GDPR Compliance
SynapseCPT is fully committed to protecting your personal data in accordance with the General Data Protection Regulation (GDPR).
Your Data Subject Rights
Right to Access
You can request a copy of all personal data we hold about you.
Right to Rectification
You can request correction of inaccurate or incomplete data.
Right to Erasure
You can request deletion of your personal data in certain circumstances.
Right to Restrict Processing
You can request limitation of how we use your data.
Right to Data Portability
You can request your data in a structured, machine-readable format.
Right to Object
You can object to processing based on legitimate interests.
Our Compliance Measures
- Privacy by Design principles embedded throughout development
- Data Protection Impact Assessments conducted for high-risk processing
- Appointed Data Protection Officer (DPO)
- Staff training on data protection obligations
- Documented data processing records
- Data breach notification procedures in place
- Regular audits of data processing activities
- Secure data transfer mechanisms (encryption, access controls)
Legal Basis for Processing
We process personal data under the following legal bases:
- Contract Performance: Processing necessary to provide our platform services to your institution
- Legitimate Interests: Processing for platform security, fraud prevention, and service improvement
- Legal Obligation: Processing required to comply with applicable laws and regulations
- Consent: Where explicitly required, such as for marketing communications
Data Processing Agreements
We provide comprehensive Data Processing Agreements (DPAs) to all institutional customers, ensuring clear responsibilities and safeguards are in place.
Request DPAExercise Your Rights
To exercise any of your GDPR rights or for data protection enquiries, contact our Data Protection Officer:
info@gamtpedia.com