GDPR Compliance Policy
- Introduction
Premier Language Institute (“we,” “us,” or “our”) is committed to ensuring the privacy and protection of the personal data of individuals within the European Union (EU) and European Economic Area (EEA). This GDPR Compliance Policy outlines our commitment to complying with the General Data Protection Regulation (GDPR) and how we process personal data.
- Scope
This policy applies to all personal data processed by Premier Language Institute, including data collected from our website users, clients, employees, and other individuals.
- Data Protection Principles
We adhere to the following data protection principles as outlined in the GDPR:
- Lawfulness, Fairness, and Transparency: We process personal data lawfully, fairly, and transparently, ensuring individuals are informed about how their data is used.
- Purpose Limitation: Personal data is collected for specified, explicit, and legitimate purposes and not processed in a manner incompatible with those purposes.
- Data Minimization: We collect only the personal data necessary for the purposes for which it is processed.
- Accuracy: We maintain accurate personal data and take all reasonable steps to ensure that inaccurate data is rectified or deleted without delay.
- Storage Limitation: Personal data is retained only as long as necessary for processing purposes and in accordance with our retention policies.
- Integrity and Confidentiality: We process personal data securely to protect against unauthorized access, loss, destruction, or damage.
- Legal Basis for Processing
We process personal data based on one or more of the following legal grounds:
- Consent: Individuals have given explicit consent for the processing of their personal data for one or more specific purposes.
- Contractual Necessity: Processing is necessary for the performance of a contract with the individual or to take steps at the request of the individual prior to entering into a contract.
- Legal Obligation: Processing is necessary to comply with a legal obligation to which we are subject.
- Legitimate Interests: Processing is necessary for our legitimate interests or those of a third party, provided these are not overridden by the individual’s rights and interests.
- Rights of Data Subjects
We respect and uphold the rights of data subjects as provided by the GDPR, including:
- Right to Access: Individuals have the right to request access to their personal data and information about how it is processed.
- Right to Rectification: Individuals have the right to request correction of inaccurate personal data.
- Right to Erasure: Individuals have the right to request the deletion of personal data in certain circumstances.
- Right to Restriction of Processing: Individuals have the right to request the restriction of processing their personal data under certain conditions.
- Right to Data Portability: Individuals have the right to receive their personal data in a structured, commonly used format and have it transferred to another controller.
- Right to Object: Individuals have the right to object to the processing of their personal data for direct marketing and other purposes.
- Rights Related to Automated Decision Making and Profiling: Individuals have the right not to be subject to decisions based solely on automated processing, including profiling, that produce legal or similarly significant effects.
- Data Breach Notification
In the event of a data breach that poses a risk to the rights and freedoms of individuals, we will notify the relevant supervisory authority within 72 hours and inform affected individuals without undue delay.
- International Data Transfers
As a global organization, we may transfer personal data outside of the EU/EEA. We ensure that such transfers comply with GDPR by implementing appropriate safeguards, such as Standard Contractual Clauses or relying on adequacy decisions by the European Commission.
- Data Security
We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including encryption, access controls, and regular security assessments.
- Training and Awareness
We provide regular training to our employees on GDPR compliance and data protection best practices to ensure ongoing awareness and adherence to data protection principles.
- Review and Updates
We regularly review and update this policy to ensure ongoing compliance with GDPR and other applicable data protection regulations. Any changes will be communicated to relevant stakeholders.
- Contact Us
If you have any questions or concerns about our GDPR Compliance Policy or data protection practices, please contact us at:
Premier Language Institute