This policy is being finalised and will be published before TatvaCRM's commercial launch. The section headings below indicate the topics that will be covered.
1.Lawful Basis for Processing
This section will describe the lawful bases under which TatvaCRM processes personal data of EEA individuals, including contractual necessity, legitimate interest, and consent where applicable.
2.International Data Transfers
This section will explain how data is transferred outside the EEA, the safeguards in place (including Standard Contractual Clauses), and the data residency options available to customers.
3.Data Subject Rights
This section will detail the rights available to data subjects under GDPR, including access, rectification, erasure, restriction, portability, and objection, along with the process and timelines for exercising each right.
4.Data Protection Officer
This section will provide contact information for our data protection point of contact, how to submit requests or complaints, and the process for escalating to a supervisory authority.
5.Breach Notification
This section will describe our data breach notification procedures, including the 72-hour notification timeline to supervisory authorities, notification to affected data subjects, and the information included in breach notifications.
For questions about this policy, email support@tatvacrm.com.