Version 1.0. (Last updated: 01/17/2022)
We at iiNDY are committed to processing personal data securely and respecting privacy of the concerned individuals.This policy shall be reviewed annually or each time when the changes in our data processing occur.
1.1. Scope. This Personal Data Protection Policy (the “Policy”) describes iiNDYVERSE Ltd. internal rules for personal data processing and protection. The Policy applies to iiNDYVERSE Ltd., including iiNDYVERSE Ltd. employees and contractors (“we”, “us”, “our iiNDYVERSE Ltd.”). The management of each entity is ultimately responsible for the implementation of this policy, as well as to ensure, at entity level, there are adequate and effective procedures in place for its implementation and ongoing monitoring of its adherence. For the purposes of this Policy, employees and contractors are jointly referred to as the “employees”.
1.2. Privacy Manager. Privacy Manager is an employee of iiNDYVERSE Ltd. responsible for personal data protection compliance within iiNDYVERSE Ltd. (the “Privacy Manager”). The Privacy Manager is in charge of performing the obligations imposed by this Policy and supervising other employees, who are subject to this Policy, regarding their adherence to this Policy. The Privacy Manager must be involved in all projects at an early stage in order to take personal data protection aspects into account as early as the planning phase.
The designated Privacy Manager at iiNDYVERSE Ltd. is Bryan Georges.
1.3. EU Representative. As an entity processing personal data in accordance with the EU’s legislation but located outside of the European Union, iiNDYVERSE Ltd. must appoint the representative within one of the EU Member States. The task of the representative is to be a contact point for, including but not limited to supervisory authorities and data subjects, on all issues related to processing, for the purposes of ensuring compliance with this Regulation.
The appointed EU Representative of iiNDYVERSE Ltd. is Under Article 27 of the GDPR , we have appointed an EU Representative to act as our data protection agent. Our nominated EU Representative is:
Prighter Group
Maetzler Rechtsanwalts GmbH & Co KG t/a Prighter
Schellinggasse 3, 1010 Vienna, Austria
https://prighter.com/q/13977114014
1.4. Definitions.
| Competent Supervisory
| Authority | means a public authority that is responsible for regulating and supervising personal data protection with regards to activities of iiNDYVERSE Ltd. |
|---|---|
| Data Breach | means a breach of the security and/or confidentiality leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Personal Data transmitted, stored or otherwise processed. |
| This includes but is not limited to e-mails sent to an incorrect or disclosed list of recipients, an unlawful publication of the Personal Data, loss or theft of physical records, and unauthorized access to personal information. | |
| Data | |
| Controller | means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines (make a decision) the purposes and means of the processing of Personal Data. |
| Data | |
| Processor | means a natural or legal person, public authority, agency or other body which processes the Personal Data on behalf of the data controller. |
| Data Protection | |
| Laws | mean any laws and legal rules on personal data use and protection applicable to the activities of iiNDYVERSE Ltd., including, but not limited to the Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, GDPR). |
| Data Subject | |
| Request | |
| (DSR) | means any request from the Data Subject and concerning their personal data and/or data subject rights. |
| Data Subject | means a natural person, whose Personal Data we process. Data Subjects include but are not limited to users, website visitors, employees, contractors, and partners of iiNDYVERSE Ltd. |
| Data Subject | means a natural person, whose Personal Data we process. Data Subjects include but are not limited to users, website visitors, employees, contractors, and partners of iiNDYVERSE Ltd.. |
| Personal Data | means any information relating to an identified or identifiable Data Subject; a Data Subject can be identified by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or the combination of factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that Data Subject. |
| Processing | means any operation or set of operations which is performed by iiNDYVERSE Ltd. on Personal Data, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. |
| Standard | |
| Contractual | |
| Clauses | means the European Commission Decision of February, 5 2010 on standard contractual clauses for the transfer of personal data to processors established in third countries under Directive 95/46/EC of the European Parliament and of the Council (2010/87/EU). |
| Third Party | means a natural or legal person, who accesses the Personal Data for further processing and is not an employee, member or corporate affiliate of iiNDYVERSE Ltd.. This definition does not apply to natural persons, who provide services to iiNDYVERSE Ltd. as contractors on a regular basis. |
User means a Data Subject who uses our services provided on iiNDYVERSE Ltd. website.
2.1. iiNDYVERSE Ltd.’s processing activities must be in line with the principles specified in this Section. The Privacy Manager must make sure that iiNDYVERSE Ltd.’s compliance documentation, as well as data processing activities, are compliant with the data protection principles.
2.2. We must process the Personal Data in accordance with the following principles: