Foxbee BB LTD GDPR Compliance Statement
At Foxbee BB LTD, we are committed to protecting the privacy and personal data of our customers in accordance with the General Data Protection Regulation (GDPR). This statement outlines our efforts to ensure GDPR compliance and our commitment to safeguarding the personal information of individuals using our e-commerce website.
Lawful Basis for Data Processing:
We only process personal data when we have a lawful basis to do so. This includes the necessity of processing for the performance of a contract, compliance with legal obligations, protection of vital interests, consent, and legitimate interests pursued by Foxbee BB LTD or a third party.
Data Collection and Usage:
We collect and process personal data for specific and legitimate purposes related to our e-commerce services. This includes, but is not limited to, order fulfillment, customer support, account management, and marketing communication (with explicit consent).
Transparency and Consent:
We strive to be transparent about the personal data we collect and how it is used. We provide clear information to individuals regarding the purposes of data processing and seek their explicit consent when required. Users have the right to withdraw their consent at any time.
Data Minimization and Retention:
We only collect and retain personal data that is necessary for the purpose it was collected. We store personal data for the duration required to fulfill the intended purpose or as long as legally required. When personal data is no longer needed, we ensure secure and permanent deletion.
Data Security and Confidentiality:
We maintain appropriate technical and organizational measures to protect personal data from unauthorized access, alteration, disclosure, or destruction. Our systems are regularly tested and audited to ensure the highest level of security. We have confidentiality agreements in place with our employees and third-party service providers who may have access to personal data.
Data Subject Rights:
We respect the rights of data subjects as outlined in the GDPR. This includes the right to access, rectify, erase, restrict processing, data portability, and object to the processing of personal data. We provide mechanisms for individuals to exercise their rights and respond to requests promptly.
Third-Party Service Providers:
We carefully select and review our third-party service providers to ensure they meet the required GDPR standards. Data processing agreements are in place with these providers to safeguard personal data.
International Data Transfers:
In the event of international data transfers, we ensure appropriate safeguards are in place, such as standard contractual clauses or compliance with an approved certification mechanism.
Data Breach Notification:
In the event of a data breach that may result in a risk to the rights and freedoms of individuals, we will promptly notify the relevant supervisory authorities and affected individuals, as required by the GDPR.
We continuously monitor and assess our data processing activities to ensure ongoing GDPR compliance. Our internal policies and procedures are regularly reviewed and updated to reflect changes in regulations and best practices.