GDPR Compliance Statement
Our commitment to data protection and privacy rights
GDPR Compliant
Osint Vision is fully compliant with the General Data Protection Regulation (GDPR) and maintains the highest standards of data protection for law enforcement operations.
1. Our GDPR Commitment
Baccarat Ventures Limited is committed to protecting the privacy and personal data of all individuals in accordance with the General Data Protection Regulation (EU) 2016/679 ("GDPR"). As a provider of specialized tools for law enforcement, we understand the critical importance of data protection and have implemented comprehensive measures to ensure compliance.
2. Legal Basis for Processing
We process personal data under the following legal bases:
Article 6(1)(c) - Legal Obligation
Processing necessary for compliance with legal obligations, including law enforcement cooperation requirements.
Article 6(1)(e) - Public Task
Processing necessary for the performance of tasks carried out in the public interest or in the exercise of official authority.
Article 6(1)(f) - Legitimate Interest
Processing necessary for legitimate interests in providing secure law enforcement tools.
Article 6(1)(a) - Consent
Where explicit consent has been provided for specific processing activities.
3. Data Protection Principles
We adhere to all GDPR data protection principles:
Lawfulness, Fairness, and Transparency
All processing is conducted lawfully, fairly, and transparently.
Purpose Limitation
Data is collected for specified, explicit, and legitimate law enforcement purposes.
Data Minimization
We process only data that is adequate, relevant, and limited to what is necessary.
Accuracy
Personal data is kept accurate and up to date, with inaccurate data rectified or erased.
Storage Limitation
Data is retained only as long as necessary for the specified purposes or legal requirements.
Integrity and Confidentiality
Appropriate security measures protect against unauthorized processing and data breaches.
Accountability
We demonstrate compliance through documentation, policies, and regular audits.
4. Individual Rights
We respect and facilitate the exercise of individual rights under GDPR, subject to law enforcement exemptions where applicable:
Right of Access (Article 15)
Individuals can request information about their personal data processing.
Right to Rectification (Article 16)
Correction of inaccurate or incomplete personal data.
Right to Erasure (Article 17)
Deletion of personal data when no longer necessary (subject to legal retention requirements).
Right to Restrict Processing (Article 18)
Limitation of processing under specific circumstances.
Right to Data Portability (Article 20)
Transfer of personal data in a structured, machine-readable format.
Right to Object (Article 21)
Objection to processing based on legitimate interests or direct marketing.
5. Law Enforcement Exemptions
As a provider of law enforcement tools, certain GDPR exemptions may apply under Chapter V (Articles 23, 89) and national implementing legislation. These exemptions are applied only when necessary and proportionate for:
- Prevention, investigation, detection, or prosecution of criminal offenses
- Execution of criminal penalties
- Safeguarding against threats to public security
- Protection of judicial independence and proceedings
6. Security Measures
We implement appropriate technical and organizational measures including:
- End-to-end encryption for data in transit and at rest
- Multi-factor authentication and access controls
- Regular security assessments and penetration testing
- Employee training on data protection and security
- Incident response and breach notification procedures
- Data Protection Impact Assessments (DPIAs) for high-risk processing
7. International Transfers
When transferring personal data outside the EEA, we ensure appropriate safeguards are in place:
- European Commission adequacy decisions
- Standard Contractual Clauses (SCCs)
- Binding Corporate Rules (where applicable)
- Derogations for specific situations under Article 49
8. Data Protection Officer
We have appointed a Data Protection Officer (DPO) who can be contacted regarding any data protection matters:
Data Protection Officer
Baccarat Ventures Limited
71-75 Shelton Street, London, United Kingdom, WC2H 9JQ
Email: dpo@osintvision.com
9. Supervisory Authority
You have the right to lodge a complaint with the relevant supervisory authority. In the UK, this is the Information Commissioner's Office (ICO). For EU matters, you may contact your local data protection authority.
10. Regular Review and Updates
This GDPR statement is reviewed regularly and updated as necessary to reflect changes in our processing activities, legal requirements, or regulatory guidance. The last review date is indicated at the top of this document.