GDPR Privacy Policy

1.1 Our company is the data controller of the processing activities of customer’s personal data and are responsible for providing information about the processing of customer’s personal data and responding to customer’s questions, comments and requests.

2.1 In accordance with the Data Protection Act, our company will protect customer’s personal data by using it only for the purposes set out in Article 2 of our Privacy Policy.

2.2 We will process customer’s personal data based on one of the following legal bases.

• (1) When customer’s consent is obtained by the processor (Article 6(1)(a) GDPR)
  • Consent generally only applies to processing in connection with promotions and marketing.

• (2) When processing is necessary in order to perform or take steps to enter into a contract (Article 6(1)(b) GDPR)
  • This is typically the basis for processing customer’s information, such as customer’s personal data, contact information, payment information, which is necessary for us to provide our services.

• (3) When the processing is necessary to comply with a legal obligation (Article 6(1)(c) GDPR)
  • This includes sharing personal data with law enforcement agencies and other legal obligations to our customers and employees.

• (4) When the processing of personal data is necessary for the purposes of our legitimate interests or those of a third party and these interests are not overridden by customer’s rights under data protection laws; (Article 6(1)(f) GDPR)
  • This includes responding to business related to our services, such as responding to inquiries to our company.

3.1 Under applicable privacy laws and regulations, including the GDPR, customer as a data subject have the following rights:

• (1) Right of access (Article 15 GDPR)
  • Customers have the right to access customer’s personal data processed by the data controller.
• (2) Right to rectification (Article 16 GDPR)
  • Customers may ask the data controller to correct inaccurate personal data about them.
• (3) Right to erasure (right to be forgotten) (Article 17 GDPR)
  • In certain cases, customers may ask the data controller to delete personal data relating to them without delay.
• (4) Right to restriction of processing (Article 18 GDPR)
  • Customers have the right to obtain from the Controller their own personal data in a structured, commonly used and machine-readable format. Customers also have the right to transfer such data to another controller without hindrance from the controller to whom the personal data was provided.
• (5) Right to data portability (Article 20 GDPR)
  • Customers have the right to obtain from the Controller their own personal data in a structured, commonly used and machine-readable format. Customers also have the right to transfer such data to another controller without hindrance from the controller to whom the personal data was provided.
• (6) Right to object (Article 21 GDPR)
  • Customers have the right to object to the processing of customer’s personal data in certain cases.
• (7) Right to lodge a complaint with a supervisory authority (Article 77 GDPR)
  • Customers may lodge a complaint about our processing of their personal data with a supervisory authority established by an EU Member State.

3.2 Please note that the rights in the previous paragraph are not absolute and do not apply in all circumstances. In addition, depending on the circumstances, legal exceptions may apply and customer requests may be refused.If customer requests may be refused,we will inform customer of the reason at the time we respond.

3.3 To assert customer’s rights in accordance with this Article, customer may contact us using the form below.

【Contact】Think Nature Inc. Contact form

Contact form