GDPR Compliance Statement

Effective Date: January 1, 2026

Our Commitment to GDPR

ImmuSwindl Clothes is committed to protecting the privacy and security of your personal data in accordance with the General Data Protection Regulation (GDPR). This statement outlines how we comply with GDPR requirements.

Legal Basis for Processing

We process your personal data based on the following legal grounds:

  • Contractual necessity: To fulfill orders and provide services you've requested
  • Legitimate interests: To improve our services and prevent fraud
  • Consent: For marketing communications and optional data collection
  • Legal obligation: To comply with applicable laws and regulations

Your GDPR Rights

Under GDPR, you have the following rights:

Right to Access

You have the right to request a copy of the personal data we hold about you.

Right to Rectification

You can request correction of inaccurate or incomplete personal data.

Right to Erasure

You can request deletion of your personal data under certain circumstances.

Right to Restrict Processing

You can request that we limit how we use your personal data.

Right to Data Portability

You can request to receive your data in a structured, commonly used format.

Right to Object

You can object to processing of your personal data for marketing purposes or based on legitimate interests.

Rights Related to Automated Decision Making

You have the right not to be subject to decisions based solely on automated processing.

How to Exercise Your Rights

To exercise any of your GDPR rights, please contact us at:

Email: [email protected]
Subject line: "GDPR Request"

We will respond to your request within 30 days.

Data Protection Officer

For questions about our data protection practices, you may contact our Data Protection Officer at [email protected].

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including:

  • Order and transaction records: 7 years (for accounting and legal purposes)
  • Marketing data: Until you withdraw consent
  • Account data: Until you request deletion or close your account

International Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA). We ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses approved by the European Commission
  • Adequacy decisions for countries with equivalent data protection standards
  • Other legally recognized transfer mechanisms

Data Security Measures

We implement appropriate technical and organizational measures to protect your personal data, including:

  • Encryption of data in transit and at rest
  • Access controls and authentication
  • Regular security assessments
  • Staff training on data protection

Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will notify you and the relevant supervisory authority within 72 hours of becoming aware of the breach.

Complaints

If you believe we have not complied with GDPR, you have the right to lodge a complaint with your local data protection authority.

Updates to This Statement

We may update this GDPR compliance statement to reflect changes in our practices or legal requirements. Updates will be posted on this page with a revised effective date.

Contact Information

ImmuSwindl Clothes
427 Burrard Street
Vancouver, BC V6C 3N1
Canada
Email: [email protected]