IoT.nxt GDPR Compliance Statement
Jan 1 2022 at 12:00 AM
The EU General Data Protection Regulation (GDPR) aims to strengthen the rights of individuals regarding their data protection. GDPR applies to all organizations that process the data of European citizens. GDPR will improve the way personal data is processed. IoT.nxt® takes the privacy of its users seriously and have taken numerous steps to become GDPR compliant. This document highlights the actions taken by IoT.nxt® to enhance the privacy of its platform, products, and services.
Privacy audit
In response to the requirements of the GDPR, IoT.nxt® performed an audit on our platform to identify where personal data is used and stored. Internal policies were updated to ensure that the way personal data is processed within the organization adheres to very high standards.
Privacy by design
Privacy by design is one of the fundamental concepts applied to IoT.nxt® platform and range of products. The use of personal data is meticulously scrutinized during the development and testing phases to ensure that personal data enjoys sufficient protection. Solutions developed by IoT.nxt® capture the minimum amount of personal data required, and personal data captured will only be used for the purposes for which consent was given.
Principle of minimalism
The principle of minimalism is applied to the processing of all personal data. Processing will not be excessive, irrelevant or inadequate. Furthermore, personal data captured by solutions hosted by IoT.nxt® will only be shared with external data processors if consent was given to do so.
Infrastructure
IoT.nxt® servers housing personal data are in Germany, and the Netherlands and technical controls are in place to protect personal data. Personal data will only be transferred across borders to fulfil service obligations and when consent is given to do so.
User rights
A user has the right to request personal data, update personal data and removes personal data (right to be forgotten). Personal data will be removed from IoT.nxt® hosted systems the moment a user’s account is removed from our platform.
Data protection
IoT.nxt® appointed a Data Protection Officer (DPO) to oversee privacy and GDPR-related matters. In accordance with Article 27 of the GDPR, IoT.nxt® appointed a European representative to liaise with local data protection authorities in the EU. The IoT.nxt® DPO can be contacted at [email protected] for any GDPR enquiry, privacy-related matters, or data breach concerns.