Rezometry is committed to protecting the privacy and security of personal data entrusted to us by our clients, partners, employees, and other stakeholders. This privacy policy outlines our approach to complying with privacy policies and the General Data Protection Regulation (GDPR) and related data protection laws.
This policy applies to all personal data processed by Rezometry, regardless of the medium used for data processing.
"Personal Data": Any information relating to an identified or identifiable natural person, as defined in Article 4 of the GDPR. "Data Subject": The identified or identifiable natural person to whom the personal data relates. "Processing": Any operation or set of operations performed on personal data, such as collection, recording, storage, adaptation, or disclosure.
Rezometry will only process personal data when one or more of the following lawful bases apply:
Rezometry will collect and process personal data only for specified, explicit, and legitimate purposes. Data collected will be adequate, relevant, and limited to what is necessary for the purposes of processing. Data will be kept accurate and up-to-date, and any inaccurate data will be rectified without undue delay.
Rezometry acknowledges the following data subject rights and will facilitate their exercise:
Rezometry will implement appropriate technical and organizational measures to protect personal data from unauthorized access, disclosure, alteration, or destruction. These measures include, but are not limited to:
In the event of a data breach that poses a risk to the rights and freedoms of data subjects, Rezomery will notify the appropriate supervisory authority and affected individuals without undue delay, as required by the GDPR.
Rezometry will establish Data Processing Agreements with any third-party processors that handle personal data on behalf of the company, outlining their responsibilities and obligations in line with GDPR requirements.
Rezometry may appoint a Data Protection Officer (DPO) responsible for overseeing GDPR compliance. The DPO's contact information will be made available to data subjects and supervisory authorities.
If Rezometry relies on consent as a lawful basis for processing personal data, we will seek explicit and freely given consent from data subjects. Consent will be properly documented and can be withdrawn at any time.
Rezometry will provide regular training and awareness programs for employees to ensure they understand their responsibilities and obligations regarding GDPR compliance.
Rezometry will conduct regular compliance monitoring and internal audits to identify and address potential issues related to GDPR and data protection.
Rezometry will review and update this GDPR policy periodically, and any revisions will be communicated to employees and other relevant stakeholders.