GDPR Policy
At National Network of Embroidery Professionals (NNEP), we are committed to safeguarding your personal data and complying with the General Data Protection Regulation (GDPR). This GDPR Policy outlines how we collect, use, store, and protect personal data when you interact with our website (nnep.com) and services.
1. Who We Are
The National Network of Embroidery Professionals (NNEP) provides resources, tools, and support to embroidery professionals. For GDPR purposes, we act as the data controller when processing personal data collected through our website and services.
2. What Data We Collect
We may collect and process the following types of personal data:
- Contact Information: Name, email address, phone number, and mailing address.
- Account Information: Username, password, and other account details.
- Payment Information: Billing address and transaction details (processed securely via third-party payment processors).
- Technical Data: IP address, browser type, device information, and usage data collected via cookies and analytics tools.
- Communication Preferences: Your preferences for receiving marketing and non-marketing communications.
3. How We Use Your Data
We process personal data for the following purposes:
- To provide and manage our services, including memberships and purchases.
- To communicate with you regarding your account, orders, or support requests.
- To send marketing and promotional materials (only with your explicit consent).
- To improve our website, services, and user experience.
- To comply with legal obligations, such as tax and accounting requirements.
4. Legal Basis for Processing Personal Data
Under GDPR, we process personal data based on the following legal grounds:
- Contractual Necessity: To fulfill contracts or deliver requested services.
- Legitimate Interests: To improve our services, prevent fraud, or communicate with you about relevant topics.
- Consent: When you opt-in to receive marketing communications or provide consent for specific data processing activities.
- Legal Obligation: To comply with applicable laws and regulations.
5. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes outlined in this policy or to comply with legal obligations. After this period, data will be securely deleted or anonymized.
6. Your Rights Under GDPR
As an individual in the European Economic Area (EEA), you have the following rights regarding your personal data:
- Right to Access: Request a copy of your personal data and details on how it is used.
- Right to Rectification: Correct inaccuracies in your personal data.
- Right to Erasure: Request the deletion of your personal data (subject to legal obligations).
- Right to Restrict Processing: Limit how your data is processed in certain circumstances.
- Right to Data Portability: Obtain your data in a machine-readable format and transfer it to another controller.
- Right to Object: Object to the processing of your data for direct marketing or legitimate interests.
- Right to Withdraw Consent: Withdraw your consent for data processing at any time.
To exercise these rights, please contact us at [Insert Contact Email].
7. Data Sharing
We may share your data with:
- Service Providers: Trusted third-party partners who assist in operating our website, payment processing, or marketing.
- Legal Authorities: When required by law or to protect our legal rights.
- Business Transfers: In case of a merger, acquisition, or sale of assets, personal data may be transferred.
We ensure that all third-party providers comply with GDPR standards.
8. Data Security
We take appropriate technical and organizational measures to secure your data, including encryption, secure servers, and access controls. However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.
9. Cookies and Tracking
We use cookies and similar technologies to enhance your experience. For details, please refer to our Cookie Policy.
10. International Data Transfers
If you are located outside the United States, your data may be transferred to and processed in the United States. We ensure appropriate safeguards are in place to protect your data during such transfers.
11. Changes to This Policy
We may update this GDPR Policy to reflect changes in our practices or legal obligations. Updates will be posted on this page with the date of the latest revision.
12. Contact Us
For questions, concerns, or to exercise your GDPR rights, please contact us:
National Network of Embroidery Professionals (NNEP)
Email: nnep@nnep.com
Phone: 330-678-4887
Address: 4693 Kent Road | Kent, Ohio 44240
Thank you for trusting NNEP. We are committed to respecting your privacy and ensuring compliance with GDPR standards.