PRIVACY POLICY

Apatura Ltd GDPR Policy

1. Introduction

  • This GDPR policy outlines how Apatura collects, processes, and protects personal data in compliance with the General Data Protection Regulation (GDPR). Protecting your privacy and data security is of utmost importance to us.

2. Definitions

  • Personal Data: Any information relating to an identified or identifiable natural person.
  • Data Subject: The individual to whom the personal data relates.
  • Processing: Any operation performed on personal data, including collection, storage, and retrieval.

3. Data Controller Information

  • Apatura Ltd
  • Address: 1 Bar Lane, York, YO1 6JU
  • Email: info@apatura.energy
  • Phone: 01904897276
  • Data Protection Officer: Euan Taylor

4. Data Collected

    • We may collect the following types of personal data:
    • Names
    • Email addresses
    • Contact information
    • Billing and shipping addresses
    • User-generated content (e.g., comments or reviews)
    • Any other data necessary for the services we provide.

5. Legal Basis for Processing

    • We process personal data based on the following legal bases:
    • Consent: When you provide explicit consent for a specific purpose.
    • Contractual Necessity: When data processing is necessary for the performance of a contract.
    • Legitimate Interests: When processing is based on our legitimate business interests.

6. Purposes of Processing

  • We collect and process personal data for the following purposes:
  • User account creation and management
  • Order processing and fulfilment
  • Communication with users
  • Improving our website and services

7. Data Retention

  • We retain personal data only for as long as necessary for the purposes stated above or as required by law. Retention periods are determined based on the nature of the data and the applicable legal requirements.

8. Data Subject Rights

  • As a data subject, you have the following rights:
  • Right to access your data
  • Right to rectify inaccuracies
  • Right to erasure (in certain circumstances)
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing

9. Data Security

  • We implement robust security measures to protect personal data from unauthorised access, disclosure, alteration, or destruction. Our security measures include encryption, access controls, and regular security audits.

10. International Data Transfers

  • If we transfer data internationally, we ensure adequate safeguards are in place, such as standard contractual clauses or relying on the European Commission’s adequacy decisions.

11. Cookies and Tracking

  • We use cookies and similar technologies to enhance user experience and collect analytics. Our Cookie Policy provides detailed information about their use, purpose, and how users can manage cookie preferences.

12. Third-Party Processing

  • We may share data with trusted third-party service providers, only for specific purposes like payment processing or analytics. We ensure these providers comply with data protection regulations.

13. Data Breach Response

  • In the event of a data breach, we have established procedures to promptly detect, report, and respond to breaches, including notifying affected individuals and authorities as required by law.

14. Contact Information

  • For any inquiries, requests, or concerns related to data protection, please contact our Data Protection Officer (if appointed) or our Customer Support team.

15. Updates to the Policy

  • This policy may be updated periodically. The last update was on 1 October 2023.