Compliance Policy

๐Ÿ“– 2 min read
๐Ÿ“…
๐Ÿ”„
๐Ÿ“Š379 words
๐Ÿท๏ธ Tags:legalcompliancegdprccpapipedapdpasecurity

Compliance Policy of DataCareph.com outlining adherence to GDPR, CCPA, PIPEDA, and PDPA, including data rights, security measures, transfers, and breach notifications.

Compliance Policy

Effective Date: August 23, 2025

This Compliance Policy explains how DataCareph.com ensures compliance with global data protection laws.


1. Scope

This Policy applies to:

  • All Services provided by DataCareph.com.
  • All users worldwide.
  • All processing of personal data.

2. Applicable Laws

We comply with the following data protection frameworks:

  • GDPR (General Data Protection Regulation, EU)
  • CCPA (California Consumer Privacy Act, USA)
  • PIPEDA (Personal Information Protection and Electronic Documents Act, Canada)
  • PDPA (Data Privacy Act, Philippines)

3. Lawful Bases

Our processing of personal data is based on:

  • Consent (where required).
  • Contract (to deliver our Services).
  • Legitimate interests (to improve Services).
  • Legal obligations (to comply with applicable laws).

4. Data Subject Rights

We honor all applicable user rights under global privacy laws, including:

  • Right of access to personal data.
  • Right of correction/rectification.
  • Right to erasure ("right to be forgotten").
  • Right to object to processing.
  • Right to data portability.

Requests can be made via info@datacareph.com.


5. Data Security

We implement industry-standard security measures:

  • TLS encryption for data in transit.
  • AES-256 encryption for data at rest.
  • Firewalls and Cloudflare DDoS protection.
  • Access restrictions and staff security training.

6. Data Transfers

  • Cross-border data transfers follow GDPR Standard Contractual Clauses (SCCs).
  • Equivalent safeguards are applied under non-EU laws.

7. Role of Data Protection Officer (DPO)

Our DPO oversees:

  • Compliance with data protection laws.
  • Risk management and privacy impact assessments.
  • Handling of data subject requests.

8. Monitoring & Audits

We ensure compliance through:

  • Regular internal audits.
  • Vendor contract reviews.
  • Ongoing compliance monitoring.

9. Third-Party Processors

  • Vendors must sign Data Processing Agreements (DPAs).
  • All third-party processors are bound by confidentiality and security obligations.

10. Breach Notification

  • In the event of a data breach, affected users and regulators will be notified promptly as required by law.

11. Updates to Policy

This Compliance Policy may be updated periodically to reflect:

  • Changes in laws.
  • Regulatory guidance.
  • Operational adjustments.

12. Contact

Data Protection Officer (DPO)

  • ๐Ÿ“ง Email: info@datacareph.com
  • ๐Ÿ“ฎ Address: 799-B, J.M. Basa St., City Proper, Iloilo, 5000, Philippines

Version: 1.0.0

This document was last updated on August 23, 2025

๐Ÿ“–2min read
๐Ÿ“Š379words
๐Ÿท๏ธ7tags
๐Ÿ“‘13sections

Note: While we strive to keep these documents accurate and up to date, they are provided for general informational purposes only and should not be relied upon as legal advice. Please consult a qualified legal professional to ensure compliance with the laws and regulations that apply to you.