Effective Date: August 2024
At Divsly, we are committed to protecting the privacy and security of our users, particularly those located in the European Union (EU). This GDPR Compliance section outlines your rights under the General Data Protection Regulation (GDPR) and explains how we handle your personal data in accordance with these regulations.
1. Your Rights Under GDPR
If you are an EU resident, you have the following rights regarding your personal data:
1.1. Right to Access
You have the right to request access to the personal data we hold about you, including information on how your data is processed and the purposes for processing.
1.2. Right to Rectification
If you believe that the personal data we hold about you is inaccurate or incomplete, you have the right to request correction or completion of your data.
1.3. Right to Erasure (Right to be Forgotten)
You have the right to request the deletion of your personal data when it is no longer necessary for the purposes for which it was collected, or if you withdraw your consent to our data processing.
1.4. Right to Restrict Processing
You have the right to request that we restrict the processing of your personal data in certain circumstances, such as when you contest the accuracy of the data or object to the processing.
1.5. Right to Data Portability
You have the right to request a copy of your personal data in a structured, commonly used, and machine-readable format, and to transfer that data to another data controller where technically feasible.
1.6. Right to Object
You have the right to object to the processing of your personal data based on legitimate interests or direct marketing purposes.
1.7. Right to Withdraw Consent
If we are processing your personal data based on your consent, you have the right to withdraw that consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
1.8. Right to Lodge a Complaint
If you believe that our processing of your personal data violates GDPR, you have the right to lodge a complaint with a supervisory authority, particularly in the EU Member State of your habitual residence, place of work, or place of the alleged infringement.
2. How We Process Your Data
2.1. Legal Basis for Processing
We process your personal data based on the following legal grounds:
- Contractual Necessity: To fulfill the contract we have with you, such as providing you with our Services.
- Legitimate Interests: For purposes such as improving our Services, securing our platform, and communicating with you, provided these interests are not overridden by your rights and interests.
- Consent: Where you have provided consent for specific processing activities, such as marketing communications.
2.2. Data Collection and Use
We collect and process your personal data as described in our Privacy Policy, including data you provide to us and data we collect automatically through cookies and similar technologies.
2.3. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, to comply with legal obligations, or to resolve disputes and enforce our agreements.
3. Data Transfers Outside the EU
As Divsly is based outside of the EU, your personal data may be transferred to and processed in countries outside the European Economic Area (EEA). We ensure that such transfers are conducted in compliance with GDPR and that appropriate safeguards are in place to protect your data.
These safeguards may include:
- Standard Contractual Clauses: We may rely on standard contractual clauses approved by the European Commission for the transfer of data outside the EEA.
- Privacy Shield: Where applicable, we may transfer data to organizations in the United States that are certified under the EU-U.S. Privacy Shield framework.
4. How to Exercise Your Rights
To exercise any of your rights under GDPR, please contact us at:
Divsly Inc, 8128 W 124th St
Overland Park
KS 66213, USA
Please include "GDPR Request" in the subject line of your email and provide us with sufficient information to verify your identity. We will respond to your request within one month, although this period may be extended by two further months where necessary, taking into account the complexity and number of requests.
5. Updates to This GDPR Compliance Notice
We may update this GDPR Compliance notice from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any significant changes by posting the updated notice on our Site and updating the "Effective Date" above.
