GDPR Compliance Statement - Legal Pilot
Office No. 18, 9.17 Capital Tower, 91 Waterloo Road, London, SE1 8RT
Mon - Fri: 10.00 - 19.00 GTM+2
+38 095 841 41 64 | +357 95 567 212
contact@legalpilot.com

GDPR Compliance Statement

Last updated: January 14, 2025

Our Commitment to Data Protection

Legal Pilot is committed to protecting the personal data of our clients, website visitors, and employees in accordance with the General Data Protection Regulation (GDPR) (EU) 2016/679. This statement outlines how we ensure compliance with GDPR requirements.

Key GDPR Principles We Follow

1. Lawfulness, Fairness, and Transparency

  • We process personal data lawfully, fairly, and transparently
  • All data processing activities have a legal basis
  • We maintain clear privacy notices and policies

2. Purpose Limitation

  • We collect personal data only for specified, explicit, and legitimate purposes
  • Data is not processed in ways incompatible with these purposes
  • We document all purposes of data processing

3. Data Minimization

  • We collect only the personal data we need
  • Data collection is proportionate to the purpose
  • We regularly review data necessity

4. Accuracy

  • We maintain accurate and up-to-date personal data
  • We have processes for correcting inaccurate data
  • Regular data quality reviews are conducted

5. Storage Limitation

  • We keep personal data only as long as necessary
  • We have defined retention periods for different data types
  • Regular data cleanup procedures are in place

6. Integrity and Confidentiality

  • We use appropriate technical and organizational security measures
  • Data is protected against unauthorized processing
  • We maintain secure systems and processes

Data Subject Rights

We respect and facilitate the following rights:

Right to Be Informed

  • Clear privacy notices
  • Transparent data processing information
  • Regular updates about data usage

Right of Access

  • Confirmation of data processing
  • Access to personal data
  • Information about data processing

Right to Rectification

  • Correction of inaccurate data
  • Completion of incomplete data
  • Prompt updates when requested

Right to Erasure

  • Removal of personal data when requested
  • Documentation of erasure procedures
  • Third-party notification of erasure

Right to Restrict Processing

  • Limitation of data processing
  • Storage without processing
  • Notification of restriction lifting

Right to Data Portability

  • Data provided in structured format
  • Direct transfer where possible
  • Technical measures for data transfer

Right to Object

  • Objection to processing
  • Marketing opt-out
  • Legitimate interests assessment

Technical and Organizational Measures

Security Measures

  • SSL/TLS encryption
  • Secure data storage
  • Access controls
  • Regular security audits
  • Staff training programs

Data Protection Procedures

  • Data Protection Impact Assessments (DPIAs)
  • Data breach response plan
  • Regular compliance audits
  • Documentation maintenance

International Data Transfers

When transferring personal data outside the EEA, we ensure:

  • Adequate level of protection
  • Appropriate safeguards
  • Standard contractual clauses
  • Regular transfer impact assessments

Data Protection Officer

While not required by law for our operations, we maintain best practices in data protection. For data protection inquiries, contact:

Legal Pilot
Office No. 18, 9.17 Capital Tower
91 Waterloo Road
London SE1 8RT
United Kingdom

Email: contact@legalpilot.com
Phone: +357 95 567 212

Documentation and Accountability

We maintain:

  • Records of processing activities
  • Data protection policies
  • Security procedures
  • Staff training records
  • DPIA records
  • Breach notification procedures

Regular Reviews and Updates

We regularly:

  • Review and update our GDPR compliance
  • Assess new processing activities
  • Update security measures
  • Train staff on data protection
  • Audit our procedures

Vendor Management

For third-party service providers:

  • Due diligence procedures
  • Data processing agreements
  • Regular compliance verification
  • Security assessments

Contact and Complaints

For GDPR-related inquiries or complaints:

  1. Contact us directly using the details above
  2. We will respond within 30 days
  3. You have the right to contact your local data protection authority

Commitment to Continuous Improvement

We are committed to:

  • Regular policy reviews
  • Staff training updates
  • Technology improvements
  • Process optimization
  • Stakeholder feedback integration
Contact us to get the full list of countries with available nominee services for your business