Table of Contents

1. Introduction
2. Purpose
3. Scope of Compliance
4. Definitions
5. Data Collection Methods
6. Data Elements Collected
7. Data Storage and Encryption
8. Data Sharing and Internal Usage
9. User Rights and Consent Mechanisms
10. Data Retention and Deletion
11. Security Measures
12. Data Audits and Accountability
13. Incident Response and Data Breach Procedure
14. Data Protection Officer (DPO)
15. Training and Awareness
16. Non-Compliance Penalties
17. Amendments
18. Contacts

2. The Data We Collect

G1. Introduction
This Data Compliance Document outlines the policies and procedures in place at Metas Worldwide for ensuring the secure and compliant management of data. It is intended to align with legal and ethical standards for data protection and privacy.

3. Scope of Compliance

This document is applicable to all data collected via Metas Worldwide from registered users. This includes data collected through inquiry forms.

4. Definitions

Personal Data: Any information related to an identified or identifiable natural person.
Processing: Any operation performed on personal data, whether or not by automated means.
Data Subject: The individual whose personal data is being processed.
Data Controller: The entity that determines the purposes and means of processing personal data.

5. Data Collection Methods

Form Submission: A form on Metas Worldwide collects contact information after the user consents to our privacy policy.

6. Data Elements Collected

7. Data Storage and Encryption

Storage: All data collected via Metas Worldwide is stored in our internal CRM system.
Encryption: All stored data is encrypted using AES 256-bit encryption.

8. Data Sharing and Internal Usage

Internal Sharing: Data is used internally for sales, marketing, and customer service.
Third-Party Sharing: There is no third-party sharing of data collected via Metas Worldwide.

9. User Rights and Consent Mechanisms

Consent: A checkbox is provided to obtain explicit user consent before data collection.
Rights: Users have the right to access, correct, and delete their data.

10. Data Retention and Deletion

Retention Policy: Data is retained indefinitely unless a deletion request is made by the user.

11. Security Measures

Firewall: AWS firewall services are implemented to restrict unauthorized access.
Encryption: Data is encrypted both at rest and in transit.

12. Data Audits and Accountability

Audit Logs: All access to and actions on data are logged for audit purposes.
Accountability: Employees with access to data are trained and accountable for compliant handling.

13. Incident Response and Data Breach Procedure

Incident Response Team: Headed by the Data Protection Officer, this team is responsible for managing data breaches.
Notification: In the event of a breach, affected parties will be notified within 72 hours.

14. Data Protection Officer (DPO)

Name: Mr. Ganesh D
Experience: 10 years
Role: Overseeing data protection strategy and its implementation to ensure compliance.

15. Training and Awareness

Employee Training: All employees are required to undergo data protection training.

16. Non-Compliance Penalties

Internal Penalties: Employees found in violation may face disciplinary action up to and including termination.

17. Amendments

This document may be periodically updated to reflect changes in laws, technologies, or company policies.

Contact Us

For further queries and clarifications, please contact Data Protection Officer at dpo@metasworldwide.com.