Miydi GDPR Compliance Policy

Introduction

Miydi is committed to maintaining transparency and fostering user trust by protecting the privacy of our users in accordance with the General Data Protection Regulation (GDPR). This GDPR Compliance Policy serves as a testament to our dedication to user privacy and outlines the rights and choices available to EU data subjects.

GDPR Overview

The GDPR is a European Union regulation that aims to provide EU data subjects with greater control over their personal data. It establishes various rights for individuals and imposes obligations on businesses that collect, process, or share the personal data of EU data subjects.

Applicability

This GDPR Compliance Policy applies to the personal data of EU data subjects collected, processed, or shared by Miydi.

User Rights

Under the GDPR, EU data subjects have the following rights:

1. The right to access: Users have the right to request information about the personal data Miydi holds about them and how it is processed.
2. The right to rectification: Users can request the correction of inaccurate personal data held by Miydi.
3. The right to erasure (‘right to be forgotten’): Users can request the deletion of their personal data held by Miydi, subject to certain exceptions.
4. The right to restrict processing: Users can request that Miydi limits the processing of their personal data under certain conditions.
5. The right to data portability: Users have the right to receive their personal data held by Miydi in a structured, commonly used, and machine-readable format and have the right to transmit that data to another controller without hindrance.
6. The right to object: Users can object to Miydi’s processing of their personal data for direct marketing purposes or other legitimate interests.
7. The right to not be subject to automated decision-making: Users have the right not to be subject to a decision based solely on automated processing, including profiling, that produces legal effects concerning them or significantly affects them.

Exercising User Rights

EU data subjects can exercise their rights under the GDPR by submitting a request through our Contact Us page. We will respond to verifiable requests within one month of receipt, with the possibility of an extension if necessary. Please provide sufficient details in your request to help us process it efficiently.

Verification of Requests

Miydi will take reasonable steps to verify the identity of users submitting GDPR requests. This may include matching the information provided in the request with the information we have on file or requesting additional information to confirm the user’s identity. If we cannot verify the identity of the requestor, we may deny the request.

Personal Data Collection

Miydi collects the following categories of personal data from various sources, including but not limited to, user interactions with our platform, third-party integrations, and publicly available sources:

– Identifiers, such as name, email address, and IP address.
– Commercial information, including records of products or services purchased or considered.
– Internet or other electronic network activity information, such as browsing history, search history, and information about user interactions with our platform.

We use this personal data for purposes such as providing and improving our services, communicating with users, and marketing our products and services.

Personal Data Sharing

Miydi may share personal data with third parties for business purposes, including but not limited to, service providers, marketing partners, and affiliates. We ensure that appropriate safeguards are in place when transferring personal data outside the European Union.

Lawful Basis for Processing

Miydi processes personal data based on one or more of the following lawful bases under the GDPR:

– Consent: When users have given their consent to the processing of their personal data for specific purposes.
– Contractual necessity: When processing personal data is necessary for the performance of a contract or to take steps before entering into a contract.
– Legal obligation: When processing personal

data is necessary for compliance with a legal obligation to which Miydi is subject.
– Legitimate interests: When processing personal data is necessary for the purposes of the legitimate interests pursued by Miydi or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the user.

Data Privacy

Miydi’s GDPR Compliance Policy is part of our broader commitment to data privacy. For more information about our data privacy practices, please refer to our Privacy Policy.

Data Protection Officer (DPO)

If applicable, Miydi has designated a Data Protection Officer responsible for overseeing our GDPR compliance efforts. If you have any questions or concerns regarding our GDPR Compliance Policy or our data protection practices, you may contact our DPO through our Contact Us page.

Changes to the GDPR Compliance Policy

Miydi may update this GDPR Compliance Policy from time to time. We encourage users to periodically review this policy for any changes. Your continued use of our platform and services constitutes your acceptance of any updates to this policy.

Contact Information

If you have any questions, concerns, or requests related to this GDPR Compliance Policy, please visit our Contact Us page.