This document sets out our policy for responding to requests for deletion of data under the General Data Protection Rule (GDPR). This document explains the data subject’s rights concerning data deletion and the responsibilities of Orokii in responding to such a request.
- Individual Right
An individual has the right to erasure, also known as ‘the right to be forgotten.’ The principle underpinning this right is to enable an individual to request the deletion or removal of personal data where there is no compelling reason for its continued processing.
- When does the right to erasure apply?
As stipulated in GDPR, individuals have a right to have personal data erased and to prevent processing in specific circumstances:
• Where the personal data is no longer necessary to the purpose for which it was initially collected/processed;
• When the individual withdraws consent;
• When the individual objects to the processing and there is no other legal ground for the relevant processing activity;
• When the personal data was unlawfully processed;
• Where the personal data has to be erased to comply with a legal obligation.
- What information does Orokii retain?
If orokii receives user consent, we may store personal data, including address, telephone number, and email address, to contact you regarding Orokii news, products, and promotions.
- How can data be deleted?
If you are a user of our system, Orokii acts as a data controller. Therefore, Orokii will delete data it does not need to hold for regulatory purposes upon request (via email to email@example.com), upon closure of a user account, or after seven years. Data that has been deleted or otherwise destroyed is no longer available in our system. Data may remain in the system’s back-up files, which will be deleted periodically.
When Orokii receives a request for data deletion, we will fulfill this request within one month (30 calendar days). Once we remove user information, the user will receive a confirmation notice as soon as possible.