The official document of the Regulation (EU) 2016/679 (General Data Protection Regulation) in the current version of the OJ L 119, 04.05.2016
GDPR (The General Data Protection Regulation) s a regulation in EU law on data protection and privacy in the European Union, which is effective from May, 2018.
Since the Regulation applies regardless of where the incorporated company is based, it impacts every such entity that does business or provides services and goods to European Union residents. Despite being European law, any entity that collects and analyzes the personal data of EU citizens or other businesses and their customers lies under GDPR.
The purpose of GDPR is to protect individuals' rights and personal information in the process of using products or services. Any private information which is in any possible way directed to a certain individual is considered as personal data and its processing is regulated by GDPR. Such data may include information about location, online identifiers, biometric data such as facial recognition.
Auther as a facial recognition provider fully complies with GDPR and fulfills all its requirements for maintaining order.
Controllers and Processors are key components to creating GDPR compliance.
Controller - any entity which determines the purpose of all data processing;
Processor - executive which processes received personal data from controllers.
The responsibility of GDPR compliance is completely assigned to controllers. Data controllers are responsible and liable for GDPR compliance in the processing of personal information, even in cases when they have outsourced such processing activities to another company. Nevertheless, processors are also obligated to be GDPR compliant under the applicable law.
1. Transparency and communication
Auther explains before the user starts using its services and goods, how the received data is processed. For any questions or clarifications, the user is able to form a request.
2. Personal data collection
At the moment Auther will collect personal and any other data from a Client or User the proper notification will be displayed for better understanding.
3. Right of access
Our Clients have the right to know certain information about the processing activities of a Auther as data controller.
Our Clients are able to correct inaccurate or incomplete personal data that Auther is processing or going to.
5. Right to erasure
Our Clients have a full right to request the deletion of any information about them that Auther possesses.
6. Right to restrict processing
Auther will apply any Clients` requests about their desire to temporarily change the way their personal information is processed.
7. Data portability
Auther stores Clients’ personal data in an easily portable format for quick sharing with others or for making changes.
8. Right to object
Our Clients have the full right to object to the processing of their data.
According to the Terms of Service, Section 7.3 , Auther as the Processor will assist the Client/User as the Controller in meeting the Client’s obligations under GDPR, providing subject access, and allowing data subjects to exercise their rights under GDPR.
If our Client uploads Client Data to the Platform, such Client Data and any processing of such Client Data must be in compliance with the Auther Terms of Service and applicable law. All rights, title and interest in and to the Client Data belong to the Client or third persons (including Users, persons and Organizations) whether posted and/or uploaded by you or made available on or through the Auther Services by Auther. By uploading Client Data to the Platform, Client authorizes Auther to process the Client Data. More information is available in Terms of Service, Section 7.1.
As a Processor Auther does not store any biometric data of processed images. At present Auther does not store processed images. The function of images` storage will be available in the future with full compliance with General Data Protection Regulation from the responsible side - our Clients/Users.
Riddletag OÜ (reg.code 14653616)
Address: Kiriku 6, Tallinn 10130, Estonia.
Data protection officer
Name/Surname: Yurii Holuzynets
Contacts to data protection officer
Email address: firstname.lastname@example.org