At PulseDC, we greatly value the trust our customers and suppliers place in us, who provide us with large quantities of personal data collected by them to be processed by us. Ensuring correct responsible data processing and guaranteeing optimal protection of personal data in full compliance with the latest European GDPR, has our top priorities.
- The processing of personal data will only be carried out on the basis of an agreement between PulseDC and our clients or on the basis of a law or other binding regulation, EU or national. (article 28.3 GDPR).
- PulseDC shall only process personal data based on written instructions from our clients, in their capacity as data controller, unless a law or other binding regulation (EU or national) obliges us to process in an other way. In such a case, we will notify our clients prior to reprocessing unless laws or regulations prohibit this. In the written instructions of our clients, the subject, duration, nature and purpose of the processing, the type of personal data and the categories of data subjects and the rights and duties of our clients in their capacity as data controller, are described in each case. (article 28.3.3.a GDPR).
- PulseDC shall not disclose personal data or make it available for purposes other than specified in the data processing agreements between us and our clients in their capacity as data controller, or on the basis of a law or other binding regulation, EU or national (article 28.3.b GDPR).
- PulseDC shall take appropriate technical and organizational security measures when processing personal data, taking into account what is technically possible, such as data loss, data destruction, unauthorized data access, unauthorized data use, unauthorized changes and unauthorized posting of personal data (article 28.3. c, article 32 GDPR).
- PulseDC shall actively provide information regarding its own location as well as the locations of appointed data processor including the reason why the personal data is processed.
- Without unreasonable delay PulseDC shall be fully compliant with requests from each and any person to disclose information related to their personal data that we have access to, through our clients, in their capacity as data controller. The personal data in question will essentially be made available to our clients in a clearly readable format; in case we are unable to comply with such a request, we will provide a reason for this. Full cooperation will also be given to successful requests for rectification and erasure of personal data, restriction of the processing of personal data and portability of personal data. (article 28.3.e GDPR).
- PulseDC will not store processed personal data longer than necessary for the purpose for which the data has been collected, as indicated and set out in the relevant data processing agreements concluded between our clients and ourselves, unless a law or other binding regulation applicable to us (EU or National) obliges us to a different storage period. In such a case, we shall notify our clients prior to entering into the data processing agreement unless prohibited by law or regulation (article 28.3.g GDPR).
- At the end of the data processing agreement, PulseDC shall erase all personal data, return it to the appropriate client and erase existing copies according to the client’s choice, unless legislation or regulations (EU or national) require us to keep the personal data stored (article 28.3.g GDPR).
- PulseDC shall not transfer personal data to a country, territory and / or organization outside the EEA (European Economic Area) unless the country, territory and / or organization concerned guarantees adequate protection with regard to the rights and freedoms of data subjects related to the processing of personal data. This classification will only be made on the basis of article 45.1 of the GDPR.
If you have any questions about this privacy statement or about the way we handle your personal data, please feel free to ask by sending an email to firstname.lastname@example.org.