1. Introduction

HRS Rail LTD is committed to protecting the privacy and security of personal data. This GDPR Compliance Policy outlines our practices concerning the collection, use, and protection of personal information on our website.

2. Data Collection

2.1 Personal Data

We may collect and process the following personal data:

– Name
– Contact information (email address, phone number, address)
– Job title and company information
– IP address
– Cookies (for more details, refer to our Cookie Policy)

2.2 Purpose of Data Collection

We collect personal data for the following purposes:

– Responding to inquiries and requests
– Providing information about our products and services
– Processing orders and contracts
– Improving our website and services
– Complying with legal obligations

3. Data Processing and Storage

3.1 Lawful Basis

We will only process personal data where we have a lawful basis to do so, such as the consent of the individual, the necessity for the performance of a contract, compliance with a legal obligation, or our legitimate interests.

3.2 Data Security

We have implemented technical and organizational measures to ensure the security and confidentiality of personal data. Access to personal data is restricted to authorized personnel only.

3.3 Data Retention

Personal data will be retained for the period necessary to fulfil the purposes outlined in this policy unless a longer retention period is required or permitted by law.

4. Data Subject Rights

Individuals have the following rights regarding their personal data:

– The right to access
– The right to rectification
– The right to erasure
– The right to restrict processing
– The right to data portability
– The right to object

Requests to exercise these rights can be submitted through our designated contact channels.

5. Third-Party Processors

We may use third-party processors to handle personal data on our behalf. These processors are carefully selected and are required to comply with GDPR regulations.

6. International Data Transfers

In cases where personal data is transferred outside the European Economic Area (EEA), we will ensure adequate safeguards are in place to protect the data, such as Standard Contractual Clauses or other approved mechanisms.

7. Data Breach Notification

In the event of a data breach, HRS Rail LTD will promptly assess the situation, take appropriate measures to mitigate the breach, and notify the relevant supervisory authorities and affected individuals as required by law.

8. Policy Updates

This GDPR Compliance Policy may be updated periodically. Any changes will be communicated through our website or other appropriate channels.

9. Contact Information

For any questions or concerns regarding this policy or our data practices, please contact us on our Contact Us form.