Client GDPR Summary

Security Measures

We (Word4Word Legal Translation Services Ltd) are responsible for implementing and maintaining technical and organisational measures to protect personal data against unauthorised processing and loss, and for safeguarding access and disclosure. You are responsible for maintaining the confidentiality of your Service usernames and passwords.

Data Subject Access Requests (DSARs)

We will notify you promptly if we receive a Data Subject Access Request and will not respond without your instruction. We will assist with data access when legally permitted and may charge for our assistance.

Data Breach Notification

In case of a data breach, we will notify you promptly, provide details, and take measures to mitigate effects as agreed upon. You are responsible for notifying authorities and Data Subjects as required.

Sub-processors

We may engage Sub-processors for Translation Services, ensuring they adhere to similar obligations. We ensure they process data in line with Service Terms and Conditions.

Processing of Client Personal Data Outside of the EEA

Personal data may be processed outside the EEA, with safeguards in place for GDPR compliance.

Privacy Impact Assessments

We conduct Privacy Impact Assessments and assist in your assessments and mitigation.

Data Processing Summary

• Description: Personal data collection and processing to support interpreting and translation services.

• Duration: Per the agreement with the Customer.

• Purposes: For administration, delivery, service usage reporting, and invoicing.

• Personal Data: Service user details, interviewer names (if provided), interviewee contact information.

• Data Subjects: Customer Employees and Interviewees.

• Data Disposal: Retention for 6 years for usage reporting and shredding. Project data held for 12 months, then automatically destroyed.