GDPR Compliance

Our Commitment to GDPR Compliance

AbhinavDCS is committed to protecting the privacy and personal data of all individuals, including residents of the European Union (EU) and European Economic Area (EEA). This page outlines how we comply with the General Data Protection Regulation (GDPR) and your rights under this regulation.

The GDPR applies to our processing of personal data of EU/EEA residents, regardless of where our business is located. As a Pune-based company serving global clients, we take our GDPR obligations seriously.

Legal Basis for Processing Personal Data

Under GDPR, we must have a lawful basis for processing your personal data. We process your data based on the following legal grounds:

Legitimate Interest (Article 6(1)(f))

  • Business development and marketing: Responding to inquiries and providing information about our services
  • Website analytics: Understanding how our website is used to improve user experience
  • Security: Protecting our website and systems from security threats

Contract Performance (Article 6(1)(b))

  • Service delivery: Providing custom software development, web design, mobile app development, and UX/UI services
  • Project management: Managing client projects and deliverables
  • Communication: Maintaining communication throughout project lifecycles

Consent (Article 6(1)(a))

  • Marketing communications: Sending newsletters or promotional materials (where explicit consent is obtained)
  • Optional cookies: Non-essential cookies that enhance user experience

Legal Obligation (Article 6(1)(c))

  • Record keeping: Maintaining records as required by Indian business laws
  • Tax compliance: Keeping financial records for tax purposes

Your Rights Under GDPR

As a data subject under GDPR, you have the following rights:

Right of Access (Article 15)

You have the right to obtain confirmation of whether we process your personal data and, if so, access to your personal data along with specific information about the processing.

How to exercise: Contact us using the details provided below, and we will respond within one month.

Right to Rectification (Article 16)

You have the right to obtain the rectification of inaccurate personal data and to have incomplete personal data completed.

How to exercise: Send us the correct information, and we will update our records promptly.

Right to Erasure (Article 17)

You have the right to obtain the erasure of your personal data in certain circumstances, including:

  • The data is no longer necessary for the original purpose
  • You withdraw consent and there’s no other legal basis for processing
  • You object to processing and there are no overriding legitimate grounds

Limitations: We may retain data where required by law or for legitimate business purposes.

Right to Restrict Processing (Article 18)

You have the right to restrict processing of your personal data in certain circumstances:

  • You contest the accuracy of the data
  • Processing is unlawful but you don’t want erasure
  • We no longer need the data, but you need it for legal claims
  • You’ve objected to processing pending verification of legitimate grounds

Right to Data Portability (Article 20)

You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit it to another controller.

Scope: This applies to data processed based on consent or contract and by automated means.

Right to Object (Article 21)

You have the right to object to processing based on legitimate interests or for direct marketing purposes.

Direct marketing: You can object at any time, and we will stop processing for this purpose.
Other purposes: We will stop processing unless we can demonstrate compelling legitimate grounds.

Rights Related to Automated Decision-Making (Article 22)

You have the right not to be subject to decisions based solely on automated processing that produces legal or similarly significant effects.

Our practices: We do not engage in automated decision-making that would significantly affect you.

How to Exercise Your Rights

To exercise any of your GDPR rights, please contact us using the following methods:

Email: admin@abhinavdcs.in with “GDPR Request” in the subject line
 Phone: +91 7722002190
 Written Request: AbhinavDCS, S.No. 13, Ambegaon (Bk), Katraj-Dehu Road Bypass, Pune-411046, Maharashtra, India

Required Information:

  • Your full name and contact information
  • Specific right you wish to exercise
  • Any relevant details to help us locate your data
  • Proof of identity (if requested)

Response Time: We will respond to your request within one month of receipt. In complex cases, we may extend this by two additional months.

Data Processing Activities

Personal Data We Collect

  • Contact Information: Name, email address, phone number, company name
  • Professional Information: Job title, business requirements, project details
  • Technical Data: IP address, browser information, website usage patterns
  • Communication Records: Emails, messages, and other correspondence

Purpose of Processing

  • Providing digital services (web development, mobile apps, custom software, UX/UI)
  • Client communication and project management
  • Business development and marketing
  • Website functionality and improvement
  • Legal compliance and record-keeping

Data Recipients

  • Internal Team: Our employees and contractors involved in service delivery
  • Service Providers: Third-party vendors (hosting, email services, analytics) under data processing agreements
  • Legal Authorities: If required by law or legal process

Data Retention

  • Active Projects: Duration of project plus 7 years for business records
  • Inquiries: Up to 3 years for business development purposes
  • Marketing Data: Until consent is withdrawn or data is no longer relevant
  • Legal Requirements: As required by applicable laws

International Transfers

Your data may be transferred to and processed in India. We ensure appropriate safeguards are in place for international transfers:

  • Adequacy Decisions: Where available from the European Commission
  • Standard Contractual Clauses: For transfers to countries without adequacy decisions
  • Additional Safeguards: Technical and organizational measures to protect data

Data Protection Measures

We implement appropriate technical and organizational measures to ensure data security:

Technical Measures

  • Encryption: Data encrypted in transit and at rest
  • Access Controls: Role-based access to personal data
  • Regular Updates: Security systems and software kept current
  • Backup Systems: Secure data backup and recovery procedures

Organizational Measures

  • Staff Training: Regular GDPR and data protection training
  • Data Processing Agreements: Contracts with all third-party processors
  • Privacy by Design: Data protection considered in all new processes
  • Regular Audits: Periodic review of data processing activities

Data Breach Notification

In the event of a personal data breach that poses a risk to your rights and freedoms:

  • Supervisory Authority: We will notify the relevant supervisory authority within 72 hours
  • Data Subjects: We will notify affected individuals without undue delay if the breach poses a high risk
  • Documentation: We maintain records of all data breaches

Contact Information

Data Controller

AbhinavDCS
 Address: Pune, Maharashtra, India
 Email: admin@abhinavdcs.in
 Phone: +91 7722002190

EU Representative (if required)

Currently: Not Applicable

Supervisory Authority

If you believe we have not handled your personal data in accordance with GDPR, you have the right to lodge a complaint with a supervisory authority, particularly in the EU Member State where you reside, work, or where the alleged infringement occurred.

For EU residents: You can find your local supervisory authority at: https://edpb.europa.eu/about-edpb/about-edpb/members_en

Updates to GDPR Compliance

We may update this GDPR compliance information from time to time. We will notify you of any material changes by:

  • Updating this page with the new effective date
  • Sending email notifications where we have your consent
  • Posting notices on our website

Additional Resources

Useful Links

  • European Data Protection Board: https://edpb.europa.eu/
  • GDPR Full Text: https://gdpr-info.eu/
  • Our Privacy Policy: [Link to your privacy policy page]

Training and Awareness

Our team regularly undergoes GDPR training to ensure compliance. We stay updated on regulatory changes and best practices in data protection.

This GDPR compliance page is effective as of the date stated above. If you have any questions about GDPR compliance or your rights, please contact us using the information provided above.