GDPR, CPRA, and LGPD

GDPR, CPRA, and LGPD Compliance

At 99consumer.com, we take data protection and privacy seriously. By browsing this website, you are agreed to our privacy policy and GDPR, CPRA, and LGPD compliance. We are committed to complying with the General Data Protection Regulation (GDPR), the California Privacy Rights Act (CPRA), and the Lei Geral de Proteção de Dados (LGPD) to ensure that your data is collected, processed, and stored lawfully and securely. This page outlines our practices and procedures regarding collecting, using, and disclosing personal data on our website.

General Data Protection Regulation (GDPR)

The GDPR is a regulation enacted by the European Union (EU) to protect the privacy and data of EU citizens. As a global website, we strive to provide the same level of protection to all our users, regardless of their location. Here’s how we comply with the GDPR:

  1. Lawful Basis for Processing: We only collect and process personal data with a lawful basis, such as your consent, contractual necessity, legal obligation, or legitimate interests.
  2. Data Subject Rights: Under the GDPR, you have the right to access, rectify, erase, restrict processing, object to processing, and data portability. We respect these rights and provide mechanisms to exercise them. For any inquiries or requests, please get in touch with our Data Protection Officer (DPO) using the details provided below.
  3. Data Security: We implement robust technical and organizational measures to safeguard your data from unauthorized access, alteration, disclosure, or destruction. We regularly review and update our security practices to ensure ongoing data protection.
  4. Data Transfers: If we transfer personal data outside the European Economic Area (EEA), we ensure adequate safeguards, such as Standard Contractual Clauses or relying on the recipient’s Privacy Shield certification.

California Privacy Rights Act (CPRA)

The CPRA is a state law in California, USA, that enhances privacy rights and consumer protection. Although it applies specifically to California residents, we extend its provisions to all our users for consistency. Here’s how we comply with the CPRA:

  1. Personal Information Collection: We disclose the categories of personal information we collect and the purposes for which they are used. We do not sell your personal information to third parties.
  2. Sensitive Personal Information: We do not collect or process sensitive personal information, such as racial or ethnic origin, religious beliefs, health data, or political affiliations unless explicitly provided by you and with your consent.
  3. Do Not Sell My Personal Information: If you are a California resident, you can opt out of selling your personal information. We do not sell personal information, so no action is required from you.
  4. Third-Party Disclosures: We disclose personal information to third parties only for legitimate purposes, such as providing services on our behalf. Strict confidentiality and data protection agreements bind these third parties.

Lei Geral de Proteção de Dados (LGPD)

The LGPD is a Brazilian law that establishes rules for the collection, use, processing, and storage of personal data of Brazilian citizens. Although it primarily focuses on protecting Brazilian users, we apply its principles to all our users. Here’s how we comply with the LGPD:

  1. Consent: We obtain your freely given, informed, and unambiguous consent before collecting and processing your data. You have the right to withdraw your consent at any time.
  2. Purpose Limitation: We only collect and process personal data for specific, legitimate, and clearly defined purposes. We do not use personal data for purposes incompatible with those disclosed.
  3. Data Subject Rights: You can access, correct, anonymize, block, or delete your data. We provide mechanisms for you to exercise these rights. For any inquiries or requests, please get in touch with our Data Protection Officer (DPO) using the details below.
  4. Data Breach Notification: In the event of a data breach that poses risks to your rights and freedoms, we will notify the appropriate authorities and affected individuals as required by the LGPD.

Contact Information

If you have any questions, concerns, or requests regarding our GDPR, CPRA, or LGPD compliance, please get in touch with our Data Protection Officer (DPO) at the following address:

Nina Moffatt
BRANDS VILLAGE LTD
7 Corsican Square, Unit 301, London, England, E3 3YD
Support [at] 99consumer.com