This document outlines a company's policy on personal data protection, detailing how it collects, uses, and discloses personal data in compliance with the EU General Data Protection Regulation (GDPR). It establishes basic principles for data processing, informs about data registration duties, sets storage periods, and defines rules for using data processors and handling data breaches.