GDPR Compliance

1. What Is GDPR?

The General Data Protection Regulation (EU) 2016/679 (“GDPR”) is a regulation in EU law on data protection and privacy. It gives individuals greater control over their personal data and requires organizations to handle that data responsibly and transparently.

2. Lawful Basis for Processing

We process personal data under one or more of the following lawful bases:

• Consent (when you explicitly agree to data processing)
• Performance of a contract (e.g., processing payments or orders)
• Legal obligations (e.g., tax or compliance purposes)
• Legitimate interests (e.g., improving user experience)

3. Your Rights Under GDPR

You have the following rights regarding your data:

• Right to Access – You can request a copy of the data we hold about you.
• Right to Rectification – You can request corrections to inaccurate or incomplete data.
• Right to Erasure – You can request deletion of your data (“right to be forgotten”).
• Right to Restrict Processing – You can request limited use of your data in certain situations.
• Right to Data Portability – You can receive your data in a commonly used format and transfer it elsewhere.
• Right to Object – You can object to how your data is used, especially for marketing.

4. Data Retention

We retain personal data only as long as necessary for the purposes for which it was collected, or as required by applicable law. Once data is no longer needed, it is securely deleted or anonymized.

5. Data Transfers Outside the EEA

If we transfer your personal data outside the European Economic Area, we ensure that it is protected by appropriate safeguards such as Standard Contractual Clauses or equivalent mechanisms approved by the EU.

6. Data Protection Officer

We have appointed a Data Protection Officer (DPO) responsible for overseeing our GDPR compliance efforts. You can contact them using the details below.

7. Contact Us

If you have questions about this GDPR notice or wish to exercise your rights, please contact us at privacy@ajnalab.com.