GDPR Compliance

Introduction

The EU General Data Protection Regulation (“GDPR”) came into force on 25 May 2018.

The new Regulation aims to standardise data protection laws and processing across the EU, giving people greater rights to access and control their personal information.

dMagoo commits to ensuring the security and protection of the personal information that we process, and to provide a compliant and consistent approach to data protection.

We have created this GDPR Compliance Statement to explain our approach to implementing our GDPR compliance program. It describes the implementation of our data protection roles, policies, procedures, controls and measures to ensure ongoing compliance with GDPR.

Our GDPR Principles

dMagoo takes the privacy and security of individuals and their personal information seriously. Our principles for processing personal information are:

● We will process all personal information fairly and lawfully
● We will only process personal information for specified and lawful purposes
● Where practical, we will keep personal information up to date
● We will not keep personal information for longer than is necessary

Data Subjects Rights under GDPR

At dMagoo, an individual can request information about:

● What personal information we hold about an individual
● The categories of personal information we collect from an individual
● The purposes for collecting and processing personal information from an individual
● How long we plan to keep the personal information
● The process to have incomplete or inaccurate personal information corrected or completed
● Where applicable, the process for requesting erasure of the personal information or for restricting the processing of personal information under data protection laws, and to object to any direct marketing from us
● About any automated decision-making that we use

Our GDPR compliance plan

Here's an overview of our steps we are taking to ensure compliance with GDPR at dMagoo:

● We conducted a data mapping inventory and analysis of collected personal information in our systems and records
● We have established procedures and policies to restrict processing of personal information
● We have updated our procedures for data breaches and incident responses
● We have updated our company’s Data Protection Policy, Data Retention Policy, Information Security Policy, Cookies Policy and Privacy Policy
● We have reviewed all processing activities to identify the legal basis for processing personal information and to ensure that each basis is appropriate for the activity it relates to

GDPR Roles and Employees

dMagoo promotes awareness of the GDPR across the organisation, assessing our GDPR compliance, identifying any gap areas and implementing the new policies, procedures and measures.

We understand that continuous employee awareness and understanding is vital to the continued compliance of the GDPR and have involved our employees in our preparation plans.

Contact us if you have GDPR related questions

If you have questions about this GDPR Compliance Statement, or our privacy or security practices, please contact us:

● Website: dmagoo.com/contact-us
● Email: compliance@dmagoo.com
● Phone: +1.800.757.3024