GDPR Compliance Statement

MRT Notes is committed to protecting the privacy and personal data of our users. We strive to comply with the General Data Protection Regulation (GDPR) and have implemented the necessary measures to ensure the security and confidentiality of personal information. This GDPR compliance statement outlines how we collect, use, disclose, and protect personal data on our website.

1. Lawful Basis for Processing

We process personal data based on one or more lawful bases as defined by the GDPR. These bases include:

  • Consent: We obtain explicit and informed consent from individuals before collecting and processing their personal data.
  • Contractual Necessity: We process personal data to fulfill contractual obligations with our users.
  • Legal Obligations: We may process personal data to comply with legal requirements.

2. Types of Personal Data Collected

We collect and process the following types of personal data:

  • Contact information (such as name and email address) provided voluntarily by users for newsletter subscriptions or inquiries.
  • Usage information (such as IP address, browser type, and device information) collected automatically through cookies and similar technologies.
  • Any other data provided voluntarily by users through our website or services.

3. Purpose of Processing

We collect and process personal data for the following purposes:

  • To provide and improve our services.
  • To respond to user inquiries and provide customer support.
  • To send promotional emails and newsletters with user consent.
  • To personalize user experience and deliver tailored content.
  • To analyze website usage and gather statistical information.

4. Third-Party Services

We use the following third-party services:

  • Supabase: We use Supabase as a data storage and backend service provider.
  • Google AdSense: We utilize Google AdSense for serving advertisements on our website.

Please refer to the respective service providers' privacy policies to understand how they handle personal data.

5. Data Subject Rights

Under the GDPR, individuals have certain rights regarding their personal data. These rights include:

  • Right to access
  • Right to rectification
  • Right to erasure
  • Right to restrict processing
  • Right to data portability
  • Right to object
  • Right not to be subject to automated decision-making

To exercise these rights or for any inquiries regarding personal data or this GDPR compliance statement, please contact us at:

me@josephanson.com

6. Data Security and Retention

We implement appropriate technical and organizational measures to protect personal data from unauthorized access, alteration, or destruction. We retain personal data for as long as necessary to fulfill the purposes outlined in this statement, unless a longer retention period is required or permitted by law.

7. Cookies and Tracking Technologies

We use cookies and similar tracking technologies on our website to enhance user experience and gather usage information. Please refer to our separate Cookie Policy for detailed information on the use of cookies and how to manage preferences.

8. Data Transfers

As part of our services, personal data may be transferred to countries outside the European Economic Area (EEA). We ensure that appropriate safeguards are in place to protect personal data during such transfers, such as Standard Contractual Clauses or other approved mechanisms.

Please note that this is a general example, and you should tailor it to your specific website, data processing activities, and legal requirements. It's advisable to seek legal advice to ensure compliance with applicable laws and regulations.