GDPR

GDPR Compliance Statement for imgpile

Last updated: 30th March 2024

imgpile is committed to ensuring the privacy and protection of personal data. As a data controller and processor, we are dedicated to complying with the General Data Protection Regulation (GDPR), which came into effect on May 25, 2018. This GDPR Compliance Statement outlines our approach to data protection and the steps we have taken to adhere to the GDPR.

1. Data Protection Principles

We adhere to the following data protection principles:

• Lawfulness, Fairness, and Transparency: We process personal data lawfully, fairly, and transparently.
• Purpose Limitation: We collect data for specified, explicit, and legitimate purposes and do not process it in a way incompatible with those purposes.
• Data Minimization: We ensure that personal data is adequate, relevant, and limited to what is necessary for the purposes for which it is processed.
• Accuracy: We take steps to ensure that personal data is accurate and, where necessary, kept up to date.
• Storage Limitation: We retain personal data for no longer than is necessary for the purposes for which it is processed.
• Integrity and Confidentiality: We ensure that personal data is processed securely and protected against unauthorized or unlawful processing, accidental loss, destruction, or damage.

2. Rights of Data Subjects

Under the GDPR, data subjects have the following rights:

• Right to Access: Individuals have the right to access their personal data and obtain a copy of it.
• Right to Rectification: Individuals have the right to request the correction of inaccurate or incomplete personal data.
• Right to Erasure: Individuals have the right to request the deletion of their personal data in certain circumstances.
• Right to Restrict Processing: Individuals have the right to request the restriction of processing of their personal data in certain circumstances.
• Right to Data Portability: Individuals have the right to receive their personal data in a structured, commonly used, and machine-readable format and to transmit it to another controller.
• Right to Object: Individuals have the right to object to the processing of their personal data in certain circumstances.
• Right to Withdraw Consent: Where processing is based on consent, individuals have the right to withdraw their consent at any time.

3. Data Protection Officer

We have appointed a Data Protection Officer (DPO) to oversee our compliance with the GDPR and to act as a point of contact for data subjects and supervisory authorities. The DPO can be contacted at [Insert Contact Information].

4. Data Security

We have implemented appropriate technical and organizational measures to ensure the security of personal data and to prevent unauthorized access, disclosure, alteration, or destruction. Our security measures are regularly reviewed and updated to ensure their effectiveness.

5. Data Breaches

In the event of a data breach, we will promptly notify the relevant supervisory authority and affected data subjects in accordance with the GDPR requirements.

6. International Data Transfers

We ensure that any transfer of personal data outside the European Economic Area (EEA) is carried out in compliance with the GDPR, using appropriate safeguards such as Standard Contractual Clauses or relying on adequacy decisions.

7. Contact Us

If you have any questions about our GDPR compliance, please contact our Data Protection Officer.

By using our services, you acknowledge that you have read and understood our GDPR Compliance Statement.