GDPR Compliance
General Data Protection Regulation Compliance Statement

Our Commitment to GDPR

Gemai is committed to protecting your personal data and complying with the General Data Protection Regulation (GDPR). We ensure that your data is processed lawfully, fairly, and transparently.

1. Legal Basis for Processing

We process your personal data based on the following legal grounds:

  • Consent: You have given clear consent for us to process your personal data
  • Contract: Processing is necessary for a contract we have with you
  • Legal Obligation: Processing is necessary to comply with the law
  • Legitimate Interests: Processing is necessary for our legitimate interests

2. Your GDPR Rights

Under GDPR, you have the following rights:

  • Right to Access: Request copies of your personal data
  • Right to Rectification: Request correction of inaccurate data
  • Right to Erasure: Request deletion of your personal data
  • Right to Restrict Processing: Request that we limit the processing of your data
  • Right to Data Portability: Request transfer of your data to another organization
  • Right to Object: Object to processing of your personal data
  • Rights Related to Automated Decision Making: Right not to be subject to automated decision-making

3. Data Protection Measures

We implement appropriate technical and organizational measures to ensure data security:

  • End-to-end encryption for data transmission
  • Secure data storage with encryption at rest
  • Regular security audits and penetration testing
  • Access controls and authentication mechanisms
  • Staff training on data protection practices
  • Incident response and breach notification procedures

4. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, or reporting requirements. When data is no longer needed, we securely delete or anonymize it.

5. International Data Transfers

If we transfer your data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions by the European Commission.

6. Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will notify you and the relevant supervisory authority within 72 hours of becoming aware of the breach.

7. How to Exercise Your Rights

To exercise any of your GDPR rights, please contact our Data Protection Officer at:

Data Protection Officer

dpo@gemai.in

We will respond to your request within 30 days.

8. Complaints

If you believe your data protection rights have been violated, you have the right to lodge a complaint with your local supervisory authority.

9. Contact Information

For any questions regarding GDPR compliance, please contact:

support@gemai.in

Gemai by Omyra Technologies