BusinessOptix has always held the privacy and security of our customers data (personal or otherwise) as a priority. Please read below for the updated policy on Personal Data in the BusinessOptix platform:
BusinessOptix fulfils the role of Data Processor (see definitions laid out in GDPR) on behalf of its customers (the Data Controller). All customer data (Personal or otherwise) is subject to the policies and procedures implemented in the business regarding Information Security (ISMS ISO 27001).
The extent and scope of this role, and the justification therefore is laid out below:
- The BusinessOptix platform collects and processes certain personal information for the purposes of:
- Providing, monitoring and reporting on access to the platform and it's features
- The relevant data held in the BusinessOptix platform is not used for any other purposes unless express permission is granted.
- The data, by design, is limited to the following:
- First Name, Last Name
- Email Address
- The location of the data is transparent to the customer, and all data for relevant libraries can be assured to be located in the desired Data Center, the location(s) of which are named on Order Form:
- Retention: Customer data (including personal data) is retained in the Customer Library for the duration of the engagement. On termination of the engagement the information is permanently erased withing the term agreed in the contract.
- This data is transferred to no third parties without express permission, with the exception of:
- Hosting and IaaS providers which host the entire platform.
- Access to and maintenance of this data is completely under the control of the customer and its designated users:
- This data can be updated by the user (Right to Rectification).
- Users and their data can be deleted from the system (Right to Removal) by the customer admin if requested.