GDPR & cookie compliance

Purpose:

This policy aims to demonstrate IIC’s commitment to protecting user privacy and complying with the General Data Protection Regulation (GDPR) and relevant cookie laws.

Content:

1. GDPR Compliance:

• Explain how IIC processes personal data in compliance with GDPR principles, including lawfulness, fairness, transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity, and confidentiality.
• Detail the legal basis for processing personal data (e.g., consent, contractual necessity, legitimate interests).
• Describe the rights of individuals under GDPR, such as the right to access, rectify, erase, restrict processing, and data portability.
• Explain how IIC handles data subject requests.
2. Cookie Policy:

• List the types of cookies used on the IIC website (e.g., strictly necessary, performance, functionality, targeting).
• Explain the purpose of each type of cookie.
• Provide instructions on how users can manage their cookie preferences through their browser settings.
3. Consent:

• Explain how IIC obtains and manages user consent for data processing and cookie use.
• Detail how users can withdraw their consent.
4. Data Security:

• Describe the technical and organizational measures IIC has implemented to protect personal data from unauthorized access, loss, or misuse.
5. Data Breaches:

• Outline the procedures IIC will follow in the event of a data breach, including notifying affected individuals and relevant authorities.
6. International Data Transfers:

• If IIC transfers personal data outside the European Economic Area (EEA), explain the safeguards in place to ensure adequate protection of the data.