GDPR

Welcome to the MyGolfCad portal relating to the European General Data Protection Regulation (GDPR). The information and related links provided in this portal will help you better understand the GDPR as well as the rights you have over your personal data stored, processed and/or transmitted by https://www.MyGolfCad.com.

As a data subject from the European Union (EU), we value you as a customer and we are constantly working to ensure the safety, security and confidentiality of your personal data.

We invite you to read the following information and related links in order to learn more about the GDPR as well as the commitments made by MyGolfCad in terms of privacy protection and data security.

GDPR Definition    

      MyGolfCad's Commitment to Data Security and Privacy

Your rights as a Data Subject

      MyGolfCad GDPR Enhanced Privacy Policy

      Consent to commercial communications from MyGolfCad and the transmission of data

  Contact MyGolfCad on GDPR issues

GDPR definition

The European General Data Protection Regulation (GDPR) (EU) 2016/679 is a data protection and privacy regulation applicable across the European Union. It also applies to exports of personal data outside the EU. The GDPR aims primarily to give citizens and residents control over their personal data and to simplify the regulatory framework applicable to international companies by unifying the regulations within the EU.

Repealing the Data Protection Directive, the GDPR provides provisions and requirements with respect to the processing of personally identifiable information of data subjects within the European Union. Business processes involving the processing of personal data should be designed according to the concepts of privacy by design and privacy by default. Thus, the design of the system guarantees by default the highest possible level of data protection so that data cannot be made public without first obtaining explicit consent or be used to identify a data subject without having to resort to other stored information. separately from personal data.

Personal data may not be processed unless the latter is based on a legal basis provided for by the Regulation, or unless the controller or the processor has obtained the express consent of the part of the owner of the data, which consent can be withdrawn at any time. Put simply, the GDPR gives people greater rights and privileges over their personal data.

MyGolfCad's Commitment to Data Security and Privacy

GDPR Article 32 requires controllers and processors to have appropriate levels of security in place to ensure, among other things, the confidentiality, integrity and availability of processing and other related activities .

More concretely, article 32 requires MyGolfCad to put in place technical and organizational measures to guarantee a level of security adapted to the risk, including among others, as needed:

pseudonymization and encryption of personal data;

means to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services;

means to restore the availability of personal data and access to them within appropriate timeframes in the event of a physical or technical incident;

a procedure for regularly testing, analyzing and evaluating the effectiveness of technical and organizational measures to ensure the security of the processing.

MyGolfCad's commitment to confidentiality, integrity and availability (the CID triptych) consists of the following initiatives:

A robust set of internal controls relating to the storage, processing and/or transmission of personal data for data subjects within the European Union;

Comprehensive information security and operations policies, procedures and processes applicable to all fundamental aspects of information security, including:

Access control

Anti-virus and anti-malware

Asset inventory

Control | change management

Configuration management

Classification of information and data

Data backup and recovery

database policy

Encryption key management

firewall policy

Incident response

Internet usage policy

The remote access policy

Security and patch management

The software development lifecycle

virtualization policy

Vulnerability management

Web server security policy

wireless security

Workplace safety

User account provisioning

User account deprovisioning

The annual PCI-DSS (Payment Card Industry Data Security) compliance commitment

Annual security awareness training delivered to all employees

Annual risk assessment initiatives to assess the risks faced by the organization and take the necessary measures to mitigate them

Monitoring, where applicable, third party providers doing business with MyGolfCad over the storage, processing and/or transmission of personal data of EU residents.

Your rights as a Data Subject

To the extent that MyGolfCad stores, processes and/or transmits personal data of EU data subjects, you should be aware of the following rights and privileges provided by the European General Data Protection Regulation (GDPR ):

Right of access: The data subject has the right to obtain from the controller confirmation that personal data concerning him or her are or are not being processed and, when they are, access to said personal data. .

Right of rectification: The person concerned has the right to obtain from the controller, as soon as possible, the rectification of personal data concerning him which is inaccurate. Taking into account the purposes of the processing, the data subject has the right to obtain the completion of incomplete personal data, including by providing an additional declaration

Right to erasure (“Right to be forgotten”): The data subject has the right to obtain from the controller the erasure, as soon as possible, of personal data concerning him and the controller has the obligation to erase such personal data without undue delay, where certain grounds apply.

Right to restriction of processing: The data subject has the right to obtain from the controller the restriction of processing when certain elements apply.

Right to data portability: The data subject has the right to receive the personal data relating to him that he has provided to a controller, in a structured, commonly used and machine-readable format, and has the right to transmit this data to another controller without the controller to whom the personal data has been communicated obstructing it.

Right of objection: The data subject has the right to object at any time, for reasons relating to his particular situation, to the processing of personal data relating to him based on Article 6, paragraph 1, point e. ) or f), including profiling based on these provisions. The controller shall no longer process the personal data, unless he demonstrates compelling legitimate grounds for the processing which override the interests and rights and freedoms of the data subject, or for the recognition, exercise or defense of legal claims.

Consent to commercial communications from MyGolfCad and the transmission of data

We inform you that MyGolfCad is likely to collect, use and communicate the personal data that you have provided during telephone assistance, product registration, communications on the forum, of your subscription to our newsletter or in your MyGolfCad account, in order to send you commercial documentation that you have agreed to receive, in accordance with our improved privacy policy, available at https://mygolfcad.com/ privacy-policy/ and our policy on GDPR-authorized transmissions, available at https://www.MyGolfCad.com/ https://mygolfcad.com/rgpd, our GDPR portal.

Contact us

For any questions relating to the GDPR or to exercise your rights under the regulations, please contact us at contact@MyGolfCad.com. We will process your request and guide you through the process.