Data Protection Policy

Effective Date: 07/01/2023
 
We at toastyheater.shop are committed to protecting the personal information that we collect, use, and disclose in connection with our digital marketing activities. This Data Protection Policy explains how we ensure that personal information is processed lawfully, fairly, and transparently, and in compliance with the General Data Protection Regulation (GDPR).
 
 
DATA PROTECTION PRINCIPLES
 
We adhere to the following principles when processing personal information:
 
Lawfulness, fairness, and transparency: We process personal information lawfully, fairly, and in a transparent manner.
 
Purpose limitation: We collect personal information for marketing and promotional purposes and do not process it in a way that is incompatible with those purposes.
 
Data minimization: We collect only the personal information that is necessary for the purposes for which it is processed.
 
Integrity and confidentiality: We process personal information in a manner that ensures appropriate security, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage.
 
 
DATA SUBJECT RIGHTS
 
We respect your rights as a data subject under the GDPR. You have the right to:
 
Access your personal information: You can request access to the personal information that we hold about you.
 
Rectify your personal information: You can request that we correct or update your personal information if it is inaccurate or incomplete.
 
Erase your personal information: You can request that we delete your personal information if it is no longer necessary for the purposes for which it was collected, if you withdraw your consent, or if you object to its processing.
 
Restrict processing of your personal information: You can request that we limit the processing of your personal information if you contest its accuracy, if the processing is unlawful, or if we no longer need the personal information for the purposes for which it was collected.
 
Object to processing of your personal information: You can object to the processing of your personal information for direct marketing purposes or if the processing is based on legitimate interests.
 
Data portability: You can request a copy of your personal information in a structured, commonly used, and machine-readable format, and you can request that we transfer your personal information to another controller.
 
 
TRANSFERS OF PERSONAL DATA
 
We may transfer your personal information to countries outside the European Economic Area (EEA) if it is necessary for the purposes for which the personal information was collected. If we transfer your personal information outside the EEA, we will ensure that appropriate safeguards are in place to protect your privacy rights, such as standard contractual clauses or binding corporate rules.
 
 
THIRD-PARTY PROCESSING
 
We will not share any of your personal data with any third-party companies with one important exception. In some limited circumstances, we may be legally required to share certain personal data, which might include yours, if we are involved in legal proceedings or complying with legal obligations, a court order, or the instructions of a government authority.

If any personal data is transferred outside the EEA, we will take suitable steps to ensure that your personal data is treated just as safely and securely as it would be under the GDPR in France and the EEA, as explained above.

 
CHANGES TO THIS POLICY
 
We may update this Data Protection Policy from time to time. We will notify you of any material changes to this Policy by posting a notice on our website or sending you an email.