GDPR Compliance

Start 14 day free trial

On May 25, 2018, the European Union (EU) implemented the General Data Protection Regulation (GDPR), and post-Brexit, the United Kingdom (UK) introduced the UK GDPR. These regulations aim to standardize data protection laws across the EU and UK, setting global standards for processing personal data originating from these regions. The GDPR emphasizes providing individuals with stronger and more consistent rights to access and control their personal information. At Levelsonic (“we”, “us”, “our”), we take data privacy and security compliance very seriously. We are diligently working to ensure our adherence to GDPR regulations. Below, we outline our approach to GDPR compliance.

Levelsonic and GDPR compliance

Levelsonic owns and operates this website and has developed a platform for project planning, tracking, and management (the “Platform”).We process personal information of our customers as a Data Controller (for any personal information submitted on the Website) and as a Data Processor (for any personal information provided by our customers when they use our Platform).

Risk assessment

We have conducted a company-wide information discovery exercise to identify and assess the personal information we hold, its origins, how and why it is processed, and to whom it is disclosed.

Data subject consent

As a Data Controller, Levelsonic has updated its Privacy and Cookie Policies and Disclaimer in accordance with GDPR requirements on its website. We require all visitors and users of our website to provide consent for the use of personal information. Levelsonic also allows users to exercise their rights regarding their personal information, including modification, rectification, and deletion of their data.

We execute contracts required under the GDPR with our data processors to ensure that they process personal information in compliance with GDPR standards. Additionally, we implement technical and organizational security measures to ensure compliance. As a Data Processor, we adhere to the required safeguards for the safety of personal information received from our clients.

Data subject rights & transfer of data outside the EU and the UK

At Levelsonic, we have a GDPR-compliant data processing addendum (as required by Article 28 of the GDPR), including the EU Standard Contractual Clauses (SCCs) and the UK International Data Transfer Addendum (ITDA), to ensure an appropriate legal basis for data transfers outside the EU and UK.

Data retention & erasure

We have developed an organizational data protection compliance policy that includes a data retention schedule. This policy ensures compliance with GDPR principles, such as ‘data minimization’ and ‘storage limitation,’ and that personal information is stored, archived, and destroyed in accordance with GDPR.

Record keeping as per the GDPR

According to Article 30 of the GDPR, each processor and controller’s representative must maintain a record of all activities related to the processing of personal information. Levelsonic maintains such records as required under Article 30(1) and Article 30(2) of the GDPR.

Data breach and mitigation process

The GDPR outlines measures and notifications required upon discovering a data security breach. At Levelsonic, we have implemented internal measures to minimize the risk of data security breaches. However, in the unlikely event of such a breach, Levelsonic is committed to fulfilling its responsibilities under the GDPR, including timely notification of its customers and the supervisory authorities.

Levelsonic’s promise on GDPR

At Levelsonic, maintaining the security, integrity, safety, and confidentiality of personal data is our highest priority. We have taken adequate measures to ensure full compliance with the GDPR. If you have any queries, please feel free to reach us.