GDPR

GDPR Compliance for Underwinds

Effective Date: [Insert Date]

At Underwinds, we take your privacy seriously and are committed to ensuring that your personal data is handled in a secure and responsible manner. This GDPR Compliance page outlines how we collect, store, process, and protect your personal data in accordance with the General Data Protection Regulation (GDPR).

If you are a resident of the European Union (EU) or the European Economic Area (EEA), this page explains your rights under the GDPR, and how you can exercise them when interacting with our website and services.

1. Data Controller

The data controller for Underwinds, responsible for your personal data, is:

BETTERRANK SEO LLC
Website: underwinds.com
Email: contact@underwinds.com
Address: 212 N. 2nd St., STE 100, Richmond, KY 40475, USA

2. Types of Personal Data We Collect

We collect and process the following types of personal data to provide our services:

  • Personal Identification Information: Name, email address, phone number, billing and shipping address.
  • Payment Information: Credit card details and other payment methods (processed securely by third-party payment processors like PayPal, Stripe, etc.).
  • Account Data: Username, password, and purchase history when you create an account on our website.
  • Technical Data: IP address, browser type, device information, and cookies (see our Cookie Policy for more details).
  • Communication Data: Emails, feedback, inquiries, and customer service interactions.

3. How We Use Your Data

We collect your personal data for the following purposes:

  • Order Processing and Delivery: To fulfill orders, process payments, and deliver your furniture to the correct address.
  • Customer Support: To respond to inquiries, resolve issues, and provide assistance.
  • Marketing and Promotions: To send you marketing communications (only if you have opted-in for newsletters or promotions).
  • Improvement of Services: To analyze your use of our website and improve our products, services, and user experience.
  • Legal and Compliance: To comply with legal obligations and protect our rights, including fraud prevention.

4. Legal Basis for Processing Your Data

Under the GDPR, we process your personal data based on the following legal grounds:

  • Performance of a Contract: Processing is necessary to fulfill your purchase or provide services to you.
  • Consent: You have given us explicit consent (e.g., when subscribing to our newsletter).
  • Legitimate Interests: We may process personal data where it’s necessary for our legitimate interests (e.g., improving our website and marketing communications), provided these interests do not override your rights and freedoms.
  • Legal Obligation: Processing is required to comply with legal obligations (e.g., tax or regulatory requirements).

5. How We Protect Your Data

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, alteration, and disclosure. This includes the use of secure servers, encryption, and third-party payment processors that comply with industry standards.

However, no method of data transmission over the internet or electronic storage is completely secure. While we strive to protect your personal data, we cannot guarantee its absolute security.

6. How Long We Retain Your Data

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy, including for legal, accounting, or reporting requirements.

  • Customer Data: Your personal data will be retained for as long as your account is active or as long as needed to provide services. If you request deletion of your account, we will retain minimal information as required by law.
  • Transaction Data: Order and transaction data will be stored for a period of 7 years for tax and accounting purposes.

Once your data is no longer necessary, we will securely delete or anonymize it.

7. Your Rights Under the GDPR

As a user located in the EU or EEA, you have several rights under the GDPR with regard to your personal data:

  • Right to Access: You have the right to request a copy of the personal data we hold about you.
  • Right to Rectification: You have the right to correct any inaccurate or incomplete data we hold about you.
  • Right to Erasure ("Right to be Forgotten"): You can request the deletion of your personal data under certain conditions, such as when data is no longer necessary for the purposes for which it was collected.
  • Right to Restriction of Processing: You can request that we restrict the processing of your personal data under certain conditions.
  • Right to Data Portability: You can request to receive your personal data in a commonly used format so that you can transfer it to another data controller.
  • Right to Object: You can object to the processing of your data for direct marketing purposes or for legitimate interests.
  • Right to Withdraw Consent: If you have given us consent to process your personal data, you can withdraw it at any time. This will not affect the lawfulness of processing before the withdrawal.

To exercise any of these rights, please contact us at contact@underwinds.com. We will respond to your request as quickly as possible and in accordance with applicable law.

8. Sharing Your Data

We do not sell or rent your personal data to third parties. However, we may share your data with trusted third-party service providers who assist us in operating our business and providing services to you. These may include:

  • Payment Processors: To handle transactions securely (e.g., PayPal, Stripe).
  • Shipping and Delivery Partners: To deliver products to your address.
  • Analytics and Marketing Providers: To help us improve our website, products, and marketing efforts.

All third-party providers are required to protect your data and use it solely for the purposes for which it was shared. We ensure that these third parties comply with the GDPR and applicable data protection laws.

9. Cookies

Our website uses cookies to improve your browsing experience, analyze website traffic, and provide personalized content. By using our site, you consent to the use of cookies as described in our Cookie Policy. You can control cookies through your browser settings.

10. International Data Transfers

As Underwinds is based in the United States, your personal data may be transferred outside the EU/EEA to our servers or to our third-party service providers located in countries that may not offer the same level of data protection as in the EU/EEA. In such cases, we ensure that appropriate safeguards are in place, such as using standard contractual clauses or relying on the EU-U.S. Privacy Shield Framework.

11. Changes to This Privacy Policy

We may update this GDPR Compliance page from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. Any changes will be posted on this page, and the Effective Date will be updated accordingly.

12. Contact Us

If you have any questions or concerns about how we handle your personal data, or if you wish to exercise your rights under the GDPR, please contact us at:

BETTERRANK SEO LLC
Email: contact@underwinds.com
Address: 212 N. 2nd St., STE 100, Richmond, KY 40475, USA