Corporate Data Protection Policy
Understanding Data Governance
sbPowerDev is committed to protecting personal data in compliance with data protection legislation, including GDPR and relevant local laws.
Scope
This policy applies to all employees, contractors, and third-party partners handling personal data.
Data Collection
- Collect data necessary for specified, legitimate purposes.
- Inform individuals about data collection and their rights.
Data Use
- Use personal data only for the purposes for which it was collected.
- Ensure data accuracy and relevance.
Data Storage
- Store data securely using encryption and access controls.
- Retain data only as long as necessary.
Data Sharing
- Share data with third parties only under contract and with data protection assurances.
- Obtain consent before sharing data externally unless legally required.
Data Access
- Restrict access to personal data to authorized personnel only.
- Regularly review access rights.
Data Subject Rights
- Respect rights of data subjects, including access, rectification, erasure, and objection.
- Provide clear procedures for individuals to exercise their rights.
Data Breaches
- Report data breaches promptly to relevant authorities and affected individuals.
- Implement measures to prevent future breaches.
Training and Awareness
- Provide regular training on data protection to all employees.
- Promote a culture of data protection awareness.
Compliance and Monitoring
- Conduct regular audits to ensure compliance with this policy.
- Update the policy as needed to reflect changes in legislation or business practices.
Independent Projects
- Any application deployed or project independent of the core services business of sbPowerDev, such as Go-To Card, will hold its own data protection policy.
Contact Information
For questions or concerns about data protection, contact the Data Protection Officer (DPO) at sbPowerDev on dpo@sbpowerdev.com
Review
This policy will be reviewed annually and updated as necessary.