The European Union (EU) established a new rule known as the “General Data Protection Regulation” on April 8, 2016. (GDPR). It supersedes the EU Data Protection Directive and applies to all EU member countries, eliminating the need for national law. After four years of debate and changes, the legislation goes into force on May 25, 2018, putting the EU at the forefront of data protection norms.
It provides EU citizens more control and authority over personal data. Organizations that manage statistics on EU individuals will be required to follow data and privacy guidelines under this bylaw. Wise B2B Hub Private Limited has acknowledged and updated all of the essential requirements of GDPR as part of its basic policies
Personal data is defined in Article 4 of the GDPR as “any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or one or more factors specific to that natural person’s physical, physiological, genetic, mental, economic, cultural, or social identity.”
Article 5. Principles governing personal data processing:
The controller shall be responsible for, and be able to demonstrate compliance with the principles.
Article 6. GDPR Lawfulness of processing:
In order to process personal data under the GDPR, there must be a legitimate legal basis. According to Article 6 of the GDPR, there are six available permissible bases for processing:
Obligations as the data controller:
While handling personal information of a Data subject, when processing on data will be done by another party, Wise B2B Hub acts as the data controller and will therefore comply with the following obligations:-
Obligations as the data processor:
When Wise B2B Hub processes personal data on behalf of its clients, the company functions as the data processor and the client as the data controller. As a result, Wise B2B Hub will comply with the following GDPR duties as a data processor:
Sharing Personal Information:
The organization may be required to share the personal information it processes with the individual as well as other organisations. Where this is required, the organisation must comply with all requirements of the GDPR.
When appropriate, the company will share information with:
Personal data transfer to another country:
Personal information may need to be transferred internationally on occasion. When this information is required, it is only shared inside the European Economic Area (EEA). Any transfers will be carried out in complete conformity with the GDPR.
Retention of personal data:
Personal data must not be retained for any longer than is required for the purpose for which it is processed, according to the General Data Protection Regulation (GDPR). This also implies that there is a time limit on how long consumers’ data can be preserved. Despite the fact that there is no time limit.
Wise B2B Hub keeps the data records for no longer than 2 years. However, it varies based on the type of data and client’s need. Retention of such data in Wise B2B Hub is decided based on the client’s requirement of requesting the old data.
Company may preserve data for longer, if it deems it has a genuine interest/reason to do so.
Everyone who works for or with Wsie B2B Hub Pvt. Ltd has accountability for ensuring that data is gathered, stored, and managed lawfully, especially in light of GDPR. Individual data must be handled and treated in accordance with the GDPR policy and data protection principles by all team members who handle it.
Each member must keep records of its processing activities, which must include:
These details must be supplied to data protection authorities upon request.
In Wsie B2B Hub , the only people who should be able to access the data protected by this policy are those who require it for their work.
People with key areas of responsibility:
The board of directors is ultimately accountable for ensuring that Wsie B2B Hub Pvt. Ltd meets its legal obligations.
The Data Protection Officer is responsible for:
The IT Admin is responsible for:
Individuals have the following rights under the GDPR:
The right to be informed
We are obliged to offer ‘fair processing information’. The following information must be provided:
The right of access
Individuals have the right to access their personal information and further information. The right to access allows individuals to be informed of and verify the legality of the processing. Information must be delivered without delay, and no later than one month after the request is received. Where requests are complex or numerous, the company will be permitted to extend the period of compliance by two months.
The company must verify the identification of the individual making the request.
The right to correction
Individuals have the right to have incorrect or incomplete personal data corrected.
A rectification request must be responded to within one month. If the request is difficult, it can be prolonged by two months.
The right to erasure
The right to erasure allows an individual to request that personal data be deleted or removed if there is no compelling cause for its ongoing processing.
The right to limit processing
Individuals have the right to ‘block’ or inhibit personal data processing. When processing is restricted, the company may save the personal data but not process it further. The company can keep only enough information about the person to guarantee that the restriction is followed in the future. Company will also delete the data if the subject requests to do so.
Data portability rights
Individuals have the right to data portability, which allows them to obtain and reuse their personal data across multiple services. It enables them to effortlessly move, copy, or transfer personal data from one IT environment to another in a safe and secure manner, without interfering with usability. The personal data must be provided by the company in a structured, generally used, and machine-readable format. This should allow other data controllers to use the information. The information must be provided at no cost.
The right to object
Individuals have the right to object to the following types of processing:
Individuals must file an objection based on “grounds relevant to his or her own circumstances.”
The company must stop processing personal data unless it can demonstrate compelling legitimate reasons for processing and individual permits to process further.
Rights concerning automated decision-making and profiling
The GDPR includes requirements for automated decision-making (making a decision exclusively through automated means without human intervention) and profiling (automated processing of personal data to analyse certain aspects of an individual).
Organizations can only make this type of decision if it is: required for the entrance into or fulfilment of a contract; or authorised by Union or Member state law applicable to the controller; or based on the individual’s explicit permission.
Wsie B2B Hub confirms that no automated decision making or profiling is used in its processing activities.
In case of any comments, queries or concerns about any of the information in this Policy, or any other issues relating to the Processing of Personal Data carried out by us, or on our behalf, please use the contact form at https://wiseglancesol.com/contact/
The Company has appointed a Data Protection Officer who may be contacted at contact@wiseglancesol.com
Copyright © 2023 WiseB2B Hub Private Limited | Powered By Marketing Counsellors