GDPR Compliance

 

GDPR Compliance

The app used for assuring the GDPR/LGPD/CCPA-CPRA/VCDPA/APPI/PIPEDA compliance of this site, collects your IP and the email address in order to process the data. For more check https://sally-sheep.com/pages/privat-policy-terms-of-service

Data Rectification

You can use the link below to update your account data if it is not accurate.

  •  

    The General Data Protection Regulation (GDPR) is a comprehensive data protection law that came into effect on May 25, 2018, in the European Union (EU). It aims to enhance individuals' control and rights over their personal data while simplifying the regulatory environment for international business by unifying the regulation within the EU.

    GDPR applies to any organization that processes personal data of individuals residing in the EU, regardless of the organization's location. This means that e-commerce businesses, such as those selling products online, must adhere to GDPR regulations if they collect, store, or process personal data from EU customers.

    One of the key principles of GDPR is the requirement for explicit consent from individuals before their personal data can be processed. This includes obtaining clear permission for collecting data, specifying the purpose of data collection, and informing individuals about their rights regarding their data. According to GDPR, consent must be freely given, specific, informed, and unambiguous.

    Furthermore, GDPR mandates that organizations implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk. This includes protecting personal data against unauthorized access, loss, or destruction. Organizations are required to conduct Data Protection Impact Assessments (DPIAs) when processing activities are likely to result in a high risk to the rights and freedoms of individuals.

    Another significant aspect of GDPR is the right to access. Individuals have the right to request access to their personal data held by an organization and to obtain information about how their data is being processed. Organizations must respond to such requests within one month, providing a copy of the personal data in a structured, commonly used, and machine-readable format.

    Additionally, GDPR grants individuals the right to rectification, allowing them to request corrections to inaccurate personal data. It also includes the right to erasure, commonly known as the "right to be forgotten," which enables individuals to request the deletion of their personal data under certain conditions.

    Organizations are also required to notify individuals and relevant authorities of any data breaches that may compromise personal data. The notification must occur within 72 hours of becoming aware of the breach, unless the breach is unlikely to result in a risk to the rights and freedoms of individuals.

    Non-compliance with GDPR can result in significant penalties, including fines of up to €20 million or 4% of the annual global turnover, whichever is higher. Therefore, it is crucial for e-commerce businesses to understand and implement GDPR requirements to protect customer data and maintain trust.

    In conclusion, GDPR compliance is essential for e-commerce businesses operating in or targeting customers in the EU. By adhering to GDPR principles, organizations can ensure the protection of personal data, foster customer trust, and mitigate the risk of substantial fines.

     

Data Portability

You can use the links below to download all the data we store and use for a better experience in our store.

Access to Personal Data

You can use the link below to request a report which will contain all personal information that we store for you.

Right to be Forgotten

Use this option if you want to remove your personal and other data from our store. Keep in mind that this process will delete your account, so you will no longer be able to access or use it anymore.