GDPR Policy

Effective Date: January 22, 2024

1. Overview

This policy explains how Upcert follows the rules of the General Data Protection Regulation (GDPR). We are dedicated, to safeguarding your information and upholding your rights as outlined in GDPR. By using Upcert you agree to abide by the terms described in this policy.

2. Roles of Data Controller and Data Processor

Upcert functions as both a Data Controller and a Data Processor according to GDPR guidelines. As a Data Controller we decide how and why your personal data is processed. As a Data Processor we handle data on behalf of another party who's the Data Controller.

3. Legal Basis for Processing

We process your data based on the following justifications:

  • Consent: You have given consent for us to process your information for a specific purpose..
  • Contract: Processing is necessary for fulfilling a contract, with you or initiating steps.
  • Legal Requirement: Processing is essential to comply with obligations imposed on us.
  • Legitimate Interests: Processing is required for our interests long as they do not conflict with your rights and interests.

4. Your Rights Under GDPR

Under GDPR regulations you hold rights regarding your data:

  • Access: You can ask to see and get a copy of your data.
  • Rectification: You can request corrections to any incomplete data.
  • Erasure: You have the right to ask for your data to be deleted long as there are no legal reasons preventing it.
  • Restriction of Processing: You can request limits, on how your data processed under certain circumstances.
  • Data Portability: You can ask for your data to be transferred to another service provider.
  • Object: You can object to how your data's being used for specific purposes.
  • Withdraw Consent: You can withdraw your consent at any time if processing is not based on your consent.

To exercise these rights please get in touch with us at contact@upcert.me. We will handle your requests in accordance with the laws.

5. Data Transfers

Your personal information may be sent to and processed in countries outside the European Economic Area (EEA). We make sure that these transfers comply with GDPR regulations by using measures to safeguard your information.

6. Data Retention

We hold onto your data for as long as necessary, for the reasons it was collected meeting legal requirements settling disputes and enforcing agreements. The length of time we retain this information depends on its nature. Why we process it.

7. Safety Measures

We put in place organizational steps to safeguard your personal information, from unauthorized access, disclosure, tampering and deletion. These actions include:

  • Encryption: Ensuring data transmission using recognized industry protocols.
  • Access Controls: Limiting data access to authorized individuals only.
  • Routine Audits: Carrying out security checks to detect and rectify vulnerabilities.
  • Secure Storage: Utilizing trusted providers with stringent security measures for data storage.

8. Updates to This Policy

We may periodically revise this GDPR Policy to align with changes in our procedures or legal obligations. We recommend that you check this policy regularly. Any significant alterations will be communicated through announcements on our website or other necessary channels.

9. Contact Us

If you have any inquiries or concerns regarding this GDPR Policy please reach out to us at contact@upcert.me. Your feedback is important to us. We are dedicated to safeguarding your information in compliance, with GDPR regulations.