rustic-heron is committed to protecting the personal data of all our users, including those residing in the European Economic Area (EEA). This page outlines our commitment to GDPR compliance and explains your rights under this regulation.
What is GDPR
The General Data Protection Regulation (GDPR) is a comprehensive data protection law that came into effect on May 25, 2018. It gives individuals residing in the European Union and European Economic Area greater control over their personal data and establishes strict requirements for organizations that process such data.
Our Legal Basis for Processing
We process personal data only when we have a lawful basis to do so. Our legal bases for processing include:
- Consent: Where you have given us explicit consent to process your data for specific purposes
- Contractual Necessity: Where processing is necessary to fulfill our contractual obligations to you
- Legitimate Interests: Where processing is necessary for our legitimate business interests, provided these do not override your fundamental rights
- Legal Obligation: Where processing is necessary to comply with legal requirements
Your Rights Under GDPR
If you are a resident of the EEA, you have the following rights regarding your personal data:
Right of Access
You have the right to request a copy of the personal data we hold about you. We will provide this information free of charge within one month of your request.
Right to Rectification
You have the right to request that we correct any inaccurate or incomplete personal data we hold about you.
Right to Erasure
You have the right to request that we delete your personal data in certain circumstances, such as when the data is no longer necessary for the purpose for which it was collected.
Right to Restrict Processing
You have the right to request that we restrict the processing of your personal data in certain circumstances, such as when you contest the accuracy of the data.
Right to Data Portability
You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another controller.
Right to Object
You have the right to object to the processing of your personal data in certain circumstances, including processing for direct marketing purposes.
Rights Related to Automated Decision-Making
You have the right not to be subject to decisions based solely on automated processing, including profiling, that produce legal effects or significantly affect you.
How to Exercise Your Rights
To exercise any of your GDPR rights, please contact us using the details provided below. We will respond to your request within one month. If your request is complex or we receive a high volume of requests, we may extend this period by an additional two months, in which case we will inform you.
To verify your identity and protect your personal data, we may ask you to provide additional information before processing your request.
Data Transfers
Your personal data may be transferred to and processed in countries outside the EEA. When we transfer data outside the EEA, we ensure appropriate safeguards are in place, such as:
- Standard Contractual Clauses approved by the European Commission
- Transfers to countries with an adequacy decision from the European Commission
- Other legally recognized mechanisms
Data Protection Officer
For questions about our GDPR compliance or to exercise your rights, you may contact us at:
rustic-heron
Data Protection Inquiries
45 Harmony Lane, Suite 302
Toronto, ON M5V 3A8
Canada
[email protected]
Right to Lodge a Complaint
If you are not satisfied with how we handle your personal data or respond to your requests, you have the right to lodge a complaint with a supervisory authority in the EEA member state where you reside, work, or where the alleged infringement occurred.
Updates to This Information
We may update this GDPR compliance information from time to time. Any changes will be posted on this page with an updated effective date.