At ratingIP, we take privacy and the protection of personal data very seriously. This GDPR Compliance Statement explains how we comply with the obligations set forth by the General Data Protection Regulation (GDPR), which governs the collection, use, and storage of personal data of individuals within the European Economic Area (EEA).
The GDPR applies to ratingIP when we process personal data of individuals located within the EEA. This includes, but is not limited to, data collected through our website, ratingip.com (hereinafter referred to as "the Site"), and any other means through which we may obtain personal data.
Personal Data: Any information relating to an identified or identifiable natural person, such as a name, email address, IP address, location data, online identifiers, among others.
Data Processing: Any operation performed on personal data, such as collection, storage, use, disclosure, and deletion.
Data Controller: The entity that determines the purposes and means of processing personal data. In this case, ratingIP acts as the data controller of the personal data we process.
We adhere to the following key principles set out by the GDPR when processing personal data:
We process personal data lawfully, fairly, and transparently. We inform users about how their data will be used and provide this information in a clear and understandable manner.
We collect personal data only for specific, explicit, and legitimate purposes. We do not process data in a manner that is incompatible with those purposes.
We collect and process only the personal data that is adequate, relevant, and limited to what is necessary in relation to the purposes for which it is processed.
We ensure that the personal data we process is accurate and up to date. We take all reasonable steps to rectify or delete any inaccurate personal data.
We store personal data for only as long as necessary to fulfill the purposes of processing, in accordance with our legal obligations and internal data retention policies.
We process personal data securely, using appropriate technical and organizational measures to protect it against unauthorized access, loss, accidental destruction, or damage.
We are responsible for ensuring compliance with the above principles and can demonstrate such compliance.
We process personal data only when we have a legal basis to do so, as required by the GDPR. The legal bases may include:
The GDPR grants users a series of rights regarding their personal data, including:
Users have the right to request information about the personal data we hold about them and to obtain a copy of such data.
Users may request the correction of inaccurate or incomplete personal data.
Users may request the deletion of their personal data under certain circumstances, such as when the data is no longer necessary for the purposes for which it was collected.
Users have the right to request the restriction of the processing of their personal data in certain situations.
Users have the right to receive their personal data in a structured, commonly used, and machine-readable format and to transmit that data to another data controller.
Users may object to the processing of their personal data when the processing is based on our legitimate interests or the performance of a task carried out in the public interest.
Users have the right not to be subject to decisions based solely on the automated processing of their personal data, including profiling, which produces legal effects or similarly significantly affects them.
When we transfer personal data outside the EEA, we ensure that such transfers are conducted in accordance with the GDPR's provisions. This includes using standard contractual clauses approved by the European Commission or ensuring that the recipient country offers an adequate level of data protection.
We implement appropriate technical and organizational measures to protect personal data against accidental or unlawful destruction, accidental loss, alteration, unauthorized disclosure, or access. These measures include encryption, access control, information security policies, and regular audits.
In the event of a personal data breach, we will notify the competent supervisory authority without undue delay, and within 72 hours of becoming aware of the breach, unless it is unlikely to result in a risk to the rights and freedoms of individuals. We will also notify affected users when the breach is likely to result in a high risk to their rights and freedoms.
Users can exercise their rights under the GDPR or submit inquiries related to this Compliance Statement by contacting us at:
ratingIP
support@ratingip.com
We may update this GDPR Compliance Statement periodically to reflect changes in our data processing practices or applicable law. We will notify you of any significant changes by posting the new Statement on our Site and updating the "Last Updated" date at the top of this statement.