GDPR - Jord

GDPR Privacy Notice

Last Updated: [Insert Date]

1. Introduction

This Privacy Notice outlines how [Your Company Name] ("we," "us," or "our") collects, uses, processes, and protects the personal data of individuals within the European Economic Area (EEA), United Kingdom, and Switzerland, in compliance with the General Data Protection Regulation (GDPR).

This notice applies to personal data collected through our website, [www.yourwebsite.com], its subdomains, and any related services (collectively, the "Services"). By using our Services, you acknowledge that you have read and understood this Privacy Notice.

2. Who We Are (The Data Controller)

For the purpose of GDPR, the data controller is:

[Your Company Name]
[Your Company's Registered Address]
[Country]

For any data protection inquiries, you can contact our Data Protection representative at:
Email: [privacy@yourwebsite.com]

3. Key Definitions

Personal Data: Any information relating to an identified or identifiable natural person (a "Data Subject"). This includes, but is not limited to, name, email address, IP address, and location data.
Processing: Any operation performed on Personal Data, such as collection, recording, storage, use, disclosure, or erasure.
Data Controller: The entity that determines the purposes and means of processing Personal Data.
Data Processor: The entity that processes Personal Data on behalf of the Data Controller.

4. The Personal Data We Collect

We collect Personal Data in the following ways:

A. Data You Provide to Us Voluntarily:

When you use our contact forms, request a service, or communicate with us directly, we may collect:

Identity Data: Full name.
Contact Data: Email address, phone number, physical address.
Professional Data: Company name, job title, website URL.
Inquiry Data: Information you provide regarding your project or service needs.

B. Data We Collect Automatically:

When you browse our website, we may automatically collect:

Technical Data: IP address, browser type and version, device type, operating system, and language preferences.
Usage Data: Pages you visited, time and date of your visit, time spent on pages, and referral sources.

5. Lawful Basis for Processing

We only process your Personal Data when we have a valid legal basis to do so under GDPR. These include:

Consent: Where you have given us clear and explicit consent for a specific purpose (e.g., subscribing to our newsletter).
Contractual Necessity: Where processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract (e.g., providing a quote or delivering a service you ordered).
Legal Obligation: Where processing is necessary for us to comply with the law (e.g., for tax or financial reporting).
Legitimate Interests: Where processing is necessary for our legitimate interests or the legitimate interests of a third party, provided your fundamental rights and freedoms are not overridden. Our legitimate interests include improving our website, analyzing user trends, preventing fraud, and marketing our services.

6. How We Use Your Personal Data

We use your Personal Data for the following purposes, linked to their lawful basis:

To Provide Our Services: To fulfill our contractual obligations to you. (Basis: Contractual Necessity)
To Communicate With You: To respond to your inquiries and provide customer support. (Basis: Contractual Necessity / Legitimate Interests)
To Improve Our Website: To analyze usage data to enhance user experience and functionality. (Basis: Legitimate Interests)
For Marketing Communications: To send you promotional content, newsletters, or offers only if you have given your explicit consent. (Basis: Consent)
For Legal and Security Purposes: To comply with legal requirements and to protect the security and integrity of our Services. (Basis: Legal Obligation / Legitimate Interests)

7. Cookies and Tracking Technologies

Our website uses cookies. We differentiate between Essential Cookies (necessary for the website to function) and Non-Essential Cookies (for analytics, marketing, and personalization).

We will not place Non-Essential Cookies on your device without your explicit consent, which you can manage through our cookie consent banner. You can withdraw your consent or change your preferences at any time. Our website uses Google Analytics to analyze traffic; this is subject to your consent for analytics cookies.

8. Your Rights as a Data Subject

Under GDPR, you have the following rights regarding your Personal Data:

The Right of Access: You can request a copy of the Personal Data we hold about you.
The Right to Rectification: You can request that we correct any inaccurate or incomplete Personal Data.
The Right to Erasure (The 'Right to be Forgotten'): You can request that we delete your Personal Data, under certain conditions.
The Right to Restrict Processing: You can request that we limit the processing of your Personal Data, under certain conditions.
The Right to Data Portability: You can request that we transfer the data we have collected to another organization, or directly to you, in a structured, machine-readable format.
The Right to Object: You can object to our processing of your Personal Data where we rely on legitimate interests as our legal basis.
The Right to Withdraw Consent: You can withdraw your consent at any time where consent is our lawful basis for processing. This will not affect the lawfulness of processing based on consent before its withdrawal.
The Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority in your member state of residence.

To exercise any of these rights, please contact us at [privacy@yourwebsite.com]. We may need to verify your identity before processing your request.

9. Data Sharing and Transfers

We do not sell, rent, or trade your Personal Data. We may share your data with trusted third-party service providers (Data Processors) who assist us in operating our website and business, such as hosting providers or analytics services. These processors are contractually obligated to protect your data.

International Transfers: If we transfer your Personal Data outside the EEA or UK, we will ensure it is protected by implementing appropriate safeguards, such as Adequacy Decisions from the European Commission or by using Standard Contractual Clauses (SCCs).

10. Data Security

We have implemented appropriate technical and organizational security measures to protect your Personal Data from accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. However, no method of transmission over the Internet is 100% secure.

11. Data Retention

We will retain your Personal Data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period, we consider the amount, nature, and sensitivity of the data, the potential risk of harm from unauthorized use, the purposes for which we process it, and applicable legal requirements.

12. Children's Data

Our Services are not intended for children, and we do not knowingly collect Personal Data from individuals under the age of 16. If you believe we have inadvertently collected data from a child, please contact us immediately so we can take steps to delete it.

13. Links to Third-Party Websites

Our website may contain links to other websites not operated by us. This Privacy Notice does not apply to those third-party websites. We encourage you to review the privacy policies of any third-party site you visit.

14. Changes to This Privacy Notice

We may update this Privacy Notice from time to time. We will notify you of any changes by posting the new notice on this page and updating the "Last Updated" date. We encourage you to review this page periodically for any changes.

15. Contact Us

If you have any questions about this GDPR Privacy Notice or our data protection practices, please contact us:

Email: [privacy@yourwebsite.com]
Website: [www.yourwebsite.com/contact]