Introduction
As a leading digital marketing and search engine optimization agency, SINOADS LTD is committed to ensuring full transparency and control over the personal data we process, empowering our clients to achieve and maintain GDPR compliance.
What is the GDPR and How It Affects SINOADS LTD Clients
The General Data Protection Regulation (GDPR), enforced by the European Union since May 25, 2018, aims to harmonize data privacy laws across Europe, protect and empower the data privacy rights of all EU citizens, and reshape how organizations handle personal data.
Any company that collects or processes personal data of individuals in the EU falls under the scope of the GDPR, regardless of physical location.
As such, SINOADS LTD is both a data controller (for personal data you provide to us directly) and a data processor (for personal data collected and processed on behalf of our clients).
Shared Responsibility Between Data Controllers and Data Processors
-
Data Controller: Determines the purposes and means of processing personal data.
-
Data Processor: Processes personal data on behalf of the controller.
When SINOADS LTD processes its own client data, we act as the Data Controller.
When we process end-user data on behalf of clients, we act as the Data Processor.
Our GDPR Compliance Measures
1. Data Collection and Retention Policies
-
We apply data minimization principles by limiting the retention of certain identifiers.
-
IP addresses and unique device IDs are retained for no longer than 120 days.
-
Log-level reporting is retained for 12 months.
2. Data Deletion Process
-
We comply with GDPR Articles 17, 30, and 32(4) regarding deletion requests and secure data handling.
3. Physical Access Control
-
Our data centers are physically secured with access control systems, on-site security staff, and surveillance.
4. Data Access and Transmission Controls
-
Encryption and secure transmission protocols prevent unauthorized access or data alteration.
5. Separation of Data
-
Data collected for different purposes is stored and processed separately.
6. Pseudonymization
-
Personal data is hashed or anonymized as early as possible during processing.
7. Availability Control and Backup
-
Regular backups and remote storage ensure data recoverability.
8. Incident Response
-
In case of a data breach, affected parties are promptly informed.
9. Privacy by Design
-
We integrate privacy measures into our service design and development lifecycle.
Our Commitments
-
Collect personal data only with user consent.
-
Never sell or re-broker personal data.
-
Provide opt-in and opt-out mechanisms.
-
Respect “Do Not Track” browser settings.
-
Keep our Privacy Policy, Terms, and User Agreements up to date.
For questions or GDPR-related requests, contact our privacy team:
📧 [email protected]
