Data Protection

Learn about our comprehensive data protection measures and how we safeguard your information in compliance with global privacy regulations.

Last updated: December 2024

Our Commitment to Data Protection

At Squarm, we are committed to protecting your personal data and respecting your privacy. We implement robust security measures and follow industry best practices to ensure your information is safe and secure.

Our data protection framework is designed to comply with international privacy regulations including GDPR, CCPA, and India's Personal Data Protection Bill, ensuring the highest standards of data protection regardless of your location.

Security Measures

Encryption

  • End-to-end encryption for data transmission (TLS 1.3)
  • AES-256 encryption for data at rest
  • Encrypted database storage
  • Secure key management systems

Access Controls

  • Multi-factor authentication (MFA) for all accounts
  • Role-based access control (RBAC)
  • Principle of least privilege
  • Regular access reviews and audits

Infrastructure Security

  • SOC 2 Type II compliant data centers
  • 24/7 security monitoring and incident response
  • Regular penetration testing and vulnerability assessments
  • Secure development lifecycle (SDLC)

Data Backup & Recovery

  • Automated daily backups with encryption
  • Geographically distributed backup storage
  • Regular disaster recovery testing
  • 99.9% uptime guarantee with redundancy

Data Processing Principles

We adhere to fundamental data protection principles in all our processing activities:

Lawfulness & Fairness

We process data lawfully, fairly, and transparently with clear legal basis.

Purpose Limitation

Data is collected for specific, explicit, and legitimate purposes only.

Data Minimization

We collect only the minimum data necessary for our stated purposes.

Accuracy

We maintain accurate and up-to-date personal data.

Storage Limitation

Data is retained only as long as necessary for the stated purposes.

Accountability

We demonstrate compliance with data protection principles.

Compliance & Certifications

Squarm maintains compliance with major international data protection regulations and standards:

GDPR Compliance

  • • EU General Data Protection Regulation
  • • Data Protection Impact Assessments
  • • Privacy by Design implementation
  • • Data Protection Officer appointed

SOC 2 Type II

  • • Security controls audit
  • • Availability and confidentiality
  • • Processing integrity
  • • Annual compliance verification

ISO 27001

  • • Information security management
  • • Risk assessment and treatment
  • • Continuous improvement
  • • Third-party certification

CCPA Compliance

  • • California Consumer Privacy Act
  • • Consumer rights protection
  • • Data sale opt-out mechanisms
  • • Transparent privacy practices

Data Subject Rights

Under applicable data protection laws, you have the following rights regarding your personal data:

  • Right of Access: Request copies of your personal data
  • Right to Rectification: Request correction of inaccurate data
  • Right to Erasure: Request deletion of your personal data
  • Right to Restrict Processing: Request limitation of data processing
  • Right to Data Portability: Request transfer of your data
  • Right to Object: Object to processing of your personal data
  • Right to Withdraw Consent: Withdraw consent at any time

To exercise any of these rights, please contact us at privacy@squarm.com

Data Breach Response

In the unlikely event of a data breach, we have established procedures to:

  • Detect and contain the breach within 24 hours
  • Assess the scope and impact of the incident
  • Notify relevant authorities within 72 hours (where required)
  • Inform affected individuals without undue delay
  • Implement remedial measures to prevent future incidents
  • Conduct post-incident review and improvements

International Data Transfers

When transferring personal data internationally, we ensure adequate protection through:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Adequacy decisions for transfers to approved countries
  • Binding Corporate Rules (BCRs) where applicable
  • Additional safeguards and security measures

Contact Our Data Protection Team

For any data protection inquiries, to exercise your rights, or to report concerns:

Data Protection Officer

Email: dpo@squarm.com

Phone: +91 9892305067

Contact Information

Email: privacy@squarm.com

Phone: +91 9892305067