At ArtReferencePoint.com, we are committed to protecting the privacy and personal data of our users. We adhere to the principles of the General Data Protection Regulation (GDPR) for all individuals within the European Economic Area (EEA). This GDPR Compliance Statement outlines how we collect, use, and handle your personal information in compliance with the GDPR.
Legal Basis for Processing Personal Data
We collect and process personal data based on the following legal bases:
Consent: When you provide us with your explicit consent to process your personal data for specific purposes.
Contractual Necessity: When processing your personal data is necessary for the performance of a contract or to take pre-contractual steps at your request.
Legal Obligation: When we are legally required to process your personal data.
Legitimate Interests: When processing your personal data is based on our legitimate interests or the legitimate interests of a third party, provided that such interests are not overridden by your rights and interests.
Rights of Data Subjects
As a data subject under the GDPR, you have the following rights:
Right to Access: You have the right to request access to the personal data we hold about you.
Right to Rectification: You have the right to request correction or completion of inaccurate or incomplete personal data.
Right to Erasure: You have the right to request the deletion of your personal data under certain circumstances.
Right to Restriction of Processing: You have the right to request the restriction of processing your personal data under certain circumstances.
Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format and transmit it to another controller.
Right to Object: You have the right to object to the processing of your personal data under certain circumstances, including for direct marketing purposes.
Right to Withdraw Consent: If we process your personal data based on your consent, you have the right to withdraw your consent at any time.
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, or reporting requirements. Once the data is no longer needed, we will securely delete or anonymize it.
We implement appropriate technical and organizational measures to ensure the security and confidentiality of your personal data, including protection against unauthorized access, disclosure, alteration, or destruction.
If you have any questions, requests, or concerns regarding our GDPR compliance or the processing of your personal data, please contact us at firstname.lastname@example.org