1.0 General Data Protection Regulation (GDPR)
Xgeneration Ltd needs to perform a contract with you
You have given Xgeneration Ltd permission to do so
Processing your personal information is in Xgeneration Ltd legitimate interests
Xgeneration Ltd needs to comply with the law
If you are a resident of the European Economic Area (EEA), you have certain data protection rights. If you wish to be informed what Personal Information, we hold about you and if you want it to be removed from our systems, please contact us. In certain circumstances, you have the following data protection rights:
The right to access, update or delete the information we have on you.
The right of rectification.
The right to object.
The right of restriction.
The right to data portability
The right to withdraw consent
2.0 Log Files
Xgeneration follows a standard procedure of using log files. These files log visitors when they visit websites. All hosting companies do this and are a part of hosting services' analytics. The information collected by log files includes internet protocol (IP) addresses, browser type, Internet Service Provider (ISP), date and time stamp, referring/exit pages, and possibly the number of clicks. These are not linked to any information that is personally identifiable. The purpose of the information is for analysing trends, administering the site, tracking users' movement on the website, and gathering demographic information.
3.0 Data Security Measures
Without prejudice to Data Controller’s security risk assessment obligations under Section 3.2 (Security Risk Assessment) above, Data Processor shall maintain appropriate technical and organizational safeguards to protect the security, confidentiality and integrity of Customer Data, including any Personal Data contained therein, as described in Section 2 (Physical, Technical and Administrative Security Measures) of the Data Security Guide. Such measures are designed to protect Customer Data from loss, alteration, unauthorized access, acquisition, use, disclosure, or accidental or unlawful destruction, and include:
3.0.1. Service Access Control. The Subscription Service provides user and role-based access controls. Data Controller is responsible for configuring such access controls within its instance.
3.0.2. Logging and Monitoring. The production infrastructure log activities are centrally collected and are secured in an effort to prevent tampering and are monitored for anomalies by a trained security team.
3.0.3. Data Separation. Customer Data shall be maintained within a logical single-tenant architecture on multi-tenant cloud infrastructure that is logically and physically separate from Xgeneration’s corporate infrastructure.
3.0.4. Service Continuity. The production database servers are replicated in near real-time to a mirrored data centre in a different geographic region.
3.0.5. Testing. Data Processor regularly tests, assesses and evaluates the effectiveness of their information security program and may periodically review and update such program to address new and evolving security technologies, changes to industry standard practices, and changing security threats.
3.1 Deletion of Personal Data
Upon termination or expiration of the Agreement, Data Processor shall return and delete Customer Data, including Personal Data contained therein, as described in the Agreement.
3.2 Data centres
Data Processor will host Data Controller’s instances of the Subscription Service in data centres located in the geographic regions specified on the Order Form.
3.3 Data Protection Act Impact Assessment (DPIA).
Data Processor will, on request, provide Data Controller with reasonable information required to fulfil Data Controller’s obligations under GDPR to carry out data protection impact assessments, if any, for the Processing of Personal Data within the Subscription Service.
3.4 Prior Consultation
Data Processor shall provide reasonable assistance (at Data Controller's expense) in connection with any prior consultation Data Controller is required to undertake with a supervisory authority under Data Protection Laws with respect to the Processing of Personal Data in the Subscription Service.
3.5 Data Processor Assistant
Data Processor will assist Data Controller in ensuring compliance with the Data Controller’s obligations pursuant to Articles 32 to 36 of the GDPR taking into account the nature of Processing by providing the Data Controller with reasonable information requested pursuant to the terms of this DPA, including information required to conduct Data Controller’s security risk assessment and respond to Data Subject Requests (defined below). For clarity, Data Controller is solely responsible for carrying out its obligations under GDPR and this DPA. Data Processor shall not undertake any task that can be performed by Data Controller.
3.6 Data Protection Contract
Xgeneration and its Sub-Processor Affiliates (defined below) will maintain a dedicated data protection team to respond to data protection inquiries throughout the duration of this DPA and can be contacted at firstname.lastname@example.org
3.6.1 Use of Sub Processors Data Controller authorizes Data Processor to engage Sub-Processors appointed in accordance with this policy to support the provision of the Subscription Service and to deliver Professional Services as described in the Agreement.
4.0 Cookies and Web Beacons
Like any other website, Xgeneration uses 'cookies'. These cookies are used to store information including visitors' preferences, and the pages on the website that the visitor accessed or visited. The information is used to optimize the users' experience by customizing our web page content based on visitors browser type and/or other information.
4.1 Privacy Policies
4.2 Third-Party Privacy Policies
You can choose to disable cookies through your individual browser options. To know more detailed information about cookie management with specific web browsers, it can be found at the browsers' respective websites.
4.3 Children's Information
Another part of our priority is adding protection for children while using the internet. We encourage parents and guardians to observe, participate in, and/or monitor and guide their online activity.
Xgeneration does not knowingly collect any Personal Identifiable Information from children under the age of 13. If you think that your child provided this kind of information on our website, we strongly encourage you to contact us immediately and we will do our best efforts to promptly remove such information from our records.