Data Protection Policy
Harmony Nest
Last Updated: 2nd April, 2025
This Data Protection Policy outlines our approach to safeguarding personal data in accordance with the General Data Protection Regulation (GDPR) and Irish data protection laws.
1. Principles of Data Protection
We adhere to the following principles:
- Lawfulness, Fairness & Transparency: We process data legally and transparently.
- Purpose Limitation: Data is collected for specific, legitimate purposes only.
- Data Minimization: We only collect necessary data.
- Accuracy: We keep data up-to-date and correct errors.
- Storage Limitation: We do not retain data longer than necessary.
- Integrity & Confidentiality: We use strong security measures to protect data.
2. Data Security Measures
We implement:
- Encryption of sensitive data.
- Secure Servers & Firewalls to prevent unauthorized access.
- Two-Factor Authentication (2FA) for user accounts.
- Regular Security Audits to detect vulnerabilities.
- Access Controls ensuring only authorized personnel access user data.
3. Data Breach Response Plan
In case of a data breach:
- We identify and contain the breach.
- We assess risks to affected users.
- We notify authorities and users within 72 hours.
- We take corrective actions to prevent future breaches.
4. Employee Responsibilities & Training
All employees handling personal data must:
- Follow GDPR guidelines.
- Maintain confidentiality.
- Undergo mandatory data protection training.
A Data Protection Officer (DPO) oversees compliance and security practices.
5. Compliance & Enforcement
We conduct regular GDPR compliance audits and ensure our policies align with evolving EU regulations.
For any questions regarding data protection, contact [email protected].
By using our services, you agree to this Data Protection Policy.