SkeeterArt (“we”, “us”, or “our”) is committed to complying with the General Data Protection Regulation (GDPR) regarding the collection, use, and retention of personal data of individuals within the European Union (EU).
1. Lawful Basis for Processing Personal Data
We will only process personal data in accordance with the GDPR, which requires that we have a lawful basis for processing. These lawful bases include:
- The data subject has given consent to the processing of their personal data for one or more specific purposes.
- Processing is necessary for the performance of a contract to which the data subject is party or to take steps at the request of the data subject prior to entering into a contract.
- Processing is necessary for compliance with a legal obligation to which the controller is subject.
- Processing is necessary to protect the vital interests of the data subject or of another natural person.
- Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
- Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
2. Data Protection Principles
We adhere to the principles relating to the processing of personal data as set out in the GDPR. These principles require that personal data shall be:
- Processed lawfully, fairly, and in a transparent manner.
- Collected for specified, explicit, and legitimate purposes and not further processed in a manner that is incompatible with those purposes.
- Adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed.
- Accurate and, where necessary, kept up to date.
- Kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed.
- Processed in a manner that ensures appropriate security of the personal data.
3. Data Subject Rights
Under the GDPR, data subjects have certain rights regarding their personal data. These rights include:
- The right to be informed about the collection and use of their personal data.
- The right of access to their personal data and supplementary information.
- The right to have inaccurate personal data rectified or completed if it is incomplete.
- The right to erasure of their personal data in certain circumstances.
- The right to restrict processing of their personal data in certain circumstances.
- The right to data portability, allowing them to obtain and reuse their personal data for their own purposes across different services.
- The right to object to processing of their personal data in certain circumstances.
- Rights in relation to automated decision making and profiling.
4. Data Breach Notification
In the event of a data breach that is likely to result in a risk to the rights and freedoms of individuals, we will notify the appropriate supervisory authority within 72 hours of becoming aware of the breach, unless the breach is unlikely to result in a risk to the rights and freedoms of individuals.
5. Contact Information
If you have any questions or concerns about our GDPR compliance or if you would like to exercise your data subject rights, please contact us at [email protected].
Changes to This GDPR Policy
We reserve the right to update or change our GDPR Policy at any time. Any changes to this policy will be posted on this page with a revised effective date. We encourage you to review this policy periodically for any updates.
Additional Resources
For more information about the GDPR, please visit the official website of the European Commission: https://ec.europa.eu/info/law/law-topic/data-protection_en