GDPR Notice

Effective as of 31st of July 2020

Our website is directed solely at United States residents. However, this GDPR notice (“Notice”) may apply to you if you are a European Union citizen, or if the EU’s General Data Protection Regulation (“GDPR”) otherwise applies to your data as processed by us. This Notice is a supplement to the Privacy Policy for the www.top5psychicreading.com website (“Privacy Policy”), as provided by {gm-legal_name} S.A.S. (“{gm-legal_name}”). Capitalized terms not defined in this Notice shall have the same meanings as set forth in the Privacy Policy. This Notice may be modified at any time, and the date of the most recent modifications will appear on this page. In the event of any conflict between the Privacy Policy and this Notice, the terms of this Notice will prevail with respect to data that is subject to the GDPR.

If the GDPR applies to your data as processed by us, you have the following rights:

  1. to request access to your PI. This enables you to receive a copy of the PI we hold about you and our full list of third parties who process your data, and to check that we are lawfully processing it.
  2. to request confirmation as to whether or not your PI is being processed.
  3. to request the correction of your PI that you consider to be inaccurate. This enables you to have any incomplete or inaccurate data we hold about you corrected. However, we may need to verify your identity and the accuracy of the new data you provide to us.
  4. to request erasure of your PI. This enables you to ask us to delete or remove PI, for example: i) where there is no good reason for us continuing to process it; ii) where you have successfully exercised your right to object to processing (see below); iii) where we may have processed your information unlawfully; iv) where we are required to erase your PI to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons and our need to keep appropriate archives for our business operations. These reasons will be notified to you at the time of your request.
  5. to object to processing of your PI. This enables you to object to the processing of your PI if you feel it impacts on your fundamental rights and freedoms. In some cases, we may have compelling legitimate grounds to process your information which can override your right to object.
  6. to request restriction of processing of your PI. This gives you the option to ask us to suspend the processing of your PI in the following scenarios: i) if you want us to establish the data’s accuracy; ii) where our use of the data is unlawful but you do not want us to erase it; iii) where you need us to hold the data, even if we no longer require it e.g. to establish or defend legal claims; or iv) you have objected to our use of your data but we need to verify whether we have overriding legitimate ground to use it.
  7. to request transfer of your PI. If you request us to do so, we will provide to you, or a third party of your choice, your PI in a commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use, or where we have used the information to perform a contract with you.
  8. to withdraw consent to the processing of your data. If you request us to do so, we will no longer process your data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, you may not be able to make full use of our Website.
  9. to not have a decision made about you based solely on automated processing.

If you wish to exercise any of the rights set out above or request details about the specific legal basis we are relying on to process your PI, please email us at {gm-legal_email} using the Subject Access Request Form

We will respond to you within 30 days of receipt of your request. Occasionally it may take us longer than 30 days if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your PI (or to exercise your other legal rights). This is a security measure to ensure that your PI is not disclosed to any person who does not have the right to receive it. We may also contact you to ask you for further information, in relation to your request, to speed up our response.

You will not have to pay a fee to access your PI (or to exercise any of your other legal rights). However, we may charge a reasonable fee (or refuse to comply) if your request is clearly unfounded, repetitive or excessive.

You have the right to make a complaint at any time to the Agencia Española de Protección de Datos (“AEPD”), the Spanish supervisory authority for data protection issues (www.aepd.es). We would, however, appreciate the chance to deal with your concerns before you approach the AEPD so please email us at {gm-legal_email} in the first instance.

We will only retain your PI for as long as necessary to fulfil the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or internal reporting requirements. To determine the appropriate retention period for PI, we consider the amount, nature, and sensitivity of the PI, the potential risk of harm from unauthorized use or disclosure of your PI, the purposes for which we process your PI and whether we can achieve those purposes through other means, and the applicable legal requirements.

In some circumstances we may anonymize your PI (so that it can no longer be associated with you) for compliance, governance, legal and/or regulatory purposes in which case we may use this information indefinitely without further notice to you.

Use of information collected and legal basis for such use

We have set out below, in a table format, a description of all the ways we process your PI, and the legal basis we rely on to do so.

Purpose/Activity Type of Data Legal Basis
To allow you to visit the Website Technical Data
Usage Data

Consent
To manage our relationship with you. For example general enquiries such as how the Website works, complaints and payment queries Any data you choose to share with us or request us to view Consent
To administer and protect the Website (including troubleshooting, fraud prevention, spam prevention, security incident prevention and correction, data analysis, testing, system maintenance, support, reporting and hosting of data), operate the Website (including notifying you of any changes), optimize your user experience, and send you service and support messages such as updates, patches and security alerts Financial Data
Identity Data
Technical Data
Usage Data
Consent
To analyze your use of the Website and deliver relevant website content and third-party advertisements, for example by providing customized, personalized, or localized content, recommendations, features, and advertising. Usage Data Consent
To enforce this Privacy Policy, our Terms of Use, and any other terms that you have agreed to, including to protect the rights, property, or safety of our users, or any other person, or the copyright-protected content of the Website Identity Data
Usage Data
Technical Data
For purposes of legitimate interests
To maintain and retain records in connection with actual and potential legal claims and regulatory investigations; and for governance & compliance purposes Financial Data
Identity Data
Usage Data
Technical Data
Necessary for the compliance with a legal obligation to which we are subject

We will only use your PI for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason, and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please email us at {gm-legal_email}

We may provide your PI to third parties, as detailed in our Privacy Policy. For your information, click here to view some examples of how third parties process your PI.

As used in the above chart:

  • Technical Data includes internet protocol (IP) address, device type, device version, browser type and version, browser plug-ins types, time zone setting and location, traffic data, search criteria, weblogs and other communications data, operating system and platform and other technology on the devices you use to access the Website.
  • Usage Data includes information about how you use our Website, such as the particular pages you interact with, how often you visit, how long you’re on the Website, surveys, the products and/or services you’re looking at and/or purchase.
  • Verification Data includes proof of identity and proof of address as further detailed in our Subject Access Request Form.
  • Financial Data may include details about your payment history and services or products you have purchased from third parties offering products or services through the Website (collectively, “Offerors”).
  • Identity Data includes name, address, telephone number, email address.