GDPR Policy

Poetry Puzzles (“we,” “our,” or “us”) is committed to protecting your personal data and respecting your privacy in accordance with the General Data Protection Regulation (GDPR). This policy explains how we handle the personal data of individuals located in the European Economic Area (EEA).

1. Legal Basis for Processing Personal Data

We only collect and process personal data when we have a valid legal basis, including:

Contractual Necessity: to fulfill orders and provide services you request.

Consent: when you opt in to receive newsletters, promotions, or marketing communications.

Legitimate Interests: to improve our website, products, and customer experience.

Legal Obligations: when processing is required to comply with applicable laws.

2. Your Rights Under GDPR

As an individual in the EEA, you have the following rights:

Right to Access: request a copy of the personal data we hold about you.

Right to Rectification: request corrections to inaccurate or incomplete information.

Right to Erasure (“Right to Be Forgotten”): request deletion of your personal data, subject to certain legal exceptions.

Right to Restrict Processing: request limits on how we process your data.

Right to Data Portability: request a copy of your data in a structured, machine-readable format.

Right to Object: object to processing based on legitimate interests or direct marketing.

Right to Withdraw Consent: withdraw previously given consent at any time.

3. How to Exercise Your Rights

You may exercise your GDPR rights by contacting us:

📩 Email: support@poetrypuzzles.com

📍 Address: [Insert Company Address]

We will respond to all requests within 30 days in accordance with GDPR requirements.

4. Data Retention

We keep your personal data only for as long as necessary to provide our services, comply with legal obligations, resolve disputes, and enforce our agreements.

5. International Data Transfers

If your personal data is transferred outside the EEA (e.g., to service providers or hosting platforms), we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or equivalent legal protections.

6. Data Security

We implement appropriate technical and organizational measures to protect your data from unauthorized access, loss, misuse, or disclosure.

7. Supervisory Authority

If you believe we have not handled your data properly, you have the right to lodge a complaint with your local Data Protection Authority within the EEA.

8. Updates to This Policy

We may update this GDPR Policy from time to time. Changes will be posted on this page, and continued use of our site or services indicates acceptance of the updated policy.