GDPR Policy

2.1 Lawfulness, Fairness and Transparency

• We process data lawfully under defined legal bases (contract, legitimate interests, consent, legal obligations)
• We are transparent about what data we collect and why (see Privacy Policy)
• We treat all data subjects fairly without discrimination

2.2 Purpose Limitation

• Data collected for specific, explicit, and legitimate purposes
• We do not use data for unrelated purposes without your consent
• Purpose clearly stated at point of collection

2.3 Data Minimisation

• We collect only data that is adequate, relevant, and necessary
• We avoid collecting excessive or unnecessary information
• Regular review of data fields to ensure continued necessity

2.4 Accuracy

• We take reasonable steps to ensure data accuracy
• You can update your profile information at any time
• We correct inaccuracies promptly upon notification
• Periodic verification of representative credentials

2.5 Storage Limitation

• Data retained only as long as necessary for stated purposes
• Clear retention periods defined for different data categories
• Automated and manual deletion procedures in place
• Regular audits of retained data

2.6 Integrity and Confidentiality (Security)

• Technical measures: encryption, access controls, secure hosting
• Organizational measures: staff training, policies, audit trails
• Regular security assessments and penetration testing
• Incident response and breach notification procedures

2.7 Accountability

• We maintain comprehensive records of processing activities
• Data Protection Impact Assessments (DPIAs) for high-risk processing
• Regular compliance reviews and audits
• Clear documentation of policies and procedures
• Staff training and awareness programs

3.1 Contract (Article 6(1)(b))

• Creating and managing your account
• Providing directory listing services
• Processing featured profile subscriptions
• Delivering services you've requested

3.2 Legitimate Interests (Article 6(1)(f))

• Operating a safe and effective professional directory
• Preventing fraud and ensuring platform security
• Analyzing usage to improve services
• Direct marketing to existing customers (with opt-out option)

We conduct Legitimate Interest Assessments (LIAs) to ensure our interests do not override your rights and freedoms.

3.3 Legal Obligations (Article 6(1)(c))

• Complying with law enforcement requests
• Tax and accounting record retention
• Responding to regulatory enquiries

3.4 Consent (Article 6(1)(a))

• Optional marketing communications
• Non-essential analytics cookies

You may withdraw consent at any time.