GDPR Policy for khadga.com.np
1. Introduction
khadga.com.np is committed to protecting the privacy and security of the personal data of our users. This GDPR Policy outlines how we collect, use, disclose, and store personal data in compliance with the General Data Protection Regulation (GDPR).
2. Definitions
- Personal Data: Any information relating to an identified or identifiable natural person.
- Data Subject: The individual to whom the personal data refers.
- Data Controller: The entity that determines the purposes and means of the processing of personal data.
- Data Processor: The entity that processes personal data on behalf of the data controller.
3. Principles of Data Processing
We adhere to the following principles in processing personal data:
- Lawfulness, fairness, and transparency.
- Purpose limitation.
- Data minimization.
- Accuracy.
- Storage limitation.
- Integrity and confidentiality.
4. Data Collection and Processing
We collect and process personal data for the following purposes:
- Providing and improving our services.
- Communicating with users.
- Analyzing usage trends.
- Marketing and advertising.
- Complying with legal obligations.
5. Types of Personal Data Collected
The types of personal data we may collect include but are not limited to:
- Contact information (e.g., name, email address).
- Account credentials.
- Usage data (e.g., IP addresses, cookies).
- Payment information (e.g., credit card details).
- Demographic information.
6. Legal Basis for Processing
We process personal data based on one or more of the following legal bases:
- The data subject has given consent.
- Processing is necessary for the performance of a contract.
- Processing is necessary for compliance with a legal obligation.
- Processing is necessary for the legitimate interests pursued by the data controller or a third party.
7. Data Subject Rights
Data subjects have the following rights regarding their personal data:
- Right to access.
- Right to rectification.
- Right to erasure.
- Right to restrict processing.
- Right to data portability.
- Right to object.
8. Data Security
We implement appropriate technical and organizational measures to ensure the security of personal data, including encryption, access controls, and regular security assessments.
9. Data Sharing and Disclosure
We may share personal data with third parties, including service providers, affiliates, and regulatory authorities, as necessary for the purposes outlined in this policy.
10. International Data Transfers
If we transfer personal data outside the European Economic Area (EEA), we ensure adequate safeguards are in place to protect the data, such as Standard Contractual Clauses or certification under relevant privacy frameworks.
11. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, unless a longer retention period is required by law.
12. Updates to this Policy
We may update this GDPR Policy from time to time by posting a revised version on our website. The updated policy will be effective as of the date of posting.
13. Contact Information
If you have any questions or concerns about our GDPR compliance or this policy, please contact us at [contact email].
14. Acceptance of Terms
By using our website, you signify your acceptance of this GDPR Policy. If you do not agree to this policy, please do not use our website.