Observic Ltd Data Policy
1. Introduction
This Data Policy outlines the principles and guidelines for the collection, use, storage, and protection of data by Observic. Our commitment is to maintain the privacy and security of our clients' and employees' data, ensuring compliance with all applicable laws and regulations.
​
2. Scope
This policy applies to all data collected, processed, stored, and shared by Observic, including but not limited to customer data, employee data, financial data, and operational data.
​
3. Data Collection
-
Purpose Limitation: Data is collected for specific, explicit, and legitimate purposes and not further processed in a manner incompatible with those purposes.
-
Data Minimization: Only data necessary for the intended purpose is collected.
-
Transparency: Individuals are informed about the data collection practices and purposes.
​
4. Data Usage
-
Lawful Processing: Data is processed lawfully, fairly, and in a transparent manner.
-
Purpose-Specific Usage: Data is used strictly for the purposes for which it was collected, unless explicit consent is obtained for other uses.
-
Data Quality: Ensuring the accuracy and relevance of data for the intended purposes.
​
5. Data Storage
-
Security Measures: Data is stored securely using encryption, access controls, and other appropriate security measures.
-
Retention Period: Data is retained only as long as necessary for the purposes it was collected for, after which it is securely deleted or anonymized.
​
6. Data Protection
-
Access Control: Access to data is restricted to authorized personnel only.
-
Data Breach Response: Procedures are in place to detect, respond to, and mitigate data breaches promptly.
-
Regular Audits: Regular audits and assessments are conducted to ensure compliance with data protection policies and identify vulnerabilities.
​
7. Data Sharing
-
Third-Party Sharing: Data is shared with third parties only when necessary and with appropriate safeguards in place.
-
International Transfers: Data transferred internationally complies with relevant legal requirements and ensures adequate protection measures.
​
8. Individual Rights
-
Access and Rectification: Individuals have the right to access their data and request corrections if necessary.
-
Data Portability: Individuals can request their data in a structured, commonly used, and machine-readable format.
-
Erasure and Restriction: Individuals can request the deletion or restriction of their data under certain conditions.
​
9. Compliance and Training
-
Legal Compliance: Observic complies with all relevant data protection laws and regulations.
-
Employee Training: Regular training is provided to employees on data protection practices and policies.
​
10. Policy Review
This policy is reviewed and updated regularly to reflect changes in laws, regulations, and company practices.
​
11. Contact Information
For any questions or concerns regarding this policy or data practices, please contact:
​
Observic Data Protection Officer
Email: greg@observic.com
This Data Policy is effective as of 01/12/2023 and will remain in effect until updated or replaced.
By adhering to this Data Policy, Observic Ltd ensures the responsible and secure management of data, fostering trust and confidence among clients, employees, and partners.