My Lifestyle Business (“MLB”) is the personal data controller of the following EEA Individuals for the purposes and in accordance with the legal bases for processing personal data:
In some cases, there may be overlap of the above categories of data subjects (e.g., Visitors and Registered Users using the Websites).
The term “European Economic Area” (or “EEA“) shall mean the then-current member states and member countries of the European Union and European Economic Area, respectively, Switzerland, and, upon its withdrawal from the European Union, the United Kingdom.
When we process your personal data, we disclose to various categories of MLB personnel as recipients in order to appropriately effectuate the above purposes. Our recipients include those that provide technical assistance, order fulfillment, customer service, marketing assistance, payment processing, survey collection, promotional and marketing assistance, and business operations.
We retain your personal data as necessary to fulfill the purposes set forth within this Notice and to the extent you have (or demonstrate interest in) a relationship with us, unless you request deletion of such data or such data is no longer relevant. In some cases, we may have to retain data to comply with our legal obligations (e.g., accounting, finance, tax).
Our Websites are operated and managed from Canada. Our websites are hosted on LINODE servers located in Newark, NJ, enabling visitors to our websites to benefit from fast website access speeds. We also use a Content Delivery Network (CDN) offered through CLOUDFLARE, which effectively distributes our web content and user data to servers across the globe in an effort to be as close as possible to user locations. Both CLOUDFLARE and LINODE provide effective user data protection. As an additional step, we have entered into a Data Processing Agreement with Cloudflare. Please be aware that any information provided to or collected by us, including personal information, will be transferred from your country of origin to where our global LINODE servers are located and are additionally distributed by CLOUDFLARE to global server locations for our Content Delivery Network (CDN). Therefore, in regard to user data transfers, including for users under the EU’s GDPR and Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA), your decision to provide such data to us, or allow us to collect such data through our Website, constitutes your consent to this data transfer. In other instances, however, we may alternatively rely on appropriate Standard Contractual Clauses to ensure adequate protection of your personal data.
Access LINOD legal compliance here: https://www.linode.com/legal-compliance/
Access CLOUDFLARE legal compliance here: https://www.cloudflare.com/gdpr/introduction/
We may disclose or transfer the personal data we process for the following reasons:
If, in the future, we intend to process your personal data for a purpose other than that which it was collected, we will provide you with information on that purpose and any other relevant information at a reasonable time prior to such processing. After such time, the relevant information relating to such processing activity will be revised or added appropriately within this GDPR Notice, and the “Effective Date” at the top of this page will be updated accordingly.
You have a right to: (i) request access to, correction and/or erasure of your personal data; (ii) object to processing of your personal data; (iii) restrict processing of your personal data; and (iv) request a copy of your personal data, or have a copy thereof sent to another data controller, in a structured, commonly used and machine readable format under the right of data portability.
You also have the right to lodge a complaint about the processing of your personal data with an appropriate data protection authority, and, as applicable, to exercise third-party beneficiary rights under MLB’s Standard Contractual Clauses. Contact details for the EU data protection authorities can be found at: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.
You have also the right to object to the processing of personal data pursuant to our legitimate interest. In such case, we will cease to process your personal data, unless there is an appropriate, overriding legitimate grounds for the processing or if needed for the establishment, exercise, or defense of legal claims. You may also object at any time to processing of your personal data for direct marketing purposes by clicking “Unsubscribe” within an automated marketing email.
You may exercise these rights and submit a GDPR complaint with the subject line “GDPR Notice.” by contacting: [email protected] or our representative in the European Union:
Große Bleichen 21
20354 Hamburg Germany