Effective Date: 01.01.2021

HyLogic is committed to protecting the privacy and personal data of individuals, including our customers, employees, and website visitors. This GDPR Policy outlines our practices and procedures regarding the collection, use, disclosure, and protection of personal data in compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

1. Scope and Applicability

This GDPR Policy applies to all personal data collected, processed, and stored by HyLogic, whether obtained through our website, software applications, products, services, or other means. It governs our data practices relating to individuals located in the European Union (EU) and any other applicable jurisdictions.

2. Lawful Basis for Processing Personal Data

We will only process personal data when we have a lawful basis to do so, as defined by the GDPR. The lawful bases for processing personal data include:

a. Consent: We may process personal data with the explicit consent of the data subject.
b. Contractual Necessity: We may process personal data to fulfill a contract or take pre-contractual steps at the request of the data subject.
c. Legal Obligation: We may process personal data to comply with legal obligations.
d. Legitimate Interests: We may process personal data based on legitimate interests pursued by our company or a third party, provided that such interests do not override the rights and freedoms of the data subject.

3. Data Collection and Use

We collect and process personal data for specified and legitimate purposes. We will only collect data that is relevant and necessary to fulfill these purposes. The personal data we collect may include, but is not limited to:

- Name, contact information, and job title
- Financial information for billing and payment processing
- Login credentials and usage data
- Communication preferences

We use personal data for the following purposes:

- Providing products and services requested by the data subject
- Communicating with customers, employees, and website visitors
- Managing and improving our website, software applications, and services
- Processing payments and invoices
- Complying with legal obligations

4. Data Sharing and Disclosure

We may share personal data with third parties under the following circumstances:

- Service Providers: We may engage trusted third-party service providers to assist us in delivering our products and services. These providers are contractually obligated to handle personal data in accordance with applicable data protection laws.

- Legal Compliance: We may disclose personal data to comply with legal obligations or respond to lawful requests and legal processes.

- Business Transfers: In the event of a merger, acquisition, or other corporate transaction, personal data may be transferred to the acquiring entity or parties involved.

5. Data Security and Retention

We implement appropriate technical and organizational measures to safeguard personal data from unauthorized access, disclosure, alteration, or destruction. We regularly review and update our security practices to ensure the ongoing confidentiality, integrity, and availability of personal data.

We retain personal data for as long as necessary to fulfill the purposes for which it was collected or as required by applicable laws and regulations.

6. Data Subject Rights

Under the GDPR, data subjects have certain rights regarding their personal data. These rights include:

- Right to Access: Data subjects have the right to request access to their personal data held by us.

- Right to Rectification: Data subjects have the right to request the correction of inaccurate or incomplete personal data.

- Right to Erasure: Data subjects have the right to request the deletion of their personal data under certain circumstances.

- Right to Restrict Processing: Data subjects have the right to request the restriction of processing their personal data under certain circumstances.

- Right to Data Portability: Data subjects have the right to receive their personal data in a structured, commonly used, and machine-readable format and transmit it to another controller, where technically feasible.

- Right to Object: Data subjects have the right to object to the processing of their personal data based on legitimate interests or for direct marketing purposes.

To exercise these rights or for any inquiries or concerns regarding the processing of personal data, please contact our Data Protection Officer (DPO) using the contact information provided below.

7. Updates to this GDPR Policy

We reserve the right to update and modify this GDPR Policy periodically to reflect changes in our data practices or legal requirements. Any updates will be posted on our website, and we encourage you to review this policy regularly.

8. Contact Information

If you have any questions, comments, or requests related to this GDPR Policy or our data practices, please contact us.