General Data Protection Regulation (GDPR)

OverviewOrganizations established in the EuropeanUnion (EU) and processing personal data of EU-based individuals will, in almost all cases, be required to comply with the GDPR by May 25, 2018. The GDPR updates and harmonizes the framework for processing personal data in the European Union, and brings with it new obligations for organizations and new rights for individuals.

Organizations established in the EuropeanUnion (EU) and processing personal data of EU-based individuals will, in almost all cases, be required to comply with the GDPR by May 25, 2018. The GDPR updates and harmonizes the framework for processing personal data in theEuropean Union, and brings with it new obligations for organizations and new rights for individuals.

Our Commitment
Growlabs believes that the GDPR is an important step toward strengthening data protection laws across the European Union and enabling individual privacy rights. This is why Growlabs is committed to helping its customers comply with the EU’s General Data Protection Regulation (GDPR).

Your responsibility as our Customer or Client  
Growlabs only processes professional data, regardless of where an individual is based. This usually includes things like their job role and details about their employing company. This means that Growlabs does not provide or collect consumer-focused data such as age, health, web browsing history, health records, or economic status.

While Growlabs is committed to assisting its Customers in its role as a data processor, Customers are still ultimately responsible for adhering to their obligations as a “data controller.” Broadly speaking, this means that Customers are responsible for obligations such as:
                      - Properly collecting, processing, and transmitting personal data from EU subjects
                       - Properly marketing and communicating to current/potential customers
                       - Properly handling requests from EU data subjects, such as erasure and access.
   
Requirements such as greater data access and erasure rules, privacy by design, and data breach notification processes may mean changes for your organization, and are a shared responsibility between yourself and your partners. Therefore, it is important to understand your obligations related to the GDPR regardless of where your organization resides. We suggest that you consult your legal team to review the requirements.  

Your Rights Regarding Your Personal Information
We respect your privacy rights and therefore you may contact us at any time and we shall work diligently to respect your choices and requests regarding your Personal Information. The purpose of the list stipulated below is to allow Users and Contacts to exercise their rights under applicable privacy and data protection regulations:

• Right of Access: You may request to access your Personal Information and obtain a copy of Personal Information which is being processed by Growlabs. In the event that you request to know whatPersonal Information is being processed by us, we will provide you with the information free of charge. Such requests will be made by sending a request tosupport@growlabs.com, please make sure to provide your relevant details.

• Right of Rectification: You may request to change, update or complete any missing data we process about you, by sending an email to support@growlabs.com with you relevant details. Please note that we may rectify, replenish or remove incomplete or inaccurate information, at anytime and at our own discretion.

• Right of Erasure: You may at any time withdraw your consent to our processing of your Personal Information. In this case, if there is no overriding legitimate interest for continuing the processing of your Personal Information (e.g. to comply with our legal obligations, resolve disputes, enforce our agreements, etc.) and the Personal Information is no longer necessary in relation to the purpose for which it was originally collected, we will erase your data. Such withdrawal of consent will be made by sending an email to support@growlabs.com with your relevant details.

• Right of Restriction of Processing: You may request us to restrict processing of your Personal Information if one of the following applies: (i) the accuracy of the Personal Information is contested by you; (ii) the processing is unlawful; or (iii) if we no longer need the Personal Information. Such request will be made by sending an email with the relevant details to support@growlabs.com.

• Right to Data Portability: You have the right to receive the Personal Information in a structured, commonly used and machine-readable format. Such request will be made by sending an email with your relevant details to support@growlabs.com

Retention
Personal Information will be retained by Growlabs in such a way that you can be identified only as long as is necessary for Growlab’s processing activities (“Processing Date”). Growlabs will adopt the same retention policy for all Users and Contacts regardless of their place of residence, which will follow the reasonable mandatory retention period, which is 7 years as from the Processing Date Please note that we may retain the information we collect for as long as needed to provide the Services and to comply with our legal obligations, resolve disputes and enforce our agreements.

Please be notified: Requests may take up to 30 days to process. Some of the information that is gathered about you may arrive from the web and is public by other platforms. In some cases, you may encounter your details again after request for removal, in case they were re-collected over the web, contributed by other partners or in other means that are not including access to your device. We recommend you to periodically check your profile or the Services to ensure that your then-existed profile or account include only the Information you chose to have displayed.