General Data Protection Regulation

In alignment with GDPR requirements, Amirra diligently updates and maintains our contractual terms to ensure full legal compliance. We actively monitor GDPR regulations and are promptly informed of any changes or updates to the law, a standard to which both we and our hosting providers strictly adhere. By subscribing to relevant GDPR policy update services, we guarantee that our terms and conditions consistently reflect the latest standards, making adjustments as necessary to stay compliant.

Amirra is dedicated to upholding the highest standards of data protection and privacy, in full compliance with the General Data Protection Regulation (GDPR). Our approach to GDPR compliance is comprehensive, addressing each of the regulation's key requirements as follows:

Lawful Basis for Processing Data

Amirra processes personal data based on clear, lawful bases, including obtaining explicit consent from our users, fulfilling contractual obligations, and other legitimate interests. Our privacy policies detail these bases, ensuring transparency and compliance with GDPR.

Data Minimization and Purpose Limitation



We adhere to the principles of data minimization and purpose limitation, collecting only the data necessary for the services we provide and using it solely for the purposes specified at the time of collection.



Transparency and Consent



Amirra is committed to transparency in all data processing activities. We ensure that all data subjects are fully informed about how their data is used and have provided explicit consent where necessary. Our privacy notices and consent forms are designed to be easily accessible and understandable.



Data Subject Rights



We fully support the data subject rights outlined in GDPR, including the right to access, rectify, erase, restrict processing, data portability, and object. Amirra provides user-friendly tools and clear procedures for users to exercise their rights effectively and efficiently.

Data Security



Partnering with Microsoft Azure, we benefit from one of the highest security infrastructures available. We implement robust technical and organizational measures to ensure the security of personal data, protecting against unauthorized access, alteration, and loss.

Data Breach Notification

Amirra has in place a strict data breach notification protocol that complies with GDPR requirements. In the event of a data breach, we are committed to notifying the relevant supervisory authority within 72 hours and, where applicable, the affected data subjects without undue delay.

Data Protection by Design and by Default



Our services are developed with data protection by design and by default. This means integrating data protection into the development phase of our products and services, ensuring that privacy settings are set at maximum by default.

Data Protection Impact Assessments (DPIAs)

When processing operations present a high risk to the rights and freedoms of individuals, Amirra conducts Data Protection Impact Assessments to systematically review and mitigate those risks.

International Data Transfers



Amirra ensures that all international transfers of personal data are carried out in compliance with GDPR. This includes adherence to the European Union Model Clauses for data transfer outside the EU, ensuring that our users' data is protected regardless of where it is processed.

Appointment of a Data Protection Officer (DPO)



Amirra has appointed a Data Protection Officer (DPO) to oversee our data protection strategy and compliance. Our DPO is available to address any questions or concerns regarding our data processing practices and compliance with GDPR.By addressing these ten critical points, Amirra demonstrates our unwavering commitment to protecting personal data and ensuring our compliance with GDPR. We continuously review and update our practices in response to new legal interpretations and technological advancements, reaffirming our dedication to data protection and privacy.