GDPR Compliance
Effective Date: 25/09/2024
At NailEpic (“we,” “our,” or “us”), we are committed to protecting your privacy and ensuring that your personal data is handled in compliance with the General Data Protection Regulation (GDPR). This page outlines your rights as an individual and how we collect, store, and process your personal data in accordance with the GDPR.
1. Data Controller
NailEpic is the data controller responsible for your personal data. If you have any questions or concerns regarding how we handle your data, please contact us at:
NailEpic
Email: [email protected]
2. What Data We Collect
We may collect the following types of personal data:
- Identity Data: Name, email address.
- Technical Data: IP address, browser type, and version, device type, operating system.
- Usage Data: Information on how you use our Site, including pages visited, duration of visits, and interactions with features on the Site.
3. How We Use Your Data
We will only use your personal data for legitimate purposes, including:
- Providing and improving our services and website.
- Sending you newsletters, updates, or promotional materials (if you have given consent).
- Responding to inquiries or feedback.
- Complying with legal obligations.
4. Legal Basis for Processing
Under the GDPR, we must have a lawful basis for processing your personal data. The legal bases for processing your data include:
- Consent: When you have provided your consent to receive communications or marketing.
- Contractual necessity: To fulfill a contract with you, such as responding to your inquiries.
- Legal obligation: To comply with a legal requirement.
- Legitimate interest: To improve our services and ensure the proper functioning of the Site.
5. Your GDPR Rights
Under the GDPR, you have the following rights regarding your personal data:
a. Right to Access
You have the right to request access to your personal data and information about how we process it.
b. Right to Rectification
If your personal data is inaccurate or incomplete, you have the right to request that we correct or update it.
c. Right to Erasure (Right to Be Forgotten)
You can request that we delete your personal data if:
- It is no longer necessary for the purposes for which it was collected.
- You withdraw your consent (where the processing is based on consent).
- You object to the processing, and there is no overriding legitimate reason for continuing the processing.
- The data has been unlawfully processed.
- We are required to erase the data to comply with a legal obligation.
d. Right to Restrict Processing
You have the right to request that we limit the processing of your personal data under certain circumstances, such as if you contest its accuracy or object to the processing.
e. Right to Data Portability
You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit it to another data controller.
f. Right to Object
You may object to the processing of your personal data based on legitimate interests or for direct marketing purposes.
g. Right to Withdraw Consent
If we rely on your consent to process your personal data, you can withdraw that consent at any time.
6. How to Exercise Your Rights
To exercise any of your rights under the GDPR, please contact us at [email protected]. We will respond to your request within one month, as required by GDPR.
7. Data Retention
We will retain your personal data for as long as is necessary for the purposes for which it was collected, or as required by law. Once the retention period has expired, we will securely delete or anonymize your data.
8. Data Security
We have implemented appropriate technical and organizational measures to protect your personal data from unauthorized access, alteration, disclosure, or destruction. However, please note that no method of transmission over the internet or electronic storage is completely secure.
9. Data Transfers
We may transfer your personal data to service providers located outside the European Economic Area (EEA). When doing so, we ensure that the necessary safeguards are in place to protect your personal data, including the use of Standard Contractual Clauses or other lawful transfer mechanisms recognized by the GDPR.
10. Third-Party Services
We may use third-party service providers (e.g., analytics services) to process your data. These third parties are carefully vetted and required to comply with GDPR standards regarding the protection of your personal data.
11. Changes to This GDPR Page
We reserve the right to update this GDPR Compliance page at any time. Any changes will be posted on this page with an updated effective date. Please check back periodically for updates.
12. Contact Us
If you have any questions about this GDPR Compliance page or how we handle your data, please contact us at:
NailEpic
Email: [email protected]