Supmasol Limited Data Protection Policy
Supmasol Limited is committed to protecting the privacy and security of the personal data we process. This Data Protection Policy outlines our approach to ensuring compliance with the Data Protection Act, 2020, and safeguarding the personal data of our clients, partners, employees, and other stakeholders.
The purpose of this policy is to:
- Ensure compliance with the Data Protection Act, 2020.
- Protect the rights of data subjects.
- Establish a framework for processing personal data.
- Detail our data protection practices and procedures.
This policy applies to all clients, employees, contractors, and third parties who process personal data on behalf of Supmasol Limited.
Definitions
- Personal Data: Information relating to an identifiable individual.
- Sensitive Personal Data: Includes genetic data, biometric data, health information, etc.
- Data Controller: Person or entity determining the purpose and manner of data processing.
- Data Processor: Person or entity processing data on behalf of a data controller.
- Data Subject: Individual whose personal data is processed.
Data Protection Principles
Supmasol Limited adheres to the following principles when processing personal data:
- Lawfulness, Fairness, and Transparency: Personal data shall be processed lawfully, fairly, and in a transparent manner.
- Purpose Limitation: Personal data shall be collected for specified, explicit, and legitimate purposes and not further processed in a manner incompatible with those purposes.
- Data Minimization: Personal data shall be adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed.
- Accuracy: Personal data shall be accurate and, where necessary, kept up to date.
- Storage Limitation: Personal data shall be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed.
- Integrity and Confidentiality: Personal data shall be processed in a manner that ensures appropriate security, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical or organizational measures.
- Accountability: Supmasol Limited shall be responsible for, and be able to demonstrate compliance with, these principles.
Data Protection Officer (DPO)
Supmasol Limited has appointed a Data Protection Officer (DPO) responsible for overseeing data protection strategy and implementation to ensure compliance with the Data Protection Act, 2020. The DPO can be contacted at dpo@supmasol.com.
Data Security
We implement appropriate technical and organizational measures to ensure the security of personal data. This includes:
- Encryption and Pseudonymization: Protecting data to ensure confidentiality and integrity.
- Access Controls: Restricting access to personal data to authorized personnel on
- Data Breach Notification: Notifying the Information Commissioner and affected data subjects of any data breaches within 72 hours.
Data Processing Records
Supmasol Limited maintains detailed records of all data processing activities, including the purpose of processing, data categories, data subjects, and data retention periods.
Data Protection Impact Assessments (DPIAs)
We conduct DPIAs for high-risk data processing activities to identify and mitigate risks to data subjects.
Third-Party Processors
Supmasol Limited ensures that all third-party processors comply with data protection obligations through data processing agreements.
Training and Awareness
All employees and contractors receive regular training on data protection principles and practices.
Data Transfers
We implement appropriate safeguards for transferring personal data across borders, such as standard contractual clauses or obtaining explicit consent from data subjects.
Policy Review
This policy is reviewed annually or as required to ensure compliance with applicable laws and best practices.
Team Supmasol
Last update: May 01, 2024