map template, this will allow iSNGS and its client get a clear understanding of exactly what data is iSNGS in possession of and how that data is moving through iSNGS as an organization. The key elements that shall be maintain in the data map is as below.
It is essential to understand the source of data collection as from where it has been collected.
The personal data of the data subject that is being collected as per the GDPR guidelines. Which doesn’t include processing of mission critical personal data, and/or processing of special category personal data, and/or processing of processing of children data and/or processing data of criminal convictions and offences as per the GDPR article 7,8,9 and 10.
The reason behind collecting the personal data of the subject lies with our data controller which is mostly for Business Marketing purposes.
As per the GDPR compliance {reference Article 4(2) and (6) of the GDPR} it is important to know how the data is stored, how it will be processed and who all have access to the data at iSNGS.
As per the GDPR compliances it is important to know how and when iSNGS shall dispose all the personal data collected on behalf of the data controller.
All the personal data collected shall be disposed within 6 months (180 days) from the date it is been delivered to the controller or as per the agreed duration with the controller whichever is less.
As per the GDPR Article 7, conditions for consent wherever iSNGS acts as a Data Controller, as per the definition defined in GDPR Article 4, iSNGS shall only process or acquire the personal information of the data subject(s) wherein it has received appropriate consents from the data subject(s).
As per the Article 7(3), GDPR, under Conditions for consent, the data subject shall have the right to withdraw his or her consent at any time. iSNGS strictly adheres to this policy, as a data subject you have full rights to withdraw your consent at any time. Please write to info@isngs.com
As an adherence to GDPR compliances iSNGS will fully comply with certain important rules required as a data processor and/or as a data controller from time to time. As part of the set rules iSNGS shall duly maintain the data processing register.
For our GDPR Privacy Policy, please refer document iSNGS Privacy Policy.