GDPR Compliance

Last updated: January 2024

Our Commitment to GDPR

seed-manta is committed to complying with the General Data Protection Regulation (GDPR) for all individuals located in the European Economic Area (EEA). This page outlines your rights and our obligations under GDPR.

Data Controller

seed-manta acts as the data controller for personal information collected through our website. We determine the purposes and means of processing your personal data.

Contact: [email protected]
Address: 742 Cycling Avenue, Toronto, ON M5V 2H1, Canada

Your Rights Under GDPR

If you are located in the EEA, you have the following rights regarding your personal data:

Right to Access

You have the right to request a copy of the personal data we hold about you. We will provide this information within one month of your request.

Right to Rectification

You have the right to request correction of inaccurate personal data. We will respond to rectification requests within one month.

Right to Erasure

You have the right to request deletion of your personal data when it is no longer necessary for the purposes for which it was collected, or when you withdraw consent.

Right to Restrict Processing

You have the right to request that we limit how we use your personal data in certain circumstances, such as when you contest the accuracy of the data.

Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another controller.

Right to Object

You have the right to object to processing of your personal data based on legitimate interests or for direct marketing purposes.

Rights Related to Automated Decision-Making

You have the right not to be subject to decisions based solely on automated processing that produce legal effects or significantly affect you.

Legal Bases for Processing

We process personal data under one or more of the following legal bases:

• Consent: When you have given clear consent for us to process your personal data for a specific purpose
• Contract: When processing is necessary for the performance of a contract with you
• Legal Obligation: When processing is necessary for compliance with a legal obligation
• Legitimate Interests: When processing is necessary for our legitimate interests, provided those interests are not overridden by your rights

International Data Transfers

As we are based in Canada, your personal data may be transferred to and processed in Canada. Canada has been recognized by the European Commission as providing an adequate level of data protection. We ensure appropriate safeguards are in place for any other international transfers.

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected. When data is no longer required, it is securely deleted or anonymized.

Data Security

We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including encryption of data in transit and at rest where appropriate.

Data Breach Notification

In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours. If the breach is likely to result in a high risk to you, we will also notify you directly.

Exercising Your Rights

To exercise any of your GDPR rights, please contact us at [email protected]. We will respond to your request within one month. If your request is complex or numerous, we may extend this period by two months, in which case we will inform you.

Complaints

If you believe that your data protection rights have been violated, you have the right to lodge a complaint with a supervisory authority in your country of residence.