GDPR Compliance Page for Norwich Direct
Last Updated: Sept 2023
Welcome to Norwich Direct at Ez Accessories. This GDPR Compliance Page outlines how we collect, use, and protect personal data in compliance with the General Data Protection Regulation (GDPR). We are committed to safeguarding the privacy and rights of individuals who visit our website and use our services.
2. Data Controller
2.1. Identity:Norwich Direct at Ez Accessories 2.2. Contact: Norwich Direct at Ez Accessories 2.3. Data Protection Officer (DPO): Norwich Direct at Ez Accessories 2.4. Supervisory Authority: If you believe your data protection rights have been violated, you have the right to lodge a complaint with the relevant data protection authority. In UK, the supervisory authority is UK.
3. Personal Data We Collect
3.1. Information You Provide: We collect personal data that you voluntarily provide when using our website, such as name, email address, and contact information.
3.2. Automatically Collected Information: We may collect information about your device, browsing behavior, and usage of our website through cookies and similar technologies. Please refer to our Cookies Policy for more details.
4. Purposes of Data Processing
We process personal data for the following purposes:
4.1. Providing Services: To provide and maintain our website, offer products and services, process transactions, and fulfill orders.
4.2. Communication: To respond to inquiries, provide customer support, and send transactional and promotional emails.
4.3. Legal Obligations: To comply with legal obligations, including tax and accounting requirements.
5. Lawful Basis for Processing
We process personal data based on one or more of the following lawful bases:
5.1. Contractual Necessity: Processing is necessary to perform a contract with you or take pre-contractual steps at your request.
5.2. Consent: We may seek your explicit consent for specific processing activities, such as marketing communications. You can withdraw your consent at any time.
5.3. Legitimate Interests: Processing is necessary for our legitimate interests, such as website analytics, fraud prevention, and improving our services.
6. Data Subject Rights
As a data subject, you have the following rights under the GDPR:
6.1. Access: You can request access to your personal data and information about how it is processed.
6.2. Rectification: You can request the correction of inaccurate or incomplete personal data.
6.3. Erasure: You can request the deletion of personal data under certain circumstances.
6.4. Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format.
6.5. Objection: You can object to the processing of personal data for direct marketing purposes or based on legitimate interests.
6.6. Withdraw Consent: If processing is based on your consent, you can withdraw it at any time.
7. Data Security
We implement security measures to protect personal data against unauthorized access, disclosure, alteration, or destruction. We regularly review and update our security practices to ensure the ongoing integrity and confidentiality of your data.
8. International Data Transfers
We may transfer personal data outside the European Economic Area (EEA) to third-party service providers. When doing so, we ensure appropriate safeguards are in place to protect your data, such as standard contractual clauses or Privacy Shield certification.
9. Data Retention
We retain personal data for as long as necessary to fulfill the purposes outlined in this GDPR Compliance Page, unless a longer retention period is required or permitted by law.
10. Changes to this GDPR Compliance Page
We may update this GDPR Compliance Page to reflect changes in our data handling practices or legal requirements. Any changes will be posted on this page, and the “Last Updated” date at the beginning of this page will be revised accordingly.
11. Contact Us
If you have any questions or concerns about our GDPR compliance or your data privacy rights, please contact us