OCXLY
Privacy · EU & EEA Residents

GDPR Rights Notice

European Union

This notice explains how OCXLY processes personal data and the rights granted to residents of the European Union (EU) and European Economic Area (EEA) under the General Data Protection Regulation (GDPR).

§ 01

Introduction

The General Data Protection Regulation (GDPR) is a comprehensive data protection law that regulates the processing of personal data of individuals in the EU and EEA. OCXLY is committed to complying with the GDPR and protecting your privacy.

For the purposes of the GDPR, OCXLY acts as the "Data Controller" for the personal data collected through our website and services.

§ 02

Rights of Data Subjects

Under the GDPR, you have the following rights regarding your personal data:

  • Right of Access: You have the right to request a copy of the personal data we hold about you and to check that we are lawfully processing it.
  • Right to Rectification: You have the right to request the correction of any incomplete or inaccurate personal data we hold about you.
  • Right to Erasure (Right to be Forgotten): You have the right to request the deletion of your personal data where there is no good reason for us continuing to process it.
  • Right to Restrict Processing: You have the right to request that we suspend the processing of your personal data in certain scenarios.
  • Right to Data Portability: You have the right to request the transfer of your personal data to you or to a third party in a structured, commonly used, machine-readable format.
  • Right to Object: You have the right to object to the processing of your personal data where we are relying on a legitimate interest and there is something about your particular situation which makes you want to object to processing on this ground.
  • Rights in relation to automated decision making and profiling: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
§ 03

Lawful Bases for Processing

We will only process your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  • Where we need to perform the contract we are about to enter into or have entered into with you.
  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
  • Where we need to comply with a legal or regulatory obligation.
  • Where you have provided your explicit consent.
§ 04

International Data Transfers

OCXLY is headquartered outside of the EU/EEA. Therefore, your personal data may be transferred to, and processed in, countries outside the EU/EEA. We ensure that such transfers are conducted in accordance with the GDPR, typically by using Standard Contractual Clauses (SCCs) approved by the European Commission.

§ 05

Exercise Your Rights

To exercise any of your rights under the GDPR, please contact us:

We aim to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

§ 06

Right to Lodge a Complaint

If you have any concerns about our use of your personal data, you have the right to lodge a complaint with your local Supervisory Authority for data protection issues. However, we would appreciate the chance to deal with your concerns before you approach the authority, so please contact us in the first instance.

§ 07

Contact Us

For any queries related to this GDPR Rights Notice, please reach out to us:

OCXLY — Data Controller
Kochi, Kerala, India — 682 028
Email: [email protected]
Phone / WhatsApp: +1 (646) 238 5077