Book Your Free Consultation

GDPR Compliance Policy

Last updated: 04/10/2024

1. Introduction

At ShamsGuide (“we”), we are committed to protecting the personal data of our European Union (EU) visitors and customers in compliance with the General Data Protection Regulation (GDPR). This policy explains how we collect, process, and protect personal data from individuals in the EU.

2. Key Definitions

  • Personal Data: Any information relating to an identified or identifiable natural person (‘data subject’).
  • Data Controller: ShamsGuide, determining the purposes and means of processing personal data.
  • Data Processor: Third parties who process personal data on behalf of ShamsGuide.
  • Data Subject: Any EU resident whose personal data we process.

3. Data Protection Principles

We adhere to the following principles when processing personal data:

  1. Lawfulness, fairness, and transparency
  2. Purpose limitation
  3. Data minimization
  4. Accuracy
  5. Storage limitation
  6. Integrity and confidentiality
  7. Accountability

4. Legal Bases for Processing

We process personal data under the following legal bases:

4.1 Consent

  • When you opt-in to receive our newsletter
  • When you choose to leave comments on our blog
  • When you agree to cookie usage

4.2 Contractual Necessity

  • When processing your payment for products or services
  • When creating and managing your user account

4.3 Legitimate Interests

  • To improve our website and services
  • For analytics and fraud prevention
  • For direct marketing to business contacts

4.4 Legal Obligation

  • To comply with tax laws
  • To respond to legal requests from authorities

5. Data We Collect and Process

5.1 Data Categories

We collect and process the following categories of personal data:

CategoryExamplesLegal BasisRetention Period
Identity DataName, usernameConsent, ContractDuration of account
Contact DataEmail, phone numberConsent, ContractDuration of account
Technical DataIP address, browser typeLegitimate Interest26 months
Usage DataPage views, time spentLegitimate Interest26 months
Marketing DataPreferences, responsesConsentUntil consent withdrawn

5.2 Special Categories of Data

We do not intentionally collect or process special categories of personal data (sensitive data).

6. Your Rights Under GDPR

As a data subject, you have the following rights:

  1. Right to be informed
  • We provide this information through this policy and related notices
  1. Right of access
  • You can request a copy of your personal data
  1. Right to rectification
  • You can request corrections to your personal data
  1. Right to erasure
  • You can request the deletion of your personal data
  1. Right to restrict processing
  • You can request limits on how we use your data
  1. Right to data portability
  • You can request a machine-readable copy of your data
  1. Right to object
  • You can object to certain types of processing
  1. Rights related to automated decision-making
  • We do not perform automated decision-making

To exercise any of these rights, please contact our Data Protection Officer at [DPO Email].

7. Data Protection Measures

We implement appropriate technical and organizational measures to ensure data security, including:

  • Encryption of data in transit and at rest
  • Regular security assessments
  • Access controls and authentication
  • Staff training on data protection
  • Data processing agreements with third parties

8. International Data Transfers

When we transfer personal data outside the EU, we ensure adequate safeguards are in place:

  • Standard Contractual Clauses
  • Adequacy decisions by the European Commission
  • Privacy Shield certification (where applicable)

10. Cookies and Tracking

We use cookies and similar technologies. Our approach to cookies is:

10.1 Essential Cookies

  • Purpose: Website functionality
  • Legal basis: Legitimate interest

10.2 Analytics Cookies

  • Purpose: Understanding user behavior
  • Legal basis: Consent

10.3 Marketing Cookies

  • Purpose: Targeted advertising
  • Legal basis: Consent

11. Data Breaches

In the event of a data breach that risks the rights and freedoms of individuals, we will:

  1. Notify the appropriate supervisory authority within 72 hours
  2. Inform affected individuals without undue delay
  3. Document the breach and our response

12. Data Protection Impact Assessments

We conduct Data Protection Impact Assessments (DPIA) when:

  • Using new technologies
  • Processing on a large scale
  • Processing sensitive data

13. Data Protection Officer

Our Data Protection Officer can be contacted at:

  • Email: [DPO Email]
  • Phone: [DPO Phone]
  • Address: [DPO Address]

14. Supervisory Authority

You have the right to complain with a supervisory authority. Find your national data protection authority here: [Link to EU DPA list]

15. Changes to This Policy

We may update this policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the “Last updated” date.

16. Contact Us

For any GDPR-related queries, please contact:

  • Our Data Protection Officer: Mr Gbolahan. A
  • By mail: info@shamsguide.com
Shamsguide.com logo.

Empowering Local Businesses Through Digital Strategy, Transforming Online Potential into Sustainable Growth

Brouse

Privacy

Legal

Sign up for Newsletter

Contact

Linkedin X-twitter

 © 2024 | ShamGuide.com