GDPR Compliance | Platform Data & Privacy

Last Updated: 6/7/2025

Effective Date: February 10, 2024

1. Introduction

Meirra is committed to protecting the personal data of our clients, employees, and website visitors in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

This statement outlines our approach to data protection and how we ensure compliance with GDPR requirements.

2. Data Protection Principles

Lawfulness, Fairness, and Transparency

Processing personal data legally, fairly, and in a transparent manner.

Purpose Limitation

Collecting data for specified, explicit, and legitimate purposes.

Data Minimization

Ensuring data is adequate, relevant, and limited to what's necessary.

Accuracy

Keeping personal data accurate and up to date.

Storage Limitation

Retaining data only for as long as necessary.

Integrity and Confidentiality

Processing data securely and protecting against unauthorized processing.

3. Legal Basis for Processing

Consent of the data subject
Performance of a contract
Compliance with legal obligations
Protection of vital interests
Legitimate interests pursued by us or a third party

4. Your Rights

Right to be informed about how your data is used
Right to access your personal data
Right to rectification of inaccurate data
Right to erasure ('right to be forgotten')
Right to restrict processing
Right to data portability
Right to object to processing
Rights related to automated decision making

5. Data Security

Encryption of personal data
Regular security assessments
Access controls and authentication
Staff training on data protection
Secure data backup procedures
Regular security testing and monitoring

6. International Transfers

When transferring personal data outside the EEA, we ensure adequate protection through:

Standard contractual clauses
Adequacy decisions
Binding corporate rules
Appropriate safeguards

7. Data Breach Procedures

Notify the relevant supervisory authority within 72 hours
Inform affected individuals without undue delay
Document all breaches and remedial actions
Review and update security measures

8. Data Protection Officer

Our Data Protection Officer (DPO) oversees our data protection strategy and implementation to ensure compliance with GDPR requirements.

Monitoring GDPR compliance
Advising on data protection obligations
Providing staff training
Conducting internal audits
Acting as a contact point for supervisory authorities

9. Compliance Procedures

Regular data protection impact assessments
Maintenance of records of processing activities
Staff training and awareness programs
Regular policy reviews and updates
Vendor assessment and management
Internal audits and compliance checks

10. Contact Information

For any questions about our GDPR compliance or to exercise your data protection rights, please contact our Data Protection Officer:

Meirra Data Protection Officer

Email:support@meirra.com

You also have the right to lodge a complaint with the Spanish Data Protection Authority (AEPD - Agencia Española de Protección de Datos) or your local supervisory authority.