This policy lays down guidelines to secure the processing of personal data collected by Dailoqa, directly or indirectly from the customers and users of Dailoqa’s services.
“Personal Data” refers to any data that relates to an identified or identifiable individual or person.
In practice, personal data includes all that can be assigned to an individual in any way. We collect
name, contact details including email-address, telephone number and address.
We collect and use personal information to contact our customers via phone, SMS, emails or post
for sales and marketing our solutions and services. Data is collected through “contact us” page
on our website or on the cloud providers marketplace portal or direct provisioning of information
during services.
Access is limited to employees and partners on a need-to-know basis.
This policy lays down guidelines to secure the processing of personal data collected by Dailoqa, directly or indirectly from the customers and users of Dailoqa’s services.
“Personal Data” refers to any data that relates to an identified or identifiable individual or person. In practice, personal data includes all that can be assigned to an individual in any way. We collect name, contact details including email-address, telephone number and address.
We collect and use personal information to contact our customers via phone, SMS, emails or post for sales and marketing our solutions and services. Data is collected through “contact us” page on our website or on the cloud providers marketplace portal or direct provisioning of information
during services.
Access is limited to employees and partners on a need-to-know basis.
4. Dailoqa’s Broccoli Solutions offered to the clients
This section outlines the data privacy aspects in relation to the Dailoqa’s Broccoli Solutions
offered to our clients.
Broccoli, an Agentic AI development platform from Dailoqa is deployed into the customer’s cloud
subscription. All application resources operate within the customer’s tenant and selected region,
with the customer retaining ownership and control of the environment and personal data at all
times.
Dailoqa is granted restricted, auditable access solely to deploy the application in the managed
resource group via Role-Based Access Control. No access is provided to customer-managed
resource groups or unrelated tenant assets.
Personal data remains within the customer’s Cloud tenant boundary unless explicitly configured
by the customer, and the application may be removed by the customer at any time, at which point
Dailoqa access is automatically revoked.
This section outlines the data privacy aspects in relation to the Dailoqa’s Broccoli Solutions
offered to our clients.
Broccoli, an Agentic AI development platform from Dailoqa is deployed into the customer’s cloud subscription. All application resources operate within the customer’s tenant and selected region, with the customer retaining ownership and control of the environment and personal data at all times.
Dailoqa is granted restricted, auditable access solely to deploy the application in the managed
resource group via Role-Based Access Control. No access is provided to customer-managed
resource groups or unrelated tenant assets.
Personal data remains within the customer’s Cloud tenant boundary unless explicitly configured by the customer, and the application may be removed by the customer at any time, at which point
Dailoqa access is automatically revoked.
5. Principles for Processing Personal Data
At Dailoqa, we incorporate the following principles of data protection in the way we collect and
store personal data. We ensure that the data we collect is:
• Processed lawfully, fairly, and in a transparent manner.
• Collected for specific, explicit, legitimate, and limited purposes.
• Adequate, relevant, and limited to what is necessary.
• Accurate and, where necessary, kept up to date.
• Kept in an identifiable form for no longer than is necessary.
• Processed in a manner that ensures appropriate security.
At Dailoqa, we incorporate the following principles of data protection in the way we collect and store personal data. We ensure that the data we collect is:
• Processed lawfully, fairly, and in a transparent manner.
• Collected for specific, explicit, legitimate, and limited purposes.
• Adequate, relevant, and limited to what is necessary.
• Accurate and, where necessary, kept up to date.
• Kept in an identifiable form for no longer than is necessary.
• Processed in a manner that ensures appropriate security.
6. Security of Personal Data
We use appropriate technical and organisational measures to protect the personal data we
collect and process. The measures we use are generally designed to provide a level of security
appropriate to the risk of personal data that we process.
Depending on requirements arising from business commitments or regulations, the following
advanced technical solutions may be considered to provide an additional layer of protection:
• Security standards implemented include password protection and encryption.
• Data Leakage Prevention (DLP) tools: To monitor and restrict data flow from potential
endpoints to unauthorised systems.
• Data Masking: To restrict the ability to read sensitive data within the organisation as well
as to ensure protection from external parties.
7. Data Subject Rights
To adequately protect the personal data collected and processed by Dailoqa, you must
understand the rights to which data subjects are entitled. Listed below are the data subject rights
that we adhere to:
• Right to be informed: The right to know how personal data is used in clear and transparent language.
• Right of access: The right to know and have access to the personal data held about an individual.
• Right to data portability: The right to receive and transfer data in a common and machine readable electronic format.
• Right to be forgotten: The right to have personal data erased.
• Right to rectification: The right to have data corrected where it is inaccurate or incomplete.
• Right to object: The right to complain and to object to processing.
• Right to restriction of processing: The right to limit the extent of the processing of personal data according to an individual’s wishes.
• Rights related to automated decision-making and profiling: The right not to be subject to decisions without human involvement.
• Right to non-discrimination: The right to not be discriminated against for an individual exercising their rights.
To adequately protect the personal data collected and processed by Dailoqa, you must
understand the rights to which data subjects are entitled. Listed below are the data subject rights that we adhere to:
• Right to be informed: The right to know how personal data is used in clear and transparent language.
• Right of access: The right to know and have access to the personal data held about an individual.
• Right to data portability: The right to receive and transfer data in a common and machine readable electronic format.
• Right to be forgotten: The right to have personal data erased.
• Right to rectification: The right to have data corrected where it is inaccurate or incomplete.
• Right to object: The right to complain and to object to processing.
• Right to restriction of processing: The right to limit the extent of the processing of personal data according to an individual’s wishes.
• Rights related to automated decision-making and profiling: The right not to be subject to decisions without human involvement.
• Right to non-discrimination: The right to not be discriminated against for an individual exercising their rights.
8. Staff Training
Dailoqa ensures that its employees receive and attend the required data protection training,
including the content and handling of this Policy, if they have constant or frequent access to
personal data, are involved in the collection of data, or in the development of tools used to
process personal data. The requirements of data protection and compliance must be observed.
All Dailoqa staff members need to annually acknowledge that they have attended the Data-
Protection training and understand the Data Protection Policy.
Dailoqa ensures that its employees receive and attend the required data protection training,
including the content and handling of this Policy, if they have constant or frequent access to personal data, are involved in the collection of data, or in the development of tools used to
process personal data. The requirements of data protection and compliance must be observed.
All Dailoqa staff members need to annually acknowledge that they have attended the Data-
Protection training and understand the Data Protection Policy.
9. Data Protection Officer
The Data Protection Officer leads all the data protection efforts of the company.
10. Non-Compliance
Compliance with this policy is verified through various methods, including but not limited to
automated reporting, audits, and feedback to the policy owner. Any staff member found to be in
violation of this policy is subjected to disciplinary action, up to and including termination of
employment or contractual agreement. The disciplinary action depend on the extent, intent, and
repercussions of the specific violation.
Compliance with this policy is verified through various methods, including but not limited to
automated reporting, audits, and feedback to the policy owner. Any staff member found to be in violation of this policy is subjected to disciplinary action, up to and including termination of employment or contractual agreement. The disciplinary action depend on the extent, intent, and repercussions of the specific violation.
11. Responsibilities
The Information Security Officer is responsible for approving and reviewing policy and related
procedures. Supporting functions, departments, and staff members are responsible for
implementing the relevant sections of the policy in their area of operation.
The Information Security Officer is responsible for approving and reviewing policy and related
procedures. Supporting functions, departments, and staff members are responsible for implementing the relevant sections of the policy in their area of operation.