Privacy Notice and Consent Form
Last Updated March 14, 2023
- 1. Definitions
- 2. Personal Data Collected, Used, and Shared
- 3. Organizational Security Obligations and Measures
- 4. Technical Security Measures
- 5. Rights of the Data Subject
- 6. Data Breaches and Security Incidents
- 7. Dispute Resolution and Law
- 8. Outsourcing and Subcontracting
- 9. Summary of Processing Activities
- 10. How to Contact Us
Chapter VI - Data Breaches and Security Incidents
Data Breach Notification - All our stockholders, directors, officers, employees, and agents involved in the Processing of Personal Data are tasked with regularly monitoring for signs of a possible data breach or security incident. In the event that such signs are discovered, facts and circumstances will be reported to our authorized personnel within 24 hours from discovery for verification as to whether or not a breach requiring notification to regulators has occurred. If there is a breach of such nature, we will notify any relevant government authority and affected Data Subjects according to the requirements and procedures prescribed by law.
The notification will at least describe the nature of the breach, the Personal Data possibly involved, and measures are taken by Brankas to address the breach. The notification will also include measures taken to reduce the harm of the breach and the name and contact details of Brankas’ authorized personnel. The form and procedure for notification will conform with the law.
Breach Reports - All security incidents and Personal Data breaches will be documented through written reports, including those not covered by notification requirements. In the case of Personal Data breaches, a report will include the facts surrounding an incident, the effects of such incident, and the remedial actions taken by Brankas. In other security incidents not involving Personal Data, a report containing aggregated data will be sufficient.