Table of Contents

1. Welcome
2. What is personal data?
3. Our GDPR-compliance?
4. Data controllers and Data processors
5. Our Commitment to Data Security
6. Who can access personal data?
7. How can you correct errors in your data?
8. Your Rights as a Data Subject
9. Updates
10. How do I make a Subject Access Request?
11. Privacy Policy
12. Data Security
13. Contact Us
14. Welcome 

Shadowinner created this GDPR Statement so you can go over what GDPR means for you and the steps we’ve taken to ensure your personal data is protected. The European Union General Data Protection Regulation (GDPR) provides new obligations for organizations which hold and process personally identifiable information (PII) about European Union Users.

1.What is personal data?

According to the GDPR directive, personal data can be any information related to an individual such as a name, email address, a computer IP address etc. 

2.Our GDPR-compliance?

Shadowinner is committed to helping deliver outstanding informational or educational support. We have standardized policies and procedures to manage and protect the data that we process on behalf of our services and products. Our policies are driven by our significant experience online:

• Improved office security and infrastructure
• Completed GDPR and security audit for Shadowinner products and services;
• Updated Documentation of policies and procedures

.

3.Data controllers and Data processors

The new laws require both Data controllers (such as Shadowinner) and Data processors (affiliated partners and trademark companies) to update their processes and technology to meet the specified requirements.

We are the data controllers of user related data. The data controller is the person or organization who determines what data is extracted, what purpose it is used for and who is allowed to process the data. GDPR increases the responsibility we have to inform users and members about how their data is being used and by whom.

4.Our Commitment to Data Security

Personal data collected by Shadowinner are processed in accordance with the law on legal protection of personal data and other legal acts. Article 32 of the GDPR requires that controllers and processors have adequate levels of security in place for ensuring the confidentiality, integrity, availability – and more, of processing and other related activities. 

GDPR Article 32 requires Shadowinner to implement appropriate technical and organizational measures to ensure a level of security to reduce data breach risk. Monitoring, as necessary, of all relevant third-party providers for which Shadowinner has a business relationship with in terms of storing, processing, and/or transmitting personal data for EU residents.

5.Who can access personal data?

Where it is necessary to access customer data, for example to investigate a support case, only approved support and technical staff by us can access it. We carry out DBS checking on our staff who have personal data access and staff are subject to contractual data access policies. 

6.How you can correct errors in your data?

In the event of an error, users can correct user data such as names and emails. Users and members can also change their personal details directly on the site or contact us at contact@shadowinner.com

7.Your Rights as a Data Subject

Subject to applicable law including relevant data protection laws, in addition to your ability to withdraw any consent you have given to our processing your personal information, you may have a number of rights in connection with the processing of your personal information, including:

• The right to request access to your personal information that we process or control;
• The right to request rectification of any inaccuracies in your personal information or, taking into account the purposes of our processing, to request that incomplete data is completed;
• The right to request, on legitimate grounds as specified in law: (i) erasure of your personal information that we process or control or (ii) restriction of processing of your personal information that we process or control;
• The right to object, on legitimate grounds as specified in law, to the processing of your personal information;
• The right to receive your personal information in a structured, commonly used and machine-readable format and to have your personal information transferred to another controller, to the extent applicable in law; and
• The right to file complaints regarding the processing of your personal information with the relevant supervisory authority

8.Updates

Our service are being updated to help users comply with the GDPR obligations relating to obtaining and recording consent. Consent approval will be available upon request. Other technology designed to automated data access requests received from users will be released. 

9.How do I make a Subject Access Request?

If you wish to make a Subject Access Request and/or Right to be forgotten request, where applicable, please contact contact@shadowinner.com

10.Privacy Policy 

We have created our privacy policy to ensure it complies with our obligations under the EU GDPR Regulation. You can learn more regarding our collection and use of your personal information on our privacy policy page.

11.Data Security 

Shadowinner is committed to ensuring all user data as secured and protected in secured servers. Our platform and customer data are stored on approved and compliant cloud infrastructure. Our servers are hosted by qualified and professional hosting company to ensure customer data is retained within the European Economic Area (EEA) or outside EEA. We use multiple protective layers within the hosting platform to protect our services.

We store business data within selected cloud platforms. We will only use platforms whose information security practices we approve. These are tools we use to operate our business, for purposes such as, support cases, and marketing engagement.

12.Contact Us

To send us your questions, comments, or complaints or receiving communications from us kindly email us using contact@shadowinner.com

(Created and Effective September 9th, 2022)