GDPR Privacy Policy - kickofworld

1. Introduction
This GDPR Privacy Policy explains how we process personal data of users located in the European Union (EU) and European Economic Area (EEA). We are committed to protecting your privacy and ensuring compliance with the General Data Protection Regulation (GDPR).

2. Legal Basis for Processing
We process personal data only when one of the following legal bases applies:

Consent: You have given clear consent for us to process your data (e.g., newsletter subscription).

Contractual necessity: Processing is required to provide services you request.

Legitimate interests: Processing is necessary for our legitimate interests, such as improving the Site, provided these interests do not override your rights.

Legal obligation: Processing is required to comply with applicable laws.

3. Data We Collect
Personal Data: Name, email address (if you subscribe or contact us).

Usage Data: Browser type, IP address, pages visited, cookies.

We do not collect sensitive personal data (such as health or financial details).

4. How We Use Your Data
To deliver newsletters or updates you subscribed to.

To analyze traffic and improve the Site.

To comply with legal obligations.

We do not sell or share your personal data with third parties for marketing purposes.

5. Data Retention
We retain personal data only as long as necessary to fulfill the purposes outlined above.

You may request deletion of your data at any time (see Section 7).

6. Your Rights Under GDPR
As an EU/EEA user, you have the following rights:

Right of access: Request a copy of your personal data.

Right to rectification: Correct inaccurate or incomplete data.

Right to erasure (“right to be forgotten”): Request deletion of your data.

Right to restrict processing: Limit how we use your data.

Right to data portability: Receive your data in a structured, machine‑readable format.

Right to object: Object to processing based on legitimate interests.

Right to withdraw consent: Withdraw consent at any time, without affecting prior lawful processing.

7. Exercising Your Rights
To exercise any of the rights above, please contact us via the email provided on the Site. We will respond within the timeframe required by GDPR (usually 30 days).

8. International Transfers
If we transfer personal data outside the EU/EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses.

9. Data Protection Officer (DPO)
If required, we will appoint a Data Protection Officer. Contact details will be provided on the Site.

10. Changes to This Policy
We may update this GDPR Privacy Policy from time to time. Continued use of the Site after changes indicates acceptance of the revised policy.