GENERAL DATA PROTECTION REGULATION
How Shuttlerock complies with GDPR
Effective: 25 May 2018
Last Updated: 01 May 2020
As we’ve grown, our focus on protecting the data and privacy of users has remained our highest priority.
On May 25th 2018, the General Data Protection Regulation (GDPR) came into force. The GDPR is designed to reshape the way organisations across the world approach data privacy, especially across the EU. While the GDPR is a piece of EU legislation, it applies to any business that handles personal data in the EU and grants certain rights to individuals whose personal information has been collected. The availability of these rights and the ways in which you can use them are set out below in more detail.
Some of these rights will only apply in certain circumstances. If you would like to exercise, or discuss, any of these rights, please contact us at firstname.lastname@example.org.
Access: you are entitled to ask us if we are processing your data and, if we are, you can request access to your personal data. This enables you to receive a copy of the personal data we hold about you and certain other information about it;
Correction: you are entitled to request that any incomplete or inaccurate personal data we hold about you is corrected;
Erasure: you are entitled to ask us to delete or remove personal data in certain circumstances. There are also certain exceptions where we may refuse a request for erasure, for example, where the personal data is required for compliance with law or in connection with claims;
Restriction: you are entitled to ask us to suspend the processing of certain of your personal data about you, for example if you want us to establish its accuracy or the reason for processing it;
Transfer: in certain circumstances you may request the transfer of certain of your personal data to another party;
Objection: where we are processing your personal data based on a legitimate interest (or those of a third party) you may challenge this. You also have the right to object where we are processing your personal information for direct marketing purposes;
Automated decisions: you may contest any automated decision made about you where this has a legal or similar significant effect and ask for it to be reconsidered; and
Consent: where we are processing personal data with consent, you can withdraw your consent.
You also have a right to lodge a complaint with a data protection supervisory authority, in particular in the Member State in the European Union where you are habitually resident or where an alleged infringement of Data Protection law has taken place.