GDPR & UK GDPR Notice
Last updated: May 2025
This notice explains how V.D. Infotech, operating as VDSecura, processes the personal data of individuals located in the European Economic Area (EEA) and the United Kingdom (UK) in accordance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the UK General Data Protection Regulation (“UK GDPR”).
1. Data Controller
Entity: V.D. Infotech
Address: 4th Floor, Sapphire Chambers, Baner Road, Baner, Pune, Maharashtra – 411045, India
Contact: hello@vdsecura.com
2. Lawful Bases for Processing
- Consent: Where you have given clear consent for us to process your personal data for specific purposes (e.g., marketing communications).
- Contract: Processing necessary for the performance of a contract to which you are a party (e.g., service delivery).
- Legitimate Interest: Processing necessary for our legitimate interests, provided these are not overridden by your rights (e.g., business analytics, fraud prevention).
- Legal Obligation: Where processing is required to comply with applicable law.
3. Your Rights Under GDPR
As a data subject in the EEA or UK, you have the following rights:
- Right of Access: Request a copy of the personal data we hold about you.
- Right to Rectification: Request correction of inaccurate or incomplete data.
- Right to Erasure: Request deletion of your personal data where there is no compelling reason for continued processing.
- Right to Restrict Processing: Request that we limit the processing of your data in certain circumstances.
- Right to Data Portability: Receive your personal data in a structured, commonly used, machine-readable format.
- Right to Object: Object to processing based on legitimate interest or for direct marketing purposes.
- Right to Withdraw Consent: Withdraw consent at any time without affecting the lawfulness of prior processing.
4. International Data Transfers
As a company based in India, we transfer data outside the EEA/UK. Such transfers are protected by Standard Contractual Clauses (SCCs) approved by the European Commission, supplemented by additional technical and organisational measures as required.
5. Data Retention
We retain personal data only for as long as necessary for the purposes for which it was collected. Retention periods vary based on the nature of the data and our legal obligations. When data is no longer required, it is securely deleted or anonymised.
6. Supervisory Authority
You have the right to lodge a complaint with your local data protection supervisory authority if you believe our processing of your personal data violates the GDPR or UK GDPR.
7. Contact
For any queries or to exercise your rights:
Email: hello@vdsecura.com
Response Time: Within 30 days of receipt (extendable by 60 days for complex requests, with notification)