At Mercu (Flyp Pte Ltd) we take data protection and privacy seriously. We firmly believe in respecting our customers and their respective users’ privacy rights.

Introduction

The GDPR enforcement puts the control of personal data, collected by businesses, in the hands of the individuals, it belongs to, protecting the rights of EU residents.

The regulation delineates individuals’ rights to access, rectify, and restrict the processing of personal data, among other key provisions, and aims to unify privacy and security laws for all organizations operating within the EU.

In the context of this user document, we will be focused on how to implement the different rights once invoked by the Data Subjects.

Nomenclature

Data Subject: End Users

Data Controller: Mercu Customers

Data Processor: Mercu

Documents

1. Data Processing Agreement (DPA)

2. Terms of Use

3. Privacy Policy

Data Subject Rights

The Right to Access

Under GDPR, individuals have the right to obtain:

• Confirmation that their data is being processed;
• Access to their personal data; and
• Other supplementary information – this largely corresponds to the information that should be provided in a privacy notice (see GDPR Article 15).

Mercu Compliance