GDPR Policy

GDPR is the regulatory body for the processing of personal data by citizens of the European Union (EU). The main objective of the GDPR is to give citizens control over their personal data. OmegaX products comply with EU privacy policy.

GDPR contains 11 chapters and nearly 100 articles. Below are some of the most important articles.

European Union – General Data Protection Regulation

Article 5: “Principles for the processing of personal data”: OmegaX is a reliable administrator of personal data. Customer data can only be used to provide educational services. These data are not sold or used for marketing purposes.

Article 17: “Right to Forget”: Schools can exclude OmegaX users at any time. Individual users can delete the data added to OmegaX at any time. OmegaX quickly removes data from schools that no longer use OmegaX.

Article 32: “Processing Security”: OmegaX stores all confidential and secure personal information. OmegaX team members are subject to contractual confidentiality agreements. OmegaX data security measures include internal policies and procedures for data management, personal data access restrictions, data encryption (for inactive data and data transmission), monitoring of the data system, contingency plans, and unauthorized individuals who have access to personal information while using communications networks be transmitted.

Other Important Articles:

Article 33: “Notification of a breach of personal data to the supervisory authority”: The GDPR requires the supervisory authority to notify the GDPR within 72 hours of the discovery of a breach of personal data. Identify a security breach that results in unauthorized disclosure of personal information: OmegaX immediately notifies affected customers, conducts an investigation, and restores the integrity of their data systems as soon as possible. OmegaX will fully cooperate and send the required reports to those affected by this violation.

Article 35: Impact Assessment Impact Assessment: OmegaX performs various safety assessments of our systems. Some safety tests are done every year, others more often and others are done continuously.

Article 37: “Appointment of a Data Protection Officer”: OmegaX has a designated Data Protection Officer who is authorized to perform security controls and has an impact on product development.

Article 44: “General principle of transmission”: In order to promote the sovereignty/residence of data in the MSG, the Regulation authorizes the European Commission to decide whether it is a third country or a third country to which the data are transmitted become the right path Protection level Since the GDPR is new, the Commission has not yet authorized a third country or territory. OmegaX customers in the EU or UK are assigned to an EU data center (Frankfurt, Germany). This EU data center manages all required OmegaX applications and data servers. Outside this data center, servers are not used to store data or provide services to customers in the EU or the UK.