As of May 25, 2018, the General Data Protection Regulation (GDPR) is enforced across all Member States of the European Union and the European Economic Area. GDPR aims to harmonize the different data protection laws across the Member States, leading to more standardized protections for all European citizens. At myPOS, we welcome this regulatory change because we have always strived to provide our clients with the highest protection of their personal data.
Organizational Readiness at myPOS
The protection of our customers’ personal data is of utmost importance to us. We have worked tirelessly to ensure all GDPR compliance requirements were met well in advance. We continually follow all practices and guidelines issued by regulatory bodies to adapt our protection measures constantly and adequately.
Data Protection Officer, Privacy Team, and GDPR Training
All our employees undergo GDPR training, overseen by our on-site Privacy Team, Compliance Department, and external privacy consultants. Each new employee must participate in a mandatory training session related to privacy regulations and best practices, with annual refreshers for all staff. We have appointed a Data Protection Officer (DPO) who leads our Privacy Team, ensuring compliance with GDPR requirements.
Internal Policies
Our internal policies are regularly updated to comply with GDPR requirements. These policies govern how we collect, process, and protect personal data.
Data We Collect
The personal data we collect and process is detailed in our Privacy Policy. We process personal data based on various legal grounds, including legal obligations, contractual necessity, legitimate interest, and client consent.
How We Use the Collected Data
We use, store, and process personal information to provide, understand, improve, and develop our services, create and maintain a secure environment, pursue our legitimate interests, and comply with our legal obligations. For more details, please refer to our Privacy Policy.
Rights of myPOS Clients
Data Access: Clients can request a copy of their personal data.
Data Correction: Clients can request corrections to inaccurate or incomplete personal information.
Data Deletion: Clients can request the deletion of their personal data, subject to legal retention requirements.
Data Portability: Clients can receive their personal data in a structured, commonly used, machine-readable format.
Consent Withdrawal: Clients can withdraw their consent to data processing at any time.
Data Security
We ensure that personal information is secure through encryption and other safeguards, complying with applicable regulations to guard non-public personal information. Our Incident Response procedures are designed to promptly address any potential security events.
For detailed information, please visit our Privacy Policy.