GDPR Compliance Statement
The EU General Data Protection Regulations (“GDPR”) is a privacy and data protection regulation in the European Union (“EU”) effective from May 25, 2018. The GDPR regulates how personal data of individuals in the EU can be collected, used, and processed by businesses. The law impacts both European companies and businesses with European contacts.
The Bermuda Business Development Agency is committed to ensure the security and protection of personal information that we collect and process, and to provide a compliant and consistent approach to data protection.
To that end, we have:
- Updated our internal policies and procedures and our external information notices for compliance with the GDPR; and
- Trained our staff on data protection compliance, particularly the implications of the GDPR.
If you have any questions about this GDPR Compliance Statement, or our privacy and security practices, please contact us at email@example.com.
Miles Partnership, LLLP and Bermuda Business Development Agency (“The Controllers”) collect personal data from individual users of the www.BDA.bm website. Certain of this data may constitute protected “personal data” as that term is defined in the E.U. General Data Protection Regulation (“GDPR”). A copy of the GDPR is available here.
The following disclosures concerning The Controllers compliance with GDPR are presented for informational and compliance purposes only. Nothing in these disclosures constitutes a representation that any particular data or service is governed or subject to GDPR, nor do these disclosures represent or constitute any contract or undertaking with any individual.
Effective Date of GDPR
GDPR took effect on May 25, 2018. On and after that date, The Controllers will comply with GDPR to the extent applicable.
Utilization of Data
The Controllers utilize personal data including the information provided by you during usage of the website and submission of forms. The Controllers process this data to for marketing purposes. This data may be used, for example, to send information electronically or physically that you request.
Basis for the Processing of Data
The Controllers may seek your consent to send communications (marketing communications). The Controllers will seek a separate consent to send these communications in certain cases which may be revoked by you at any time via email to firstname.lastname@example.org or by clicking unsubscribe on the pertinent email communication.
Recipients of Personal Data
Recipients of personal data may include fulfillment providers for physical mailing, email deployers, technical providers of data storage, and back end service providers. All employees of The Controllers who receive or review personal data have received training concerning maintaining the confidentiality of such data and committed themselves to confidentiality. Where appropriate, The Controllers will enter into written agreements governing the processing and confidentiality of personal data by third parties.
Storage of Data
The Controllers will retain data only so long as is necessary.
Your Rights Under GDPR
If the GDPR applies to retention of your personal data, you have several rights including (i) the right to request access, rectification or erasure of your data, (ii) the right to lodge a complaint with the appropriate European Union supervisory authority, and (iii) to the extent processing of data is based on consent, you have the right to withdraw your consent at any time.