MEGORING

gdpr compliance statement

gdpr compliance statement

Effective Date: 10/05/2025
Website: www.megoring.com
Data Controller: Megoring
Contact: contact@megoring.com

At Megoring, we are fully committed to complying with the General Data Protection Regulation (EU) 2016/679 (GDPR). This regulation is designed to protect the fundamental rights and freedoms of individuals with respect to their personal data. This statement outlines our policies and procedures for ensuring GDPR compliance.

Data Controller Information:

Megoring acts as the Data Controller for the collection, processing, and storage of personal data provided through our website and services. If you have any questions about our GDPR practices or wish to exercise your data rights, please contact us at:

Email: contact@megoring.com
Phone: +17712204976

Lawful Basis for Data Processing:

We process personal data only when we have a lawful basis under GDPR. These include:

  • Consent: When you voluntarily provide data via forms or opt-ins.
  • Contractual Necessity: When data processing is required to fulfill a service (e.g., consultations).
  • Legal Obligation: When required by applicable law.
  • Legitimate Interests: For business-related purposes that do not override your rights, such as analytics or service improvement.

Data Collection and Types:

We collect personal data through:

  • Contact Forms and Consultation Requests
    • Name, email address, phone number, company details, and message content.
  • Website Usage Data
    • IP address, device type, browser, pages visited, and time spent (collected via cookies and analytics tools).

We do not collect special category data (e.g., health data, religious beliefs) unless explicitly required and with your express consent.

Your Rights Under GDPR:

As a data subject, you have the following rights:

  • Right to Access – You may request a copy of your personal data.
  • Right to Rectification – You can correct inaccurate or incomplete data.
  • Right to Erasure (“Right to be Forgotten”) – You may request deletion of your data, subject to legal obligations.
  • Right to Restrict Processing – You can request limited processing of your data.
  • Right to Data Portability – You can request your data in a machine-readable format.
  • Right to Object – You may object to data processing based on legitimate interest or direct marketing.
  • Right to Withdraw Consent – You can withdraw your consent at any time.

To exercise your rights, contact us at: contact@megoring.com

Data Retention Policy:

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable law. Data related to consultations and client projects may be stored for up to 3 years, unless you request earlier deletion.

Data Transfers Outside the EU:

Where data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) or transfers to countries deemed to provide adequate data protection by the European Commission.

Security Measures:

We implement technical and organizational measures to ensure the security and confidentiality of personal data, including:

  • SSL encryption for data transmission
  • Secure access protocols
  • Firewalls and intrusion detection
  • Role-based access to sensitive data
  • Regular data security reviews

Processors and Third Parties:

We may use GDPR-compliant third-party services (data processors) for:

  • Email marketing and communication
  • Analytics and traffic monitoring
  • CRM and client management tools

These processors are bound by Data Processing Agreements (DPAs) to ensure they process data in compliance with GDPR standards.

Breach Notification:

In the event of a data breach that poses a risk to your rights and freedoms, we will notify the appropriate supervisory authority within 72 hours, and inform affected individuals without undue delay.

Supervisory Authority Contact:

If you believe your data rights have been violated, you have the right to lodge a complaint with the data protection authority in your jurisdiction. If you’re based in the EU, contact your national Data Protection Authority (DPA).

Updates to This Statement:

We may update this GDPR Compliance Statement from time to time to reflect legal or operational changes. Updates will be posted on this page with a revised effective date.