GDPR Compliance
On May 25, 2018, the European Union (EU) start enforcing its General Data Protection Regulation (GDPR) framework.
The GDPR brings with it the most important changes to data protection law with the aim to standardize data protection laws and processing across the EU.
At Damalion, we take the security, privacy, and integrity of users’ data very seriously. As such, we’ve diligently prepared for the execution of GDPR and the protection of user data by working with industry experts, to ensure we and our customers are ready for GDPR.
Data we may collect about you:
• Damalion may collect personal and non-personal information on our website.
• Damalion may collect an individual’s name, phone number, email address, mailing address, and IP address.
• Damalion may collect documented identification such as passports, bank statements, and utility bills.
Purpose of this:
• We collect this information to identify prospective customers and for information distribution
• We collect this information to provide services to our clients and assist in their company orders.
• Also, we collect this information to meet legal or regulatory requirements and our internal policies.
Please note that we do not sell, rent, share, or otherwise dispose of the personal data collected to third parties.
How Damalion is committed to protecting your data:
• Data Protection: our major policy for data protection has been mended to meet the standards and requirements of the GDPR. We have measures in place to ensure that we understand and sufficiently disseminate and evidence our obligations and responsibilities.
• Data Retention: we have reviewed our retention policy and we have dedicated protocols in place to ensure that we meet the data minimization and storage limitation principles and that personal information is stored, archived, and eliminated compliantly and ethically.
• Data Breaches: we have precautions and measures in place to identify, analyze, investigate and document any personal data breach at the earliest possible time. We take security on our server very seriously to guarantee the possibility of a data breach is minimal. We also take backups of our server, so we have duplicates of information if it is ever lost.
• International Data Transfers & Third-Party Disclosures: we do not store or transfer personal information outside the EU, but if we have to, we have procedures and safeguarding measures in place to secure, encrypt and maintain the integrity of the data.
• Privacy Policy: we have revised our privacy policy to acknowledge the GDPR, and ensure that all individuals whose personal information we process are aware of why we need it, how it is used, what their rights are, who the information is divulged to, and what measures are in place to safeguard their information.
Also, Damalion holds your information on a secure server that is audited for security on an everyday basis.
Data Subject Rights:
Under the applicable law, data subjects have the following rights:
• right to acquire information as to whether or not their information is being collected, where and for what purposes
• right to complain to the applicable authority
• right to request personal data to be deleted ceased from further dissemination and stopped from processing by third parties
• right to acquire information about their data from the data controller
• right to access their personal data and know how long we intend to store the personal data for
• right to know the categories of personal data concerned and know to whom the personal data has or will be divulged to
• right to data rectification
Damalion can provide easy-to-access information of an individual’s right to access any personal data that we process about them.
Damalion already has a compatible level of data protection and security across our firm, but we aim to be fully compliant with the GDPR. So we are committed to GDPR compliance and continuously strive to obey the data and privacy requirements contained within the EU’s General Data Protection Regulation (GDPR).
If you have any questions or concerns in connection with the information collection practice outlined in this Statement, please send an email to dpo@damalion.com stating any questions or concerns.