Site logo
Add Your Business
0
Add Your Business

GDPR

 

GDPR Statement for Yahmapp

Introduction

Yahmapp is committed to protecting the privacy and security of our users’ personal data. As a global directory that connects consumers to local businesses, we are dedicated to ensuring full compliance with the General Data Protection Regulation (GDPR) to protect the rights and freedoms of our users and partners within the European Economic Area (EEA) and worldwide.

Key GDPR Compliance Principles

To uphold our commitment, we follow these fundamental GDPR principles:

  1. Lawfulness, Fairness, and Transparency: We process data lawfully, fairly, and transparently, clearly explaining why we collect data and how it is used.
  2. Purpose Limitation: Data is collected only for specified, legitimate purposes.
  3. Data Minimization: We collect only the data necessary to provide services effectively.
  4. Accuracy: We strive to maintain accurate, up-to-date data and encourage users to update their information as necessary.
  5. Storage Limitation: Personal data is kept for no longer than necessary for our purposes.
  6. Integrity and Confidentiality: We implement robust security measures to protect data from unauthorized access or breaches.
  7. Accountability: Yahmapp is accountable for demonstrating GDPR compliance at all times.
  1. Personal Data We Collect

To provide the Yahmapp service, we may collect the following data types:

  • Business Registration Data: Information provided when businesses register, such as business name, address, contact details, industry, and offerings.
  • User Data: For consumers, we collect data to facilitate access to local listings, including user preferences, search queries, and device information.
  • Financial Information: For businesses subscribing to premium services, we collect payment information through secure, third-party payment processors.
  1. Purpose of Data Collection

We collect personal data to:

  • Provide our directory services and connect users with local businesses.
  • Improve user experience by tailoring content and search results.
  • Enable secure and reliable payments for subscription-based services.
  • Conduct customer support and maintain operational communications.
  1. Legal Basis for Processing Data

Under GDPR, Yahmapp’s legal bases for processing personal data include:

  • Consent: Users and businesses opt-in by providing data voluntarily.
  • Contractual Necessity: Data processing is required to fulfill our services.
  • Legitimate Interest: Processing data to enhance and secure our services.
  • Legal Obligation: Compliance with applicable laws and regulations.
  1. How We Share Personal Data

Yahmapp will not sell or rent personal data. We may share limited information with trusted third-party service providers for purposes including:

  • Payment processing
  • Marketing and analytics
  • Customer support

We ensure all third-party partners comply with GDPR or equivalent international standards.

  1. Data Security Measures

Yahmapp employs security protocols to protect personal data, including:

  • Encryption of sensitive information (e.g., payment details).
  • Access controls and restricted data access on a need-to-know basis.
  • Regular audits and monitoring of our data systems for potential vulnerabilities.
  1. International Data Transfers

As a global platform, Yahmapp may transfer data internationally. Where we transfer personal data outside the EEA, we ensure adequate protection by using Standard Contractual Clauses or by verifying that the receiving country provides equivalent data protection levels as required by GDPR.

  1. Data Retention

We retain personal data only as long as necessary to fulfill our service obligations, and we securely delete or anonymize data upon the expiration of retention periods or at the user’s request.

  1. User Rights

Under GDPR, users and business partners have rights over their data, including:

  • Right to Access: Request copies of their data.
  • Right to Rectification: Correct inaccurate information.
  • Right to Erasure: Request deletion of their data.
  • Right to Restriction: Limit processing of their data.
  • Right to Data Portability: Receive a copy of their data in a machine-readable format.
  • Right to Object: Object to data processing based on legitimate interests.
  • Right to Withdraw Consent: Withdraw consent at any time for specific processing activities.

Users can exercise their rights by contacting us at [Contact Email/Support Page].

  1. Data Protection Impact Assessments (DPIAs)

To assess and mitigate privacy risks, Yahmapp regularly conducts DPIAs when introducing new services or processing activities that may affect users’ personal data.

  1. Data Breach Response Plan

Yahmapp is committed to rapid response in the event of a data breach:

  • We will notify affected individuals and the relevant Data Protection Authority within 72 hours of becoming aware of any significant breach.
  • We will take all necessary steps to mitigate any risks to affected individuals and to prevent future incidents.
  1. Children’s Privacy

Yahmapp does not knowingly collect personal data from children under 16. We require all users and registered businesses to confirm that they meet the minimum age requirement.

  1. Contact Information

For questions or concerns about this GDPR statement or Yahmapp’s data practices, please contact our Data Protection Officer (DPO) at:

  • Data Protection Officer:
  • Email:
  • Address:
  1. Updates to this GDPR Statement

Yahmapp reserves the right to update this GDPR statement to reflect changes in our practices or compliance requirements. We will notify users of any significant updates.

 

Features

Learn More

Social Media

Facebook Icon-instagram1 Youtube Tiktok