Data Deletion Policy

Data Deletion Policy

1. Introduction This Data Deletion Policy outlines the procedures and guidelines for the secure and timely deletion of customer data in compliance with the General Data Protection Regulation (GDPR). The policy ensures that data is retained only for the necessary period and is deleted promptly when it is no longer required for the purposes for which it was collected.

2. Scope This policy applies to all employees, contractors, and third-party vendors who have access to customer data within LMS Edukasyon Online.

3. Definitions Personal Data: Any information related to an identified or identifiable natural person. Data Subject: An identifiable individual to whom the personal data relates.

4. Data Classification Customer data shall be classified based on its sensitivity, with specific attention to personal data under the GDPR.

5. Data Retention Periods Customer data will be retained for a period of three months after the formal end of the contract between the customer and LMS Edukasyon Online.

6. Data Deletion Procedures Customer data will be securely and permanently deleted from all systems and databases within three months of the formal termination of the contract. Data deletion will be carried out using industry-standard methods to ensure irreversibility.

7. Data Subject Rights Data subjects have the right to request the deletion of their personal data. Additionally: Upon request, LMS Edukasyon Online is obligated to provide data subjects with an export of their data in a commonly used and machine-readable format, facilitating compliance with other legislation. If providing a data export is not feasible, LMS Edukasyon Online may offer a look-up license for a defined time to allow the data subject to access their data. In such cases, a customer contract and a data processing agreement must be signed to formalize the continued processing of the data during the specified period.

8. Review and Audit Regular reviews and audits will be conducted to ensure compliance with this data deletion policy. The data protection officer is responsible for overseeing these activities.

9. Employee Training Employees will receive training on data deletion procedures and the importance of compliance with the GDPR.

10. Legal and Regulatory Compliance This policy is designed to comply with the GDPR and other relevant data protection laws.

11. Communication This policy will be communicated to all relevant stakeholders, and any updates will be promptly shared.

12. Updates and Revisions This policy will be reviewed periodically and updated as necessary to ensure ongoing compliance with applicable laws and regulations.

13. External Resources For additional insights into our data protection program, you may refer to LMS Edukasyon Online.