GDPR Compliance
Last updated: February 11, 2024
1. GDPR Compliance Commitment
MonitorExam is committed to full compliance with the EU General Data Protection Regulation (GDPR). We have implemented comprehensive data protection measures across our entire platform to ensure that personal data is processed lawfully, transparently, and securely.
2. Data Processing Agreement
We maintain a comprehensive Data Processing Agreement (DPA) that outlines our obligations as a data processor and your rights as a data controller. The DPA includes provisions for data subject rights, international data transfers, and sub-processor management.
3. Data Subject Rights
MonitorExam ensures that all data subjects can exercise their rights under GDPR, including:
- Right of access to personal data
- Right to rectification of inaccurate data
- Right to erasure ("right to be forgotten")
- Right to restrict processing
- Right to data portability
- Right to object to processing
- Rights related to automated decision-making
4. Data Protection by Design
We implement data protection principles in all our processes, including privacy by design, minimal data collection, and regular security assessments. Our infrastructure complies with international data security standards.
5. International Data Transfers
For any data transfers outside the EU/EEA, we use appropriate legal mechanisms such as Standard Contractual Clauses (SCCs) to ensure adequate protection of personal data.
6. Data Breach Notification
In the event of a personal data breach, MonitorExam will notify affected data controllers without undue delay, and where required, notify the relevant supervisory authority and affected data subjects in accordance with GDPR requirements.
7. Contact Us
For GDPR-related questions or to exercise your data rights, please contact our Data Protection Officer at dpo@monitorexam.com.