Aligned with global norms, Newtral's GDPR Policy guarantees transparent data handling and a commitment to privacy protection.
Newtral Technologies Private Limited is committed to ensuring the privacy and protection of personal data. This General Data Protection Regulation (GDPR) policy outlines our practices concerning the collection, processing, and protection of personal data in the context of our ESG Management Software.
This GDPR policy applies to all personal data processed by Newtral Technologies in the course of its business activities, including the use of our ESG Management Software.
Newtral Technologies acts as both a data controller and a data processor, depending on the context of data processing. In situations where we determine the purposes and means of processing personal data, we act as a data controller. In cases where we process personal data on behalf of our customers, we act as a data processor.
We will only process personal data when there is a lawful basis for doing so, such as the necessity of processing for the performance of a contract, compliance with a legal obligation, protection of vital interests, consent, the performance of a task carried out in the public interest or the exercise of official authority, and legitimate interests pursued by Newtral Technologies or a third party.
We will collect and process only the personal data that is necessary for the intended purpose. We will not process excessive or irrelevant data
Personal data will be processed only for the specific purposes for which it was collected, and we will inform individuals of any additional purposes for processing.
We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including the pseudonymization and encryption of personal data.
In the event of a data breach, Newtral Technologies will promptly assess the situation, take necessary steps to mitigate the breach, and notify the relevant supervisory authority and affected data subjects, as required by law.
We respect the rights of data subjects and will facilitate the exercise of their rights, including the right to access, rectification, erasure, restriction of processing, data portability, and the right to object to processing.
When transferring personal data outside the European Economic Area (EEA), Newtral Technologies will ensure that the data transfer complies with GDPR requirements. This may include the use of standard contractual clauses or other lawful mechanisms.
Newtral Technologies has appointed a Data Protection Officer to oversee GDPR compliance. The DPO can be contacted at firstname.lastname@example.org.
You have the right to access, rectify, erase, restrict, and object to the processing of your personal data. You also have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit it to another controller without hindrance from us. To exercise your rights, please contact us using the contact details provided below.