GDPR Compliance

Our commitment to protecting your data rights

Overview

Although Arenn-poqer operates primarily in Canada, we recognize the importance of the General Data Protection Regulation and are committed to respecting the data rights of all individuals, regardless of location.

Legal Basis for Processing

We process personal data based on one or more of the following legal grounds:

  • Consent: You have given clear permission for us to process your information for specific purposes
  • Contract: Processing is necessary to fulfill our service agreement with you
  • Legal obligation: We must process your data to comply with applicable laws
  • Legitimate interests: Processing serves our business interests while respecting your rights and freedoms

Your Data Protection Rights

Under data protection regulations, you are entitled to:

  • Right to access: Request copies of your personal information that we hold
  • Right to rectification: Ask us to correct information you believe is inaccurate or incomplete
  • Right to erasure: Request deletion of your personal data under certain circumstances
  • Right to restrict processing: Ask us to limit how we use your information
  • Right to data portability: Receive your data in a structured, commonly used format
  • Right to object: Oppose certain types of processing, including direct marketing
  • Rights related to automated decision-making: Protection from decisions made solely by automated processes

How to Exercise Your Rights

To make a request regarding your personal data, please contact us at [email protected]. We will respond to your request within 30 days. There is no fee for most requests, though we may charge a reasonable fee for excessive or repetitive requests.

When you contact us, please provide enough detail to help us locate your information and verify your identity.

Data Transfers

Your information may be processed in Canada or other jurisdictions where our service providers operate. When transferring data internationally, we ensure appropriate safeguards are in place to protect your information in accordance with data protection standards.

Data Security Measures

We implement technical and organizational measures designed to protect your personal data against unauthorized access, loss, or alteration. These include:

  • Encryption of sensitive information during transmission
  • Access controls limiting who can view your data
  • Regular security assessments and updates
  • Staff training on data protection principles

Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will notify affected individuals and relevant authorities as required by law, typically within 72 hours of becoming aware of the breach.

Children's Privacy

Our services are not directed to individuals under 16 years of age. We do not knowingly collect personal information from children. If you believe we have inadvertently collected such information, please contact us immediately.

Retention Periods

We keep your personal data only as long as necessary for the purposes outlined in our privacy policy. Retention periods vary depending on the type of information and legal requirements, but generally include:

  • Project-related data: Retained for the duration of the project plus seven years for legal and warranty purposes
  • Marketing communications: Until you unsubscribe or request deletion
  • Website analytics: Typically retained for up to two years

Supervisory Authority

If you are located in the European Economic Area and believe we have not addressed your concerns adequately, you have the right to lodge a complaint with your local data protection supervisory authority.

Updates to This Notice

We may revise this GDPR compliance statement from time to time to reflect changes in our practices or legal requirements. Significant changes will be communicated through our website.

Contact Information

For questions about our data protection practices or to exercise your rights, please contact us at [email protected].