How we comply with GDPR

Here at Onify we recognize the importance of your privacy and the rights and obligations under the EU legislation, the famous GDPR. We don’t just want to tell you what we do with your information; we want you to actually understand how and why we process data and what you can do about it. We tried to explain things in layman's terms whenever there was an actual need to use overly legal terminology, but if at any point in time you are not sure about how we handle your information, please do not hesitate to reach us at [email protected].

Even though we were not required to, we conducted a Data Protection Impact Assessment to ensure that we address and minimize any risk that may be caused by our processing of information. We reviewed and analyzed our processes, recognized the risks and applied solutions to reduce such risks as far as possible, and although we couldn’t remove the risks altogether we made sure that the chances of their occurrence are reduced to the bare minimum. We managed this by introducing an obligatory code of conduct, security measures, rules for transfer of information, policies for handling the information, and dedicated address for any privacy related communication. DPIA is signed off by the managing staff and external privacy experts.

We use third-party service providers for some of our services and we have detailed Data Processing Agreement (DPA) with all of them prior to giving them any information. For the full list of data processors please contact us at [email protected].

We implemented security measure for both “offline” and digital behavior. We made sure that employees know not to leave information unprotected and not to expose or create any vulnerability in the systems. We approach your data with extreme care and if we process information on your behalf we will comply with the instructions for processing to the letter. Furthermore we will provide you with assistance with your Data Protection Impact Assessment and allow you to audit the processing of the data on your behalf under DPA.