EU Data Protection Regulation

GDPR Compliance

Our full compliance and commitments to the European Union General Data Protection Regulation

๐Ÿ›ก๏ธ

Our GDPR Compliance Commitment

As ESIVA Projektmanagement GmbH, we are committed to full compliance with all requirements of the European Union General Data Protection Regulation (GDPR). Protecting our customers' personal data with the highest security standards and guaranteeing data rights are our priorities.

Last Updated: This GDPR compliance document is regularly reviewed and updated in accordance with current EU data protection laws.

General Data Protection Regulation (GDPR) is a comprehensive data protection law that came into force on May 25, 2018, ensuring the protection of personal data of EU citizens.

Main Purpose of GDPR:

  • Protection and security of personal data
  • Data control rights of individuals
  • Transparency and accountability
  • Standardization in data processing processes

As ESIVA Projektmanagement GmbH, we are committed to full compliance with GDPR requirements and protecting our customers' data with the highest security standards.

๐Ÿ›ก๏ธData Security

Technical and organizational security measures

๐Ÿ“‹Transparency

Clear and understandable data processing policies

โš–๏ธLegal Compliance

Full compliance with GDPR articles

๐Ÿ”„Continuous Improvement

Regular audit and update processes

In accordance with GDPR Article 6, we process your data within the following legal bases:

Article 6(1)(a)Explicit Consent

Your explicit consent for contact forms and marketing activities

Examples: E-newsletter subscription, marketing emails

Article 6(1)(b)Contract Performance

Fulfillment of service contracts

Examples: Consulting services, project management

Article 6(1)(c)Legal Obligation

Fulfillment of legal requirements

Examples: Tax records, commercial documents

Article 6(1)(f)Legitimate Interest

Legitimate business interests of the company

Examples: Website analytics, security measures

Under GDPR, you have the following rights and can contact us to exercise them:

๐Ÿ”
Right of AccessArticle 15

To know which of your data is being processed

You can request a data report

โœ๏ธ
Right to RectificationArticle 16

To request correction of inaccurate data

You can request an update

๐Ÿ—‘๏ธ
Right to ErasureArticle 17

To request deletion of your data

You can exercise your right to be forgotten

โธ๏ธ
Right to Restriction of ProcessingArticle 18

To request cessation of data processing

You can request processing restriction

๐Ÿ“ค
Right to Data PortabilityArticle 20

To move your data elsewhere

You can request data transfer

โŒ
Right to ObjectArticle 21

To object to data processing

You can request to stop processing

โฐResponse Time

We will respond to your request within 30 days from the date we receive it. In complex cases, this period may be extended by another 30 days.

In accordance with GDPR Article 5, all our data processing activities are carried out in accordance with the following principles:

1
Lawfulness and FairnessAll data processing activities have a legal basis and are carried out fairly
2
Purpose LimitationData is collected only for specified, explicit and legitimate purposes
3
Data MinimizationOnly the minimum necessary data is processed
4
AccuracyData is kept accurate and updated when necessary
5
Storage LimitationData is not stored longer than necessary
6
Integrity and ConfidentialityData is protected with appropriate security measures
7
AccountabilityWe keep records that can prove our compliance

In accordance with GDPR Article 32, we implement the following security measures to protect your personal data:

๐Ÿ”งTechnical Measures

  • SSL/TLS encryption
  • Secure server infrastructure
  • Regular security updates
  • Access control systems
  • Data backup systems
  • Firewall protection

๐Ÿ‘ฅOrganizational Measures

  • Personnel data protection training
  • Confidentiality agreements
  • Access authorization limitations
  • Data processing procedures
  • Regular security audits
  • Incident response plans
๐ŸšจData Breach Notification

In the event of a data security breach, we will notify the competent authorities and, if necessary, data subjects within 72 hours in accordance with legal requirements.

In accordance with GDPR Articles 44-49, our approach to data transfers outside the EU is as follows:

Our Transfer Policy

  • Primarily data processing within the EU
  • Countries with adequacy decisions where necessary
  • Transfer with appropriate safeguards (SCCs)
  • Special cases with explicit consent

Transparency: You will be informed in advance of any data transfer outside the EU.

Contact for Your GDPR Requests

ESIVA Projektmanagement GmbH
Data Protection Officer
Email: privacy@esivaprojekt.com
Address: [Company Address]

๐Ÿ“งEmailprivacy@esivaprojekt.comFastest response
๐Ÿ“žPhone[Phone Number]Working hours
๐Ÿ“ฎMail[Company Address]Official requests
โš–๏ธYour Right to Complain

If you believe your GDPR rights have been violated, you can file a complaint with the Austrian Data Protection Authority (Datenschutzbehรถrde).

๐Ÿ“‹

Exercise Your GDPR Rights

If you have any questions or requests regarding your data protection rights, please do not hesitate to contact us.

ESIVA - Project Management and Business Idea Consulting