loader image
Home 9 Guide / Policy 9 Privacy Policy 9 Data breach prevention and actions

Data breach prevention and actions

Last updated: April 27, 2025 at 08:14

In the unfortunate event of a data breach that poses a risk to the rights and freedoms of individuals, we are committed to taking immediate action to mitigate any potential harm. Our approach to handling a data breach includes the following steps:

  • Incident Response: Upon becoming aware of a data breach, we will promptly initiate our incident response procedures. This involves conducting a thorough investigation to assess the scope and impact of the breach.
  • Risk Assessment: We will assess the potential risks associated with the data breach, taking into consideration the nature of the affected personal data, the likelihood of harm, and any mitigating factors in place.
  • Notification of Individuals: If we determine that the data breach is likely to result in a high risk to the rights and freedoms of individuals, we will notify the affected individuals without undue delay. Our notification will include a clear and concise description of the breach, the types of personal data involved, and any recommended actions they should take to protect themselves.
  • Communication with Relevant Authorities: We will promptly report the data breach to the appropriate supervisory authorities in compliance with applicable laws and regulations. We will provide them with all necessary details of the breach, our actions taken, and any steps we are implementing to mitigate the impact.
  • Remedial Actions: Following a data breach, we will take all necessary measures to address the breach, prevent any further unauthorized access, and minimize the risk of future incidents. This may include implementing additional security measures, reviewing and updating our policies and procedures, and providing additional training to our staff.

We are committed to maintaining open communication and transparency throughout the process of addressing a data breach. We will work diligently to provide timely and accurate information to affected individuals and relevant authorities, while taking appropriate steps to prevent similar incidents in the future.

Home 9 Guide / Policy 9 Privacy Policy 9 Data breach prevention and actions

Discover other relevant topics

Introduction

In this section, you will learn about the privacy practices of Associació Iguality Lab i Comunitat, including how your information is collected, used, and disclosed when using our digital platforms. We prioritize your privacy and provide transparent details on how we protect your personal data.

Legal framework

In this section, you will learn how Iguality upholds the highest standards of data protection and privacy by adhering to the GDPR framework. Discover our commitment to safeguarding your personal information through lawful data processing, transparency, security measures, and respect for your data subject rights.

When and how we may use your data

In this section, you will learn how we responsibly use your personal information to enhance our mental health services and volunteering opportunities, ensuring your privacy and security. Discover how we utilize your data for marketing, testimonials, feedback collection, payment processing, support, analytics, legal compliance, and onboarding, always with your consent or as permitted by law.

Your rights

In this section, you will learn about your rights to access, rectify, erase, or transfer your personal data, and how to exercise these rights by contacting us at info@iguality.org. Understanding these rights is crucial, as withdrawing consent may affect your ability to use certain services.

Used software to store data

In this section, you will learn about the certified tools Iguality uses to securely store your personal data, including Airtable, Google Workspace, and Fillout, all of which adhere to industry-standard security practices. These platforms, along with encrypted communication tools like Slack and WhatsApp, ensure the highest level of confidentiality and compliance with GDPR regulations to

Usage of AI

At Iguality, we prioritize privacy and data protection while enhancing our services with AI technologies in collaboration with Airtable. In this section, you will learn about our AI usage, data anonymization practices, ethical guidelines, and the external services we employ to ensure efficient and responsible care provision.

Data retention

In this section, you will learn about our data retention practices, including how long we keep your data and the conditions under which it may be deleted. We explain the retention period, your rights to request data deletion, and how we protect residual data in backups.

Security

In this section, you will learn about the security measures we implement to protect your information, including two-step verification, trusted data storage tools, limited access to personal data, and regular backups. These steps are designed to enhance the security and confidentiality of your information, though it's important to remain cautious when transmitting data.

Storage of highly sensitive data

In this section, you will learn about Iguality's commitment to safeguarding highly sensitive data, particularly patient and user information, through secure storage solutions like Airtable and Fillout. Discover how we implement stringent security measures, restrict data access to authorized personnel, and adhere to data minimization principles to ensure privacy and confidentiality.

Third Party Links and Use Of Your Information

In this section, you will learn about the presence of third-party links on our Service and the importance of reviewing their privacy policies. We emphasize that we have no control over and are not responsible for the content or practices of these external sites.

Cookies

In this section, you will learn about the various tracking technologies we use and how they impact your browsing experience. For detailed information on managing your preferences, please refer to our Cookie Policy.

Concent withdrawal

In this section, you will learn about your right to withdraw consent for the processing of your personal data and how to contact our Data Protection Officer to initiate this process. We are committed to respecting your choices, and withdrawing consent may affect the availability of certain services.

Grievance

In this section, you will learn how to contact our Grievance Officer for any questions or concerns about the processing of your information. We prioritize your privacy and satisfaction, ensuring all issues are addressed in compliance with relevant laws and regulations.
No information found.