The General Data Protection Regulations (GDPR) came into effect on May 25th, 2018 and applies to all EU citizens but must be upheld by all organizations worldwide.
The aim of GDPR is to provide protection to individuals for their personal information to ensure it is held and processed lawfully.
Personal data is defined as any information relating to an identified or identifiable natural person (a natural person who can be identified directly or indirectly). The data applies to both automated data and manual filing systems.
Cited, Inc., 2711 Centerville Road, Wilmington, Delaware respects and is committed to protecting the privacy of all its clients. We can be contacted at this address or by email: firstname.lastname@example.org or via telephone at 1 302 384 9810. If you disagree or are unhappy with the way we handle your personal data and we are unable to resolve your issue, you have the right to file a complaint with the Information Commissioner’s Office (ICO).
Cited, Inc. will apply the following principles when collecting data:
The personal data that Cited, Inc. holds for its clients is: Name, address, telephone number, email address, IP address and bank or credit card details. This information is needed to enable employees of Cited, Inc. to provide a service to its clients and make charges for these services.
Lawful basis for processing data will be to fulfill our contractual obligation to our clients.
Where we use a third party to process payment information on our behalf, we will only pass the information that is necessary for this purpose. The information will be transferred, processed and stored in a secure manner and only with companies that are compliant with General Data Protection Regulations (“GDPR”)
Where a third party is used for licensing purposes, we will only pass information that is necessary for this purpose (usually first name and second name). The information will be transferred, processed and stored in a secure way and we will ensure the supplier has the appropriate security measures in place.
Cited, Inc. will only use the data for the purpose for which it has been provided, i.e. the contract of service – if Cited, Inc. wish to use the data in any other way, we will seek consent from you and this consent may be withdrawn by you at any time.
In accordance with the GDPR regulations, clients are able to have access to all their own personal data. This request must be put in writing and we will respond to requests within one month in the majority of cases. The client can request that any inaccurate personal data is corrected and that incomplete data is completed.
Retention of Data
Cited, Inc. will ensure that data is kept in accordance with its data retention policy which can be made available on request. Once the retention period has expired, Cited, Inc. will only retain information if there is a compelling reason to do so, otherwise the data will be erased.
In accordance with GDPR, we will notify the ICO without undue delay but in any event within 72 hours of becoming aware of the breach, where a breach is likely to result in risk to an individual’s rights and freedoms. We will contact you in the case of a data breach – which is defined as a security incident that has affected confidentiality, integrity or availability of personal data.
Your information, whether public or private, will not be sold, exchanged, transferred, or given to any other company for any reason whatsoever, without your consent, other than for the express purpose of delivering the purchased product or service requested.
The email address you provide for order processing, will only be used to send you information and updates pertaining to your order. Emails may also be sent to notify you of technical issue or service updates.
Last updated 5/12/2018
© Copyright 2017 Cited, Inc. all rights reserved.