Blokketen Solutions

HATI Privacy Addendum - EU, EEA, and UK

EU / EEA / UK supplement to the HATI Global Privacy Notice.

1. Scope

This Addendum supplements the HATI Global Privacy Notice for individuals in the European Union, the European Economic Area, and the United Kingdom where the GDPR or UK GDPR applies.

2. Lawful bases

  • contract performance or steps requested before entering into a contract;
  • legitimate interests, such as securing the service, managing business relationships, fraud prevention, and improving product performance, where those interests are not overridden by individual rights;
  • compliance with legal obligations;
  • consent, where consent is the appropriate basis; and
  • other lawful bases that may apply under the GDPR or UK GDPR.

3. Data-subject rights

Subject to legal limits and role allocation, you may have the right to be informed, access your data, request rectification, request erasure, request restriction, request portability, object to certain processing, and request review of certain automated decisions.

You may also withdraw consent where consent is the basis of processing, without affecting the lawfulness of processing before withdrawal.

  • Requests should be sent to the privacy contact identified in the Global Privacy Notice or in the final published version of this Addendum.
  • Where Blokketen Solutions Inc. acts as a processor on behalf of a customer, we may direct the request to that customer or assist the customer in responding.
  • Insert any operational response timelines, verification steps, and representative contact details that apply to your deployment.

4. International transfers

Where personal data subject to the GDPR or UK GDPR is transferred outside the relevant territory, Blokketen Solutions Inc. will use an appropriate transfer mechanism where required, such as adequacy, standard contractual clauses, the UK International Data Transfer Addendum, or another lawful safeguard.

Before publication, confirm whether supplementary technical and organizational measures are needed for the actual hosting, support, or provider model.

5. Complaints

You may have the right to lodge a complaint with the supervisory authority in your usual place of residence, place of work, or place of the alleged infringement. For UK processing, individuals may also complain to the Information Commissioner's Office.

6. Representatives and DPO

If required by the final deployment model, insert the details of any EU representative, UK representative, or data-protection officer. Remove this section if those roles are not legally required.