GDPR Compliance

Our commitment to data protection and your privacy rights

GDPR Compliance Statement

Last updated: June 20, 2024

1. Our Commitment to GDPR

ViewPoint UK is fully committed to compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws. We recognize the importance of data privacy and have implemented comprehensive measures to ensure we protect the personal data of our customers, employees, and partners.

GDPR Compliance: We process your personal data lawfully, fairly, and transparently. Our data protection practices are designed to give you control over your personal information while ensuring the security and confidentiality of your data.

2. GDPR Principles

Our data processing activities adhere to the core principles of GDPR:

Lawfulness, Fairness & Transparency

We process personal data lawfully, fairly, and in a transparent manner. We clearly communicate how we use your data through our Privacy Policy and this compliance statement.

Purpose Limitation

We collect personal data for specified, explicit, and legitimate purposes and do not process it in a manner that is incompatible with those purposes.

Data Minimization

We only collect and process personal data that is adequate, relevant, and limited to what is necessary for the purposes for which it is processed.

Accuracy

We take reasonable steps to ensure personal data is accurate and, where necessary, kept up to date. We provide mechanisms for you to update your information.

Storage Limitation

We keep personal data in a form that permits identification of data subjects for no longer than is necessary for the purposes for which the personal data is processed.

Integrity & Confidentiality

We process personal data in a manner that ensures appropriate security, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage.

Accountability

We are responsible for, and able to demonstrate compliance with, all GDPR principles through documentation, training, and regular reviews of our data protection practices.

Your Data Protection Rights

Under GDPR, you have specific rights regarding your personal data:

Right to Access

You have the right to obtain confirmation as to whether or not personal data concerning you is being processed, and access to that personal data.

Right to Rectification

You have the right to obtain the rectification of inaccurate personal data concerning you without undue delay.

Right to Erasure

You have the right to obtain the erasure of personal data concerning you without undue delay in certain circumstances.

Right to Restrict Processing

You have the right to obtain restriction of processing in certain circumstances.

Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, and machine-readable format.

Right to Object

You have the right to object to processing of your personal data in certain circumstances.

Rights Related to Automated Decision Making

You have the right not to be subject to a decision based solely on automated processing.

Right to Withdraw Consent

Where processing is based on consent, you have the right to withdraw consent at any time.

To exercise any of these rights, please contact our Data Protection Officer using the information provided below.

3. Lawful Basis for Processing

We process personal data based on one or more of the following lawful bases:

3.1 Contractual Necessity

We process personal data when it is necessary for the performance of a contract with you, such as providing our IPTV services, processing payments, and managing your account.

3.2 Legitimate Interests

We process personal data when it is necessary for our legitimate interests, such as improving our services, preventing fraud, and ensuring network and information security.

3.3 Legal Obligation

We process personal data when it is necessary for compliance with a legal obligation to which we are subject, such as tax and accounting requirements.

3.4 Consent

We process personal data based on your consent for specific purposes, such as marketing communications. You can withdraw your consent at any time.

Our GDPR Compliance Framework

We have implemented a comprehensive GDPR compliance program that includes:

  1. Data Protection Officer

    We have appointed a Data Protection Officer (DPO) who oversees our data protection strategy and implementation to ensure compliance with GDPR requirements.

  2. Data Mapping & Inventory

    We maintain a record of processing activities that documents what personal data we collect, how we use it, where it is stored, and who has access to it.

  3. Privacy by Design & Default

    We implement data protection measures from the earliest stages of our product development and only process personal data that is necessary for each specific purpose.

  4. Data Protection Impact Assessments

    We conduct Data Protection Impact Assessments (DPIAs) for high-risk processing activities to identify and mitigate data protection risks.

  5. Security Measures

    We implement appropriate technical and organizational security measures to protect personal data against unauthorized access, disclosure, alteration, and destruction.

  6. Data Breach Procedures

    We have established procedures to detect, report, and investigate personal data breaches in accordance with GDPR requirements.

  7. International Data Transfers

    When transferring personal data outside the EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions.

  8. Vendor Management

    We ensure that third-party vendors who process personal data on our behalf provide sufficient guarantees to implement appropriate technical and organizational measures.

  9. Staff Training

    We provide regular data protection training to our employees to ensure they understand their responsibilities under GDPR.

  10. Continuous Improvement

    We regularly review and update our data protection policies and procedures to ensure ongoing compliance with evolving regulations and best practices.

4. Data Protection Officer

We have appointed a Data Protection Officer (DPO) to oversee our data protection strategy and ensure compliance with GDPR requirements. You can contact our DPO with any questions about our data protection practices or to exercise your data protection rights.

Data Protection Officer
ViewPoint UK Media Ltd
Email: dpo@viewpointuk.com
Address: 123 Tech Park, London E1 6AN, United Kingdom

5. Supervisory Authority

You have the right to lodge a complaint with a supervisory authority, in particular in the country of your habitual residence, if you believe our processing of your personal data violates applicable data protection laws.

In the UK, the supervisory authority is the Information Commissioner's Office (ICO). You can find more information about how to contact the ICO on their website: https://ico.org.uk

Questions About GDPR Compliance?

If you have any questions about our GDPR compliance or your data rights, please contact our Data Protection Officer.

Contact DPO