GDPR

GDPR Compliance Statement for imgpile

Last updated: 30th March 2024

imgpile is committed to ensuring the privacy and protection of personal data. As a data controller and processor, we are dedicated to complying with the General Data Protection Regulation (GDPR), which came into effect on May 25, 2018. This GDPR Compliance Statement outlines our approach to data protection and the steps we have taken to adhere to the GDPR.

1. Data Protection Principles

We adhere to the following data protection principles:

• Lawfulness, Fairness, and Transparency: We process personal data lawfully, fairly, and transparently.
• Purpose Limitation: We collect data for specified, explicit, and legitimate purposes and do not process it in a way incompatible with those purposes.
• Data Minimization: We ensure that personal data is adequate, relevant, and limited to what is necessary for the purposes for which it is processed.
• Accuracy: We take steps to ensure that personal data is accurate and, where necessary, kept up to date.
• Storage Limitation: We retain personal data for no longer than is necessary for the purposes for which it is processed.
• Integrity and Confidentiality: We ensure that personal data is processed securely and protected against unauthorized or unlawful processing, accidental loss, destruction, or damage.

2. Rights of Data Subjects

Under the GDPR, data subjects have the following rights:

• Right to Access: Individuals have the right to access their personal data and obtain a copy of it.
• Right to Rectification: Individuals have the right to request the correction of inaccurate or incomplete personal data.
• Right to Erasure: Individuals have the right to request the deletion of their personal data in certain circumstances.
• Right to Restrict Processing: Individuals have the right to request the restriction of processing of their personal data in certain circumstances.
• Right to Data Portability: Individuals have the right to receive their personal data in a structured, commonly used, and machine-readable format and to transmit it to another controller.
• Right to Object: Individuals have the right to object to the processing of their personal data in certain circumstances.
• Right to Withdraw Consent: Where processing is based on consent, individuals have the right to withdraw their consent at any time.

3. Data protection contact

We are not required to appoint a formal Data Protection Officer under Article 37 UK GDPR, but Click Here Digital Ltd has designated a data protection contact who handles all GDPR-related enquiries and coordinates with supervisory authorities. You can reach them at [email protected].

4. Data Security

We have implemented appropriate technical and organizational measures to ensure the security of personal data and to prevent unauthorized access, disclosure, alteration, or destruction. Our security measures are regularly reviewed and updated to ensure their effectiveness.

5. Data Breaches

In the event of a data breach, we will promptly notify the relevant supervisory authority and affected data subjects in accordance with the GDPR requirements.

6. International Data Transfers

We ensure that any transfer of personal data outside the European Economic Area (EEA) is carried out in compliance with the GDPR, using appropriate safeguards such as Standard Contractual Clauses or relying on adequacy decisions.

7. Contact Us

If you have any questions about our GDPR compliance, please contact our data protection team.

By using our services, you acknowledge that you have read and understood our GDPR Compliance Statement.