Invenics adheres to the requirements set out in the appropriate Data Protection Legislations including
With reference to the above legislations, we will act as a “Data Controller” 1 or “Data Processor” in the provision of our services to the Client. As the data for our services is provided by the Client, the Client will also be considered to be a “Data Controller” for any personal data disclosed by the Client to Invenics.
Policies for Data Protection & Retention: Invenics maintains a set of policies to meet the GDPR requirements for the storage, protection and retention of data. The policies and the procedures are continuously monitored over the data we operate on which includes employee, contractors, suppliers,and clients.
Procedures for dealing with data breaches: Invenics has procedures to respond to data breaches including notifying the appropriate authorities and individuals.
Data Protection Officer: Invenics has appointed a Data Protection Officer who is responsible for ensuring overall GDPR compliance.
We will comply with our respective obligations as “Data Controller” and “Data Processor” in respect of any personal data that is disclosed or processed in the course of the engagement. We agree that only data directly relevant and necessary for the engagement will be disclosed by the Client and processed by Invenics.
We agree that Invenics may process the personal data as a “Data Controller” for the purpose of the engagement as described in the Engagement Letter. Invenics will process the data as reasonably required while meeting its regulatory obligations and applicable laws. Invenics may also use the personal data for other reasonable business purposes such as administration, quality control and aggregated analytics which do not identify individuals.
We agree that Invenics may share and disclose data with other parties as follows:
To the extent necessary for providing the services, Invenics may disclose the data to its employees, contractors and sub-contractors. This may include third parties outside the European Economic Area (EEA). Invenics will ensure that such disclosure is at all times in compliance with applicable data protection legislations.
Any law enforcement or regulatory authorities to the extent required under the applicable data protection legislations.