How is FlippedNormals complying with GDPR?
General Data Protection Regulation ( GDPR) is legislation to protect user's privacy, set by the European Union. Protecting our user's privacy is incredibly important to us and we are complying fully with GDPR.
- We do not sell your data. Period.
- No private information is requested or stored unless it's for regulatory purposes or core function for our service.
- We do not share your data unless compelled and subpoenaed under the law.
- All data which is stored by FlippedNormals is done based on an opt-in system.
How we are complying with GDPR:
- We will never request and store sensitive information about our users. We only store identifying information such as IP address, home address, email, location data and name. All the data we store is to comply with regulation and to make sure our platform can function. We do not store information about your race, health status, sexual orientation, religious beliefs or political beliefs - other than those the Creators have posted themselves on their store pages.
- We perform regular internal audits on the information we store to make sure it's not in breach with regulation and that we aren't storing information relevant to our core business. The data audited includes going over plugins we use, internal spreadsheets and databases, emails sent to FlippedNormals, third-party systems FlippedNormals uses such as HelpScout, Amazon Web Servers (AWS), G Suite, our web host, MailChimp, information shared on our social networks, internal messaging software such as WhatsApp and Slack, PayPal, etc.
- If a user requests a copy of all their user data, we will provide them with the information we have stored in a reasonable time frame.
- We take great care of our back-end to make sure that security is taken seriously, to minimise the chance of a data breach.
- In case of a data breach, the users affected will be informed within a reasonable time frame and we will do our best to minimise the damage. We will also report the breach to the relevant supervisory authority within 72 hours of the breach being detected.
- Should a user request their data to be deleted, they can contact us here and their data shall be deleted within a reasonable amount of time. Once the data has been deleted, it cannot be recovered.
- The data stored is stored for as long as a user has an account at FlippedNormals.
- No third party will have access to the user data collected. We do not sell or share the user data with services outside of FlippedNormals, apart from when it's necessary for our core business, such as newsletters, payouts through PayPal, and similar services.
- We make sure that all services we use also do comply with GDPR in a satisfactory sense.