MAGCOM
Back to Home

GDPR Compliance

Learn how MAGCOM complies with the General Data Protection Regulation (GDPR) and protects your personal data rights.

Last updated: December 2024

1. GDPR Overview

The General Data Protection Regulation (GDPR) is a comprehensive data protection law that came into effect on May 25, 2018. It applies to all companies processing personal data of EU residents, regardless of where the company is located.

MAGCOM is committed to full GDPR compliance and has implemented comprehensive measures to protect your personal data and respect your privacy rights.

MAGCOM's GDPR Commitment

  • • Full compliance with all GDPR requirements
  • • Transparent data processing practices
  • • Respect for all individual data rights
  • • Regular compliance audits and assessments
  • • Ongoing staff training on data protection

2. Your Rights Under GDPR

Under GDPR, you have several important rights regarding your personal data. MAGCOM fully supports and facilitates the exercise of these rights:

Right of Access

You can request a copy of all personal data we hold about you, including how it's processed.

Right to Rectification

You can request correction of inaccurate or incomplete personal data.

Right to Erasure

You can request deletion of your personal data under certain circumstances.

Right to Restrict Processing

You can request limitation of how we process your personal data.

Right to Data Portability

You can request your data in a structured, machine-readable format.

Right to Object

You can object to certain types of data processing, including direct marketing.

3. Legal Basis for Processing

We process your personal data only when we have a valid legal basis. Our legal bases include:

  • Contract: Processing necessary to perform our service agreement with you
  • Legitimate Interest: Processing for our legitimate business interests, balanced against your rights
  • Consent: Processing based on your explicit consent (which you can withdraw at any time)
  • Legal Obligation: Processing required to comply with legal requirements
  • Vital Interests: Processing necessary to protect someone's life or physical safety

4. Data Protection Measures

MAGCOM has implemented comprehensive technical and organizational measures to ensure GDPR compliance:

Technical Measures:

  • • End-to-end encryption for all data transmission
  • • Advanced access controls and authentication
  • • Regular security audits and penetration testing
  • • Automated data backup and recovery systems
  • • Privacy by design and by default implementation

Organizational Measures:

  • • Appointed Data Protection Officer (DPO)
  • • Regular staff training on GDPR compliance
  • • Data processing impact assessments (DPIAs)
  • • Incident response and breach notification procedures
  • • Vendor due diligence and data processing agreements

5. International Data Transfers

When we transfer personal data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place:

  • • Standard Contractual Clauses (SCCs) approved by the European Commission
  • • Adequacy decisions for countries with equivalent data protection
  • • Binding Corporate Rules for intra-group transfers
  • • Regular monitoring of transfer mechanisms and legal developments

6. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected:

  • • Account data: Retained while your account is active plus 30 days after deletion
  • • Communication data: Retained according to your data retention settings
  • • Billing data: Retained for 7 years for tax and accounting purposes
  • • Marketing data: Retained until you withdraw consent or object to processing
  • • Legal compliance data: Retained as required by applicable laws

7. Data Breach Procedures

In the unlikely event of a data breach, MAGCOM has established procedures to:

  • • Detect and contain the breach within 24 hours
  • • Assess the risk to individuals' rights and freedoms
  • • Notify supervisory authorities within 72 hours if required
  • • Inform affected individuals without undue delay if high risk
  • • Document all breaches and remedial actions taken

8. How to Exercise Your Rights

To exercise any of your GDPR rights, you can:

  • • Use the privacy controls in your MAGCOM account settings
  • • Contact our Data Protection Officer directly
  • • Submit a request through our privacy portal
  • • Email us at [email protected]

We will respond to your request within one month and provide the requested information free of charge, unless the request is manifestly unfounded or excessive.

For more information, please review our Privacy Policy and Terms of Service.