Skip to content Skip to footer
SI Security Consulting | Elite Security Solutions
815-940-0806
Let’s Talk
SI Security Consulting | Elite Security Solutions
Let’s Talk
Close

SI Security Consulting (“we,” “us,” or “our”) is committed to ensuring the privacy and protection of all personal data that we process. Our approach to compliance with the General Data Protection Regulation (GDPR) is rooted in our commitment to uphold the highest standards of data security and transparency. This page outlines the processes we have implemented to comply with GDPR requirements, ensuring that our clients, partners, and visitors from the European Economic Area (EEA) can trust us with their data.

 

  1. Data Collection and Processing

1.1 Lawfulness, Fairness, and Transparency:

   – We collect and process personal data only for specified, explicit, and legitimate purposes. We ensure that data processing is transparent, providing clear information about how and why data is collected and used.

1.2 Data Minimization:

   – We only collect personal data that is necessary for the purposes for which it is being processed. We regularly review our data collection practices to ensure they are in line with the principles of data minimization.

1.3 Purpose Limitation:

   – Personal data is collected for specified, legitimate purposes and not further processed in a manner that is incompatible with those purposes.

1.4 Accuracy:

   – We take all reasonable steps to ensure that personal data is accurate and kept up to date. Inaccurate data is promptly corrected or deleted.

1.5 Storage Limitation:

   – We retain personal data only for as long as is necessary to fulfill the purposes for which it was collected, or as required by law.

1.6 Integrity and Confidentiality:

   – We implement appropriate technical and organizational measures to ensure the security of personal data, protecting it against unauthorized or unlawful processing, accidental loss, destruction, or damage.

 

  1. Data Subject Rights

2.1 Right to Access:

   – Individuals have the right to access their personal data. Upon request, we provide a copy of the personal data we hold, along with details about how it is processed.

2.2 Right to Rectification:

   – Individuals have the right to request the correction of inaccurate or incomplete personal data.

2.3 Right to Erasure (Right to be Forgotten):

   – Individuals can request the deletion of their personal data when it is no longer necessary for the purposes for which it was collected, or if they withdraw their consent.

2.4 Right to Restrict Processing:

   – Individuals have the right to request the restriction of processing their personal data under certain circumstances, such as when the accuracy of the data is contested.

2.5 Right to Data Portability:

   – Individuals have the right to receive their personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another controller.

2.6 Right to Object:

   – Individuals can object to the processing of their personal data, particularly where the processing is based on legitimate interests or direct marketing.

2.7 Rights Related to Automated Decision-Making:

   – We do not use personal data for automated decision-making processes, including profiling, without providing meaningful information about the logic involved and the potential consequences.

 

  1. Consent Management

3.1 Obtaining Consent:

   – Where consent is required for data processing, we obtain it in a clear, affirmative manner. Consent is specific, informed, and freely given, and individuals have the right to withdraw their consent at any time.

3.2 Managing Consent:

   – We provide mechanisms for individuals to manage their consent preferences, including the ability to easily withdraw consent.

3.3 Children’s Data:

   – We do not knowingly collect or process personal data from children under the age of 16 without verifiable parental consent. If we discover that we have unintentionally collected such data, we will promptly take steps to delete it.

 

  1. Data Protection by Design and Default

4.1 Data Protection Impact Assessments (DPIAs):

   – We conduct DPIAs for processing activities that are likely to result in a high risk to the rights and freedoms of individuals. These assessments help us identify and mitigate risks related to data processing.

4.2 Privacy by Design:

   – We incorporate data protection principles into the design and development of our products, services, and business processes to ensure that privacy is considered at every stage.

4.3 Privacy by Default:

   – We implement default settings that prioritize privacy, ensuring that personal data is not accessible to an indefinite number of persons without the individual’s intervention.

 

  1. Data Breach Management

5.1 Incident Response:

   – We have established procedures for detecting, reporting, and investigating personal data breaches. These procedures include prompt action to mitigate harm and notify affected individuals and the relevant supervisory authority, where necessary.

5.2 Breach Notification:

   – In the event of a data breach that is likely to result in a high risk to the rights and freedoms of individuals, we will notify the affected individuals and the relevant supervisory authority without undue delay.

 

  1. Third-Party Processors

6.1 Due Diligence:

   – We conduct thorough due diligence on all third-party processors to ensure they comply with GDPR and other relevant data protection regulations.

6.2 Processor Agreements:

   – We enter into Data Processing Agreements (DPAs) with all third-party processors, setting out their obligations to protect personal data and ensuring that they process it only in accordance with our instructions.

6.3 International Data Transfers:

   – When transferring personal data outside the EEA, we ensure that appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs), to protect the data in accordance with GDPR requirements.

 

  1. Training and Awareness

7.1 Employee Training:

   – We provide regular training to our employees on GDPR and data protection principles, ensuring that they understand their responsibilities and the importance of protecting personal data.

7.2 Awareness Campaigns:

   – We conduct ongoing awareness campaigns to reinforce the importance of data protection and to keep our staff informed about the latest developments in data privacy.

 

  1. Ongoing Compliance Monitoring

8.1 Audits and Reviews:

   – We regularly audit our data protection practices and policies to ensure ongoing compliance with GDPR and other relevant regulations. This includes reviewing our data processing activities, security measures, and third-party relationships.

8.2 Policy Updates:

   – We keep our data protection policies up to date, reflecting changes in legislation, best practices, and our business operations.

 

  1. Contact Information

For any questions or concerns about our GDPR compliance process, or to exercise your data subject rights, please contact us at:

SI Security Consulting 

200 W River Dr, Suite 11 

St. Charles IL, 60174 

Email: compliance@si-security.com 

Phone: (312) 796-7188

Join Our SI Security Academy Today!

Register Now!

At SI Security Consulting, we proactively ensure compliance with all federal and international regulations, reflecting our unwavering commitment to legal integrity and client trust.

Michael Blickensderfer, ESQ

Michael Blickensderfer, ESQ

Director of Legal | USMC Vietnam Veteran

At S.I. Security Consulting, we lead from the front in cybersecurity, ensuring that our clients are not just compliant but truly secure against the evolving landscape of digital threats.

Sean Jiles

Sean Jiles

Director of Cyber, CISM, US Army Veteran
Working hours

Mon-Fri: 9 AM – 6 PM

Saturday: 9 AM – 4 PM

Sunday: closed

Corporate

200 W River Dr
Suite 11
St. Charles IL, 60174

connect@SI-Security.com

 815-940-0806

Links
Get in touch

Disclaimer:
The content and materials provided on this website are intended solely for informational purposes and should not be construed as legal, security, or contracting advice. SI Security Consulting does not offer any guarantees, whether expressed or implied, concerning the accuracy, reliability, or completeness of the information presented. The services provided by SI Security Consulting are advisory in nature and are not intended to replace or act as substitutes for specialized expert guidance in federal contracting, security operations, or any other professional services. Any reliance on the information provided on this site is undertaken at your own discretion and risk. SI Security Consulting, along with its affiliates and partners, disclaims any liability for direct, indirect, incidental, consequential, or any other forms of damages that may result from the use of this website or from reliance on the information available on the site. This includes, but is not limited to, loss of use, data losses, lost business revenues, business interruptions, or any other form of loss. This website may contain links to third-party websites. SI Security Consulting is not responsible for the content on these third-party sites or the privacy practices they employ. The inclusion of these links does not imply endorsement, sponsorship, or recommendation of the linked sites or any information, products, or services they offer. SI Security Consulting is not engaged in providing direct legal, financial, or contractual services and does not make binding contractual decisions. References to federal contracts, security procedures, or other related services are purely for informational and advisory consultation. Your use of this website constitutes acceptance of and agreement to the terms outlined in this disclaimer.

si-security.com © 2024. All rights reserved.