Kaustubh Gold & Minerals Limited is committed to maintaining the highest standards of data protection and information security across all jurisdictions in which we operate.
1. Data Protection Principles
- Lawfulness, fairness, and transparency in all data processing activities
- Purpose limitation — data collected for specified, explicit, and legitimate purposes
- Data minimisation — only data necessary for the stated purpose is collected
- Accuracy — data is kept accurate and up to date
- Storage limitation — data not retained for longer than necessary
- Integrity and confidentiality — appropriate technical and organisational security measures
2. Technical Security Measures
- End-to-end encryption for all data transmission and storage
- Role-based access controls limiting data access to authorised personnel
- Multi-factor authentication for all internal systems
- Regular security audits and penetration testing
- Data classification policies governing handling of confidential information
- Incident response procedures with defined notification timelines
3. Organisational Measures
All staff with access to personal or confidential data receive regular data protection training. Third-party processors are vetted and subject to data processing agreements ensuring equivalent standards of protection.
4. International Transfers
Given our global operations spanning Uganda, Dubai, India, and the United States, personal data may be transferred across jurisdictions. All cross-border transfers are conducted in compliance with applicable data protection laws, using standard contractual clauses where required.
5. Data Breach Response
In the event of a personal data breach, KGML will follow its documented incident response procedure. Where required by applicable law, relevant supervisory authorities and affected individuals will be notified within prescribed timeframes.
Document:Data Protection Policy — Kaustubh Gold & Minerals Limited
Effective:1 January 2025
Questions? compliance@thekaustubh.com