GDPR Compliance

At AutomatedQualifications, we are committed to ensuring the privacy and protection of your personal data in compliance with the General Data Protection Regulation (GDPR). This page outlines how we comply with GDPR requirements and your rights under this regulation.

Our Commitment to GDPR Compliance

As a data controller and processor, we have implemented comprehensive measures to ensure compliance with GDPR principles:

• Lawfulness, fairness, and transparency in data processing
• Purpose limitation
• Data minimization
• Accuracy of personal data
• Storage limitation
• Integrity and confidentiality
• Accountability

Legal Basis for Processing

We process personal data only when we have a legal basis to do so. The legal bases we rely on include:

• Consent: Where you have given clear consent for us to process your personal data for a specific purpose.
• Contract: Where processing is necessary for the performance of a contract with you.
• Legal obligation: Where processing is necessary for compliance with a legal obligation.
• Legitimate interests: Where processing is necessary for our legitimate interests or the legitimate interests of a third party.

Your Rights Under GDPR

Under GDPR, you have the following rights regarding your personal data:

Right to Access

You have the right to request a copy of the personal data we hold about you and to check that we are lawfully processing it.

Right to Rectification

You have the right to request that we correct any incomplete or inaccurate information we hold about you.

Right to Erasure (Right to be Forgotten)

You have the right to request that we delete or remove personal data where there is no good reason for us continuing to process it.

Right to Restrict Processing

You have the right to request that we suspend the processing of your personal data in certain scenarios.

Right to Data Portability

You have the right to request the transfer of your personal data to you or to a third party in a structured, commonly used, machine-readable format.

Right to Object

You have the right to object to processing of your personal data where we are relying on a legitimate interest and there is something about your particular situation which makes you want to object to processing on this ground.

Rights Related to Automated Decision Making and Profiling

You have rights related to automated decision making and profiling. Our AI qualification system makes automated decisions, but we have implemented measures to safeguard your rights, including human review of significant decisions.

Data Protection Measures

We have implemented appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

• Encryption of personal data
• Ability to ensure ongoing confidentiality, integrity, availability, and resilience of processing systems
• Ability to restore access to personal data in a timely manner in the event of a physical or technical incident
• Regular testing, assessing, and evaluating of the effectiveness of technical and organizational measures

International Data Transfers

When we transfer personal data outside the European Economic Area (EEA), we ensure that appropriate safeguards are in place, such as:

• Standard Contractual Clauses approved by the European Commission
• Binding Corporate Rules
• Transfers to countries with an adequacy decision from the European Commission

Data Protection Officer

We have appointed a Data Protection Officer (DPO) who is responsible for overseeing questions in relation to this privacy notice. If you have any questions about this privacy notice, including any requests to exercise your legal rights, please contact our DPO at:

Email: dpo@automatedqualifications.com
Address: 123 Main Street, Suite 100, San Francisco, CA 94105, United States

How to Exercise Your Rights

To exercise any of your rights under GDPR, please submit a request to our Data Protection Officer using the contact details above. We will respond to all legitimate requests within one month.

Complaints

You have the right to make a complaint at any time to the supervisory authority for data protection issues in your country. We would, however, appreciate the chance to deal with your concerns before you approach the supervisory authority, so please contact us in the first instance.