General Data Protection Regulation
The EU General Data Protection Regulation (GDPR) replaces the Data Protection Directive 95/46/EC and was designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organizations across the region approach data privacy.
Passport's systems include data protection as a core requirement when they are designed and updated. We hold and process only the data that is absolutely necessary for providing the Services, and limit access to Personal Data to those requiring it to provide the Services.
Passport will notify our Users within 72 hours of first becoming aware of a breach which results in a risk for the rights and freedoms of either our Users or their Customers.
When Passport acts on behalf of its Users, Passport will assist Users in responding to individuals exercising their rights under GDPR.
If you are a Customer of a User, please contact the User directly with your request to access or limit the use or disclosure of your Personal Data. If you contact us with the name of the User to which you provided your Personal Data, we will refer your request to that User and support them in responding to your access request.
If you have any questions regarding Passport's GDPR compliance, please contact our Data Protection Officer by email at firstname.lastname@example.org.