General Data Protection Regulation (GDPR)

General Data Protection Regulation (GDPR) Content

The General Data Protection Regulation (GDPR) is a regulation from the European Union (EU) that aims to harmonize data-protection legislation across EU member states by enhancing privacy rights for individuals. It applies to organizations processing personal data that offer goods or services to individuals in the EU. It also grants EU-based data subjects certain rights to control the data that organizations collect on them, and how organizations use that information.

At Vegisan, we are committed to your privacy, whether you live in the EU, or outside of it. This means we apply GDPR principles to all of our processes.  We believe in having appropriate systems to ensure compliance.

Additionally, if you are purchasing Vegisan products or services, we want you to know that we take our responsibilities to protect the personal data very seriously.

Vegisan and Data Security

Vegisan is committed to security by design in our products and services. Our Development and Security teams are hard at work to ensure we protect the data you entrust to us. 

Information for Data Subjects

Vegisan users meet the GDPR definition of “data subjects.” The GDPR provides enhanced rights to individuals including the right to data portability and “the right to erasure, also known as the right to be forgotten, the right to restrict processing and the right to object.” You have the ability to exercise these rights via our data subject access rights page where you may submit a Request (link at bottom of this page). And because we care about your privacy rights we make these access requests available to you whether you are in the EU or not.

Vegisan now makes it easy for you to request any information we store on you, to understand how that information has been collected, and to know who we have shared your information with. We’ve revised our Privacy Policy and Cookie Policy to provide more details about how we collect, use, transfer, and safeguard your information.

Information for Data Controllers (Customers)

Our business customers may qualify as controllers when they purchase certain of our products and services. We act as processors on behalf of such Customers. Customers who wish to provide personal information to Vegisan by purchasing our products and services will be provided Vegisan Data Processing Agreement (Vegisan as Data Processor). Our DPA covers what information we collect, how we treat that data when you use our products and services, and what obligations Vegisan assumes under Article 28 of the GDPR.

Should you have any questions concerning the Data Processing Agreement or Vegisan obligations, please read our Privacy Policy or contact us for further information at: shop@vegisan.com.

Information for Data Processors (Vendors)

In order to provide our products and services, we may engage third party vendors to provide services on our behalf. Vegisan meet the GDPR definition of “data processors.” Vegisan engages certain vendors to process information on our behalf (for Shipping). In order to do so, we need to know that they (you) will help ensure the safety of our services.

Additionally, vendors who process data on behalf of Vegisan have an obligation to report data breaches to us. You may do so by contacting our Privacy Officer at: shop@vegisan.com.