Bobcares takes security of our customer data very seriously and is already certified for ISO 27001 and ISO 9001. We are committed to ensuring high standards of systems implemented to ensure the confidentiality, integrity and availability of customer data. Our internal systems and procedures are designed to ensure customer satisfaction.
Bobcares operates both as controller and processor as per GDPR and we have outlined our processes and procedures to comply in both roles.
How Bobcares ensures GDPR compliance
Bobcares collects and processes personal data that is required to fulfill the business and legal requirements. The details of data collected and its purpose are accessible to customers when they avail of our service. The data collected is used only for the purpose designated.
Storage and Security
All information collected from customers is stored in our internal infrastructure located in Kerala, India, and Arizona, USA. We are committed to ensuring the best security for You, which means choosing the best solutions for storage and security.
Bobcares is ISO 27001 certified and our infrastructure is secured as per the standards and requirements in ISO 27001. The system is audited by an external party every year to ensure compliance.
Data originating from customers are given a minimum classification level of “Confidential”, and security systems are implemented so that only the team members currently assigned to you will be able to see it.
Rights of Data Subject
Information and access to personal data
Customers can review their personal data stored with us by logging in to our customer portal.
Rectification and erasure
If the customer would like to delete the personal data from the internal records, they can send an email to [email protected], which will be responded to within a reasonable time. The request will be taken care of, considering the business and legal requirements.
Bobcares reserves the right to refuse permanent deletion for a legitimate reason, such as legal or business requirement which requires customer data to be preserved.
Right to object and automated individual decision-making
You have a right to demand ceasing processing your data or restricting its processing with respect to exceptions set forth in art. 18 GDPR.
If you have any doubts, please send an email to [email protected].
We use Google Analytics and Smartlook tools for analyzing trends and movements in our website, and gathers this information in order to make better decisions in terms of product development, so it better suits your needs.
Bobcares also collects periodic feedback on service provided, which is used as an input to measure the quality of service and to improve our systems and service delivery.
Cross-Border Data Transfer
Bobcares has our operations functioning from our Indian and US office. The personal data collected is stored in the internal infrastructure located in Kerala, India and Arizona, USA.
As per the derogations for specific situations as set forth in Article 49 of the GDPR, Bobcares collects and transfers personal data to USA and India to perform a contract with the customer; or to fulfil the legal and business requirements of Bobcares.
We have applied suitable safeguards to protect the privacy and security of Your and Your customers’ personal data.
Bobcares as Processor and Data Processing Agreement
Bobcares already has security incident reporting and management policies and procedures in place which we have expanded to ensure they meet GDPR standards in terms of notification to appropriate regulatory institutions.