On May 25, 2018, the EuropeanUnion (the “EU”) implemented a new data privacy and protection regulation, called the General Data Protection Regulation and the UnitedKingdom (the “UK”) post Brexit implemented the UK General Data Protection Regulations (collectively referred to as the “GDPR”). This regulation aims to standardize data protection laws across the EU and the UK and lay down standards to be observed worldwide while processing of personal data originating in the EU and the UK. The GDPR also has a strong emphasis on affording individuals stronger, more consistent rights to access and control their personal information.
At InSync.AIInc. (“we”, “us”, “our”, “InSync”), we take compliance of data privacy and security regulations very seriously. For the GDPR, we are working diligently to ensure that we are compliant with the rules laid out by the law. In the following sections, we have outlined our approach to comply with the GDPR.
InSync is the owner and is responsible for the day-to-day operation of this website.InSync has developed an artificial intelligence chat technology bot that integrates with Customer platforms (the “Platform”).
We at InSync process personal information of our customers in the capacity of a Data Controller (for any personal information submitted on the Website) and in the capacity of aData Processor (for any personal information provided by our customer when they use our Platform).
We have performed a company-wide information discovery exercise to identify and assess what personal information we hold, where it comes from, how and why it is processed, and to whom it is disclosed.
As a Data Controller, InSync has updated its Privacy and Cookie Policies and Disclaimer for the usage of the Cookies in as per the requirements of the GDPR on its website www.insyncai.com and it requires all the visitors, users of its website to provide consent for use of personal information. InSync also allows such users to exercise their rights in relation to their personal information such as modification, rectification, deletion of their data.
As a Data Controller we execute contracts required under the GDPR with our data processor to ensure that the data processor process the personal information as per the GDPR. Additionally, we implement technical and organizational security measures to ensure compliances.
As a Data Processor we comply with the required safeguards pertaining to safety of personal information received from our clients.
We at InSync, have in place a GDPR-compliant data processing addendum (as required by Article 28 of the GDPR) including the EU Standard Contractual Clauses (“SCCs”) and the UK International DataTransfer Addendum (“ITDA”) to ensure an appropriate legal basis for data transfers outside the EU and UK respectively.
We have formulated an organisational data protection compliance policy. This Policy includes a data retention schedule which ensures that we comply with the principles under the GDPR, including ‘data minimization’ and ‘storage limitation’ and that personal information is stored, archived, and destroyed in accordance with the GDPR.
According to Article 30 of the GDPR, each processor and controller’s representative needs to maintain a record of all activities pertaining to the processing of personal information in such anorganization. InSync maintains such records as required under Article 30(1) andArticle 30(2) of the GDPR
The GDPR has stipulated measures and notifications that must be made upon discovery of a data security breach. We at InSync have implemented internal measures to minimize the risk of any data security breach happening. However, in the unlikely event of any such breach happening, InSync intends to honour its responsibilities as laid down under the GDPR, which includes notifying in a timely manner, its customers, and the supervisory authorities.
At InSync, maintaining the security, integrity, safety and confidentiality of personal data in our possession is of the highest priority. InSync has already taken adequate measures to ensure that we fulfil our promise of being fully compliant with the GDPR. In case you have any queries, please feel free to reach us at privacy@insyncai.com.
OurEU GDPR Representative is:
Rickert Rechtsanwaltsgesellschaft mbH - Insyncai, Inc. -
Colmantstraße 15
53115 Bonn
Germany
art-27-rep-insyncai@rickert.law
Our UK GDPR Representative is:
Rickert
Services Ltd UK - Insyncai, Inc. -
PO Box 1487 Peterborough
PE1 9XX
United Kingdom
art-27-rep-insyncai@rickert-services.uk