GDPR Compliance
GDPR Guidelines
At Mandolare.com, we take data protection and privacy seriously. This page outlines our compliance with the General Data Protection Regulation (GDPR) and provides information on how we handle personal data. Please review the following guidelines:
- Data Protection Responsibility: Mandolare.com acts as the data controller for the personal data collected through our website and services.
- Lawful Basis: We process personal data based on one or more lawful bases, such as the necessity for the performance of a contract, compliance with legal obligations, or the individual’s consent.
- Data Collection and Use: We collect and process personal data for specific purposes and only to the extent necessary. We do not sell or share personal data with third parties for their own purposes.
- Data Subject Rights: Individuals have rights regarding their personal data, including the right to access, rectify, erase, restrict processing, and object to processing. To exercise these rights, please contact our data protection officer (DPO) at privacy@mandolare.com.
- Data Security: We implement appropriate technical and organizational measures to ensure the security and confidentiality of personal data, protecting it against unauthorized access, loss, or alteration.
- Data Retention: We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, unless a longer retention period is required or permitted by law.
- Data Transfers: Personal data may be transferred to and stored in countries outside the European Economic Area (EEA) if necessary for the purposes stated in our Master Services Agreement. We ensure appropriate safeguards are in place for such transfers.
- Third-Party Processors: We may engage third-party processors to assist with our services. Please refer to a partial list as outlined in the table below:
Table: Data Processors
| Data Processor | Purpose |
|---|---|
| AWS, Azure | Veeam Backup Storage Repositories |
| AWS | Virtual instances for MSP related offerings |
| Bluehost | Web hosting and ecommerce |
| DocuSign | E-Signature services |
| MethodCRM | Customer account management and records |
| OneLogin | Identity Provider for managed service accounts |
| Intuit Quickbooks Online | Customer accounting and records |
Please note that this table is not an exhaustive list of all data processors we may engage with, but it highlights those most directly related to our MSP products and offerings.
If you have any questions or concerns regarding data protection and GDPR compliance, please don’t hesitate to reach out to our data protection officer at privacy@mandolare.com.