Select Page

WhitoMedia GDPR Policy

1. Introduction

1.1 Purpose

This General Data Protection Regulation (GDPR) policy outlines WhitoMedia’s commitment to data protection and compliance with the GDPR regulations.

1.2 Scope

This policy applies to all employees, contractors, vendors, and third parties who process personal data on behalf of WhitoMedia.

2. Data Protection Principles

2.1 Lawfulness, Fairness, and Transparency

WhitoMedia shall process personal data lawfully, fairly, and transparently, ensuring individuals are informed about the processing of their data.

2.2 Purpose Limitation

Personal data will only be collected for specified, explicit, and legitimate purposes, and it will not be processed in a manner that is incompatible with these purposes.

2.3 Data Minimization

WhitoMedia shall ensure that personal data is adequate, relevant, and limited to what is necessary for the intended purposes.

2.4 Accuracy

WhitoMedia shall take reasonable steps to ensure that personal data is accurate, up-to-date, and, where necessary, corrected without delay.

2.5 Storage Limitation

Personal data shall be retained only for as long as necessary to fulfill the purposes for which it was collected.

2.6 Integrity and Confidentiality

WhitoMedia shall implement appropriate technical and organizational measures to ensure the security and confidentiality of personal data.

2.7 Accountability and Transparency

WhitoMedia shall be responsible for, and able to demonstrate, compliance with GDPR principles and requirements.

3. Data Subject Rights

3.1 Right to Access

Data subjects have the right to access their personal data processed by WhitoMedia.

3.2 Right to Rectification

Data subjects can request the correction of inaccurate or incomplete personal data.

3.3 Right to Erasure (Right to be Forgotten)

Data subjects have the right to request the deletion of their personal data under certain circumstances.

3.4 Right to Data Portability

Data subjects can request their personal data in a structured, commonly used, and machine-readable format.

3.5 Right to Object

Data subjects can object to the processing of their personal data in certain situations.

4. Data Breach Response

4.1 Reporting

WhitoMedia shall promptly report any data breaches to the relevant supervisory authority and data subjects when necessary, in accordance with GDPR requirements.

4.2 Mitigation

WhitoMedia will take immediate action to mitigate the impact of data breaches and prevent further unauthorized access.

5. Data Protection Officer (DPO)

WhitoMedia shall appoint a Data Protection Officer responsible for ensuring GDPR compliance, monitoring data protection activities, and acting as the point of contact for data subjects and supervisory authorities.

6. Training and Awareness

WhitoMedia shall provide training and awareness programs to employees and contractors involved in data processing activities to ensure they understand GDPR requirements.

7. Documentation and Records

WhitoMedia shall maintain records of data processing activities, including data processing purposes, data categories, data subject information, and any third-party data processors.

8. Review and Update

This GDPR policy will be regularly reviewed and updated to ensure ongoing compliance with GDPR regulations and changes in business operations.

9. Contact Information

For questions or concerns related to GDPR compliance or data protection matters, please contact: