GDPR Compliance

1. Lawful Basis for Processing

We process personal data only where a lawful basis exists, including:

• Contractual Necessity: To provide access to AuditLog platforms, services, and secure user accounts.
• Legal Obligation: To meet regulatory, compliance, and identity verification requirements where applicable.
• Legitimate Interest: To maintain platform security, audit trails, fraud prevention, and service notifications.
• Consent: Where you explicitly opt in to non-essential communications or features.

2. Your Rights as a Data Subject

Under the General Data Protection Regulation (GDPR), you are entitled to the following rights:

• Right of Access: Request confirmation and a copy of the personal data we hold.
• Right to Rectification: Request correction of inaccurate or incomplete data.
• Right to Erasure: Request deletion where data is no longer required or lawfully retained.
• Right to Restriction: Limit processing in certain circumstances.
• Right to Data Portability: Receive your data in a structured, machine-readable format.
• Right to Object: Object to processing based on legitimate interests or direct marketing.

3. International Data Transfers & Security

AuditLog Software Solutions operates primarily within the UK but may utilise trusted global service providers. Where personal data is transferred outside the UK or EEA, we ensure appropriate safeguards such as Standard Contractual Clauses (SCCs) or International Data Transfer Agreements (IDTAs) are in place.

4. Automated Processing & OCR

Certain platforms may use automated processing, including OCR-based identity verification, to enhance security and compliance. Where automated decisions are involved, safeguards exist and manual review may be requested.

5. Contact & Data Protection Officer

AuditLog Software Solutions has appointed a Data Protection Officer (DPO). To exercise your rights or raise data protection concerns, please contact us via the official support channels.