Home About Services Contact Book Session

GDPR Compliance

Your data protection rights under European law

epic-glade is committed to protecting the privacy and rights of individuals in accordance with the General Data Protection Regulation (GDPR). This page outlines how we comply with GDPR requirements for visitors and clients from the European Economic Area (EEA).

Data Controller

epic-glade acts as the data controller for personal data collected through our website and services. Our contact details are:

epic-glade
220 King Street West, Suite 1800
Toronto, ON M5H 1K4
Canada
Email: [email protected]

Legal Basis for Processing

We process personal data under the following legal bases:

Your Rights Under GDPR

If you are located in the EEA, you have the following rights regarding your personal data:

Right to Access

You have the right to request copies of your personal data. We may charge a small fee for this service in certain circumstances.

Right to Rectification

You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.

Right to Erasure

You have the right to request that we erase your personal data under certain conditions, such as when the data is no longer necessary for the purposes for which it was collected.

Right to Restrict Processing

You have the right to request that we restrict the processing of your personal data under certain conditions.

Right to Object

You have the right to object to our processing of your personal data under certain conditions, particularly for direct marketing purposes.

Right to Data Portability

You have the right to request that we transfer the data we have collected to another organization, or directly to you, under certain conditions.

International Data Transfers

As we are based in Canada, your personal data may be transferred to and processed in Canada. Canada has been recognized by the European Commission as providing an adequate level of data protection. Where data is transferred to other countries, we ensure appropriate safeguards are in place.

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements. The retention period may vary depending on the context of the processing and our legal obligations.

Data Security

We have implemented appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

Data Breach Notification

In the event of a personal data breach that is likely to result in a high risk to your rights and freedoms, we will notify you without undue delay and within 72 hours of becoming aware of the breach, where feasible.

Exercising Your Rights

To exercise any of your rights under GDPR, please contact us at [email protected]. We will respond to your request within one month. If your request is complex or you have made multiple requests, we may extend this period by two months, and we will inform you of any extension.

Complaints

If you believe we have not handled your personal data properly or have not responded to your concerns, you have the right to lodge a complaint with a supervisory authority. For EEA residents, you can contact your local data protection authority.

Updates to This Information

We may update this GDPR compliance information from time to time. Any changes will be posted on this page with an updated revision date.

Last updated: January 2024

We use cookies to enhance your experience on our site. By continuing to browse, you agree to our use of cookies. Learn more