GDPR Compliance

The General Data Protection Regulation (GDPR) is a European Union regulation that governs data protection and privacy for individuals within the European Economic Area (EEA). It also addresses the transfer of personal data outside the EEA.

GDPR gives individuals greater control over their personal data and requires organizations to be transparent about how they collect, use, and protect personal information.

As a data subject under GDPR, you have the following rights:

• Right of Access: You can request a copy of the personal data we hold about you.
• Right to Rectification: You can request correction of inaccurate or incomplete data.
• Right to Erasure: You can request deletion of your personal data in certain circumstances.
• Right to Restrict Processing: You can request that we limit how we use your data.
• Right to Data Portability: You can request a copy of your data in a machine-readable format.
• Right to Object: You can object to processing of your personal data for certain purposes.
• Rights Related to Automated Decision-Making: You have rights regarding automated processing and profiling.

We have implemented the following measures to ensure GDPR compliance:

• Clear privacy notices explaining how we use your data
• Secure data storage and transmission
• Data minimization - we only collect what we need
• Regular security assessments and updates
• Employee training on data protection
• Data processing agreements with third-party service providers
• Procedures for handling data subject requests
• Data breach notification procedures

We process your personal data based on the following legal bases:

• Consent: When you have given clear consent for us to process your data
• Contract: When processing is necessary for the performance of a contract
• Legal Obligation: When we need to comply with a legal obligation
• Legitimate Interests: When processing is necessary for our legitimate business interests

We may transfer your personal data to countries outside the EEA. When we do so, we ensure appropriate safeguards are in place, such as:

• Standard contractual clauses approved by the European Commission
• Adequacy decisions by the European Commission
• Other appropriate safeguards as required by GDPR

To exercise any of your GDPR rights, please contact us using the information below. We will respond to your request within one month, though this may be extended by two months for complex requests.

We may need to verify your identity before processing your request to ensure the security of your personal data.

If you have any questions or concerns about our data processing practices or wish to exercise your rights, please contact our Data Protection Officer:

Email: contact@niceqrcodes.com

If you believe that we have not addressed your concerns satisfactorily, you have the right to lodge a complaint with your local data protection authority. For more information, please visit the website of your national data protection authority.

We may update this GDPR compliance statement from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the updated statement on this page.