The Start Up Shop GDPR Policy
At The Start Up Shop, we are dedicated to working with our customers and users to ensure they are informed and prepared for compliance with the General Data Protection Regulation (GDPR). The GDPR represents a significant update to EU data privacy laws and came into effect on May 25, 2018.
The GDPR not only strengthens and standardizes data privacy rights for users across EU nations but also imposes new obligations on all organizations handling the personal data of EU citizens, irrespective of their geographical location. To ensure compliance with GDPR requirements, we have thoroughly reviewed our operations, data-related policies, and procedures. Below, we outline our approach to GDPR compliance:
Awareness:
Key decision-makers and individuals within The Start Up Shop are fully aware of the evolving legal landscape concerning GDPR. We have taken steps to ensure that all aspects of our business model are in full compliance with GDPR regulations.
Information We Hold:
We have documented the personal data we collect, its sources, and with whom we share it. Our data protection principles are well-documented to ensure we maintain effective policies and procedures. Additionally, we regularly assess our relationships with third parties, such as payment processing organizations, to confirm their GDPR compliance.
Communicating Privacy Information:
Our privacy policy is continuously updated to meet relevant statutory requirements.
Individuals' Rights:
We have updated our policies and procedures to safeguard the rights of individuals as mandated by GDPR. These rights encompass:
- The right to be informed.
- The right of access.
- The right to rectification.
- The right to erasure.
- The right to restrict processing.
- The right to data portability.
- The right to object.
- The right not to be subject to automated decision-making, including profiling.
Consent:
Our documents, including this policy, our Terms and Conditions, and our Privacy Policy, are made readily available before users register with The Start Up Shop or purchase our services. Consequently, user consent to The Start Up Shop processing their data is:
- Freely given.
- Specific.
- Informed.
- Unambiguous.
- Obtained through a positive opt-in.
Lawful Basis for Processing Personal Data:
As a consenting user of The Start Up Shop’s website, we have a lawful basis for processing your personal data. This processing does not infringe on your individual rights, as listed above.
Children:
The Start Up Shop does not offer online services to children.
Data Breaches:
Protecting our customers’ information is of utmost importance. We maintain high standards of security and have invested in robust security measures. In compliance with GDPR requirements concerning security incident notifications, we remain committed to our obligations. Our procedures are regularly reviewed and updated to ensure a compliant and transparent approach to detecting, investigating, and reporting personal data breaches.
Data Protection by Design and Data Protection Impact Assessments:
The Start Up Shop has consistently embraced a privacy-by-design approach. Additionally, we conduct Data Protection Impact Assessments as needed.
For further details about our security policies and procedures, please visit our security page, which provides comprehensive information on our approach to security.
International Operations:
The Start Up Shop operates across multiple EU member states. Since our primary establishment is in Ireland, we have determined that the Data Protection Commissioner’s Office serves as our lead data protection supervisory authority.
Stay Updated:
We are committed to upholding our privacy and data security commitments. This page will be regularly updated to reflect GDPR-related information as it becomes available. If you have any questions regarding how The Start Up Shop can assist you with compliance, please don’t hesitate to contact us at any time.