SureWork Home Care Solutions
General Data Protection Regulation (GDPR) Compliance Statement
Effective Date: January 1, 2023
SureWork Home Care Solutions (“we,” “us,” or “our”) is committed to protecting the rights and privacy of individuals in accordance with the General Data Protection Regulation (GDPR). This statement outlines our compliance with the GDPR and our commitment to ensuring the security and privacy of personal data.
- Lawful Basis for Processing
We ensure that all processing of personal data is based on a lawful basis as defined in the GDPR. We only collect and process personal data when necessary and with a legitimate purpose.
- Transparency and Information Provision
We provide individuals with clear and transparent information about how their personal data is collected, used, and processed. Our privacy policy, available on our website, explains the purposes and legal basis for processing personal data, the rights of individuals, and how to exercise those rights.
- Data Subject Rights
We respect the rights of individuals regarding their personal data. We provide mechanisms for individuals to exercise their rights, including the rights to access, rectify, erase, restrict processing, data portability, object to processing, and not be subject to automated decision-making. We promptly respond to any requests to exercise these rights in accordance with the GDPR requirements.
- Data Protection Officer
We have appointed a Data Protection Officer (DPO) to oversee our data protection practices and ensure compliance with the GDPR. The DPO serves as a point of contact for individuals and supervisory authorities regarding data protection matters.
- Data Security Measures
We implement appropriate technical and organizational measures to ensure the security of personal data and protect it against unauthorized access, loss, destruction, or alteration. We regularly review and update our security measures to maintain the confidentiality and integrity of personal data.
- Data Breach Notification
In the event of a data breach that poses a risk to the rights and freedoms of individuals, we will notify the relevant supervisory authority and affected individuals, as required by the GDPR. We have procedures in place to promptly detect, assess, and report any data breaches.
- Data Transfer and International Processing
We ensure that any transfers of personal data to countries outside the European Economic Area (EEA) comply with the GDPR requirements for international data transfers. We implement appropriate safeguards, such as standard contractual clauses or other approved mechanisms, to ensure the protection of personal data when it is transferred to third countries.
- Vendor Management
We have implemented measures to ensure that any third-party vendors or service providers who process personal data on our behalf comply with the GDPR and provide sufficient guarantees regarding data protection. We enter into written agreements with such vendors to outline their responsibilities and obligations regarding the processing of personal data.
- Records of Processing Activities
We maintain detailed records of our data processing activities, as required by the GDPR. These records include information about the purposes of processing, categories of personal data processed, recipients of personal data, and data retention periods.
- Training and Awareness
We provide regular training and awareness programs to our employees on data protection and their responsibilities under the GDPR. We ensure that our employees understand the importance of protecting personal data and are aware of their obligations regarding data protection.
- Data Protection Impact Assessments (DPIAs)
We conduct Data Protection Impact Assessments (DPIAs) when required by the GDPR. These assessments help us identify and mitigate any risks associated with data processing activities that may impact individuals’ privacy rights.
- Cooperation with Supervisory Authorities
We cooperate and maintain a positive relationship with supervisory authorities to ensure compliance with the GDPR. We respond to inquiries and requests from supervisory authorities in a timely manner and provide any necessary information or documentation.
If you have any questions, concerns, or requests regarding our GDPR compliance or the processing of your personal data, please contact our Data Protection Officer at:
Email: dpo@sureworksolutions.com
Postal Address: SureWork Home Care Solutions 304 – 1095 McKenzie Avenue Victoria, BC V8P 2L5 Canada
We take the protection of personal data seriously and are committed to ensuring compliance with the GDPR and safeguarding the privacy rights of individuals.
By using our services, you acknowledge that you have read and understood our GDPR compliance statement and consent to the collection, use, and processing of your personal data in accordance with the GDPR and our privacy policy.