How we plan to support compliance for
customers and partners in the EU
The protection of personal data is very important to us - both in terms of data protection of our clients (as an administrator)
and data stored by customers as part of backups (as a processor).
To provide our clients with the highest level of protection, we have implemented a number of tools to protect personal data, fully compliant with the high requirements of REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) - i.e. "GDPR".
XOPERO as a service provider acts both as a controller of personal data and as a processor.
According to the provisions of the GDPR:
Put simply, if you transfer your own personal data to XOPERO, we act as controller for you. If, however, you provide us with personal details of other people, we act as the processor.
Regardless of our role - in both aspects we protect personal data with the utmost care.
Our principle is to collect personal data and then to process it only to the extent necessary to achieve the purposes for which it was collected (in particular, fulfillment of the contract) and resulting from the law.
The scope of the data will vary depending on whether the data will be processed to provide services in our offer, whether in connection with employment or other - specific purposes.
We will process personal data primarily for the purposes of:
If personal data were to be processed for other purposes - this will be determined in an appropriate manner in each case.
The fundamental basis for the processing of personal data by us is the consent given by our clients.
The data subject shall have the right to withdraw his or her consent at any time.
The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
We will process, in particular, the following categories of personal data:
We also process personal data of other controllers that have been entrusted to us to provide services provided by us.
The data is processed in accordance with the requirements of applicable law and contractually agreed terms.
In order to maintain the highest standards of personal data protection, XOPERO implemented the XOPERO Personal Data Protection Policy as an integral part of its internal organization.
Everyone can read it here.
The XOPERO Personal Data Protection Policy defines in detail the duties of XOPERO as a controller and a processor, and also indicates the exact means by which each person concerned can exercise their rights in connection with the protection of personal data.
In connection with the protection of personal data, every interested party has the right to:
You can object at any time:
XOPERO appointed the Data Protection Officer, whose task is to deal with personal data protection matters on an ongoing basis.
Everyone can contact our Data Protection Officer using the e-mail address:
DPofficer@xopero.com
XOPERO does not transfer any personal data outside of the European Economic Area (including the European Union, Norway, Liechtenstein and Iceland).
All data processed in electronic form are stored on servers located in Poland.
