# Data Compliance *** **Table of Contents** 1. Introduction 2. Purpose 3. Scope of Compliance 4. Definitions 5. Data Collection Methods 6. Data Elements Collected 7. Data Storage and Encryption 8. Data Sharing and Third-Party Integrations 9. User Rights and Consent Mechanisms 10. Data Retention and Deletion 11. Security Measures 12. Data Audits and Accountability 13. Incident Response and Data Breach Procedure 14. Data Protection Officer (DPO) 15. Training and Awareness 16. Non-Compliance Penalties 17. Amendments 18. Contacts *** **1. Introduction** This document outlines the practices and guidelines for data compliance at realestatehub.today, with a focus on the protection of data for subscribers and clients. *** **2. Purpose** The purpose is to clearly define how data is collected, stored, used, and shared on realestatehub.today, aligning with GDPR, CCPA, and other relevant legal requirements. *** **3. Scope of Compliance** The scope covers all data collected from subscribers of realestatehub.today and data shared with third-party platforms. *** **4. Definitions** * Personal Data: Information related to an identified or identifiable natural person. * Processing: Actions performed on personal data. * Lead : A subscriber who has downloaded content. * Intent Actions: User behavior metrics that indicate interest. *** **5. Data Collection Methods** * Subscription: Through LinkedIn or manual registration, which requires email verification. * Content Download: Requires subscription to the platform. *** **6. Data Elements Collected** | Data Element | Source | Purpose | | -------------- | -------- | -------------- | | Name | User | Identification | | Email | User | Communication | | Content Viewed | Behavior | Intent Actions | *** **7. Data Storage and Encryption** * Storage: Data is stored in encrypted format in data.isyndicate.io. * Encryption: AES 256-bit encryption is used. *** **8. Data Sharing and Third-Party Integrations** * Lead Sharing: Data is sold or shared with clients. * Third-Party Integration: Content is syndicated to 300+ compliant publishing platforms. *** **9. User Rights and Consent Mechanisms** * Consent: Users provide consent for newsletters and content preferences. * Rights: Access, correction, deletion of data. *** **10. Data Retention and Deletion** * Retention: Indefinite until deletion is requested by the user. *** **11. Security Measures** * Firewall: AWS firewall services. * Encryption: Data in transit and at rest are encrypted. *** **12. Data Audits and Accountability** * Audit Logs: For auditing purposes, logs are maintained. * Accountability: Staff training and written agreements with third-party platforms. *** **13. Incident Response and Data Breach Procedure** * Response Team: Headed by the DPO. * Notification: Within 72 hours of discovering a breach. *** **14. Data Protection Officer (DPO)** * Name: Mr. Chris York * Role: Compliance oversight. *** **15. Training and Awareness** * Training: Mandatory for all employees. *** **16. Non-Compliance Penalties** * Penalties: Includes fines and disciplinary action. *** **17. Amendments** Subject to change based on laws and technology. *** **18. Contacts** * DPO: Mr. Chris York