GDPR Compliance

Our Commitment to GDPR

At Cromplex, we are committed to ensuring the security and protection of the personal information that we process, and to providing a compliant and consistent approach to data protection. We have always had a robust and effective data protection program in place which complies with existing law and abides by the data protection principles.

Key GDPR Principles We Follow

Personal data shall be processed lawfully, fairly, and transparently
Personal data shall be collected for specified, explicit, and legitimate purposes
Personal data shall be adequate, relevant, and limited to what is necessary
Personal data shall be accurate and kept up to date
Personal data shall be kept in a form which permits identification for no longer than necessary
Personal data shall be processed in a manner that ensures appropriate security

Individual Rights Under GDPR

The GDPR provides the following rights for individuals:

Right to Information

You have the right to be informed about how we collect and use your personal data.

Right to Access

You have the right to request a copy of the information we hold about you.

Right to Rectification

You have the right to have inaccurate personal data corrected.

Right to Erasure

You have the right to request deletion of your personal data in certain circumstances.

Right to Restrict Processing

You have the right to request the restriction of processing of your personal data.

Right to Data Portability

You have the right to request to move, copy or transfer your personal data.

Right to Object

You have the right to object to processing of your personal data in certain circumstances.

Rights Related to Automated Decisions

You have rights in relation to automated decision making and profiling.

How We Collect and Process Data

We collect and process data for the following reasons:

Contractual Necessity

We process data to fulfill our contractual obligations to our clients.

Legitimate Interests

We process data based on our legitimate interests, such as marketing and improving our services.

Consent

When required, we collect explicit consent from you before processing your data.

Legal Obligation

Sometimes we need to process data to comply with legal obligations.

Data Protection Measures

We implement appropriate technical and organizational measures to protect your personal information. These include:

Data encryption
Regular security assessments
Strict access controls
Staff training on data protection
Data processing agreements with third-party processors

International Data Transfers

If we transfer personal data outside the European Economic Area (EEA), we ensure that appropriate safeguards are in place to protect your data, such as:

Standard Contractual Clauses approved by the European Commission
Binding Corporate Rules for transfers within a corporate group
Adherence to frameworks like the EU-US Privacy Shield (when applicable)

Data Breach Procedures

We have implemented procedures to deal with any suspected personal data breach. In the event of a breach, we will:

Notify affected individuals without undue delay
Report to the relevant supervisory authority within 72 hours
Document all breaches including facts, effects, and remedial action taken

Contact Us

If you have any questions about our GDPR compliance or wish to exercise your rights under GDPR, please contact our Data Protection Officer:

support@cromplex.com +92 (339) 041-8293

123 Business Avenue, Suite 100, City, State 12345

This GDPR Compliance document was last updated on July 20, 2025.

We regularly review our policies and procedures to ensure continued compliance with GDPR.