GiveItOneDay Data Protection Policy
GiveItOneDay, Skjoldsgade 36, 6700 Esbjerg, Denmark is committed to protecting the privacy and security of personal data that we process in the course of our business activities. This Data Protection Policy sets out the principles and practices that GiveItOneDay will follow to ensure compliance with data protection legislation.
This policy applies to all personal data processed by GiveItOneDay in the course of its business activities, regardless of the format in which it is processed.
3. Data Protection Principles
GiveItOneDay will ensure that all personal data is:
Processed lawfully, fairly and transparently;
Collected for specified, explicit and legitimate purposes, and not further processed in a manner that is incompatible with those purposes;
Adequate, relevant and limited to what is necessary in relation to the purposes for which it is processed;
Accurate and, where necessary, kept up to date;
Kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data is processed;
Processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage.
4. Data Subject Rights
GiveItOneDay acknowledges that data subjects have the following rights under data protection legislation:
The right to be informed about the collection and use of their personal data;
The right to access their personal data;
The right to rectify any inaccuracies in their personal data;
The right to erasure of their personal data in certain circumstances;
The right to restrict processing of their personal data in certain circumstances;
The right to data portability;
The right to object to the processing of their personal data;
Rights in relation to automated decision making and profiling.
GiveItOneDay will ensure that all data subject requests are dealt with promptly and in accordance with data protection legislation.
5. Data Security
GiveItOneDay takes the security of personal data very seriously and has put in place appropriate technical and organisational measures to ensure that personal data is kept secure.
6. Data Breach Management
In the event of a data breach, GiveItOneDay will follow its data breach management process to ensure that the breach is contained, assessed and reported in a timely manner.
7. Data Protection Impact Assessments
GiveItOneDay will carry out Data Protection Impact Assessments (DPIAs) where processing activities are likely to result in a high risk to the rights and freedoms of data subjects.
8.Training and Awareness
GiveItOneDay will provide training and awareness to all staff involved in the processing of personal data to ensure that they are aware of their obligations under data protection legislation.
This Data Protection Policy will be reviewed annually to ensure that it remains up to date and in compliance with data protection legislation.
If you have any questions or concerns about this Data Protection Policy, please contact firstname.lastname@example.org.