The purpose of this document is to determine the protocol to be followed in order to comply with the rights of access, rectification, cancellation, forgetfulness, opposition, limitation of processing, portability, and opposition to automated decision-making of personal data held in the files owned by Leapfrog Technologies and Signetic.
The European General Data Protection Regulation (GDPR) contains the rights of the data subject, including clarifications and new rights. The Regulation also lays down specific conditions concerning the procedure to be followed in order to ensure that data subjects can exercise their rights.
The purpose of this procedure is to bring closer together and facilitate the procedure to be followed by Leapfrog Technologies and Signetic stakeholders in order to give effect to their rights in this area with regard to the personal data provided to the company.
Any person shall have the right to request and obtain, free of charge, information on the personal data subject to processing, the origin of such data, as well as the communications made or planned. Additionally, the interested party may request the rectification, cancellation, opposition or portability of their personal data.
No consideration is required for the exercise of the rights of the data subjects.
The data subject shall have the right to obtain confirmation from the Privacy Officer as to whether the data are being processed or transferred to a third country or to an international organization. In the event that the data subject requests a copy of the personal data processed, the Privacy Officer shall provide it in a common electronic format.
The data subject shall have the right to have inaccurate personal data concerning him corrected without undue delay by the controller. Taking into account the purposes of the processing, the data subject shall have the right to have incomplete personal data supplemented, including by an additional declaration.
The data subject shall have the right to obtain without undue delay from the Privacy Officer the deletion of personal data concerning him/her. The Privacy Officer is obliged to delete personal data when:
The data subject shall have the right to object at any time to the processing of his or her personal data, provided that such processing is lawful. You may object to the processing of your data for reasons related to your particular situation, when the processing is based on: direct marketing; profiling; legitimate interest of the data controller or third parties, provided that the interests or rights and freedoms of the data subject do not prevail, especially if you are a child; or the purposes of the processing are associated with: historical, statistical or scientific research, unless the processing is necessary for reasons of public interest.
The data subject shall have the right to obtain from the Privacy Officer the limitation of the processing of the data when any of the following conditions are met:
The data subject shall have the right to have his or her data transmitted by the Privacy Officer to another Data Processor or to the data subject himself or herself, in a structured format for normal use and mechanical reading, when processing is carried out by automated means.
The data subject shall have the right not to be the subject of a decision based solely on automated processing, including profiling, which has legal effect on him or affects him in a similar manner.
|Right of Access||up to 1 month from receipt of the application|
|Right to Rectification||up to 1 month from receipt of the application.|
|Right to object||up to 1 month from receipt of the application.|
|Right to restriction of processing||up to 1 month from receipt of the application.|
|Right to portability||up to 1 month from receipt of the application.|
|Right to object automated decision making||up to 1 month from receipt of the application.|