GDPR

Introduction
At BarefootSole, we are committed to ensuring the protection of personal data and compliance with the General Data Protection Regulation (GDPR), which applies to all individuals within the European Union (EU) and the European Economic Area (EEA). This GDPR Compliance Statement outlines the principles we follow in the processing of personal data and your rights as an individual under GDPR.

GDPR Principles Compliance
BarefootSole adheres to the following GDPR principles to ensure that personal data is:

  • Processed lawfully, fairly, and transparently: We provide clear information about how we use and process your personal data. We only collect personal data with your consent, for necessary purposes, or as legally required.

  • Collected for specified, explicit, and legitimate purposes: We do not process your personal data beyond the purposes for which it is collected.

  • Adequate, relevant, and limited to what is necessary: We only collect personal data that is necessary for the purposes for which it is processed.

  • Accurate and kept up to date: We take all reasonable steps to ensure that personal data is accurate and, where necessary, kept up to date.

  • Kept in a form which permits identification of data subjects for no longer than is necessary: We retain personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

  • Processed in a manner that ensures appropriate security: We use appropriate technical and organizational measures to ensure the security of your personal data.

Data Subject Rights
Under GDPR, you have various rights concerning the processing of your personal data, including:

  • Right to Access: You have the right to access your personal data and to receive information about its processing.

  • Right to Rectification: You have the right to request that we correct any inaccurate or incomplete personal data.

  • Right to Erasure ('Right to be Forgotten'): You may ask us to delete personal data where there is no good reason for us continuing to process it.

  • Right to Restriction of Processing: You have the right to request the restriction of processing of your personal data.

  • Right to Data Portability: You have the right to receive your personal data in a structured, commonly used and machine-readable format.

  • Right to Object: You have the right to object to the processing of your personal data.

  • Right to Withdraw Consent: Where we rely on consent to process your personal data, you have the right to withdraw consent at any time.

Data Protection Officer
BarefootSole has appointed a Data Protection Officer (DPO) to oversee compliance with GDPR. You can contact our DPO for any issues related to data protection and your personal data rights at support@barefootsole.com.

Data Breach Notification
In the unlikely event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours, and you will be informed as appropriate.

Cross-Border Data Transfers
Personal data that we collect may be transferred to, and stored at, a destination outside the European Union. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this GDPR Compliance Statement and the GDPR.

Contact Us
If you have any questions about our GDPR Compliance Statement, or if you want to exercise any of your rights as described above, please contact us at support@barefootsole.com.

Conclusion
At BarefootSole, we take our responsibility to protect your personal data seriously and to comply with GDPR. We are committed to maintaining the trust and confidence of our customers and visitors to our website.