We always honor our users’ rights for their data privacy and protection. We are committed to our clients by consistently exceeding industry standards. We only collect and process users’ personal information that is required for the functioning of our products, and this is our promise to our clients. We are privacy-conscious and we follow GDPR.
GDPR is an EU-wide privacy and data protection law that regulates how the data of EU residents is protected by companies and gives control to EU residents over their personal data usage.
The GDPR is relevant to all globally operating companies and not just the EU-based businesses and EU residents. Our clients’ data is important irrespective of where they are located, and so we have implemented GDPR controls as our baseline standard for all our operations. GDPR has taken effect from 25th May 2018.
The data that relates to an identifiable or identified individual. GDPR covers a broad spectrum of information that could be used on its own, or in combination with other pieces of information, to identify a person.
Personal data extends beyond a person’s name or email address. Examples include financial information, political opinions, genetic data, biometric data, IP addresses, physical addresses, sexual orientation, and ethnicity.
We have assessed CoTech.ai, individually, against the requirements of the GDPR and have implemented new features that will give you more control over your personal data and ease your burden of achieving GDPR compliance.
Raised awareness across the organization, and trained employees to handle data appropriately. We all understand the importance of information security and the high standards set by GDPR.
We have a primary dashboard, which includes information on all the data, such as a data controller and processor. It details various categories of personal data processed by our organization and who is getting access to which data and for what purpose. It has coverage of all our processes and procedures.
We have assessed our third-party service providers, partners and ensure that they have addressed the pressing needs of the current security and privacy world.
All the members in CoTech.ai are a Data Protection Officer (DPO) who is committed to protect the customers' data.
Our application teams have embraced the concept of privacy by design and have provided you more control over the data you store in our systems. These provisions may vary based on a product’s characteristics and domain. We constantly provide you with more enhancements in each phase.
Our Platform is made compliant with the data processing requirements of GDPR. We have put in place appropriate controls on data processing and management.
We conduct internal audits of our products, processes, operations, and management. The findings will be communicated to our teams, who will work out the solutions for the problems.
We encrypt data at rest, based on the level of sensitivity and likelihood of risks. We have developed in-house tools for better governance and discovery of data.
We will clean up our databases periodically to ensure that we have only the latest and most accurate information. This cleanup process includes removing terminated and dormant accounts.
If there is any data breach, customers will be notified of a breach within 72 hours after we become aware of it. For general incidents, we will notify users through our blogs, forums, and social media. For incidents specific to an individual user or an organization, we will notify the concerned party through email (using their primary email address).
We have revised our Privacy policy to incorporate the requirements of the applicable privacy laws based on our data inventory, data flows, and data handling practices.