GDPR Compliance

General Data Protection Regulation

Our Commitment to GDPR

CRMboard.in is committed to protecting the privacy and security of personal data in accordance with the EU General Data Protection Regulation (GDPR). This page outlines our practices and your rights under GDPR.

Data Controller

For the purposes of GDPR, CRMboard.in acts as the data controller for personal data we collect from you. Our contact information:

Company: CRMboard.in Private Limited

Email: dpo@crmboard.in

Address: Tech Park, Building 5, Sector 18, Gurugram, Haryana 122015, India

Your Rights Under GDPR

Under GDPR, you have the following rights regarding your personal data:

1. Right to Access

You have the right to request a copy of the personal data we hold about you.

2. Right to Rectification

You have the right to request correction of inaccurate or incomplete personal data.

3. Right to Erasure

You have the right to request deletion of your personal data in certain circumstances.

4. Right to Restrict Processing

You have the right to request restriction of processing of your personal data.

5. Right to Data Portability

You have the right to receive your personal data in a structured, commonly used format.

6. Right to Object

You have the right to object to processing of your personal data for certain purposes.

7. Right to Withdraw Consent

Where processing is based on consent, you have the right to withdraw that consent at any time.

Lawful Basis for Processing

We process your personal data under the following lawful bases:

  • Contract: Processing necessary for the performance of a contract
  • Consent: You have given explicit consent for processing
  • Legitimate Interests: Processing necessary for our legitimate business interests
  • Legal Obligation: Processing necessary to comply with legal requirements

Data Protection Measures

We implement appropriate technical and organizational measures to protect your personal data:

  • Encryption of data in transit and at rest
  • Regular security assessments and penetration testing
  • Access controls and authentication mechanisms
  • Regular staff training on data protection
  • Data breach notification procedures

International Data Transfers

If we transfer your personal data outside the EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission or adequacy decisions.

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for legal, accounting, or reporting requirements. When we no longer need your data, we will securely delete or anonymize it.

Exercising Your Rights

To exercise any of your GDPR rights, please contact our Data Protection Officer:

Email: dpo@crmboard.in

Subject: "GDPR Rights Request"

We will respond to your request within one month. If your request is particularly complex, we may extend this period by two additional months.

Supervisory Authority

You have the right to lodge a complaint with a supervisory authority if you believe we have not handled your personal data appropriately. In India, you can contact the relevant data protection authority, and in the EU, you can contact your local supervisory authority.