Privacy & Data Protection

  • Home
  • Privacy & Data Protection

1. PRIVACY & DATA PROTECTION
Cyberati Digital is the property of Group both of which in their legal right recognise the importance of protecting the personal data of its clients, employees, service providers and other relevant parties.

 

The Company/Owner registered with the Data Protection Commissioner and paid the prescribed registration fees as outlined in Part III of the Data Protection Act 2017 (the “Act”). It is noted that the Company / Owner has registered as a Data Controller to be compliant with the Data Protection Act as applicable in Mauritius and that Mr Sanjeev K.S Gopaul has been duly appointed as the Data Protection Officer of the Company / Owner.

 

In order to ensure compliance with the Act, the firm has implemented this data protection program, which consist of the following building blocks:

 

I. Written Policy and Procedures
Cyberati Digital has implemented this Privacy Policy to ensure the protection of individuals’ privacy. The Policy is designed to provide clients/employees with privacy information, including the purposes for processing their personal data, the lawful basis for processing and who it will be shared with.

 

Business units, including the Information Technology (“IT”) and Operations departments, also implement and maintain procedures for the security and protection of personal data as well as other related privacy matters.

 

II. Appropriate Delegation of Authority
The firm has designated a Data Protection Officer (DPO) who will be responsible for compliance issues related to data collection and processing by the Company / Owner. The designated individual will have relevant experience and the ability to oversee the implementation and maintenance of proper privacy standards across the organisation.

 

III. Education and Awareness
All staff members, including new hires, will be subject to data protection training. The DPO, in coordination with designated staff, identifies the employees that are subject to role-based privacy training requirements and will, as needed, conduct or facilitate the mandatory training courses or seminars for appropriate employees. The Company / Owner will provide refresher training and education on a periodic basis to employees that work with client data. Training may include online courses, in-person lessons, or other instructive memorandums.

 

IV. Compliance Oversight
The DPO will be tasked with evaluating new products, technologies, online activities, contracts, and regulations for potential privacy impacts, and advising other members of senior management on implementation of corresponding privacy protections. Additionally, the DPO will maintain records to satisfy record keeping obligations and the firm will implement appropriate controls to recognise and respond to personal data breaches, including response plans and escalation procedures.

 

V. Periodic Assessments of Program Effectiveness
On a periodic basis, the Company / Owner will evaluate and may adjust the program in light of risk assessment results, relevant findings by Compliance and the DPO or in response to any significant change to business practices, operations or regulatory requirements.

 

2. CONTROL OF NON-PUBLIC INFORMATION
In the course of its business, the Company / Owner will be collecting personal information about potential clients, employees, service providers and other third parties. The Company / Owner is committed to maintaining the highest standards of integrity and seeks to provide fair, secure and appropriate methods for the handling of non-public personal information. All such activities are intended to be consistent with generally accepted privacy ethics and standard business practices.

 

In this respect, the Company / Owner will adopt and implement adequate privacy policy measures.
Principles of the Company / Owner’s /Owner’s privacy policy will include:

 

2.1 Personal Identifiable Information
The Company / Owner will collect personal information specifically and knowingly provided by clients, staffs, service providers and any other third parties.

 

Where stated, the Company / Owner may use the personal information of the Clients to contact them about the Company / Owner’s services or to provide them feedback and updates in relation to their use of the services of the Company / Owner. The Company / Owner wilt only hold data which is necessary to offer its services and ensure continuity of the services.

 

2.2 Privacy Statement Changes
The Company / Owner may change its privacy policy at any time and will notify the clients of such changes so that they are satisfied with the conditions under which they provide the Company / Owner their personal information.

 

2.3 Retention of Records
The Company / Owner will keep personal information only as long as it is necessary and in compliance with any provisions of the laws as applicable in Mauritius as far as record keeping is concerned, including for the purposes of providing its services or as required by law. Personal information that is no longer required will be destroyed either by shredding or other approved destruction methods to prevent unauthorized parties from gaining access to the information during and after the process, unless required to be kept as per regulatory requirements.

 

The Company / Owner will safeguard all clients’ information in its custody and will develop and maintain security procedures to safeguard personal information against loss, theft, copying, and unauthorized disclosure, use or modification.

 

Access to personal information is restricted strictly to employees and authorized service providers with a need to know and use for the performance of their activities.

 

The Company/Owner will make no other use of the personal information of the clients unless authorized.

 

Your Consent:
By accessing the Company / Owner’s different websites, you consent to collecting, maintaining, using and disclosing your Personal Data in accordance with this privacy policy.

 

Queries:
If you have privacy questions which are not answered by this Privacy Policy or any other concerns about how the Company / Owner uses your personal data, please write to us at: info@cyberatidigital.com