GDPR Compliance for VitaMystica
Last updated: October 22th, 2024
At VitaMystica, we are committed to complying with the General Data Protection Regulation (GDPR) and ensuring the privacy and protection of your personal data. This GDPR policy outlines how we collect, use, and store your personal information, and your rights under the GDPR.
1. Data Controller
The data controller responsible for the processing of your personal data is:
VitaMystica
Email: [email protected]
2. What Personal Data We Collect
We collect and process personal data that you voluntarily provide to us, as well as data collected automatically when you interact with our website. The types of personal data we collect include:
- Name
- Email address
- IP address
- Browser type and usage data
- Any other personal information you choose to provide
3. Purpose of Data Collection
We collect personal data for the following purposes:
- To provide and improve our services
- To communicate with you, including responding to inquiries and sending newsletters
- To personalize your experience on our website
- To comply with legal obligations
4. Legal Basis for Processing Personal Data
Under the GDPR, we process your personal data based on the following legal grounds:
- Consent: If you have provided consent to the processing of your personal data.
- Contractual Obligation: When processing is necessary for the performance of a contract (e.g., providing a service).
- Legitimate Interest: For purposes such as improving our website or communications, where these interests are not overridden by your privacy rights.
- Legal Obligation: To comply with legal obligations such as record-keeping.
5. Data Retention
We will retain your personal data for as long as necessary to fulfill the purposes outlined in this policy or as required by law. When data is no longer needed, we will securely delete or anonymize it.
6. Your Rights Under GDPR
Under the GDPR, you have the following rights regarding your personal data:
- Right to Access: You can request access to the personal data we hold about you.
- Right to Rectification: You can request corrections to inaccurate or incomplete personal data.
- Right to Erasure (“Right to be Forgotten”): You can request the deletion of your personal data under certain circumstances.
- Right to Restrict Processing: You can request the limitation of the processing of your personal data.
- Right to Data Portability: You can request that we transfer your personal data to another data controller.
- Right to Object: You can object to the processing of your personal data based on legitimate interests or direct marketing purposes.
- Right to Withdraw Consent: You can withdraw consent to data processing at any time, where processing is based on consent.
To exercise any of these rights, please contact us at:
Email: [email protected]
7. Data Security
We take data protection seriously and have implemented appropriate technical and organizational measures to safeguard your personal data from unauthorized access, alteration, or disclosure.
8. Sharing Your Data
We do not sell or share your personal data with third parties, except as necessary to provide our services (e.g., trusted service providers) or as required by law.
9. International Data Transfers
If we transfer your personal data outside the European Economic Area (EEA), we ensure that adequate safeguards are in place to protect your data in accordance with GDPR requirements.
10. Cookies and Tracking
Our website uses cookies and similar tracking technologies to enhance your experience. For more details, please refer to our Cookie Policy.
11. Filing a Complaint
If you believe your data rights have been violated, you have the right to file a complaint with your local data protection authority.
12. Changes to This Policy
We may update this GDPR policy from time to time. Any changes will be posted on this page with the updated “Last updated” date.
Contact Us
For any questions or concerns regarding this GDPR policy, or to exercise your rights, please contact us at:
Email: [email protected]