MossGreenn GDPR Information

1. Introduction

The General Data Protection Regulation (GDPR) is a comprehensive data protection law that came into effect on May 25, 2018, in the European Union. This page explains how MossGreenn complies with GDPR and what rights you have regarding your personal data.

2. Legal Basis for Processing

We process your personal data under the following legal bases:

• Consent: When you explicitly agree to data processing
• Contract Performance: To provide our services as agreed
• Legitimate Interest: To improve our services and prevent fraud
• Legal Obligation: To comply with applicable laws

3. Your Rights Under GDPR

As an EU/EEA resident, you have the following rights regarding your personal data:

4. Data We Collect

We collect the following categories of personal data:

4.1 Identity Data

• Name and title
• Date of birth
• Gender
• Nationality

4.2 Contact Data

• Email address
• Telephone number
• Mailing address
• Billing address

4.3 Account Data

• Username and password
• Account preferences
• Profile information
• Communication preferences

4.4 Transaction Data

• Payment information
• Purchase history
• Billing details
• Order information

4.5 Technical Data

• IP address
• Browser type and version
• Operating system
• Device information

5. How We Use Your Data

We use your personal data for the following purposes:

• To provide and maintain our services
• To process transactions and payments
• To communicate with you about our services
• To improve our platform and develop new features
• To comply with legal obligations
• To prevent fraud and ensure security

6. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this notice:

• Account Data: Until you delete your account or request deletion
• Transaction Data: 7 years for tax and accounting purposes
• Marketing Data: Until you withdraw consent or unsubscribe
• Technical Data: Up to 2 years for analytics and security

7. Data Transfers

We may transfer your personal data to countries outside the EU/EEA. When we do so, we ensure appropriate safeguards are in place:

• Adequacy decisions by the European Commission
• Standard Contractual Clauses (SCCs)
• Binding Corporate Rules
• Certification schemes

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data:

• Encryption of data in transit and at rest
• Regular security assessments and updates
• Access controls and authentication
• Employee training on data protection
• Incident response procedures

9. Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will:

• Notify the relevant supervisory authority within 72 hours
• Inform affected individuals without undue delay
• Provide details about the breach and measures taken
• Offer guidance on protective actions you can take

10. Your Right to Complain

If you believe we have not handled your personal data in accordance with GDPR, you have the right to lodge a complaint with your local data protection authority. You can find your local authority at: https://edpb.europa.eu/about-edpb/board/members_en

11. Exercising Your Rights

To exercise any of your GDPR rights, please contact us using the information below. We will respond to your request within one month of receipt. We may ask you to verify your identity before processing your request.

12. Contact Information

13. Changes to This Notice

We may update this GDPR compliance notice from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes by email or through our service.

← Back to Home