1. Introduction
Nourishr is committed to protecting the privacy and rights of individuals in the European Union (EU) and European Economic Area (EEA) in accordance with the General Data Protection Regulation (GDPR).
This page outlines how we comply with GDPR requirements and explains your rights as a data subject.
2. Data Controller
Nourishr acts as the data controller for personal data collected through our Service. This means we determine the purposes and means of processing your personal data.
Contact Information:
Email: nidrosoft@outlook.com
3. Legal Basis for Processing
Under GDPR, we process your personal data based on the following legal grounds:
- Consent: When you have given clear consent for us to process your personal data for specific purposes
- Contract: When processing is necessary to fulfill our contractual obligations to you
- Legitimate Interests: When processing is necessary for our legitimate business interests, provided these do not override your rights
- Legal Obligation: When we need to comply with a legal requirement
4. Your Rights Under GDPR
As a data subject under GDPR, you have the following rights:
Right to Access (Article 15)
You have the right to obtain confirmation of whether we process your personal data and to access that data along with information about how it is processed.
Right to Rectification (Article 16)
You have the right to have inaccurate personal data corrected and incomplete data completed.
Right to Erasure (Article 17)
Also known as the "right to be forgotten," you can request the deletion of your personal data under certain circumstances.
Right to Restrict Processing (Article 18)
You can request that we limit the processing of your personal data under certain conditions.
Right to Data Portability (Article 20)
You have the right to receive your personal data in a structured, commonly used, and machine-readable format.
Right to Object (Article 21)
You can object to the processing of your personal data for direct marketing purposes or when processing is based on legitimate interests.
Right to Withdraw Consent (Article 7)
Where processing is based on consent, you have the right to withdraw that consent at any time.
5. How to Exercise Your Rights
To exercise any of your GDPR rights, please contact us at:
Email: nidrosoft@outlook.com
Please include "GDPR Request" in your subject line and provide sufficient information for us to verify your identity.
We will respond to your request within 30 days. In complex cases, we may extend this period by an additional 60 days, but we will inform you of any such extension.
6. Data Protection Measures
We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:
- Encryption of personal data
- Regular testing and evaluation of security measures
- Access controls and authentication
- Staff training on data protection
- Data minimization practices
- Regular security audits
7. International Data Transfers
When we transfer personal data outside the EU/EEA, we ensure appropriate safeguards are in place, such as:
- Standard Contractual Clauses approved by the European Commission
- Transfers to countries with adequate data protection laws
- Binding Corporate Rules where applicable
8. Data Breach Notification
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will:
- Notify the relevant supervisory authority within 72 hours of becoming aware of the breach
- Communicate the breach to affected individuals without undue delay if the breach is likely to result in a high risk
- Document all breaches and our response actions
9. Supervisory Authority
If you believe that our processing of your personal data violates GDPR, you have the right to lodge a complaint with a supervisory authority in the EU member state of your habitual residence, place of work, or place of the alleged infringement.
10. Contact Us
For any questions about our GDPR compliance or to exercise your rights, please contact us:
Email: nidrosoft@outlook.com