Data Code of Conduct

BigRock Media Data Code of Conduct

Effective Date: March 10 2025

At BigRock Media, we are committed to ensuring the responsible and ethical use of data in all aspects of our advertising technology services. Our Data Code of Conduct outlines the principles and practices we follow to ensure the privacy, security, and proper use of data. This Code applies to all employees, partners, and third parties who interact with data collected, processed, or stored through our platform.

1. Commitment to Privacy and Compliance

We are dedicated to respecting the privacy rights of individuals and to complying with all applicable data protection laws, including but not limited to the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other relevant regulations. We ensure that personal data is collected, processed, and stored only for lawful and legitimate purposes.

• Data Minimization
  We collect only the data necessary for the execution of our advertising campaigns and to provide relevant services to our clients.
• Transparency
  We provide clear and transparent privacy notices, ensuring individuals are informed about the types of data collected and how it is used.

2. Data Security and Confidentiality

We prioritize the security of all data entrusted to us. We implement robust technical and organizational measures to safeguard personal and sensitive data from unauthorized access, use, alteration, or destruction. This includes:

• Encryption
  All sensitive data is encrypted both in transit and at rest to prevent unauthorized access.
• Access Control
  We enforce strict access controls to ensure that only authorized personnel can access sensitive data.
• Regular Audits
  We conduct regular audits and security assessments to evaluate the effectiveness of our data protection measures.

3. Ethical Data Use

We are committed to using data ethically and responsibly. This includes:

• Purpose Limitation
  Data will only be used for the specific purposes outlined during its collection, such as improving ad targeting, measuring campaign performance, or enhancing user experience.
• Non-Discriminatory Practices
  We do not use data in ways that discriminate against individuals or groups based on race, gender, ethnicity, or other protected characteristics.
• No Exploitative Practices
  We do not use data for exploitative purposes, such as misleading targeting, harmful manipulation, or engaging in unethical advertising practices.

4. Transparency and Accountability

We maintain transparency with our clients and end-users regarding our data practices. This includes:

• Data Processing Transparency
  We inform clients about how data is collected, processed, and stored, and we ensure that all data processing activities comply with agreed-upon terms.
• Third-Party Data Sharing
  We are transparent about sharing data with third parties and ensure that any data sharing is compliant with applicable data protection laws and contractual obligations.
• Data Retention
  We do not retain data longer than necessary for the purposes for which it was collected. Once the data is no longer needed, we ensure secure deletion or anonymization.

5. User Rights and Control

We respect the rights of individuals regarding their personal data. Our platform enables users and clients to exercise their rights to:

• Access
  Users can request access to the data we have collected about them.
• Correction
  Users can request updates or corrections to inaccurate or incomplete data.
• Deletion
  Users have the right to request that their personal data be deleted, subject to applicable legal and contractual obligations.
• Opt-Out
  Users can opt out of data collection for marketing or advertising purposes, and we provide clear instructions for managing preferences related to data use.

6. Third-Party Vendors and Partners

We work with third-party vendors and partners to deliver our services. We hold these partners to the same high standards of data protection and privacy as we do ourselves. Our agreements with third parties include specific clauses to ensure compliance with data protection laws and ethical data practices. This includes:

• Due Diligence
  Before engaging with any third-party vendors, we conduct thorough due diligence to ensure they meet our data protection and security standards.
• Contractual Safeguards
  All third-party relationships include data processing agreements (DPAs) that outline the obligations and responsibilities of each party in relation to data protection.

7. Data Integrity

We are committed to maintaining the accuracy and integrity of the data we collect, process, and store. We take steps to ensure that the data we handle is:

• Accurate
  We ensure that data is accurate and up to date. We take corrective actions when inaccuracies are identified.
• Relevant
  We ensure that the data we collect is relevant to the purposes for which it is processed, avoiding unnecessary data collection.
• Complete
  We take steps to ensure that the data we use is complete for its intended purpose, reducing gaps that could lead to errors or bias.

8. Training and Awareness

We invest in ongoing training for our employees and partners to ensure they understand their responsibilities under this Data Code of Conduct. This training includes:

• Data Privacy
  Ensuring that employees understand privacy regulations and the importance of safeguarding data.
• Ethical Data Use
  Providing guidance on how to use data responsibly, avoiding unethical or illegal practices.
• Security Best Practices
  Educating employees about cybersecurity measures and how to prevent data breaches.

9. Incident Response and Breach Notification

In the event of a data breach or security incident, we have a robust response plan in place to mitigate the impact, notify affected individuals, and comply with applicable breach notification requirements. We will:

• Act Swiftly
  Address the breach as soon as possible, containing the issue and preventing further data exposure.
• Notify Affected Individuals
  We will notify affected individuals without undue delay if their personal data has been compromised.
• Report to Authorities
  We will comply with all legal requirements for reporting data breaches to regulatory authorities within the required timeframes.

10. Continuous Improvement

We are committed to continuously improving our data practices. We regularly review and update this Data Code of Conduct, ensuring it remains aligned with evolving privacy laws, industry standards, and best practices.

By adhering to this Data Code of Conduct, BigRock Media ensures that we handle data in a responsible, ethical, and legally compliant manner. If you have any questions about our data practices or this Code of Conduct, please feel free to contact us.

Contact Information:

BigRock Media Email: legal_at_BigRock.Media
Phone: [Phone Number]
Website: https://bigrock.media/