This procedure details how SOFTEL will respond to complaints from data subjects and third parties relating to the use of personal data.


Any suspected exposure of sensitive data including PII under SOFTEL’s custodianship should be reported immediately to SOFTEL’s Data Protection Officer or SOFTEL’s Security Desk.

Data Protection Officer:

Security Desk:


Data subjects are any natural living individuals whose personal data SOFTEL processes (collects, obtains, stores, retains, disposes of etc.). Data subjects can include SOFTEL Personnel, Clients, Partners, etc.


Data subjects have the right to the following and these rights can be exercised at any time:

  • Access to information about the processing of their data (GDPR Articles 12-14);
  • Access to their own personal data (GDPR Articles 12 and 15);
  • To ensure correctness of personal data (GDPR Article 16);
  • The ability to have personal data erased, also known as the right to be forgotten (GDPR Article 17);
  • The ability to restrict data processing (GDPR Article 18);
  • The ability to object to data processing, including direct marketing (GDPR Article 21);
  • The ability to receive a copy of their personal data or transfer their personal data to another data controller (data portability, GDPR Article 20);
  • The ability to not be subject to automated decision-making and rights in relation to profiling (GDPR Article 22); and
  • To be notified of a data security breaches (GDPR Article 34).

To exercise any of these rights, Data Subjects should email their request to: