Back to Home

GDPR Compliance

General Data Protection Regulation (GDPR) Information

1. Our Commitment

Dustin's Designer Den is committed to protecting the privacy and rights of individuals in the European Economic Area (EEA) and complying with the General Data Protection Regulation (GDPR).

2. Legal Basis for Processing

We process your personal data based on:

  • Contract: Processing necessary to provide our services to you
  • Consent: When you give explicit consent (e.g., marketing emails)
  • Legitimate Interest: For service improvement and fraud prevention
  • Legal Obligation: When required by law (e.g., tax records)

3. Your Rights Under GDPR

As an EEA resident, you have the following rights:

Right to Access

Request a copy of all personal data we hold about you

Right to Rectification

Correct inaccurate or incomplete personal data

Right to Erasure

Request deletion of your personal data ("right to be forgotten")

Right to Restriction

Request limitation on how we process your data

Right to Data Portability

Receive your data in a machine-readable format

Right to Object

Object to processing based on legitimate interests

Right to Withdraw Consent

Withdraw consent for processing at any time

Right to Lodge a Complaint

File a complaint with your local data protection authority

4. Data Protection Measures

We protect your data through:

  • Encryption: SSL/TLS for data in transit, AES for data at rest
  • Access Controls: Limited employee access on a need-to-know basis
  • Regular Audits: Periodic security assessments
  • Data Minimization: We only collect necessary data
  • Secure Infrastructure: Cloud hosting with enterprise-grade security
  • Breach Notification: We will notify you within 72 hours of any breach

5. International Data Transfers

Your data may be transferred to and processed in countries outside the EEA. When we do this, we ensure adequate protection through:

  • Standard Contractual Clauses (SCCs) approved by the EU Commission
  • Transfers to countries with adequacy decisions
  • Your explicit consent when required

6. Data Retention

Data Type Retention Period
Account information Until account deletion + 30 days
Project data Until account deletion
Payment records 7 years (legal requirement)
Analytics data 26 months (anonymized)
Support tickets 3 years after resolution

7. How to Exercise Your Rights

To exercise any of your GDPR rights:

  1. Email us at gdpr@dustinsdesignerden.com
  2. Include your full name and account email address
  3. Specify which right you wish to exercise
  4. Provide any additional relevant details

We will respond within 30 days of receiving your request.

8. Data Protection Officer

For GDPR-related matters, you can contact our Data Protection Officer:

Email: dpo@dustinsdesignerden.com

Response Time: Within 48 hours

9. Supervisory Authority

If you are not satisfied with our response, you have the right to lodge a complaint with your local data protection authority. Find your supervisory authority at: European Data Protection Board

🇪🇺 For EEA Users

We take GDPR compliance seriously. Your data protection rights are important to us, and we're committed to ensuring full transparency and control over your personal information.