Our commitment to the General Data Protection Regulation and your data rights
Upvave is committed to protecting your personal data and respecting your privacy rights under the General Data Protection Regulation (GDPR). This page outlines our approach to GDPR compliance and your rights as a data subject.
We have implemented appropriate technical and organizational measures to ensure the security of personal data and to demonstrate our compliance with GDPR requirements.
You have the right to be informed about the collection and use of your personal data. Our Privacy Policy provides clear information about how we process your data.
You have the right to request access to your personal data and receive information about how we process it. You can request a copy of your personal data free of charge.
You have the right to have inaccurate personal data rectified and incomplete personal data completed without undue delay.
You have the right to request the deletion of your personal data when certain conditions are met, such as when the data is no longer necessary for the original purpose.
You have the right to request the restriction of processing of your personal data in certain circumstances, such as when you contest the accuracy of the data.
You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit it to another controller.
You have the right to object to processing of your personal data based on legitimate interests, direct marketing, or processing for scientific/research purposes.
We process personal data under the following lawful bases:
When you have given clear consent for processing for specific purposes.
Processing necessary for contract performance or pre-contractual steps.
Processing required to comply with legal obligations.
Processing necessary for legitimate interests pursued by us or third parties.
We have implemented comprehensive measures to protect your personal data:
Encryption, access controls, secure transmission, and regular security updates.
Staff training, data protection policies, and regular compliance reviews.
We only collect and process data that is necessary for our stated purposes.
Ongoing assessment of data processing activities and security measures.
When we transfer personal data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place:
We retain personal data only as long as necessary for the purposes for which it was collected:
In the event of a personal data breach that is likely to result in high risk to your rights and freedoms, we will:
To exercise any of your GDPR rights, please contact us using the information below. We will respond to your request within one month, though this may be extended by two months in complex cases.
You have the right to lodge a complaint with a supervisory authority if you believe your personal data has been processed in violation of GDPR. You can contact:
Your local data protection authority
Or the authority in the country where the alleged infringement occurred
For EU residents: Find your local authority at edpb.europa.eu
For any GDPR-related questions or to exercise your rights, please contact:
Data Protection Officer: dpo@upvave.com
Privacy Team: privacy@upvave.com
Address: 123 Innovation Drive, San Francisco, CA 94105
Phone: +1 (555) 123-4567