GDPR Compliance Policy

Our comprehensive approach to data protection in accordance with the General Data Protection Regulation (GDPR).

1. Introduction

ISO Easy is committed to protecting the personal data of its clients, partners, and employees in accordance with the General Data Protection Regulation (GDPR) (EU) 2016/679. This policy outlines our approach to data protection and privacy.

2. Scope

This policy applies to all personal data processed by ISO Easy, including data of clients, prospective clients, suppliers, and employees, in any format (digital, paper-based, verbal communication, etc.).

3. Definitions

Key terms used in this policy:

Personal Data: Any information relating to an identified or identifiable natural person.

Processing: Any operation performed on personal data including collection, use, storage, and deletion.

Data Subject: A natural person whose personal data is processed.

Controller: ISO Easy, determining the purposes and means of the processing of personal data.

Processor: Any party processing data on behalf of ISO Easy.

4. Data Protection Principles

ISO Easy adheres to the following principles:

  • Lawfulness, fairness, and transparency
  • Purpose limitation
  • Data minimization
  • Accuracy
  • Storage limitation
  • Integrity and confidentiality
  • Accountability

5. Lawful Basis for Processing

Personal data is processed based on the following lawful bases:

  • Consent of the data subject
  • Contractual necessity for service delivery
  • Legal obligation
  • Legitimate interests pursued by ISO Easy

6. Data Subject Rights

Data subjects have the following rights:

  • Right to be informed
  • Right of access
  • Right to rectification
  • Right to erasure
  • Right to restrict processing
  • Right to data portability
  • Right to object
  • Rights in relation to automated decision making and profiling

7. Data Breach Response

ISO Easy has implemented procedures to detect, report, and investigate data breaches. Affected data subjects and authorities will be notified within 72 hours of discovering a breach, where feasible.

8. Data Protection Officer (DPO)

ISO Easy has appointed a Data Protection Officer responsible for overseeing this policy.

Data Protection Officer Contact:

privacy@iso-easy.co.uk

9. Data Transfers

ISO Easy does not transfer personal data outside the European Economic Area (EEA) unless adequate protection measures are in place, such as standard contractual clauses or adequacy decisions.

10. Review and Updates

This policy is reviewed annually or as needed to ensure compliance with data protection laws. The latest version is always available upon request.

GDPR Compliance Questions?

If you have any questions about our GDPR compliance or need to exercise your data protection rights, please contact our Data Protection Officer.

ABOUT US

At ISO Easy, we provide practical, affordable ISO implementation for SMEs, leading the process and reducing the workload on your team. Our approach is built on long-term implementation experience and shaped around the real needs of growing businesses.

read more

SERVICES

Quick Links

COPYRIGHT 2026 ISO EASY, ALL RIGHT RESERVED. PRIVACY POLICY. SITE DEVELOPMENT BY AD-DICTIONS MARKETING

ABOUT US

At ISO Easy, we provide practical, affordable ISO implementation for SMEs, leading the process and reducing the workload on your team. Our approach is built on long-term implementation experience and shaped around the real needs of growing businesses.

read more

Services

Quick Links

COPYRIGHT 2026 ISO EASY, ALL RIGHT RESERVED. PRIVACY POLICY. SITE DEVELOPMENT BY AD-DICTIONS MARKETING