At Hambrand Technology Company, we take data protection seriously and are committed to ensuring compliance with the General Data Protection Regulation (GDPR), which governs how personal data is processed within the EU and beyond. Here, we outline how we manage GDPR to protect your personal data and support your compliance efforts.
The GDPR is a regulation that aims to protect the personal data of individuals within the EU, requiring businesses to handle this data with care, transparency, and security. Non-compliance can result in significant penalties.
Hambrand Technology Company acts as a data processor while our clients (you) act as the data controllers. As a processor, we handle personal data on your behalf under your instructions, ensuring it is processed in line with GDPR requirements.
We provide a comprehensive Data Processing Agreement (DPA) that outlines the responsibilities and obligations of both parties in compliance with Article 28 of the GDPR. This agreement governs how we process data on your behalf and ensures that we meet the highest standards of data protection.
We work only with GDPR-compliant vendors who meet the same stringent standards we apply to ourselves. Any third parties involved in data processing are carefully vetted and subject to data protection agreements to ensure compliance.
As a global company, we may transfer data outside the European Economic Area (EEA). However, we ensure that any international data transfers are protected by appropriate safeguards, such as Standard Contractual Clauses (SCCs), to guarantee GDPR-compliant data protection levels.
In the unlikely event of a data breach, we have a detailed Data Breach Response Plan in place. This ensures we can identify, contain, and report breaches to relevant supervisory authorities within the required 72-hour window, and notify affected data subjects where necessary.
Resources
Why Pabau?
Industries