Pacific Market
PACIFIC
MARKET
Legal

Data Protection

How we protect and manage data in Pacific Market.

Our Commitment to Data Protection

Pacific Market is committed to protecting the privacy and security of all data we collect, process, and store. We adhere to strict data protection principles and comply with applicable privacy laws and regulations.

Data Protection Principles

Lawfulness, Fairness & Transparency

We process data lawfully, fairly, and in a transparent manner. Users are informed about what data we collect and why.

Purpose Limitation

We only collect data for specified, explicit, and legitimate purposes. Data is not processed in ways incompatible with these purposes.

Data Minimisation

We only collect and process data that is necessary for our stated purposes. No excessive or irrelevant data is retained.

Accuracy

We take reasonable steps to ensure data is accurate and kept up-to-date. Users can correct inaccurate information.

Storage Limitation

Data is retained only as long as necessary for the purposes it was collected. Secure deletion procedures are followed.

Security & Integrity

We implement appropriate technical and organisational measures to protect data against unauthorized access, alteration, or destruction.

Data Categories We Process

Business Registry Data

  • Business name, description, and contact information
  • Location, industry, and operational details
  • Cultural identity and language information
  • Verification status and supporting documents
  • Website and social media profiles

User Account Data

  • Personal identification information (name, email)
  • Account credentials and authentication data
  • Communication preferences and history
  • Usage patterns and interaction data
  • Support requests and feedback

Technical Data

  • IP addresses and device information
  • Browser type and version
  • Access times and duration
  • Pages visited and referral sources
  • Cookies and tracking identifiers

Security Measures

Encryption

All data is encrypted in transit using TLS 1.2+ and at rest using industry-standard encryption algorithms.

Access Control

Strict access controls with role-based permissions. Multi-factor authentication required for administrative access.

Regular Audits

Regular security audits, penetration testing, and vulnerability assessments to identify and address potential risks.

Data Subject Rights

You have the following rights regarding your personal data:

  • Right to Access: Request a copy of your personal data
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data
  • Right to Portability: Receive data in a structured, machine-readable format
  • Right to Restrict Processing: Limit how we process your data
  • Right to Object: Object to certain types of data processing

Data Breach Response

In the event of a data breach, we will:

  • Assess the scope and impact of the breach within 72 hours
  • Notify affected individuals and relevant authorities as required
  • Take immediate steps to contain and remediate the breach
  • Implement measures to prevent future occurrences
  • Document the breach and our response for regulatory compliance

International Data Transfers

We may transfer data internationally but ensure appropriate safeguards are in place:

  • Data Processing Agreements with adequate protection clauses
  • Use of EU Standard Contractual Clauses where applicable
  • Compliance with relevant data protection frameworks
  • Regular review of international transfer mechanisms

Contact for Data Protection Issues

For data protection inquiries, to exercise your rights, or report a concern, please contact our Data Protection Officer.

Last updated: March 2026