PURPOSE
This Data Protection Policy establishes the principles, responsibilities and procedures for the protection of personal, business and confidential information processed by AMPERON GENERAL TRADING – FZCO.
GDPR COMPLIANCE
AMPERON complies with the General Data Protection Regulation (GDPR) where applicable and processes personal data lawfully, fairly and transparently.
UAE PDPL COMPLIANCE
AMPERON complies with the United Arab Emirates Personal Data Protection Law (PDPL) and other applicable privacy and data protection regulations.
DATA CLASSIFICATION
Data shall be classified as public, internal, confidential or restricted.
ACCESS CONTROL
Access to information shall be granted only to authorized personnel based on business necessity and the principle of least privilege.
DATA RETENTION
Information shall be retained only for the period necessary to fulfill legal, regulatory, contractual and operational requirements.
THIRD PARTY PROCESSORS
Third-party service providers processing information on behalf of AMPERON must implement appropriate technical and organizational safeguards and comply with applicable data protection laws.
DATA BREACH MANAGEMENT
Any actual or suspected data breach shall be reported immediately and investigated in accordance with AMPERON incident management procedures.
EMPLOYEE RESPONSIBILITIES
Employees and contractors are responsible for protecting company, customer, supplier and partner information and must comply with this Policy at all times.