EU & UK Data Protection Statement

Effective Date: March 21, 2025
Website: www.initforce.com

1. Introduction

This EU & UK Data Protection Statement should be read alongside our Privacy Policy and applies to EU and UK residents (“EU Data Subjects”) whose personal data may be collected or processed by Initforce Consulting Ltd (“Initforce”, “we”, or “us”).

For clarity:

  • EU Data Subject refers to any living individual residing in a European Union Member State or the United Kingdom.
  • GDPR refers to Regulation (EU) 2016/679 and the UK GDPR, along with related data protection laws in the European Economic Area (EEA) and UK.

We generally act as a data processor, supporting clients who use our Salesforce services. However, in some instances (such as job applications or direct interactions via our website), we may act as a data controller.

2. Legal Basis for Processing

When we collect and process personal data of EU Data Subjects, we rely on lawful bases outlined in the GDPR, such as:

  • Performance of a contract
  • Compliance with a legal obligation
  • Legitimate interests
  • Consent (where required)

This applies when we interact with:

  • Clients or prospective clients
  • Contractors or suppliers
  • Employment candidates
  • Website visitors and subscribers

We process data to communicate, manage business relationships, improve our services, and provide relevant content or updates.

3. Your Rights Under the GDPR

If you are an EU or UK resident, you may have the following rights:

  • Access: Request a copy of your personal data we hold
  • Correction: Ask us to correct inaccurate or outdated information
  • Erasure: Request deletion of data no longer needed or where consent is withdrawn
  • Restriction: Ask us to limit how we use your data in specific circumstances
  • Data Portability: Request your data in a readable format, or have it transferred to another service provider
  • Objection: Object to processing based on legitimate interests or for marketing purposes

Please note that some requests may not be fulfilled due to legal obligations or overriding legitimate interests, but we will always communicate the reason clearly.

4. Exercising Your Rights

To exercise any of your rights, or for GDPR-related queries, please contact us via:

šŸ“§ Email: privacy@initforce.com
šŸŒ Website form: initforce.com/contact

We will respond as promptly as possible and in accordance with GDPR timeframes.

5. Cross-Border Data Transfers

If we transfer your personal data outside the EU/UK (e.g., to our cloud providers or partners), we ensure:

  • Appropriate safeguards are in place, such as EU Standard Contractual Clauses (SCCs) or equivalent mechanisms
  • Only necessary and relevant data is shared
  • Your data is processed securely and in line with GDPR requirements

6. Childrenā€™s Privacy

Initforce does not knowingly collect or process personal data of individuals under the age of 16. If we become aware of such data being collected, we will delete it promptly.

We encourage parents and guardians to monitor their childrenā€™s use of the internet and contact us if they believe any information has been submitted by a minor.

7. Updates to This Statement

We may update this statement periodically to reflect legal, regulatory, or operational changes. When we do, we will post the revised version with a new effective date.

8. Questions or Complaints

If you have any concerns about how we handle your data under the GDPR or UK GDPR, please reach out to our Privacy Team at:

šŸ“§ privacy@initforce.com
If necessary, you can also lodge a complaint with your local data protection authority.

Last reviewed: March 21, 2025