GDPR
GENERAL DATA PROTECTION REGULATION (“GDPR”) PRIVACY NOTICE
GDPR Compliance
​
​
The General Data Protection Regulation (GDPR) requires organizations to process personal data in a manner that is fair, lawful, and transparent, and to protect the privacy of individuals whose personal data is being processed.
​
As a data controller, CreOps Management is committed to compliance with the GDPR and to protecting the personal data of our clients. We have implemented appropriate technical and organizational measures to ensure that the personal data we collect and process is collected, used, and stored in accordance with the GDPR.
​
Types of Data We Collect
In the course of providing our services to clients, we may collect and process the following types of personal data:
-
Contact information, including name, email address, and telephone number
-
Demographic information, such as age, gender, and job title
-
Professional information, such as company name and job responsibilities
-
Financial information, including billing address and payment details
-
Project-specific data, including project details and deliverables
-
We may also collect data from third parties, such as partners or subcontractors, for the purpose of providing our services.
​
Legal Basis for Processing Personal Data
Under the GDPR, we are required to have a legal basis for processing personal data. The legal basis for processing personal data may vary depending on the specific circumstances, but may include:
-
The explicit consent of the data subject
-
The performance of a contract with the data subject
-
Compliance with a legal obligation to which we are subject
-
The protection of the vital interests of the data subject or another individual
-
The legitimate interests of CreOps Management or a third party, provided that such interests do not override the fundamental rights and freedoms of the data subject.
​
Data Storage and Security
-
We take the security of our clients' personal data very seriously and have implemented appropriate technical and organizational measures to protect their data from unauthorized access,​ alteration, disclosure, or destruction.
-
We store personal data on secure servers and use encryption to protect data in transit. Access to personal data is restricted to authorized personnel only, and we have established procedures to ensure that personal data is handled in a secure and confidential manner.
​
Data Retention
-
We will retain personal data for as long as necessary to fulfill the purposes for which it was collected or to comply with legal, regulatory, or contractual requirements. Once the data is no longer needed, we will securely delete or destroy it in accordance with the GDPR.
​
Data Subject Rights
-
Under the GDPR, clients have the following rights with respect to their personal data:
-
The right to be informed about the collection and use of their personal data
-
The right of access to their personal data
-
The right to rectification of their personal data if it is inaccurate or incomplete
-
The right to erasure of their personal data in certain circumstances, also known as the "right to be forgotten"
-
The right to restrict the processing of their personal data in certain circumstances
-
The right to data portability, which allows them to obtain and reuse their personal data for their own purposes across different services
-
The right to object to the processing of their personal data in certain circumstances
-
The right not to be subject to automated decision-making, including profiling
If you have any questions about our GDPR compliance or would like to exercise your data subject rights, please don't hesitate to contact us. We'll be happy to provide more information and assist you in any way we can.