PRIVACY AND DATA PROTECTION POLICY
Interactio, Ltd (“we” or “us”) is committed to protect the fundamental rights and freedoms of individuals, including their right to privacy with respect to the processing of their personal data. Data protection applies to personal data held in any format (paper, electronic, etc.). Our priority is to ensure that natural persons that we interact with feel confident that we respect and safeguard their privacy. At the same way, we seek to reduce any legal and regulatory risks related to our reputation and brand.
In everyday business operations, we use a variety of data about identifiable individuals, including data about:
In collecting and using these data, we are subject to a variety of legislation controlling how such activities may be carried out as well as the safeguards which must be put in place to protect it. In this policy, we describe the steps we are taking to ensure our privacy and data protection compliance.
This policy applies to all staff working for, or on behalf of, Interactio and includes employees, associates, and contractors with legitimate access to our data or systems. In addition, we require that our data processors be compliant when working on behalf of Interactio.
All staff working for, or on behalf of, Interactio are responsible for complying with all relevant data protection legislation and this policy. All staff must also ensure that any personal data they supply is accurate and up to date.
Data protection officer
We have appointed a data protection officer (DPO) to carry out the DPO role as defined in the legislation. The DPO is responsible for dealing with day-to-day data protection matters, providing training, and for developing and encouraging good information handling practice.
Developers and IT
Developers are responsible for embedding privacy safeguards into the design of our products, services, and infrastructure from the earliest stage of development covering the entire life cycle (‘privacy by design’).
The data subject has rights under the GDPR. These consist of:
Each of these rights is supported by appropriate procedures within Interactio that allow the required action to be taken within the timescales stated in the GDPR.
Data subjects can exercise their rights by email firstname.lastname@example.org
V. INTERNATIONAL TRANSFERS OF PERSONAL DATA
Transfers of personal data outside the European Union are carefully reviewed prior to the transfer taking place to ensure that they fall within limits imposed by the GDPR. This depends partly on the European Commission’s judgment as to the adequacy of the safeguards for personal data applicable in the receiving country, and this may change over time.
VI. DATA PROTECTION OFFICER
A defined role of a data protection officer is required under the GDPR. The DPO is independent, an expert in data protection, adequately resourced, and report to the highest management level.
The DPO’s role includes monitoring internal compliance, advising on data protection obligations, providing advice regarding data protection impact assessments (DPIA), and acting as a contact person for data subjects and the State Data Protection Inspectorate of the Republic of Lithuania.
We ensure the DPO is closely involved in all data protection matters in a timely manner, including DPIAs. The DPO has adequate resources and appropriate access to personal data, processing activities, and other services to enable the DPO to carry out this role as defined in the GDPR.
VII. QUESTIONS AND CONCERNS
If you have questions or concerns regarding this policy, please contact the data protection officer via email email@example.com or phone +37061806726.