General Data Protection Regulations
The EU General Data Protection Regulation (GDPR) is a legal requirement in the UK and across the European Union. It combines many current data sharing requirements into a single legislation and allows persons to have more control over how their personal data is stored and distributed. Please find more information on the International Commissioners Office site and their Guide To GDPR.
Data controllers, such as Coloured Contacts (Arcadant B.V.), must now prove their awareness of the importance of protecting personally identifiable data. Persons providing their data to processors must be made aware of how their data is being used and stored before the information is disclosed. GDPR requires data processors such as Coloured Contacts to give absolute clarity on how information is being stored and how data is used.
Our Commitment to GDPR Responsibilities
We are committed to being GDPR compliant and have many processes in place to ensure that our customers’ data is dealt with in a safe and proper manner. Data provided to Arcadant B.V. will be used in the interest of helping customers to complete their orders successfully and officially. Data kept past the point of successful delivery will be used for remarketing purposes (if the client has opted in) or to improve the experience for returning customers.
To promote further transparency, we have also made sure to provide our customers with an extensive list of the processes and software in which their data may come into contact with once it is has been inputted onto our website.
Our Commitment to Your Individual Rights
As the owner and subject of the data in question, you have certain rights and control over the details you input into www.colouredcontacts.com. As the data controller of information provided, we are required to uphold your right to the following conditions:
- Right to be forgotten: you can request for your data to be immediately removed from our database and servers with all your information being completely removed and you being notified of this successful deletion.
- Right to object: this allows customers to opt-out of certain actions or processes that they do not want their data to be a part of. Customers are free to opt-in and opt-out of marketing and correspondence at any time.
- Right to rectification: you are able to amend and update any information that you believe to be incorrect or no longer valid. This includes but not limited to, change of address or name. This promotes accuracy of our customer information, increasing its validity.
- Right to access: this permits you to have full transparency and control over how your data is handled. You are able to request additional information on what data is being stored and for what purposes. It is our obligation to provide you with this information in full.
- Right to portability: this allows you to request your data be transferred between controllers. When requested, we will be able to aid the transfer of your personal information to another data processor. This involves providing your information in a machine-friendly format.