GDPR Compliance

General Data Protection Regulation Information

1. Our Commitment to GDPR

SOFTGENICS LTD is committed to protecting your personal data and respecting your privacy rights under the General Data Protection Regulation (GDPR). This page explains how we comply with GDPR requirements and what rights you have regarding your personal data.

2. Legal Basis for Processing

We process your personal data under the following legal bases:

  • Consent: When you have given clear consent for us to process your data for specific purposes
  • Contract: When processing is necessary for the performance of a contract with you
  • Legal Obligation: When we need to comply with legal requirements
  • Legitimate Interest: When we have a legitimate business interest that doesn't override your rights
  • Vital Interest: When processing is necessary to protect someone's life
  • Public Task: When processing is necessary for official functions

3. Your Rights Under GDPR

As a data subject, you have the following rights:

3.1 Right to Information

You have the right to be informed about the collection and use of your personal data.

3.2 Right of Access

You have the right to request access to your personal data and information about how we process it.

3.3 Right to Rectification

You have the right to have inaccurate personal data corrected or completed if incomplete.

3.4 Right to Erasure ('Right to be Forgotten')

You have the right to have your personal data erased in certain circumstances.

3.5 Right to Restrict Processing

You have the right to restrict the processing of your personal data in certain circumstances.

3.6 Right to Data Portability

You have the right to receive your personal data in a structured, commonly used format and transmit it to another controller.

3.7 Right to Object

You have the right to object to processing based on legitimate interests or for direct marketing purposes.

3.8 Rights Related to Automated Decision Making

You have rights regarding automated decision-making, including profiling.

4. How to Exercise Your Rights

To exercise any of your GDPR rights, please:

  • Contact us using the details provided at the end of this page
  • Clearly state which right you wish to exercise
  • Provide sufficient information to verify your identity
  • Specify the personal data your request relates to (if applicable)

We will respond to your request within one month of receipt. In some cases, we may extend this period by two additional months if the request is complex or we receive multiple requests.

5. Data Protection Principles

We adhere to the following data protection principles:

  • Lawfulness, Fairness, and Transparency: We process data lawfully, fairly, and transparently
  • Purpose Limitation: We collect data for specified, explicit, and legitimate purposes
  • Data Minimization: We only collect data that is adequate, relevant, and limited to what is necessary
  • Accuracy: We keep personal data accurate and up to date
  • Storage Limitation: We don't keep data longer than necessary
  • Integrity and Confidentiality: We process data securely
  • Accountability: We can demonstrate compliance with these principles

6. International Data Transfers

When we transfer your personal data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place:

  • Adequacy decisions by the European Commission
  • Standard Contractual Clauses (SCCs)
  • Binding Corporate Rules (BCRs)
  • Certification schemes
  • Codes of conduct

7. Data Breach Notification

In the event of a personal data breach that is likely to result in a high risk to your rights and freedoms, we will notify you without undue delay. We will also notify the relevant supervisory authority within 72 hours of becoming aware of the breach, where feasible.

8. Data Protection Officer

We have appointed a Data Protection Officer (DPO) to oversee our data protection strategy and GDPR compliance. You can contact our DPO directly regarding any data protection concerns:
Email: [email protected]

9. Supervisory Authority

You have the right to lodge a complaint with a supervisory authority if you believe we have not complied with GDPR requirements. You can contact your local data protection authority or the authority in the country where the alleged infringement occurred.

10. Children's Data

We take special care when processing children's personal data. For children under 16 years old (or the lower age set by EU member states), we require parental consent before processing their personal data. We have procedures in place to verify parental consent and to respect parents' rights regarding their children's data.

11. Regular Reviews and Updates

We regularly review our data processing activities and update our policies and procedures to ensure ongoing GDPR compliance. This includes conducting Data Protection Impact Assessments (DPIAs) when required and maintaining records of processing activities.

12. Contact Information

For any questions about our GDPR compliance or to exercise your rights, please contact us:
Data Protection Officer: [email protected]
General Inquiries: [email protected]
Privacy Officer: [email protected]
Company: SOFTGENICS LTD
Address: 27 Old Gloucester Street, London, United Kingdom, WC1N 3AX