Data Collection:
Bighub collects personal data in a transparent and legal manner, obtaining explicit consent from users for the collection and processing of their information. The data is collected for the specific purpose of providing and improving the services offered in the marketplaces.
Processing and Storage:
The personal data collected is processed in accordance with the principles of lawfulness, fairness, and transparency, and is stored only for the period necessary for the purpose for which it was collected. We implement appropriate technical and organizational measures to ensure the security and integrity of the data.
Data Usage:
Personal data is used exclusively for the purposes for which it was collected. We guarantee that processing is limited to what is necessary, respecting data minimization.
Data Sharing:
Personal data is shared only with trusted third parties and is based on legal grounds, such as the data subject’s consent, the performance of a contract, or compliance with legal obligations. We have agreements in place to ensure the protection of shared data.
Data Disposal:
Personal data is retained only for as long as necessary to fulfill the purpose for which it was collected. We have implemented secure data disposal procedures, including periodic reviews of the need for retention.
User Rights:
We respect user rights as established by the GDPR, including the right to access, rectification, erasure, and data portability. We facilitate the exercise of these rights effectively and within the timeframes stipulated by the regulation.
Consent:
Consent is obtained clearly and unequivocally for each specific processing purpose. Users have the right to withdraw their consent at any time.
Responsibility and Accountability:
Bighub assumes responsibility for complying with the provisions of the GDPR and implements effective measures to demonstrate compliance, including the appointment of a Data Protection Officer, if applicable.
Data Protection Impact Assessment (DPIA):
We conduct impact assessments whenever data processing poses a high risk to the rights and freedoms of data subjects, as required by the GDPR.
Policy Updates:
This privacy policy is reviewed periodically to ensure continued compliance with data protection laws. Changes will be communicated to users as required by the GDPR.
Security Incidents and Data Breaches:
In compliance with the GDPR, Bighub adopts rigorous measures to prevent, detect, and respond to security incidents, including data breaches. In the event of a breach of customers’ personal information, we implement a response plan to mitigate the damage.
Incident Response Plan:
Bighub maintains a security incident response plan that covers the rapid identification of data breaches, impact assessment, notification to data protection authorities and affected data subjects, and implementation of corrective measures.
Data Breach Notification:
In the event of a personal data breach that poses a risk to the rights and freedoms of data subjects, we will notify the competent data protection authorities and the affected data subjects, as required by the GDPR, within the timeframe stipulated by law.
Mitigation of Damages:
Bighub is committed to taking all necessary measures to mitigate damages caused by data breaches. This may include implementing technical solutions, collaborating with competent authorities, and offering support to the data subjects affected.
Continuous Assessment and Improvement:
Following any security incident, we conduct a detailed assessment to identify lessons learned and opportunities for improvement. These findings are incorporated into our information security program to continuously enhance our practices.
Incident Reporting Channel:
We provide a dedicated reporting channel for security incidents and data breaches. Users and stakeholders can contact us quickly to report any data security concerns.
