Data Protection Policy - Build Trust Center

← Back to Trust Center

Data Protection Policy

Comprehensive data protection and privacy measures

Other Policies: Encryption Policy Risk Assessment Policy Incident Response Plan Data Retention Policy Data Classification Policy Vendor Management Policy Information Security Policy Acceptable Use Policy

Data Protection Policy

Purpose

To ensure the protection of personal and sensitive data in compliance with privacy regulations.

Data Protection Principles

Lawfulness: Process data only with legal basis
Purpose Limitation: Use data only for stated purposes
Data Minimization: Collect only necessary data
Accuracy: Keep data accurate and up-to-date
Storage Limitation: Retain data only as long as needed
Security: Protect data with appropriate measures

Data Subject Rights

Access: Right to view personal data
Rectification: Right to correct inaccurate data
Erasure: Right to delete data
Portability: Right to export data
Objection: Right to object to processing

International Data Transfers

Standard contractual clauses for EU data transfers
Privacy Shield principles for US operations
Data localization where required by law

Breach Notification

Notify authorities within 72 hours
Notify affected individuals without undue delay
Document all breaches in breach register