GDPR COMPLIANCE

General Data Protection Regulation

Our commitment to protecting the privacy and data rights of EU citizens.

GDPR Compliance Statement

ARV99 Tech Solutions Pvt Ltd is fully committed to compliance with the General Data Protection Regulation (GDPR) (EU) 2016/679. This regulation protects the personal data and privacy of EU citizens and applies to all organizations processing their data, regardless of location.

1. Our GDPR Principles

Lawfulness, Fairness & Transparency: We process personal data lawfully, fairly, and in a transparent manner.
Purpose Limitation: We collect data only for specified, explicit, and legitimate purposes.
Data Minimization: We collect only data that is adequate, relevant, and necessary.
Accuracy: We ensure personal data is accurate and kept up to date.
Storage Limitation: We retain data only as long as necessary.
Integrity & Confidentiality: We protect data with appropriate security measures.
Accountability: We maintain documentation and demonstrate compliance.

2. Lawful Basis for Processing

We process personal data under the following lawful bases:

  • Consent: When you explicitly agree to our processing of your data
  • Contract: When processing is necessary for a contract with you
  • Legal Obligation: When required to comply with applicable laws
  • Legitimate Interests: For our legitimate business interests, balanced with your rights

3. Data Protection Officer (DPO)

We have appointed a Data Protection Officer to oversee our GDPR compliance:

Anand Sharma
Data Protection Officer

[email protected]

+91 98765 43211

4. International Data Transfers

As an India-based company, we primarily process data within India. When we transfer EU citizens' data outside the EU, we ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Binding Corporate Rules
  • Adequacy decisions where applicable

5. Data Breach Notification

In the unlikely event of a personal data breach, we will notify the relevant supervisory authority within 72 hours and affected individuals without undue delay, in accordance with GDPR requirements.

6. Exercising Your GDPR Rights

To exercise any of your GDPR rights (access, rectification, erasure, restriction, portability, objection), please:

  1. Email our DPO at [email protected]
  2. Provide sufficient information to verify your identity
  3. Specify the right you wish to exercise and the data concerned

We will respond within 30 days. If you're not satisfied with our response, you have the right to lodge a complaint with your local supervisory authority.

7. Supervisory Authority

For EU citizens, our lead supervisory authority is the Irish Data Protection Commission. You can contact them at:

Data Protection Commission

21 Fitzwilliam Square South

Dublin 2, D02 RD28, Ireland

Website: www.dataprotection.ie

Last Updated: January 1, 2025. This GDPR compliance statement is reviewed annually.