Melromin Global Network GDPR Policy

1. Introduction
• This policy outlines how Melromin Global Network collects, uses, stores, and protects the personal data of suppliers and forwarders in compliance with the General Data Protection Regulation (GDPR).
2. Data Controller
• Melromin Global Network,[88 Uxendon Hill,London,HA9SJ], is the data controller responsible for determining the purposes and means of processing personal data.
3. Data We Collect
• We collect personal data necessary for our business operations, including:
  • Contact information (name, email, phone number)
  • Business information (company name, address, VAT number)
  • Financial information (for invoicing and payment purposes)
4. Lawful Basis for Processing
• We process personal data based on the following legal grounds:
  • Contract: To fulfill our contractual obligations with suppliers and forwarders.
  • Legitimate Interest: To operate our business efficiently and to improve our services.
5. Purpose of Data Processing
• We collect and process personal data for the following purposes:
  • Facilitating connections between suppliers and forwarders.
  • Providing customer support.
  • Managing business relationships.
  • Complying with legal and regulatory requirements.
6. Data Subject Rights
• Individuals have the right to:
  • Access their personal data.
  • Request rectification of inaccurate data.
  • Request erasure of their personal data.
  • Restrict processing of their personal data.
  • Data portability.
  • Object to processing.
  To exercise these rights, please contact us at info@melrominglobalnetwork.co.uk
7. Data Security
• We implement appropriate technical and organizational measures to protect personal data against unauthorized or unlawful processing and accidental loss, destruction, or damage. These measures include:
  • Access control measures
  • Encryption of data
  • Regular security assessments
8. Data Retention
• We retain personal data for as long as necessary to fulfill the purposes for which it was collected or as required by law.
9. Data Breaches
• In the event of a personal data breach, we will notify the relevant supervisory authority and affected individuals without undue delay.
10. Transfers of Personal Data
• We may transfer personal data to third parties, such as IT service providers, within the EU. If data is transferred outside the EU, appropriate safeguards will be in place
11. Changes to This Policy
• We may update this policy from time to time. Any changes will be posted on our website.
Additional Considerations
• • Privacy Policy: Consider creating a separate privacy policy for website visitors.
  • Data Protection Impact Assessments (DPIAs): Conduct DPIAs for high-risk processing activities.
  • Employee Training: Ensure employees are aware of their GDPR obligations.
  • Data Subject Access Requests (DSARs):Establish procedures for handling DSARs.