1. Purpose

 The Personal Data Protection and Processing Policy of ManAsset Business Solutions Limited aims to define the principles and processes for protecting the confidentiality, accuracy, and accessibility of personal data belonging to visitors, candidates, employees, customers, suppliers, and all individuals who interact with the company. The policy ensures that all personal data is processed in compliance with the EU General Data Protection Regulation (GDPR), emphasizing transparency, security, and the rights of data subjects.

2. Scope

 This policy applies to all personal data processed by ManAsset Business Solutions Limited, including data related to visitors, job applicants, employees, customers, suppliers, and any other individuals whose data is collected through the company's operations, digital platforms, or services. It covers all processing activities performed in the context of the GDPR.

3. Definitions

 This section includes terms defined under the GDPR such as:

- Data Subject: The individual whose personal data is processed.
- Data Controller: The entity that determines the purposes and means of processing personal data.
- Personal Data: Any information relating to an identified or identifiable natural person.
- Processing: Any operation performed on personal data, whether or not by automated means.
- Consent: Freely given, specific, informed, and unambiguous indication of the data subject's wishes.
- Data Processor, Supervisory Authority, etc.

4. Responsibilities

 The management of ManAsset Business Solutions Limited is responsible for the implementation, oversight, and updating of this policy. A designated Data Protection Officer (DPO) or responsible person ensures communication with data subjects and the supervisory authority. All employees processing personal data must adhere to this policy and receive necessary training.

  5. Principles of Personal Data Processing

 In accordance with Article 5 of the GDPR, personal data shall be:

- Processed lawfully, fairly, and transparently
- Collected for specified, explicit, and legitimate purposes
- Adequate, relevant, and limited to what is necessary
- Accurate and kept up to date
- Stored only as long as necessary
- Processed with appropriate security and integrity

6. Legal Basis for Data Processing

 Personal data is processed on one or more of the following legal grounds:

- The data subject has given consent
- Processing is necessary for the performance of a contract
- Compliance with a legal obligation
- Protection of vital interests
- Performance of a task carried out in the public interest
- Legitimate interests pursued by the data controller

7. Special Categories of Personal Data

 ManAsset Business Solutions Limited only processes sensitive personal data (e.g., health, biometric data, political opinions) where permitted by GDPR Article 9 and based on explicit consent or legal necessity. Special safeguards are applied.

8. Rights of Data Subjects

 Data subjects have the right to:

- Access their personal data
- Rectify inaccuracies
- Erase data ('right to be forgotten')
- Restrict or object to processing
- Data portability
- Withdraw consent at any time
- Lodge a complaint with a supervisory authority

 9.Data Transfers

 Transfers of personal data to third countries or international organizations will only occur where adequate protection is ensured in line with GDPR Chapter V. Appropriate safeguards (e.g., Standard Contractual Clauses) will be used.

10. Data Security

 ManAsset Business Solutions Limited implements technical and organizational measures to ensure the confidentiality, integrity, and availability of personal data, including access controls, encryption, training, and audit trails.

11. Data Retention and Disposal

 ManAsset Business Solutions Limited retains personal data only for as long as necessary for the purposes for which it was collected, in line with legal requirements. Once data is no longer needed, it is securely deleted or anonymized.

12. Entry into Force and Updates

 This policy enters into force as of the approval date and is reviewed periodically to ensure compliance with applicable laws and business needs. Updates are communicated to all relevant parties.