GDPR Compliance

What is GDPR?

The General Data Protection Regulation (GDPR) is a comprehensive data protection law that came into effect on May 25, 2018. It strengthens and unifies data protection for individuals within the European Union (EU) and addresses the export of personal data outside the EU.

Our GDPR Commitment

Smass Global is committed to protecting your personal data and ensuring compliance with GDPR. We have implemented appropriate technical and organizational measures to safeguard your information.

Your Rights Under GDPR

As a data subject under GDPR, you have the following rights:

Lawful Basis for Processing

We process your personal data based on the following lawful grounds:

• Consent: When you have given clear consent for processing
• Contract: When processing is necessary for the performance of a contract
• Legal Obligation: When processing is required by law
• Legitimate Interest: When we have a legitimate business interest

Data Security Measures

We implement appropriate technical and organizational measures to protect your personal data:

• Encryption of data in transit and at rest
• Regular security assessments and updates
• Access controls and authentication measures
• Staff training on data protection
• Incident response procedures

Data Breach Notification

In the event of a data breach that is likely to result in a high risk to your rights and freedoms, we will notify you and the relevant supervisory authority within 72 hours of becoming aware of the breach.

Exercising Your Rights

To exercise any of your GDPR rights, please contact us at:

Supervisory Authority

You have the right to lodge a complaint with a supervisory authority if you believe that our processing of your personal data violates GDPR. You can find your local supervisory authority on the European Data Protection Board website.