General Data Protection Regulation (GDPR)

General Data Protection Regulation (GDPR)


Last updated: March 1, 2024. The General Data Protection Regulation (GDPR) is a European Union statute regulating the protection of EU citizens’ personal data. GDPR, which came into force in 2018, sets out rules for collecting, processing, and storing personal data. Under GDPR, organizations and companies must comply with certain data privacy and security standards.

Our users can be assured that we care about protecting their personal information and apply appropriate security measures in accordance with GDPR.

General Data Protection Regulation

myDEAC as Data controller, in accordance with the applicable data protection laws and regulation, notably Latvian law of Personal Data Processing Law and the regulation (EU) 2016/679 of the European Parliament of the Council of April 27th 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, you can request access, rectification, erasure and portability of your personal data or restrict and object to the processing of your personal data.

Each Party undertakes to carry out its obligations pursuant to General Data Protection Regulation (“GDPR”). Each Party warrants that any personal data it makes available to the other Party in accordance with the Agreement shall be properly processed in accordance with the GDPR applicable Data Protection legislation and when myDEAC is the disclosing party, such disclosure will be in accordance with the myDEAC Privacy Policy. In case personal data will be processed within the scope of this Agreement, the Parties will enter into a Data Processor Agreement that will be attached to TOS. Any disclosure of data from the disclosing Party to the non-disclosing Party will be done lawfully and solely on the grounds for processing personal data under the GDPR, in accordance with the Data Processor Agreement and in accordance with the purposes set out in the myDEAC Privacy Policy. Where required under the GDPR, each disclosing Party will have obtained all necessary consents to forward such information to the non-disclosing Party. myDEAC reserves the right to audit whether the other Party handles the disclosed personal data in accordance with the myDEAC Privacy Policy. myDEAC cannot be held accountable for any data breaches by the Customer.

The disclosing Party shall indemnify the non-disclosing Party in respect of all losses, liabilities, demands, costs, charges, expenses, claims, actions, sanctions or proceedings (whether civil or criminal and arising in any jurisdiction) incurred or sustained by the non-disclosing Party as a result of any breach of Article 13.1 or any contravention of the applicable data protection legislation.