Introduction At Bankai Infotech, we take data privacy seriously. This GDPR Policy outlines our commitment to comply with the European Union’s General Data Protection Regulation (GDPR). The GDPR sets out the rules for how personal data must be collected, processed, and stored by businesses operating within the EU, as well as those outside the EU that offer goods or services to, or monitor the behavior of, EU residents. 

Definitions ‘Personal data’ means any information relating to an identified or identifiable natural person (‘data subject’). ‘Processing’ means any operation or set of operations which is performed on personal data or on sets of personal data. ‘Controller’ means the natural or legal person, public authority, agency or other body which determines the purposes and means of the processing of personal data. 

Our Role Bankai Infotech is the data controller for the personal data we collect through our website. We determine the purposes and means of the processing of that personal data. 

Principles of GDPR We adhere to the principles relating to processing of personal data set out in the GDPR which require personal data to be: 

(a) processed lawfully, fairly and in a transparent manner; (b) collected only for specified, explicit and legitimate purposes; (c) adequate, relevant and limited to what is necessary in relation to the purposes for which it is processed; (d) accurate and where necessary kept up to date; (e) not kept in a form which permits identification of data subjects for longer than is necessary for the purposes for which the data is processed; (f) processed in a manner that ensures its security using appropriate technical and organisational measures to protect against unauthorised or unlawful processing and against accidental loss, destruction or damage. 

Your Rights Under GDPR Under the GDPR, you have the following rights in respect of your personal data: 

1. The right to be informed about how your personal data is being used. 

1. The right to access the personal data we hold about you. 

1. The right to request the correction of inaccurate personal data we hold about you. 

1. The right to request the erasure of your personal data. 

1. The right to request the restriction of processing of your personal data. 

1. The right to object to the processing of your personal data for marketing purposes. 

1. The right to request the transfer of your personal data to another party. 

If you wish to exercise any of the rights set out above, please contact us at [email protected]. 

Data Transfers We may transfer your personal data to countries outside the European Economic Area (EEA). Where we transfer your personal data outside of the EEA, we will ensure that it is protected in a manner that is consistent with how your personal data will be protected by us in the EEA. This can be done in a number of ways, for instance: 

• the country that we send the data to might be approved by the European Commission; 

• the recipient might have signed up to a contract based on “model contractual clauses” approved by the European Commission, obliging them to protect your personal data. 

In other circumstances the law may permit us to otherwise transfer your personal data outside the EEA. In all cases, however, we will ensure that any transfer of your personal data is compliant with data protection law. 

Data Retention We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. 

Changes to This GDPR Policy We reserve the right to update this GDPR Policy at any time. We may also notify you in other ways from time to time about the processing of your personal data. 

Contact If you have any questions about this GDPR Policy or our privacy practices, please contact us at [email protected].