GDPR Compliance Policy

Introduction
We are committed to ensuring that all personal data processed by our company is handled in compliance with the General Data Protection Regulation (GDPR) applicable in the European Union. This policy outlines the measures we take to safeguard personal data, the rights of data subjects, and our responsibilities as a data controller and processor. Our goal is to maintain transparency, accountability, and lawful handling of all personal data collected through our services.

Scope
This GDPR Compliance Policy applies to all data processing activities carried out by our company within the European Union, including data collected through online services, customer interactions, and any third-party service providers acting on our behalf. It covers personal data of customers, employees, contractors, and any other individuals whose data we may process.

Data Processing Principles
We adhere to the following key principles when processing personal data:

1. Lawfulness, fairness, and transparency – Data is processed legally and fairly, with clear communication to data subjects.
2. Purpose limitation – Data is collected only for specific, legitimate purposes and not used in ways incompatible with these purposes.
3. Data minimization – Only data that is necessary for the intended purpose is collected and processed.
4. Accuracy – We ensure that personal data is accurate, complete, and up to date.
5. Storage limitation – Personal data is kept only for as long as necessary for the purpose for which it was collected.
6. Integrity and confidentiality – Personal data is processed securely to prevent unauthorized access, alteration, or disclosure.

Data Subject Rights
Under the GDPR, individuals have the following rights regarding their personal data:

• The right to be informed about how their data is processed.
• The right to access personal data held by our company.
• The right to rectification of inaccurate or incomplete data.
• The right to erasure (“right to be forgotten”) in specific circumstances.
• The right to restrict processing under certain conditions.
• The right to data portability, enabling the transfer of data to another provider.
• The right to object to data processing, including for direct marketing purposes.
• The right not to be subject to automated decision-making that produces legal or significant effects.

Legal Basis for Processing
We process personal data only when there is a lawful basis under GDPR, including:

• Consent provided explicitly by the data subject.
• Necessity for the performance of a contract with the data subject.
• Compliance with a legal obligation.
• Protection of vital interests of the data subject or another individual.
• Performance of tasks carried out in the public interest or in the exercise of official authority.
• Legitimate interests pursued by our company or a third party, provided that such interests are not overridden by the rights of the data subject.

Data Security Measures
To protect personal data, we implement appropriate technical and organizational measures, including:

• Encryption of sensitive data during storage and transmission.
• Access controls limiting personal data access to authorized personnel only.
• Regular security audits and monitoring of systems handling personal data.
• Staff training on GDPR compliance and data protection best practices.
• Secure data disposal procedures when data is no longer needed.

Data Breach Notification
In the event of a personal data breach, we will:

• Notify the relevant supervisory authority within 72 hours if the breach poses a risk to individuals’ rights and freedoms.
• Communicate with affected data subjects without undue delay if the breach is likely to result in high risk to their rights and freedoms.
• Take corrective measures to contain and remediate the breach, and prevent future occurrences.

Third-Party Processors
We ensure that all third-party service providers acting on our behalf comply with GDPR requirements. Data processing agreements are in place with such providers, clearly defining the responsibilities and obligations for data protection.

Review and Updates
This GDPR Compliance Policy is reviewed periodically to ensure ongoing compliance with applicable European data protection laws and Google Merchant Center requirements. Updates will be implemented as necessary to reflect changes in legislation, operational practices, or regulatory guidance.

Contact Information
For questions or requests regarding this GDPR Compliance Policy or your personal data, please contact our Data Protection Officer at:

Teléfono: +1 (347) 337-5268

Correo electrónico:solutions@valvortiqal.com

Dirección: 306 W Samuel St,Assumption,IL 62510,DOB:10/06/1982

Horario de atención: Lunes a viernes, de 9:00 a 18:00 (Hora Central Europea)