GDPR Compliance
General Data Protection Regulation (EU) 2016/679 Compliance Statement
Our GDPR Commitment
Royal Cliks is fully committed to complying with the General Data Protection Regulation (GDPR) (EU) 2016/679. We have implemented comprehensive measures to ensure the protection and proper handling of personal data.
GDPR Compliant
Data Protection Principles
We adhere to the seven key principles of GDPR in all our data processing activities:
Lawfulness, Fairness & Transparency
Processing personal data lawfully, fairly, and in a transparent manner.
Purpose Limitation
Collecting data for specified, explicit, and legitimate purposes only.
Data Minimization
Collecting only data that is adequate, relevant, and limited to what is necessary.
Accuracy
Keeping personal data accurate and up to date.
Storage Limitation
Retaining personal data only for as long as necessary.
Integrity & Confidentiality
Processing data in a manner that ensures appropriate security.
Accountability
Taking responsibility for complying with GDPR and demonstrating compliance.
Our Data Protection Measures
Encryption
All sensitive data encrypted both in transit (TLS 1.2+) and at rest (AES-256).
Access Controls
Role-based access controls with multi-factor authentication for sensitive data.
Data Backups
Regular encrypted backups with secure off-site storage and retention policies.
Monitoring
24/7 security monitoring and intrusion detection systems.
Data Protection Officer
Appointed DPO with direct reporting line to executive management.
Staff Training
Regular GDPR and data protection training for all employees.
Contract Management
GDPR-compliant data processing agreements with all third parties.
Accountability
Clear lines of responsibility and regular compliance audits.
DPIA Process
Data Protection Impact Assessments for high-risk processing activities.
Breach Notification
72-hour breach notification procedures to regulatory authorities.
Data Retention
Clear data retention schedules and secure deletion procedures.
Data Portability
Procedures for providing data in structured, commonly used formats.
Data Subject Rights
Under GDPR, individuals have the following rights regarding their personal data:
Right to Access
Request access to your personal data
Right to Rectification
Request correction of inaccurate data
Right to Erasure
Request deletion of your data ("right to be forgotten")
Right to Restrict
Request restriction of processing
Data Portability
Receive your data in a portable format
Right to Object
Object to processing of your data
Automated Decisions
Rights regarding automated decision making
Withdraw Consent
Withdraw consent at any time
Data Protection Officer
Our Data Protection Officer
Our appointed Data Protection Officer (DPO) oversees our GDPR compliance program and serves as the point of contact for data protection matters.
info@royalcliks.com
Response Time
Within 48 hours
Languages
English, Spanish, French
Compliance Documentation
Data Processing Register
Comprehensive record of all data processing activities.
DPIA Reports
Data Protection Impact Assessment documentation.
Processor Agreements
GDPR-compliant data processing agreements.
Privacy Policies
Comprehensive privacy notices and policies.
Breach Procedures
Documented personal data breach procedures.
Training Records
Staff GDPR training and awareness records.