Data Processing

Data Collection:

BigOcasion collects personal data transparently and legally, obtaining explicit consent from users for the collection and processing of their information. Data is collected for the specific purpose of providing and improving the services offered on the marketplaces.

Processing and Storage:
The personal data collected is processed according to the principles of lawfulness, fairness, and transparency, and is stored only for the period necessary for the purpose for which it was collected. We implement appropriate technical and organizational measures to ensure the security and integrity of the data.

Use of Data:
Personal data is used exclusively for the purposes for which it was collected. We ensure that processing is limited to what is necessary, respecting data minimization.

Data Sharing:
Personal data is shared only with trusted third parties and is based on legal grounds such as the data subject’s consent, the execution of a contract, or compliance with legal obligations. We enter into agreements that guarantee the protection of the shared data.

Data Disposal:
Personal data is retained only for as long as necessary to fulfill the purpose for which it was collected. We implement secure data disposal procedures, including periodic review of the need for retention.

User Rights:
We respect users’ rights as established by the GDPR, including the right to access, rectify, delete, and port their data. We facilitate the effective exercise of these rights within the deadlines stipulated by the regulation.

Consent:
Consent is obtained clearly and unequivocally for each specific processing purpose. Users have the right to withdraw consent at any time.

Responsibility and Accountability:
BigOcasion assumes responsibility for complying with GDPR provisions and implements effective measures to demonstrate compliance, including appointing a Data Protection Officer, if applicable.

Data Protection Impact Assessment (DPIA):
We conduct impact assessments whenever data processing represents a high risk to the rights and freedoms of data subjects, as required by the GDPR.

Policy Updates:
This privacy policy is reviewed periodically to ensure ongoing compliance with data protection laws. Changes will be communicated to users as required by the GDPR.

Security Incidents and Data Breaches:
In compliance with the GDPR, BigOcasion adopts strict measures to prevent, detect, and respond to security incidents, including data breaches. If a breach involving customers’ personal information occurs, we implement a response plan to mitigate damages.

Incident Response Plan:
BigOcasion maintains a security incident response plan covering the rapid identification of data breaches, impact assessment, notification to data protection authorities and affected data subjects, and implementation of corrective measures.

Data Breach Notification:
In the event of a personal data breach posing a risk to the rights and freedoms of data subjects, we will notify the competent data protection authorities and the affected data subjects within the timeframe stipulated by law, as required by the GDPR.

Damage Mitigation:
BigOcasion commits to taking all necessary measures to mitigate damages caused by data breaches. This may include implementing technical solutions, cooperating with competent authorities, and offering support to affected data subjects.

Continuous Evaluation and Improvement:
After any security incident, we conduct a thorough evaluation to identify lessons learned and improvement opportunities. These findings are incorporated into our information security program to continuously enhance our practices.

Incident Communication Channel:
We provide a dedicated communication channel for reporting security incidents and data breaches. Users and stakeholders can contact us promptly to report any data security concerns.

This policy represents our ongoing commitment to privacy and data security. If you have any questions or need additional information about our privacy and data security policy, please contact us at www.BigOcasion.store.