GDPR Compliance - Prception MediaLab

This GDPR Compliance page outlines how Daffodilcore Private Limited ensures compliance with the General Data Protection Regulation (GDPR) for users of the Prception MediaLab website, https://medialab.prception.in/, who are located in the European Economic Area (EEA) or otherwise subject to GDPR. This page supplements our Privacy Policy and applies specifically to personal data processing under GDPR.

Our services are provided by:
Daffodilcore Private Limited
Thiruvananthapuram, Kerala, India

Contact email: hello@prception.com

We are committed to protecting your personal data in accordance with GDPR requirements. Please read this document carefully.

1. Data Controller

Daffodilcore Private Limited is the data controller responsible for the processing of your personal data through Prception MediaLab. You can contact us at the address above or via email at hello@prception.com.

2. Legal Basis for Processing Personal Data

We process personal data under the following legal bases as defined by GDPR:

• Contractual Necessity (Article 6(1)(b)): To provide Prception MediaLab’s news and media services, such as article delivery, personalized content feeds, and newsletter distributions, as outlined in our terms of service.
• Consent (Article 6(1)(a)): Where you have provided explicit consent, such as for receiving marketing communications or using non-essential cookies.
• Legitimate Interests (Article 6(1)(f)): For purposes such as improving our editorial content, analyzing readership patterns, and ensuring the security of Prception MediaLab, provided your rights and freedoms do not override these interests.
• Legal Obligation (Article 6(1)(c)): To comply with applicable legal requirements, such as responding to lawful requests from authorities.

3. Categories of Personal Data Processed

We collect and process the following categories of personal data, as detailed in our Privacy Policy:

• Account Information: Name, email address, and preferences for users who subscribe or register.
• User-Provided Data: Information you provide when contacting us, submitting feedback, or participating in reader surveys.
• Usage Data: Data about your interactions with the Website, including articles read, time spent on pages, and navigation patterns.
• Technical Data: IP address, browser type, device information, and data collected via cookies or similar technologies.

4. Purposes of Processing

We process personal data for the following purposes:

• To provide and maintain Prception MediaLab’s news services, including content delivery and editorial updates.
• To manage your subscriptions and provide reader support.
• To send editorial newsletters and, where consented, marketing communications.
• To analyze and improve the performance and functionality of Prception MediaLab.
• To ensure the security of our services and prevent fraudulent activities.
• To comply with GDPR and other applicable legal obligations.

5. Data Sharing and International Transfers

We may share your personal data with third-party service providers (e.g., newsletter platforms, cloud hosting services) to operate Prception MediaLab, as outlined in our Privacy Policy. These providers are bound by data processing agreements that comply with GDPR requirements.

As Daffodilcore Private Limited is based in India, your personal data may be transferred outside the EEA. We ensure that such transfers comply with GDPR through:

• Standard Contractual Clauses (SCCs): Agreements approved by the European Commission to ensure adequate protection of your data.
• Other Safeguards: Additional measures, such as encryption and contractual obligations, to protect your data during international transfers.

For more details on third-party data sharing, please refer to our Privacy Policy.

6. Your GDPR Rights

If you are located in the EEA or otherwise subject to GDPR, you have the following rights regarding your personal data:

• Right of Access (Article 15): Request a copy of the personal data we hold about you.
• Right to Rectification (Article 16): Request correction of inaccurate or incomplete personal data.
• Right to Erasure (Article 17): Request deletion of your personal data, subject to legal exceptions (e.g., data required for legal compliance).
• Right to Restrict Processing (Article 18): Request restriction of processing in certain circumstances, such as while a data accuracy dispute is resolved.
• Right to Data Portability (Article 20): Request a copy of your personal data in a structured, commonly used, and machine-readable format.
• Right to Object (Article 21): Object to processing based on legitimate interests or for direct marketing purposes.
• Right to Withdraw Consent (Article 7): Withdraw consent for processing at any time, where processing is based on consent.
• Right to Lodge a Complaint (Article 77): Lodge a complaint with a supervisory authority in your EEA country of residence or place of work.

To exercise these rights, please contact us at hello@prception.com. We will respond to your request within one month, as required by GDPR, though this period may be extended for complex requests.

7. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes outlined in this document or as required by law. For example:

• Subscription information is retained for the duration of your subscription and up to 6 months after cancellation, unless required for legal compliance.
• Usage data and analytics may be retained for up to 24 months for readership analysis.

After the retention period, personal data is securely deleted or anonymized, unless required for legal purposes under GDPR or other applicable laws.

8. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience on Prception MediaLab, as detailed in our Privacy Policy. For GDPR compliance, we:

• Obtain your consent for non-essential cookies (e.g., analytics and preference cookies) via a cookie consent banner.
• Provide clear information about the types of cookies used and their purposes.
• Allow you to manage or withdraw consent for cookies through your account settings or browser preferences.

9. Data Security

We implement appropriate technical and organizational measures to protect your personal data, as required by GDPR (Article 32). These measures include:

• Encryption of data in transit and at rest.
• Access controls to limit data access to authorized personnel.
• Regular security assessments and updates to our systems.

While we strive to protect your data, no method of transmission or storage is completely secure. In the event of a data breach, we will notify you and the relevant supervisory authority within 72 hours, as required by GDPR (Article 33).

10. Data Protection Officer

Daffodilcore Private Limited has appointed a Data Protection Officer (DPO) to oversee GDPR compliance. You can contact our DPO at hello@prception.com for any GDPR-related inquiries.

11. Online Dispute Resolution

The European Commission provides an online platform for alternative dispute resolution for consumers in the EEA. You can access this platform to resolve disputes arising from online contracts at this link.

12. Changes to This GDPR Compliance Policy

We may update this GDPR Compliance page to reflect changes in our practices or legal requirements. We will notify you of significant changes via email or through a notice on Prception MediaLab. Your continued use of the Website after such changes signifies your acceptance of the updated policy.

13. Contact Us

For questions, concerns, or requests regarding GDPR compliance or your personal data, please contact us at:

Daffodilcore Private Limited
3rd Floor, Citylink Travel Corporation, Bakery Junction,
Thiruvananthapuram, Kerala, India - 695014

Email: hello@prception.com

14. Governing Law

This GDPR Compliance policy is governed by the laws of India, without regard to conflict of laws principles. However, for EEA users, GDPR and other applicable EEA data protection laws will prevail to ensure your rights are fully protected.

15. Venue of Jurisdiction

The jurisdiction over any controversy related to this policy lies with the courts of Thiruvananthapuram, Kerala, India. However, if you are an EEA consumer, you may bring legal proceedings in the courts of your place of residence or domicile in the EEA, as per GDPR (Article 79).