Your data protection rights under the General Data Protection Regulation (GDPR). Learn how we protect your privacy and how you can exercise your rights.
The General Data Protection Regulation (GDPR) is a comprehensive data protection law that came into effect on May 25, 2018. It strengthens and unifies data protection for individuals within the European Union (EU) and addresses the export of personal data outside the EU.
You have the right to be informed about the collection and use of your personal data. This includes information about what data we collect, why we collect it, how we use it, who we share it with, and how long we keep it.
You have the right to request access to your personal data. This allows you to be aware of and verify the lawfulness of the processing. You can request a copy of your personal data free of charge.
You have the right to have inaccurate personal data rectified or completed if it is incomplete. We will respond to your request within one month and will inform any third parties with whom we have shared your data.
Also known as the 'right to be forgotten', you have the right to request the deletion or removal of personal data where there is no compelling reason for its continued processing.
You have the right to request the restriction or suppression of your personal data. This is not an absolute right and only applies in certain circumstances, such as when you contest the accuracy of the data.
You have the right to obtain and reuse your personal data for your own purposes across different services. This allows you to move, copy or transfer personal data easily from one IT environment to another.
You have the right to object to the processing of your personal data in certain circumstances, including processing for direct marketing purposes, research, or statistics.
We only retain your personal data for as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, or reporting requirements. Different types of data may have different retention periods.
When we transfer your personal data outside the EU, we ensure appropriate safeguards are in place. This includes adequacy decisions, standard contractual clauses, or certification schemes approved by supervisory authorities.
We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk. This includes encryption, access controls, regular security assessments, and staff training.
To exercise any of your GDPR rights, please contact our Data Protection Officer using the contact details provided below. We will respond to your request within one month and may ask you to verify your identity.
For marketing communications and optional services
To provide our services and fulfill our contractual obligations
To comply with legal requirements and regulations
For business operations, security, and service improvement
To protect someone's life or prevent serious harm
When processing is necessary for public interest tasks
Have questions about your data or want to exercise your GDPR rights? Contact our Data Protection Officer using any of the methods below.
Contact our Data Protection Officer
dpo@prisminfotech.com
Speak directly about your data rights
+1 (555) 123-4567
Meet us in person for data requests
123 Business Ave, Suite 100
Get instant help with GDPR questions
Available 9 AM - 6 PM EST
We will respond to your GDPR request within one month of receipt. In complex cases, we may extend this period by two additional months and will inform you of any delay.