GDPRCompliance
How we ensure compliance with the General Data Protection Regulation.
1. Introduction to GDPR
The General Data Protection Regulation (GDPR) is a comprehensive data protection law that applies to organizations processing personal data of EU residents. BigLogic Inc Canada is committed to complying with GDPR requirements and protecting the privacy rights of individuals.
2. Data Controller Information
BigLogic Inc Canada is the data controller for personal information collected through our website and services.
- Address: Canada
- Email: [email protected]
- Data Protection Officer: [email protected]
3. Legal Basis for Processing
We process personal data based on the following legal grounds:
- Consent: When you explicitly consent to processing
- Contract: When processing is necessary to fulfill our contractual obligations
- Legitimate Interest: When processing serves our legitimate business interests
- Legal Obligation: When processing is required by law
4. Types of Data We Process
Personal Data
- Name and contact information
- Company and job title
- Communication history
- Payment and billing information
Special Category Data
We do not process special category data (such as health data or biometric data) unless specifically requested and with explicit consent.
5. Your Rights Under GDPR
As an EU resident, you have the following rights:
- Right to Access: Request a copy of your personal data
- Right to Rectification: Request correction of inaccurate data
- Right to Erasure: Request deletion of your personal data ("right to be forgotten")
- Right to Restriction: Request limitation of processing
- Right to Data Portability: Request transfer of your data to another service
- Right to Object: Object to processing based on legitimate interests
- Rights Related to Automated Decision Making: Request human intervention in automated decisions
6. Data Transfers
Your personal data may be transferred to and processed in countries outside the EU/EEA. When we transfer data internationally, we ensure appropriate safeguards are in place:
- Standard Contractual Clauses approved by the European Commission
- Adequacy decisions where applicable
- Additional technical and organizational measures
7. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which we collected it:
- Customer data: Duration of the contract + 7 years
- Marketing data: Until consent is withdrawn
- Analytics data: Maximum 26 months
- Communication records: 3 years after last interaction
8. Data Protection Impact Assessment
We conduct Data Protection Impact Assessments (DPIA) for high-risk processing activities to ensure privacy-by-design principles are implemented.
9. Breach Notification
In the event of a personal data breach that is likely to result in a risk to individuals' rights and freedoms, we will:
- Notify the relevant supervisory authority within 72 hours
- Communicate the breach to affected individuals without undue delay
- Provide details of the breach and proposed remedies
10. Your Right to Lodge a Complaint
You have the right to lodge a complaint with a supervisory authority if you believe our processing of your personal data violates GDPR. You can contact the Information Commissioner's Office (ICO) or your local data protection authority.
11. Contact Us
To exercise your GDPR rights or for any data protection inquiries:
- Email: [email protected]
- Data Protection Officer: [email protected]
We will respond to your request within one month.
Last updated: 2026