- Data collection, storage & processing.
Greendeck collects only name and email from the user. The sole purpose of this is to create an account for the user on our platform. This data is not processed for any other purpose. Also, access to this data is strictly regulated within the company. This data is not shared with any suppliers/sub-contractors.
- Data minimization
Greendeck asks users for the bare minimum data required to create an account – name and email. Once account is created, there is no further processing of this data.
- Right to rectification
Users have complete right to, at any point of time, modify/rectify this data. We will ensure that this can be done by either one or both the following methods: (a) users can rectify directly on the platform, (b) or user can contact us by writing to our support teams.
- Right to portability
We are happy to share a user’s data, gathered for the purpose of account creation, back to the user in any standard acceptable format. Having said that, the data we store is so limited that the possibility of such a request is highly remote.
- Limitation to storage
This data is stored on secure cloud infrastructure, and never transferred on physical drives/laptops/USBs. There are no copies of this data other than the main database on cloud.
- Right to be forgotten
On termination of contract, all personal data is deleted after 30days. This is the recovery policy. Also, in case a user wants to cancel their account, we will ensure the account is terminated and all personal data of that user is deleted from our systemsafter 30days. In case the user/customer organisation wishes the data to be deleted immediately from our systems, we can do that as well, provided there is a logical reasoning for the same.
- Confidential and secure
Greendeck stores all data collected on secure and trusted cloud infrastructure platforms. Access to this data is strictly regulated within the company. This data is not shared with any suppliers/sub-contractors.
- Accountability and liability
Greendeck understands that it is our responsibility to ensure user data is stored securely, processed only when necessary, access to it is controlled, and all other aspects of GDPR law are met.