If a person’s data requests are clearly excessive, we may charge a reasonable fee taking into account the administrative costs, or decline to act on the requests.

The rights provided by the GDPR is generally described below. These rights are not absolute and each right is subject to limitations:

• The right of access. You have the right to confirmation of the personal data that is processed about you by mPulse and to a copy of the information. Among the limitations for this right is that providing a copy will not adversely affect the rights of others.
• The right to correct. You have the right to have inaccurate personal data rectified, or taking into account the purposes of the processing, completed if it is incomplete.
• The right to erasure (also known as the right to be forgotten). You have the right to have your personal data erased in certain limited circumstances.
• The right to restrict processing and object to use. You have the right to request the restriction or suppression of your personal data. This right only applies in certain circumstances. If processing is restricted, mPulse would not be permitted to use the data without your consent, unless in connection with a legal claim, the protection of another person,  or other exemptions. Mpulse would be permitted to continue to store the information.
• The right to data portability. The right to data portability allows you to obtain an electronic copy of your personal data to enable you to reuse that data for your own purposes across different services. This right allows you to move, copy or transfer personal data easily from one IT environment to another. This right only applies to information you have provided to mPulse and depending on the context, applies to some of your information, but not to all of your information.
• The right to object. You have the right to object to the processing of your personal data in certain circumstances, in the absence of a compelling reason for the continued processing.

Before we can act on your request, we must:

• Confirm your identity.
• Be supplied with sufficient information from you in order to locate the information you seek.

On receipt of your completed request, verification of your identity, and sufficient details to enable us to locate the information, we will endeavor to provide you information on our actions promptly. GDPR require that we act on a completed request within one month. That period may be extended by two months where necessary, taking into account the complexity and number of the requests. If we determine not to fulfill your request, we are required to notify you within one month of our reasons for not doing so.

If you have any questions about how your personal data is used, or wish to exercise any of your rights with respect to your personal data,
please contact mPulse’s Data Protection Officer at compliance@mpulse.com.