This comprehensive policy directs the data handling processes for all entities and individuals engaged with IFL services across the globe. This encompasses our applications, websites, and any affiliated services. Specifically:
- Buyers: Entities or individuals procuring inspection reports, either directly or on another's behalf.
- Inspectors: Independent professionals or associated entities that provide inspection services to buyers.
Our policy also outlines the process for collecting supplementary personal and business data related to our services. This may include:
- Information from affiliated inspection firms or their representatives.
- Data from potential inspectors who initiate but do not finalize the application process.
- Information connected to our technological features, such as mapping.
For clarity, all entities or individuals covered under these categories are termed "users" within this document.
B. International & Regional Provisions
Considering our global operations, the following specifications apply:
- European Union (GDPR): For users within the European Economic Area (EEA), Inspexion adheres to the General Data Protection Regulation (GDPR). Users have the right to access, rectify, or erase their personal data, restrict processing, object to processing, and have the right to data portability.
- Argentina: Issues related to potential infringements of local data protection regulations should be directed to the Public Information Access agency.
- Brazil: Specific privacy practices in compliance with Brazil’s General Data Protection Law (LGPD) are available upon request.
- California: We comply with the California Consumer Privacy Act (CCPA). Californian users can request further information on our data handling practices.
- Colombia: Lessors and lessees, for the purpose of this policy, are respectively considered Inspectors and Buyers.
- Mexico: We observe Mexico’s Data Protection Law, and related details can be provided upon request.
- Nigeria: We process personal data strictly based on contractual obligations or user consent.
For Guest Users and B2B entities: Data acquired via partner platforms or other account holders is used primarily for service facilitation, safety, user support, research, development, and legal obligations. Questions related to this data can be directed to email@example.com.
All our practices strictly adhere to the laws and regulations of the countries we operate in. Should you have specific regional concerns or require clarity, please reach out.
III. Data Management, Protection, and Transfer
A. Control and Oversight
Within the EEA, the UK, and Switzerland, IFL designates a Data Protection Officer (DPO) to oversee data protection strategies and implementation. Outside these regions, the DPO also functions as the data controller, ensuring global compliance with applicable regulations.
Given our international presence, we manage and safeguard data on a global scale. Queries related to data rights should be directed at the DPO through firstname.lastname@example.org. Data transfer across countries is carried out in line with user agreements, international standards, consent, and respective legal frameworks.
For all other data-related inquiries, feedback, or grievances, please contact email@example.com.
B. Data Acquisition & Utilization
IFL gathers a range of personal and business-related information:
- Direct user submissions, such as during sign-ups or inquiry forms.
- Data generated during service utilization, including location, device specifics, and usage metrics.
- Information sourced indirectly through business partners, affiliates, or other users.
IV. Commitment to Transparency & Trust
Our goal is to remain transparent in our data practices, ensuring that all stakeholders are continually informed and empowered. We take our responsibility to safeguard your data seriously and are always open to feedback, ensuring we remain at the forefront of privacy and data protection best practices.
V. Data Retention and Deletion
A. Retention Period
Data retention is subject to the nature of the data, the purpose of its collection, and the requisite service delivery. Typically:
- Account information is retained for the duration the account remains active, plus a reasonable period to manage backups and other administrative processes.
- Inspection records and reports are maintained for a period relevant to our contractual obligations, and in compliance with legal and regulatory requirements.
- Guest user data is stored only for the duration necessary to fulfill the service request and any subsequent legal or dispute resolutions.
B. Deletion Process
Upon user request or after the end of the retention period:
- Data is securely deleted or anonymized, rendering it non-identifiable.
- In situations governed by legal obligations or disputes, data may be held beyond the standard retention period until the resolution of such matters.
VI. Security Measures
A. Data Protection Protocols
To ensure the integrity and confidentiality of user data:
- We employ advanced encryption techniques both during data transmission and at rest.
- Multi-factor authentication and stringent access controls are in place to limit access to sensitive data.
- Regular security audits and vulnerability assessments are conducted to identify and rectify potential risks.
B. Data Breach Protocol
In the unfortunate event of a data breach:
- We will notify affected users promptly, in line with local regulations.
- Necessary steps will be undertaken to mitigate the breach and prevent further unauthorized access.
VII. Third-party Integrations
A. Data Sharing
While we prioritize user privacy:
- We may share data with trusted third parties, like payment processors or service providers, to facilitate our offerings.
- Data sharing is always governed by strict contractual clauses ensuring the recipient observes equivalent data protection measures.
B. Links to Other Websites
Our platform may contain links to other websites. We are not responsible for their content or privacy practices. We encourage users to review the privacy policies of any external sites they visit.
VIII. User Rights and Preferences
A. Access and Corrections
Users have the right to:
- Access the personal data we hold about them.
- Request corrections to any inaccurate or outdated data.
B. Withdrawal of Consent
At any point:
- Users can withdraw their consent for data processing.
- They can also opt-out of marketing communications through the provided links in our emails or by contacting us directly.
IX. Updates to this Policy
From time to time, this policy might undergo modifications to reflect changes in our practices, services, or in response to evolving legal frameworks. We will notify users of any significant changes and encourage regular reviews of this policy for the latest information on our privacy practices.
X. Contact Us
- Email: firstname.lastname@example.org
- Mailing Address: 32 Rue Saint-Georges, 11300 Port Louis Mauritius.
We're committed to resolving any concerns about your privacy and our data practices. We encourage open communication and will strive to address any issues you might have.