General Data Protection Regulation

Our Compliance for GDPR.

Based on the directives set across the General Data Protection Regulation (EU) 2016/679 (“GDPR”) our compliance policy for GDPR sets out the steps that MQL Solutions Private Limited (hereinafter referred as MQL Solutions) is taking to ensure MQL Solutions complies with the European Union’s new General Data Protection Regulation (GDPR). This regulation is designed to protect an individual’s personal data. In addition to giving citizens control of their personal data, the GDPR also aims to unify data protection laws across the European Union and the European Economic Area (EEA).

In accordance with the directives laid down in GDPR, below are the GDPR principles that MQL Solutions complies with all the personal data


• Collected for specified, explicit and legitimate purposes

• Adequate, relevant and limited to what is necessary in relation to the purposes

• Accurate and kept up-to-date

• Kept for no longer than necessary

• Processed in a manner that ensures appropriate security.

As per the adherence to GDPR directives – we follow the following procedures. These procedures are set out as a data processor; our responsibilities are limited being a data processor under the Data Protection Act. As a part of our responsibilities in line with the GDPR directives with reference to Article 5 and Article 6 of the GDPR below are procedures implemented and followed by MQL Solutions.

High Level Data flow Map

We maintain a high level data flow map for all the processing requirements we receive from our client from time to time wherein we act a data processor as per the article 4 of the GDPR. The data flow map help understand our clients how their data flows with the MQL Solutions environment and how all have access to it.


High Level Data Map

In accordance with GDPR compliances – it is important for MQL Solutions and its client to understand what data falls under GDPR and how to handle it appropriately. To address this, MQL Solutions shall use GDPR Data Map template, this will allow MQL Solutions and its client get a clear understanding of exactly what data is MQL Solutions in possession of and how that data is moving through MQL Solutions as an organization. The key element that shall be maintained in the data map is as below.


1. How was the data collected?

It is essential to understand the source of data collection as from where it has been collected.

2. What personal data is MQL Solutions collecting?

The personal data of the data subject that is being collected as per the GDPR guidelines. Which doesn’t include processing of mission critical personal data, and/or processing of special category personal data, and/or processing of processing of children data and/or processing data of criminal convictions and offences as per the GDPR article 7, 8, 9 and 10?

3. Why is the data being collected?

The reason behind collecting the personal data of the subject lies with our data controller which is mostly for Business Marketing purposes.

4. How the data is stored, how it will be processed and person(s) having access to it?

As per the GDPR compliance {reference Article 4(2) and (6) of the GDPR} it is important to know how the data is stored, how it will be processed and who all have access to the data at MQL Solutions.

5. When is this data disposed?

As per the GDPR compliances it is important to know how and when MQL Solutions shall dispose all the personal data collected on behalf of the data controller. All the personal data collected shall be disposed within 3 months (90 days) from the date it is been delivered to the controller or as per the agreed duration with the controller whichever is less.

6. Do we have consents from the data subjects?

As per the GDPR Article 7, conditions for consent wherever MQL Solutions acts as a Data Controller, as per the definition defined in GDPR Article 4, MQL Solutions shall only process or acquire the personal information of the data subject(s) wherein it has received appropriate consents from the data subject(s).

7. Right to withdraw

As per the Article 7(3), GDPR, under Conditions for consent, the data subject shall have the right to withdraw his or her consent at any time. MQL Solutions strictly adheres to this policy; as a data subject you have full rights to withdraw your consent at any time. Please write to unsubscribe@mql-solutions.com

Data Processing Register.

As an adherence to GDPR compliances MQL Solutions will fully comply with certain important rules required as a data processor and/or as a data controller from time to time. As part of the set rules MQL Solutions shall duly maintain the data processing register.