GDPR Compliance

Last updated: 4/30/2025

1. Introduction

This GDPR Compliance statement explains how we comply with the General Data Protection Regulation (GDPR), which is a regulation in EU law on data protection and privacy for all individuals within the European Union.

2. Data Controller

For the purposes of the GDPR, we are the data controller of your personal data. This means that we determine the purposes and ways in which your personal data is processed or will be processed.

3. Legal Basis for Processing Personal Data

We process your personal data on the following legal bases:

  • Consent: You have given clear consent for us to process your personal data for a specific purpose.
  • Contract: The processing is necessary for a contract we have with you, or because you have asked us to take specific steps before entering into a contract.
  • Legal obligation: The processing is necessary for us to comply with the law.
  • Legitimate interests: The processing is necessary for our legitimate interests or the legitimate interests of a third party, unless there is a good reason to protect your personal data which overrides those legitimate interests.

4. Your Rights Under GDPR

Under the GDPR, you have the following rights:

  • Right to be informed: You have the right to be informed about the collection and use of your personal data.
  • Right of access: You have the right to request copies of your personal data.
  • Right to rectification: You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.
  • Right to erasure: You have the right to request that we erase your personal data, under certain conditions.
  • Right to restrict processing: You have the right to request that we restrict the processing of your personal data, under certain conditions.
  • Right to data portability: You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.
  • Right to object: You have the right to object to our processing of your personal data, under certain conditions.
  • Rights related to automated decision making and profiling: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.

5. Data Protection Measures

We have implemented appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

  • The pseudonymization and encryption of personal data where appropriate
  • The ability to ensure the ongoing confidentiality, integrity, availability, and resilience of processing systems and services
  • The ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident
  • A process for regularly testing, assessing, and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing

6. Data Breach Notification

In the case of a personal data breach, we will notify the relevant supervisory authority without undue delay and, where feasible, not later than 72 hours after having become aware of it, unless the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons.

7. Contact Us

If you have any questions about our GDPR compliance or how we handle your personal data, please contact our Data Protection Officer at:

Email: dpo@capybaraclicker.com
Address: 123 Capybara Street, Game City, GC 12345