GDPR Compliance Policy

XAMTA INFOTECH SUPPORT GDPR COMPLIANCE AND SECURITY - KEEP SAFE ONLINE BUSINESS

GDPR Compliance: Your Data, Your Rights

Trust & Transparency in Data Protection

At Xamta Infotech, your privacy is our priority. We are fully committed to ensuring the safety and security of your personal data in compliance with the General Data Protection Regulation (GDPR). This blog post explains how we collect, process, and safeguard your information while giving you full control over your data.

Introduction

Welcome to Xamta Infotech. We value your privacy and are committed to protecting your personal data in compliance with the General Data Protection Regulation (GDPR). This post outlines our policies on data collection, usage, storage, and security.

What is GDPR?

The General Data Protection Regulation (GDPR) is a European Union (EU) law that governs the collection, processing, and protection of personal data for individuals in the EU and European Economic Area (EEA). If you use our platform, we ensure that your data is processed lawfully, fairly, and transparently.

What Data We Collect

We collect and process the following types of personal data:

  • Basic Information: Name, email, phone number, address.

  • Account Details: Login credentials, purchase history, preferences.

  • Online Identifiers: IP address, cookies, device IDs.

  • Financial Data: Payment details (processed securely through third-party services).

  • Communication Data: Messages sent via our platform.

Legal Basis for Data Processing

Under GDPR, we only collect and process personal data when we have a lawful basis, which includes:

  • User Consent: You have given clear consent for us to process your data.

  • Contractual Obligation: The data is necessary for fulfilling a contract (e.g., purchases, subscriptions).

  • Legal Compliance: Required to comply with legal obligations.

  • Legitimate Interest: Necessary for business operations, provided it does not override your rights.

Your Rights Under GDPR

As a user, you have the following rights regarding your data:

  • Right to Access – Request a copy of the personal data we hold about you.

  • Right to Rectification – Correct inaccurate or incomplete data.

  • Right to Erasure ("Right to be Forgotten") – Request deletion of your data.

  • Right to Restriction of Processing – Limit how we process your data.

  • Right to Data Portability – Transfer your data to another service provider.

  • Right to Object – Opt out of certain data processing (e.g., marketing emails).

  • Right Against Automated Decision-Making – Ensure human intervention in automated processes.

  • Right to Information – Receive clear details on how we use your data.

How We Protect Your Data

We implement industry-standard security measures to ensure data protection:

  • SSL Encryption to secure data transfers.

  • Multi-Factor Authentication (MFA) to prevent unauthorized access.

  • Regular Security Audits to detect vulnerabilities.

  • Data Minimization Practices to store only necessary information.

  • Access Control Mechanisms to restrict data handling to authorized personnel.

Cookies & Tracking Technologies

We use cookies and similar tracking technologies to improve user experience. You can manage or disable cookies through your browser settings or via our Cookie Consent Banner.

Data Sharing & Third-Party Services

We do not sell or share your personal data. However, we may use GDPR-compliant third-party services for payment processing, analytics, and hosting.

Third-party providers we use include:

  • Payment Processors (e.g., Stripe, PayPal)

  • Cloud Hosting Services (e.g., AWS, Google Cloud)

  • Analytics Tools (e.g., Google Analytics)

Data Retention Policy

We retain your personal data only for as long as necessary:

  • User accounts & transaction history – Retained for legal and tax compliance.

  • Marketing preferences – Until you opt out.

  • Inactive accounts – Deleted after [specify time period, e.g., 2 years] of inactivity.

How to Exercise Your Rights

To request access, correction, or deletion of your data, contact us at:

📧 Email: hello@xamta.in
📍 Address: Google Maps Link

Data Breach Notification

In the event of a data breach, we will notify affected users and the relevant authorities within 72 hours, as required by GDPR.

Updates to This Policy

We may update this GDPR policy from time to time. We recommend checking this page periodically for any changes.

Last Updated: [Date]

Contact Us

For any GDPR-related inquiries, please contact our Data Protection Officer (DPO):

📧 Email: hello@xamta.in


Impactful, Remotely Exploitable Vulnerabilities and How to Prevent Them
XAMTA INFOTECH