DMSPRISM is fully compliant with the General Data Protection Regulation (GDPR) and has implemented strict data protection measures. For inquiries, contact privacy@dmsprism.com.

Who Does This Notice Apply To?

This GDPR Notice applies to individuals in the European Economic Area (EEA), Switzerland, and the United Kingdom (UK). Our processing of personal data follows the GDPR and the UK GDPR, as set out in the Data Protection Act 2018. While this notice includes Swiss residents, it does not limit their additional data protection rights.

Purpose of Data Collection and Processing

We collect and process personal data to:

• Improve user experience and optimize website functionality.
• Provide customer support and service updates.
• Conduct business operations efficiently.
• Ensure compliance with legal requirements.

Legal Basis for Processing

We process personal data under:

• Legitimate Interests: Necessary for business operations.
• Consent: Where required for marketing and specific processing activities.
• Legal Obligation: Compliance with regulatory requirements.

Users have the right to file complaints regarding data processing with their respective data protection authorities.

What Personal Data Do We Collect?

We collect the following categories of personal information:

• Name, email, and phone number.
• Website browsing behaviour (via cookies and tracking technologies).
• Other data necessary for delivering our services.

Who Do We Share Your Data With?

We work with trusted service providers to manage:

• Website functionality and hosting.
• Customer communication via email and SMS.
• Data analytics and security.

These partners operate under strict confidentiality agreements and comply with GDPR standards.

International Data Transfers

Our primary data processing occurs in the USA. While the USA does not have an EU adequacy decision, we implement:

• Standard Contractual Clauses (SCCs): Ensuring legal compliance.
• Secure Data Handling Protocols: Encryption, secure transmission, and controlled access.
• GDPR-Compliant Third-Party Contracts: Ensuring data protection with partners.

How Long Do We Retain Personal Data?

We retain personal data only as long as necessary for service provision, legal obligations, and operational needs. You can request data deletion before the retention period ends.

Our GDPR Compliance Measures

To safeguard your data, we have:

• Advanced Encryption Protocols: Securing data in transit and storage.
• Comprehensive Data Security Policy: Ensuring strict compliance.
• Regular Security Audits: Identifying and mitigating risks.

Your GDPR Rights

Under GDPR, you have the right to:

• Access Your Data: Request a copy of your personal information.
• Request Data Correction: Ensure accuracy of stored data.
• Restrict Data Processing: Limit how we use your personal data.
• Request Data Deletion: Remove your personal information from our records.
• Object to Processing: Stop processing under specific circumstances.
• Request Data Portability: Transfer your data to another service provider.

To exercise these rights, contact privacy@dmsprism.com.

No Obligation to Provide Data

Users are not legally required to provide personal data but may be unable to access certain services without it.

Data Requests

You can make the following requests under GDPR:

• Request Access: Receive a summary of stored personal data.
• Request Restrictions: Opt out of certain data-sharing practices.
• Request Deletion: Permanently remove personal data, where applicable.

For all GDPR-related inquiries, contact privacy@dmsprism.com.

DMSPRISM is committed to maintaining the highest standards of data protection and transparency. This Privacy Statement ensures compliance with GDPR regulations and safeguards user information at all levels.