GroupMap Technology Pty Ltd (GTPL) is committed to ensuring the security and protection of personal information that we process and provide a compliant and consistent approach to data protection. We have implemented policies and processes to ensure that we meet our data processing obligations under the European Union’s General Data Protection Regulation (GDPR). The purpose of this GDPR Compliance Statement is to explain our approach to implementing our GDPR compliance program.
Our Principles and Commitment to Data Privacy
GroupMap Technology Pty. Ltd. takes the privacy and security of individuals and their personal information very seriously. Our principles for processing information are:
- Only collect personal information for lawful and specified use as detailed in our Terms of Service.
- Process all personal information fairly and lawfully.
- Implement state of the art systems and processes to protect the identity of our customers.
- Retain personal information for no longer than is necessary.
Our GDPR Compliance Strategy
A GDPR compliance strategy and action plan has been implemented. Here is an overview of the steps we have taken to ensure compliance.
- Compliance with security and privacy measures required under GDPR
- Established procedures and policies to restrict processing of personal information. Data Processing agreements are signed with EU Enterprise clients. A copy of our DPA can be requested below.
- Established option for client’s data to be hosted in Frankfurt, Germany. Where data is transferred outside of EU, appropriate data transfer mechanism is used as required by GDPR.
- Required our sub-processors to meet GDPR requirements on data management, security, and privacy. Data Processing Agreements have been signed with sub-processors.
- Updated our procedures for data breaches and incident responses.
- Appointed an EU Representative as required under GDPR Article 27.
Your Rights Under GDPR
We respect your data subject rights under GDPR and have appointed GDPR-Rep.eu as our representative according to Art 27 GDPR. We also provide you with an easy way to submit your privacy related requests such as a request to access or erase your personal data. If you want to exercise your data subject rights, please visit: https://gdpr-rep.eu/q/11059092
As a data subject, you can request information about:
- What personal information we hold about you.
- Categories of personal information we collect from you.
- Purpose for collecting and processing your personal information.
- Period we plan to keep the personal information.
- Process to have your incomplete or inaccurate personal information completed or corrected.
- Process to request erasure of your personal information or to restrict processing of personal information.
- Objection to any direct marketing from us.