This policy governs how BrandLock (Dheera Media LLC) processes, protects, and manages personal data in accordance with the General Data Protection Regulation (GDPR) and our commitment to data privacy.
This policy applies to all personal data processed by BrandLock (Dheera Media LLC). The Responsible Person for BrandLock’s ongoing compliance is Aby Joseph. BrandLock maintains a Register of Systems — a register of all systems or contexts in which personal data is processed.
This policy shall be reviewed at least annually to ensure continued compliance with the GDPR and evolving data protection standards.
Our website may collect limited personal data when visitors submit forms, request demos, or subscribe to newsletters. This data is processed in accordance with this policy and applicable GDPR principles.
As a guiding principle, BrandLock does not collect PII through its services. The JavaScript tag deployed on customer websites operates using anonymous identifiers and behavioral telemetry only.
BrandLock is committed to processing data in accordance with its responsibilities under the GDPR. Article 5 requires that personal data shall be:
Personal data must be processed lawfully, fairly, and in a transparent manner in relation to individuals.
Collected for specified, explicit, and legitimate purposes — and not further processed in an incompatible manner.
Adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed.
Accurate and, where necessary, kept up to date. Inaccurate data must be erased or rectified without delay.
Kept in a form permitting identification for no longer than necessary. Longer storage only for archiving, research, or statistical purposes with appropriate safeguards.
Processed with appropriate security measures, including protection against unauthorised or unlawful processing and accidental loss, destruction, or damage.
This policy applies to all personal data processed by BrandLock. The Responsible Person shall take responsibility for ongoing compliance. The policy shall be reviewed at least annually.
To ensure processing is lawful, fair, and transparent, BrandLock maintains a Register of Systems which is reviewed at least annually. Individuals have the right to access their personal data, and any such requests shall be dealt with in a timely manner.
All data processed by BrandLock must be done on one of the following lawful bases: consent, contract, legal obligation, vital interests, public task, or legitimate interests. The appropriate lawful basis is noted in the Register of Systems.
Where consent is relied upon, evidence of opt-in consent shall be kept with the personal data. Where communications are sent based on consent, the option to revoke consent must be clearly available, and systems must reflect such revocation accurately.
BrandLock ensures that personal data is adequate, relevant, and limited to what is necessary in relation to the purposes for which it is processed. We do not collect more data than required for any given purpose.
BrandLock takes reasonable steps to ensure personal data is accurate. Where necessary for the lawful basis on which data is processed, steps are in place to ensure data is kept up to date.
To ensure personal data is kept for no longer than necessary, BrandLock maintains an archiving policy for each area in which personal data is processed. This process is reviewed annually and considers what data should or must be retained, for how long, and why.
BrandLock ensures that personal data is stored securely using modern software that is kept up to date. Access to personal data is limited to personnel who need it, and appropriate security measures are in place to avoid unauthorised sharing of information.
In the event of a security breach leading to accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to personal data, BrandLock shall promptly assess the risk to individuals’ rights and freedoms. If appropriate, the breach will be reported to all involved parties without undue delay.
For questions about this Data Protection Policy, data access requests, or to report a concern, please contact our Responsible Person:
General inquiries: info@brandlock.io