GDPR Policy

GDPR Norms

The General Data Protection Regulation (GDPR) is an EU legislation that aims to empower the citizens of the EU with better control and authority over their data. Under this regulation, organizations handling data of EU citizens are required to adhere to data privacy instructions. 

One of the key requirements under GDPR is updating the Privacy Policy to reflect GDPR requirements. Leadsinfra has accepted and updated its Privacy Policy accordingly. We are committed to abiding by GDPR principles, including informing EU citizens about how their personal data is collected, used, shared, protected, and processed. 

Transparency to Accommodate GDPR

To comply with GDPR effectively, Leadsinfra ensures transparency by adhering to the principle that all information should be accurate, readily available, easily understandable, and presented in clear language. Additionally, we incorporate illustrations and images to enhance clarity and understanding. This information is made accessible through appropriate and easily navigable channels. 

GDPR General Data Protection Regulation and Compliance 

Leadsinfra needs to collect and utilize certain information about individuals, including suppliers, customers, employees, business contracts, and other relevant parties. Our GDPR policy outlines how this personal data must adhere to the company’s data protection standards and comply with the law. 

The GDPR policy ensures that Leadsinfra: 

Complies with data protection regulations and adheres to best practices 

Safeguards the rights of staff, clients, and associates 

Provides transparency in how it handles and processes individuals' data 

Protects against the risks of data breaches 

Data Protection Laws 

Data protection laws, including the GDPR, define how organizations must obtain, handle, and store personal information to comply with regulations. These laws apply regardless of whether data is stored electronically, on paper, or using other mediums. 

The GDPR is underpinned by eight important principles, ensuring that personal data must be: 

  1. Treated fairly and lawfully 
  2. Collected for specified, legitimate purposes 
  3. Adequate, relevant, and not excessive 
  4. Accurate and kept up to date 
  5. Not kept for longer than necessary 
  6. Protected in accordance with individuals' rights 
  7. Secured using appropriate measures 
  8. Not transferred outside the European Economic Area (EEA) without adequate protection 

People, Risks, and Responsibility as per GDPR 

The GDPR policy applies to:

  1. The headquarters of Leadsinfra 
  2. All branches of Leadsinfra 
  3. All staff, volunteers, contractors, suppliers, and other individuals working on behalf of Leadsinfra GDPR also extends to all data held by the company concerning identifiable individuals, including names, addresses, email addresses, telephone numbers, and any other relevant information. 
  4. Data Protection Risks as per GDPR 
  5. The GDPR policy helps protect Leadsinfra from various data security risks, including breaches of confidentiality, failure to offer choice, reputational risks, and more. 
  6. Responsibility as per GDPR 
  7. Everyone associated with Leadsinfra shares responsibility for ensuring that data is collected, stored, and handled appropriately, especially concerning GDPR compliance. Each team handling personal data must ensure compliance with the GDPR policy and data protection principles. 

However, specific individuals have key responsibilities:

  1. The board of directors is ultimately responsible for ensuring that Leadsinfra meets its legal obligations. 
  2. The Data Protection Officer is responsible for overseeing data protection measures, providing training, addressing questions, and ensuring compliance with GDPR requirements. 
  3. The IT Manager is responsible for ensuring the security of data storage and processing systems. 
  4. The Marketing Manager is responsible for ensuring that marketing initiatives comply with data protection principles. 

General Staff Guidelines for GDPR

Access to data covered by the GDPR policy should be restricted to those who require it for their work. Data should not be shared informally, and employees should receive training to understand their responsibilities regarding data handling.

Data Storage According to GDPR

Data storage guidelines ensure that data is safely kept, whether in physical or electronic form, in compliance with GDPR requirements.

Data Use as per the GDPR Norms

Employees must ensure that personal data is used appropriately and securely, with measures such as screen protection, encryption for electronic transmission, and restriction from sharing data outside the European Economic Area.

Data Accuracy for GDPR Compliance

Leadsinfra is required to take reasonable steps to ensure data accuracy and update it as necessary to comply with GDPR requirements.

Subject Access Requests In Terms of GDPR

Individuals have the right to access their personal data held by Leadsinfra and request updates or corrections as needed, in accordance with GDPR regulations.

Disclosing Data For Other Reasons

GDPR allows for the disclosure of personal data to law enforcement agencies under certain circumstances, with Leadsinfra ensuring compliance with legal requirements and due process.

Providing Information For GDPR

Leadsinfra provides information to individuals about how their data is handled, their rights under GDPR, and how to exercise those rights, ensuring transparency and compliance with regulations.

Data Protection Officers

The Data Protection Officer at Leadsinfra assists with internal compliance, advises the company on data protection matters, and serves as a point of contact for data subjects and regulatory authorities.

Important Information of Leadsinfra Being GDPR-Friendly

Leadsinfra's privacy policy is designed to help website operators meet GDPR requirements, covering various aspects such as data collection, cookie usage, data processing, legal bases, data transmission, and data retention policies.

GDPR Rights to Safeguard Our Clients

Clients dealing with Leadsinfra have rights under GDPR, including access, rectification, erasure, restriction of processing, data portability, objection, freedom from automated decision-making, filing complaints, and seeking compensation for damages in case of breaches.