GDPR Compliance Policy

Our comprehensive approach to data protection in accordance with the General Data Protection Regulation (GDPR).

1. Introduction

ISO Easy is committed to protecting the personal data of its clients, partners, and employees in accordance with the General Data Protection Regulation (GDPR) (EU) 2016/679. This policy outlines our approach to data protection and privacy.

2. Scope

This policy applies to all personal data processed by ISO Easy, including data of clients, prospective clients, suppliers, and employees, in any format (digital, paper-based, verbal communication, etc.).

3. Definitions

Key terms used in this policy:

Personal Data: Any information relating to an identified or identifiable natural person.

Processing: Any operation performed on personal data including collection, use, storage, and deletion.

Data Subject: A natural person whose personal data is processed.

Controller: ISO Easy, determining the purposes and means of the processing of personal data.

Processor: Any party processing data on behalf of ISO Easy.

4. Data Protection Principles

ISO Easy adheres to the following principles:

  • Lawfulness, fairness, and transparency
  • Purpose limitation
  • Data minimization
  • Accuracy
  • Storage limitation
  • Integrity and confidentiality
  • Accountability

5. Lawful Basis for Processing

Personal data is processed based on the following lawful bases:

  • Consent of the data subject
  • Contractual necessity for service delivery
  • Legal obligation
  • Legitimate interests pursued by ISO Easy

6. Data Subject Rights

Data subjects have the following rights:

  • Right to be informed
  • Right of access
  • Right to rectification
  • Right to erasure
  • Right to restrict processing
  • Right to data portability
  • Right to object
  • Rights in relation to automated decision making and profiling

7. Data Breach Response

ISO Easy has implemented procedures to detect, report, and investigate data breaches. Affected data subjects and authorities will be notified within 72 hours of discovering a breach, where feasible.

8. Data Protection Officer (DPO)

ISO Easy has appointed a Data Protection Officer responsible for overseeing this policy.

Data Protection Officer Contact:

privacy@iso-easy.co.uk

9. Data Transfers

ISO Easy does not transfer personal data outside the European Economic Area (EEA) unless adequate protection measures are in place, such as standard contractual clauses or adequacy decisions.

10. Review and Updates

This policy is reviewed annually or as needed to ensure compliance with data protection laws. The latest version is always available upon request.

GDPR Compliance Questions?

If you have any questions about our GDPR compliance or need to exercise your data protection rights, please contact our Data Protection Officer.

ABOUT US

At ISO Easy, we believe that ISO doesn’t have to be complicated or costly—especially for small and medium-sized businesses (SMEs). That’s why we focus on what matters most: getting your business ready to succeed with ISO.

read more

SERVICES

SERVICES

Quick Links

About Us

Contact Us

Privacy Policy

Cookie Policy

GDPR Compliance Policy

Legal Notice

Terms of Service

COPYRIGHT 2026 ISO EASY, ALL RIGHT RESERVED. PRIVACY POLICY. SITE DEVELOPMENT BY AD-DICTIONS MARKETING

ABOUT US

At ISO-Easy, we believe that ISO doesn’t have to be complicated or costly—especially for small and very small businesses. That’s why we focus on what matters most: getting your business ready to succeed with ISO.

read more

Services

Services

  • ISO 13485
  • Certification Preparation
  • Ongoing Support & Maintenance

Quick Links

About Us

Contact Us

Privacy Policy

Cookie Policy

GDPR Compliance Policy

Legal Notice

Terms of Service

COPYRIGHT 2026 ISO EASY, ALL RIGHT RESERVED. PRIVACY POLICY. SITE DEVELOPMENT BY AD-DICTIONS MARKETING