Your privacy is very important to us. Accordingly, we have developed this Policy in order for you to understand how we collect, use, communicate and disclose and make use of personal information. The following outlines our privacy policy.

  • Before or at the time of collecting personal information, we will identify the purposes for which information is being collected.

  • We will collect and use personal information solely with the objective of fulfilling those purposes specified by us and for other compatible purposes, unless we obtain the consent of the individual concerned or as required by law.

  • We will only retain personal information as long as necessary for the fulfillment of those purposes.

  • We will collect personal information by lawful and fair means and, where appropriate, with the knowledge or consent of the individual concerned.

  • Personal data should be relevant to the purposes for which it is to be used, and, to the extent necessary for those purposes, should be accurate, complete, and up-to-date.

  • We will protect personal information by reasonable security safeguards against loss or theft, as well as unauthorized access, disclosure, copying, use or modification.

  • We will make readily available to customers information about our policies and practices relating to the management of personal information.

We are committed to conducting our business in accordance with these principles in order to ensure that the confidentiality of personal information is protected and maintained.

GDPR Compliance Statement

At Passiv we take user data and privacy very seriously. Our position is that software companies have a duty of care to protect and secure user data. As such we have decided to voluntarily adhere to GDPR standards.

General GDPR principles

  • we will process all personal data fairly and lawfully

  • we will only process personal data for specified and lawful purposes

  • we will endeavor to hold relevant and accurate personal data, and where practical, we will keep it up to date

  • we will not keep personal data for longer than is necessary

  • we will keep all personal data secure

  • we will endeavor to ensure that personal data is not transferred to countries outside of the European Economic Area (EEA) without adequate protection

GDPR compliance

We have implemented the relevant policies and practices to ensure we protect any data handled by Passiv – for its employees and suppliers, specifically including the following:

  • employees were made aware of the GDPR and restrictions and obligations within it as may be relevant to them, with the relevant training provided as necessary

  • all new employees joining after the 25th May 2018 will receive awareness training as part of our induction programme

  • all suppliers who process personal data on behalf of Passiv are required to provide proof of compliance with GDPR standards

GDPR actions to date

  • we created a policy to only collect and store minimum required user data

  • we undertook a gap analysis of all our business processes where personal data is either held or collected and produced an action plan

  • we are undertaking a systematic review of the personal data we store, manage, maintain, collect, process and control

  • we have assessed our lawful bases for processing data to ensure all personal data is processed lawfully, fairly and transparently

  • we migrated our servers and data center to a service provider that follows GDPR standards

  • we have conducted data mapping of all our processes involving personal data

  • we are providing training to our employees and generally raising the awareness and importance of GDPR to our business and their individual responsibilities arising from this

  • we are and will continue to look at ways of improving our systems and procedures to better comply with GDPR best practice


Should you require any further information about Passiv’s GDPR statements, please feel free to reach out using Passiv’s feedback form.