+1-518-552-6962

info@b2bleadscorp.com

GDPR Policy

GDPR Policy

  1. Introduction

B2B LEADS CORPORATE PVT LTD is committed to protecting the privacy and security of personal data in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws. This GDPR Policy outlines how we collect, use, disclose, and protect personal data.

  1. Definitions

2.1. Personal Data: Any information relating to an identified or identifiable natural person.

2.2. Data Subject: An identified or identifiable natural person to whom the personal data relates.

2.3. Processing: Any operation or set of operations performed on personal data, whether by automated means or not, such as collection, recording, organization, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment, or combination, restriction, erasure, or destruction.

  1. Principles of Data Processing

3.1. Lawfulness, Fairness, and Transparency: We process personal data lawfully, fairly, and in a transparent manner.

3.2. Purpose Limitation: We collect personal data for specified, explicit, and legitimate purposes and do not process it in a manner incompatible with those purposes.

3.3. Data Minimization: We collect only the personal data that is adequate, relevant, and limited to what is necessary in relation to the purposes for which it is processed.

3.4. Accuracy: We take reasonable steps to ensure that personal data is accurate and kept up to date.

3.5. Storage Limitation: We keep personal data in a form that permits identification of data subjects for no longer than is necessary for the purposes for which the personal data is processed.

3.6. Integrity and Confidentiality: We process personal data in a manner that ensures appropriate security, including protection against unauthorized or unlawful processing and accidental loss, destruction, or damage.

  1. Data Subject Rights

4.1. Right to Access: Data subjects have the right to access their personal data and to receive information about how their data is processed.

4.2. Right to Rectification: Data subjects have the right to request the rectification of inaccurate or incomplete personal data.

4.3. Right to Erasure: Data subjects have the right to request the erasure of their personal data under certain circumstances.

4.4. Right to Restriction of Processing: Data subjects have the right to request the restriction of processing of their personal data under certain circumstances.

4.5. Right to Data Portability: Data subjects have the right to receive their personal data in a structured, commonly used, and machine-readable format and to transmit it to another controller.

4.6. Right to Object: Data subjects have the right to object to the processing of their personal data under certain circumstances.

  1. Lawful Basis for Processing

5.1. We process personal data on the following lawful bases:

  • The data subject has given consent to the processing of their personal data for one or more specific purposes.
  • Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.
  • Processing is necessary for compliance with a legal obligation to which we are subject.
  • Processing is necessary to protect the vital interests of the data subject or of another natural person.
  • Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
  • Processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject.
  1. Data Security

6.1. We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including the pseudonymization and encryption of personal data, the ability to ensure the ongoing confidentiality, integrity, availability, and resilience of processing systems and services, the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident, and a process for regularly testing, assessing, and evaluating the effectiveness of technical and organizational measures for ensuring the security of processing.

  1. Data Breach Notification

7.1. In the event of a personal data breach, we will notify the appropriate supervisory authority without undue delay and, where feasible, not later than 72 hours after having become aware of it, unless the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons. We will also communicate the personal data breach to the data subject without undue delay if the personal data breach is likely to result in a high risk to the rights and freedoms of natural persons.

  1. International Data Transfers

8.1. We may transfer personal data to countries outside the European Economic Area (EEA) or to international organizations only if one or more of the following conditions are met:

  • The European Commission has decided that the third country, a territory, or one or more specified sectors within that third country, or the international organization in question ensures an adequate level of protection.
  • The transfer is subject to appropriate safeguards, such as standard data protection clauses adopted by the European Commission.
  • The transfer is made with the explicit consent of the data subject.
  • The transfer is necessary for the performance of a contract between the data subject and us or for the implementation of pre-contractual measures taken at the data subject’s request.
  • The transfer is necessary for the conclusion or performance of a contract concluded in the interest of the data subject between us and another natural or legal person.
  • The transfer is necessary for important reasons of public interest.
  • The transfer is necessary for the establishment, exercise, or defense of legal claims.
  1. Data Protection Officer

9.1. We have appointed a Data Protection Officer (DPO) who is responsible for overseeing compliance with this GDPR Policy. The contact details of our DPO are as follows: 

Full Name of Legal Entity: B2B LEADS CORPORATE PVT LTD

Email Address: dpo@b2bleadscorp.com

  1. Updates to Policy

10.1. We may update this GDPR Policy from time to time by posting a new version on this page. You should check this page occasionally to ensure you are familiar with any changes.

  1. Contact Us

11.1. If you have any questions about this GDPR Policy or our data processing practices, please contact us at info@b2bleadscorp.com.

Remember to customize this policy to reflect the specific practices and procedures of your business and seek legal advice if necessary to ensure compliance with GDPR and other applicable data protection laws.