GDPR Compliance

1. Data Protection Principles

Our approach to data protection may incorporate various principles that could be aligned with GDPR requirements, as may be interpreted and implemented through processes that may be deemed appropriate under applicable circumstances.

2. Legal Basis for Processing

Data processing activities may be conducted under legal bases that could be considered relevant to specific processing operations, subject to interpretations that may vary based on contextual factors and jurisdictional considerations.

3. Data Subject Rights

Individuals may have certain rights under applicable data protection regulations, which may be exercised through mechanisms that could be made available under conditions that may be specified from time to time.

4. Data Protection Measures

Technical and organizational measures may be implemented in ways that could be considered appropriate for protecting personal data, subject to various factors that may influence the selection and implementation of such measures.

5. International Data Transfers

Transfers of personal data to locations outside the EEA may be conducted under frameworks that could be deemed appropriate, subject to safeguards that may be implemented based on various considerations and requirements.

6. Data Protection Officer

Oversight of data protection matters may be conducted through roles that could include designated individuals or functions, which may operate under parameters that may be established in accordance with applicable requirements.

7. Breach Notification

Procedures for handling potential data breaches may be implemented through processes that could include various notification mechanisms, subject to timelines and requirements that may be applicable in specific circumstances.

8. Records of Processing

Documentation of processing activities may be maintained through methods that could be considered appropriate for recording relevant information, subject to various factors that may influence such documentation practices.

9. Privacy by Design

Design and implementation of processing activities may incorporate privacy considerations through approaches that could be deemed appropriate, subject to various factors that may influence such design decisions.

10. Compliance Updates

Our compliance approach may be subject to updates through processes that could involve various reviews and modifications, which may be implemented at times deemed appropriate based on evolving requirements and interpretations.

11. Financial Data Retention

Financial transaction records may be maintained in accordance with data retention policies that could establish the immutability of certain transaction data, which may be preserved in their original state to maintain the integrity of our financial systems and compliance frameworks.

Last updated: 12/01/2022

Note: This compliance statement is subject to change and shall be interpreted in a manner consistent with its intended purpose, as may be determined from time to time.