Information on this site is advertising in nature

GDPR Compliance

Your data protection rights under European regulation

Our Commitment to Data Protection

glossy cove is committed to protecting the personal data of all individuals, including those located in the European Union and European Economic Area. We process personal data in compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

Data Controller

For the purposes of GDPR, glossy cove acts as the data controller for personal information collected through our website and services. Our contact details are:

glossy cove
245 Commerce Avenue, Suite 310
Toronto, ON M5V 2K4
Canada
Email: [email protected]

Legal Basis for Processing

We process personal data under the following legal bases as defined by GDPR:

Consent

Where you have given clear consent for us to process your personal data for specific purposes, such as receiving marketing communications or accepting cookies.

Contract Performance

Where processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract.

Legitimate Interests

Where processing is necessary for our legitimate business interests, provided these are not overridden by your rights and interests. Our legitimate interests include improving our services, understanding how our website is used, and maintaining security.

Legal Obligation

Where processing is necessary to comply with legal or regulatory obligations.

Your Rights Under GDPR

If you are located in the EU or EEA, you have the following rights regarding your personal data:

Right of Access

You have the right to obtain confirmation of whether we process your personal data and to receive a copy of that data. You may also request information about how we use your data, with whom we share it, and the safeguards in place for international transfers.

Right to Rectification

You have the right to have inaccurate personal data corrected and incomplete data completed.

Right to Erasure

Also known as the "right to be forgotten," you may request deletion of your personal data in certain circumstances, such as when the data is no longer necessary for the purpose for which it was collected or when you withdraw consent.

Right to Restrict Processing

You may request that we limit how we use your personal data in certain circumstances, such as when you contest the accuracy of the data or object to our processing.

Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit that data to another controller without hindrance.

Right to Object

You have the right to object to processing based on legitimate interests or for direct marketing purposes. We will cease processing unless we demonstrate compelling legitimate grounds that override your interests.

Rights Related to Automated Decision-Making

You have the right not to be subject to decisions based solely on automated processing, including profiling, that produce legal effects or similarly significant effects on you.

Exercising Your Rights

To exercise any of your GDPR rights, please contact us at [email protected]. We will respond to your request within one month. In certain circumstances, we may extend this period by two additional months, in which case we will inform you of the extension and the reasons for it.

We may need to verify your identity before processing your request. If your request is manifestly unfounded or excessive, we may charge a reasonable fee or refuse to act on the request.

International Data Transfers

As we are based in Canada, your personal data may be transferred to and processed in Canada. Canada has been recognized by the European Commission as providing an adequate level of data protection under GDPR. For any transfers to countries without an adequacy decision, we implement appropriate safeguards such as standard contractual clauses.

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements. When determining retention periods, we consider the nature and sensitivity of the data, the purposes of processing, and applicable legal requirements.

Data Security

We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

  • Encryption of personal data where appropriate
  • Regular testing and evaluation of security measures
  • Access controls limiting who can view personal data
  • Staff training on data protection obligations

Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach. If the breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly without undue delay.

Filing a Complaint

If you believe that our processing of your personal data infringes GDPR, you have the right to lodge a complaint with a supervisory authority in the EU member state of your habitual residence, place of work, or place of the alleged infringement.

Changes to This Information

We may update this GDPR information from time to time. We will post any changes on this page and, where appropriate, notify you by email.

Contact Us

For any questions regarding GDPR or our data protection practices, please contact us at:

glossy cove
245 Commerce Avenue, Suite 310
Toronto, ON M5V 2K4
Canada
Email: [email protected]

We use cookies to enhance your browsing experience and analyze site traffic. By continuing to use our site, you consent to our use of cookies. Learn more