Digitality Studio’ GDPR Compliance

Digitality Studio needs to gather and use certain information about individuals, to enhance experience & understand some qualitative & quantitative dimensions regarding the individuals, thus optimizing the whole company as an active feedback loop. These individuals may include customers, affiliates, business contacts, employees and other people the organisation has a relationship with or may need to contact.

At Digitality Studio we are committed to protecting your data, for which the protocols have been exercised as described in our privacy policy.

GDPR stipulates strict protocols and practices regarding the way individuals data collection and consent is managed. By adhering to these regulations, Digitality Studio further demonstrates our commitment to protecting our customer’s data security and privacy, empowering our customers with the control of how their consent is collected, recorded and used.

Addressing EU General Data Protection Regulation (GDPR) Principles.

The GDPR protection law describes how organisations — including Digitality Studio — must collect, handle and store personal information.

These rules apply regardless of whether data is stored electronically, on paper or on other materials. To comply with the law, personal information must be collected and used fairly, stored safely and not disclosed unlawfully.

The EU General Data Protection Regulation (GDPR) is underpinned by eight important principles. These say that personal data must:

  1. Be processed fairly and lawfully
  2. Be obtained only for specific, lawful purposes
  3. Be adequate, relevant and not excessive
  4. Be accurate and kept up to date
  5. Not be held for any longer than necessary
  6. Processed in accordance with the rights of data subjects
  7. Be protected in appropriate ways
  8. Not be transferred outside the European Economic Area (EEA), unless that country or territory also ensures an adequate level of protection

Why this policy exists

This data protection policy ensures Digitality Studio:

  • Complies with data protection law and follow good practice
  • Protects the rights of customers, staff, affiliates & partners
  • Is open about how it stores and processes individuals’ data
  • Protects itself from the risks of a data breach

Focus on Privacy & Security

Our view at Digitality Studio is that the customer data is one of the most valuable assets a company has, and when this data is provided to us, our job is to secure it and use it only for the purpose it was provided to us.

Having been through security and privacy audits, Digitality Studio will fully be compliant with the General Data Protection Regulation (GDPR) protocols.

Providing Information

Digitality Studio aims to ensure that individuals are aware that their data is being processed and that they understand:

  1. How the data is being used
  2. How to exercise their rights

To these ends, the company has a privacy statement, setting out how data relating to individuals is used by the company.

This is available on request. A version of this statement is also available on the company’s website.

Lawful basis for processing

Digitality Studio obtains consent from users who agree to Terms of Service Agreement, Data Processing Addendum, and Privacy Policy when signing up to our platform. Users can withdraw consent at any time by placing a formal request with us.

Data subject rights

Digitality Studio has enacted policies to protect users’ rights. We allow Digitality Studio users to opt-out of our notifications, and will always respond to any data access requests.

Deletion of Data

At the end of your engagement with Digitality Studio, you can request the deletion of any data sent to us for verification. We always comply with these requests.

Data Processing Activities

In compliance with GDPR, we maintain a record of our processing activities. We provide this information to our customers once a formal request is placed with us.

Data breach notifications

We do our very best to protect your data, though the unexpected could happen. We are committed to always being fully transparent and notifying the supervisory authority and all affected parties according to the GDPR requirements.