Newsletter

Name
Email
The form has been submitted successfully!
There has been some error while submitting the form. Please verify all form fields again.

ssmtb.com

Schedule A call Now

GDPR Compliance Policy

GDPR Compliance Policy

1. Purpose

The purpose of this GDPR Compliance Policy is to ensure that SSMTB Software Services Pvt Ltd
processes personal data responsibly and in compliance with the principles of the General Data
Protection Regulation (GDPR).
This policy establishes the framework through which the company protects personal data of
individuals, including candidates, clients, employees, and partners, when handling data related to
residents of the European Economic Area (EEA).
SSMTB Software Services Pvt Ltd is committed to maintaining high standards of privacy protection,
transparency, and data security.

2. Scope

This policy applies to all personal data processed by SSMTB Software Services Pvt Ltd, including
information relating to:
• Job candidates and applicants
• Employees and contractors
• Clients and business partners
• Vendors and service providers
• Website visitors and communication contacts
All employees, consultants, and representatives of the company must comply with this policy.

3. GDPR Principles

SSMTB Software Services Pvt Ltd processes personal data in accordance with the following GDPR
principles:
Lawfulness, Fairness and Transparency
Personal data must be processed lawfully, fairly, and transparently.
Purpose Limitation
Personal data must be collected for specific, legitimate purposes and not used for unrelated
activities.
Data Minimization
Only necessary and relevant data will be collected for business operations.
Accuracy
Personal data must be accurate and kept up to date.
Storage Limitation
Personal data will not be retained longer than necessary.
Integrity and Confidentiality
Personal data will be protected using appropriate security measures.
Accountability
The company is responsible for demonstrating compliance with GDPR principles.

4. Lawful Basis for Processing

SSMTB Software Services Pvt Ltd processes personal data only where a lawful basis exists under
GDPR.

These may include:
• Consent from the individual
• Contractual necessity (such as recruitment services)
• Legitimate business interests
• Compliance with legal obligations
The company ensures transparency regarding how personal data is collected and used.

5. Collection of Personal Data

Personal data may be collected through:
• recruitment processes
• candidate resumes and job applications
• direct communication with individuals
• client hiring requirements
• professional networking platforms
• company website or email communications
Only data necessary for legitimate business operations will be collected.

6. Data Subject Rights

Individuals whose data is processed have certain rights under GDPR.
These may include:
• Right to access personal data
• Right to correct inaccurate information
• Right to request deletion of personal data
• Right to restrict processing
• Right to data portability
• Right to withdraw consent where applicable
SSMTB Software Services Pvt Ltd respects these rights and will respond to legitimate requests
within reasonable timeframes.

7. Data Sharing

Personal data may be shared only where necessary for legitimate business operations.
This may include sharing data with:
• client organizations for recruitment purposes
• authorized internal staff involved in recruitment processes
• technology service providers supporting business operations
• legal or regulatory authorities when required
SSMTB Software Services Pvt Ltd does not sell personal data to third parties.

8. Data Security

Measures
SSMTB Software Services Pvt Ltd implements appropriate security controls to protect personal data
from unauthorized access, loss, or misuse.
Security practices may include:
• restricted system access
• secure data storage
• password-protected systems
• secure data transmission
• internal confidentiality procedures

Employees are required to maintain strict confidentiality regarding personal data.

9. Data Retention

Personal data will be retained only for the period necessary to fulfill recruitment services,
contractual obligations, or legal requirements.
When personal data is no longer required, it will be securely deleted or anonymized.

10. Third-Party

Processors
Where SSMTB Software Services Pvt Ltd engages third-party service providers to process personal
data, the company ensures that these providers maintain adequate data protection measures and
comply with applicable privacy regulations.
Appropriate agreements may be established with third-party processors to protect personal data.

11. Data Breach Notification

In the event of a personal data breach that may impact individuals or clients, SSMTB Software
Services Pvt Ltd will take appropriate steps to investigate, contain, and mitigate the breach.
Where required by applicable regulations, affected parties and relevant authorities may be notified.

12. Employee Responsibilities

All employees, contractors, and representatives of the company must:
• handle personal data responsibly
• follow internal data protection procedures
• maintain confidentiality of sensitive information
• report any suspected data breaches immediately
Failure to comply with GDPR requirements may result in disciplinary action.

13. Policy Review

This policy will be reviewed periodically to ensure compliance with evolving regulatory requirements
and best practices in data protection.
Updates may be made as necessary to strengthen the company’s privacy framework.