Select Page
PalTech upholds its obligation to respect and protect personal data in full alignment with the European Union’s General Data Protection Regulation (GDPR). The GDPR is a comprehensive legislative framework governing the collection, use, retention, and transfer of personal data concerning individuals within the EEA, irrespective of the data controller’s location. It defines personal data broadly, encompassing any information that identifies a person, and establishes strict legal bases, transparency demands, and data subject rights to ensure privacy and security.

Legal Basis for Processing

PalTech processes personal data only when a lawful basis for doing so exists.

These include:

  • Legitimate interests: optimizing website access and services, managing contracts, and marketing operations.
  • Performance of contract or pre-contract engagement: addressing inquiries, providing support, delivering services, and managing events.
  • Consent: for promotional messaging and newsletters, when such consent has been obtained.

Data transfers outside the EEA, including to India, are safeguarded by mechanisms such as Standard Contractual Clauses to ensure continued compliance with EU standards.

Technological and Organizational Safeguards

PalTech has instituted robust data protection measures through updated policies, procedures, and employee training focused on GDPR compliance. Security protocols—including encryption, access controls, and secure handling practices—are rigorously enforced to guard against unauthorized access or data loss, reinforcing a culture of privacy-first governance.

Rights of Data Subjects

  • Individuals within the EEA are entitled to:
  • Access their personal data.
  • Request correction of inaccuracies.
  • Seek deletion or restriction of processing.
  • Object to processing based on legitimate interest or direct marketing.
  • Obtain portability of their data.
  • Challenge automated decision-making.
Requests will be processed promptly, with identity verification measures, if required. If concerns remain unresolved, individuals may escalate to the respective supervisory authority.

Ongoing Compliance and Governance

PalTech commits to continual enhancement of its GDPR compliance program. Internal audits, policy reviews, and updates shaped by regulatory developments ensure that data protection practices remain current and effective. The organization encourages stakeholders to raise any concerns via its Data Protection Officer.